replicatedhq
diff --git a/‎config/crds/v1/crds.kubeflare.io_accessapplications.yaml
Lines changed: 135 additions & 0 deletions b/‎config/crds/v1/crds.kubeflare.io_accessapplications.yaml
Lines changed: 135 additions & 0 deletions
diff --git a/‎config/crds/v1beta1/crds.kubeflare.io_accessapplications.yaml
Lines changed: 136 additions & 0 deletions b/‎config/crds/v1beta1/crds.kubeflare.io_accessapplications.yaml
Lines changed: 136 additions & 0 deletions
diff --git a/‎go.mod
Lines changed: 1 addition & 0 deletions b/‎go.mod
Lines changed: 1 addition & 0 deletions
diff --git a/‎go.sum
Lines changed: 1 addition & 0 deletions b/‎go.sum
Lines changed: 1 addition & 0 deletions
diff --git a/‎pkg/apis/crds/v1alpha1/accessapplication_types.go
Lines changed: 85 additions & 0 deletions b/‎pkg/apis/crds/v1alpha1/accessapplication_types.go
Lines changed: 85 additions & 0 deletions
@@ -0,0 +1,135 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.2.8
+  creationTimestamp: null
+  name: accessapplications.crds.kubeflare.io
+spec:
+  group: crds.kubeflare.io
+  names:
+    kind: AccessApplication
+    listKind: AccessApplicationList
+    plural: accessapplications
+    singular: accessapplication
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: DNSRecord is the Schema for the accessapplication API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: AccessApplicationSpec defines the desired state of AccessApplication
+            properties:
+              accessPolicies:
+                items:
+                  properties:
+                    descision:
+                      type: string
+                    exclude:
+                      items:
+                        type: string
+                      type: array
+                    include:
+                      items:
+                        type: string
+                      type: array
+                    name:
+                      type: string
+                    precendence:
+                      type: integer
+                    require:
+                      items:
+                        type: string
+                      type: array
+                  required:
+                  - descision
+                  - include
+                  - name
+                  type: object
+                type: array
+              allowedIdPs:
+                items:
+                  type: string
+                type: array
+              autoRedirectToIndentiy:
+                type: boolean
+              corsHeaders:
+                properties:
+                  allowAllHeaders:
+                    type: boolean
+                  allowAllMethods:
+                    type: boolean
+                  allowAllOrigins:
+                    type: boolean
+                  allowCredentials:
+                    type: boolean
+                  allowedHeader:
+                    items:
+                      type: string
+                    type: array
+                  allowedMethods:
+                    items:
+                      type: string
+                    type: array
+                  allowedOrigins:
+                    items:
+                      type: string
+                    type: array
+                  maxAge:
+                    type: integer
+                required:
+                - allowAllHeaders
+                - allowAllMethods
+                - allowAllOrigins
+                - allowCredentials
+                - allowedHeader
+                - allowedMethods
+                - allowedOrigins
+                - maxAge
+                type: object
+              domain:
+                type: string
+              name:
+                type: string
+              sessionDuration:
+                type: string
+              zone:
+                type: string
+            required:
+            - domain
+            - name
+            - zone
+            type: object
+          status:
+            description: AccessApplicationStatus defines the observed state of AccessApplicationS
+            properties:
+              applicationID:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
@@ -0,0 +1,136 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.2.8
+  creationTimestamp: null
+  name: accessapplications.crds.kubeflare.io
+spec:
+  group: crds.kubeflare.io
+  names:
+    kind: AccessApplication
+    listKind: AccessApplicationList
+    plural: accessapplications
+    singular: accessapplication
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      description: DNSRecord is the Schema for the accessapplication API
+      properties:
+        apiVersion:
+          description: 'APIVersion defines the versioned schema of this representation
+            of an object. Servers should convert recognized schemas to the latest
+            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+          type: string
+        kind:
+          description: 'Kind is a string value representing the REST resource this
+            object represents. Servers may infer this from the endpoint the client
+            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+          type: string
+        metadata:
+          type: object
+        spec:
+          description: AccessApplicationSpec defines the desired state of AccessApplication
+          properties:
+            accessPolicies:
+              items:
+                properties:
+                  descision:
+                    type: string
+                  exclude:
+                    items:
+                      type: string
+                    type: array
+                  include:
+                    items:
+                      type: string
+                    type: array
+                  name:
+                    type: string
+                  precendence:
+                    type: integer
+                  require:
+                    items:
+                      type: string
+                    type: array
+                required:
+                - descision
+                - include
+                - name
+                type: object
+              type: array
+            allowedIdPs:
+              items:
+                type: string
+              type: array
+            autoRedirectToIndentiy:
+              type: boolean
+            corsHeaders:
+              properties:
+                allowAllHeaders:
+                  type: boolean
+                allowAllMethods:
+                  type: boolean
+                allowAllOrigins:
+                  type: boolean
+                allowCredentials:
+                  type: boolean
+                allowedHeader:
+                  items:
+                    type: string
+                  type: array
+                allowedMethods:
+                  items:
+                    type: string
+                  type: array
+                allowedOrigins:
+                  items:
+                    type: string
+                  type: array
+                maxAge:
+                  type: integer
+              required:
+              - allowAllHeaders
+              - allowAllMethods
+              - allowAllOrigins
+              - allowCredentials
+              - allowedHeader
+              - allowedMethods
+              - allowedOrigins
+              - maxAge
+              type: object
+            domain:
+              type: string
+            name:
+              type: string
+            sessionDuration:
+              type: string
+            zone:
+              type: string
+          required:
+          - domain
+          - name
+          - zone
+          type: object
+        status:
+          description: AccessApplicationStatus defines the observed state of AccessApplicationS
+          properties:
+            applicationID:
+              type: string
+          type: object
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
@@ -21,6 +21,7 @@ require (
 	github.com/xo/dburl v0.0.0-20200124232849-e9ec94f52bc3
 	go.uber.org/zap v1.10.0
 	gopkg.in/yaml.v2 v2.2.8
+	gotest.tools v2.2.0+incompatible
 	k8s.io/api v0.18.0
 	k8s.io/apiextensions-apiserver v0.18.0
 	k8s.io/apimachinery v0.18.0
 
@@ -596,6 +596,7 @@ gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966 h1:B0J02caTR6tpSJozBJyiAzT6C
 gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
 gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 
@@ -0,0 +1,85 @@
+/*
+Copyright 2019 Replicated, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type AccessPolicy struct {
+	Decision   string   `json:"descision"`
+	Name       string   `json:"name"`
+	Include    []string `json:"include"` // TODO
+	Precedence *int     `json:"precendence,omitempty"`
+	Exclude    []string `json:"exclude,omitempty"` // TODO
+	Require    []string `json:"require,omitempty"` // TODO
+}
+
+type CORSHeader struct {
+	AllowedMethods   []string `json:"allowedMethods"`
+	AllowedOrigins   []string `json:"allowedOrigins"`
+	AllowedHeaders   []string `json:"allowedHeader"`
+	AllowAllMethods  bool     `json:"allowAllMethods"`
+	AllowAllOrigins  bool     `json:"allowAllOrigins"`
+	AllowAllHeaders  bool     `json:"allowAllHeaders"`
+	AllowCredentials bool     `json:"allowCredentials"`
+	MaxAge           int      `json:"maxAge"`
+}
+
+// AccessApplicationSpec defines the desired state of AccessApplication
+type AccessApplicationSpec struct {
+	Zone                   string         `json:"zone"`
+	Name                   string         `json:"name"`
+	Domain                 string         `json:"domain"`
+	SessionDuration        string         `json:"sessionDuration,omitempty"`
+	AllowedIdPs            []string       `json:"allowedIdPs,omitempty"`
+	AutoRedirectToIdentity *bool          `json:"autoRedirectToIndentiy,omitempty"`
+	CORSHeaders            *CORSHeader    `json:"corsHeaders,omitempty"`
+	AccessPolicies         []AccessPolicy `json:"accessPolicies,omitempty"`
+}
+
+// AccessApplicationStatus defines the observed state of AccessApplicationS
+type AccessApplicationStatus struct {
+	ApplicationID string `json:"applicationID,omitempty"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// DNSRecord is the Schema for the accessapplication API
+// +k8s:openapi-gen=true
+// +kubebuilder:subresource:status
+type AccessApplication struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   AccessApplicationSpec   `json:"spec,omitempty"`
+	Status AccessApplicationStatus `json:"status,omitempty"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// AccessApplicationList contains a list of DNSRecord
+type AccessApplicationList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []DNSRecord `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&AccessApplication{}, &AccessApplicationList{})
+}