Skip to content

Commit 339adb3

Browse files
CharlieR-o-o-tCharlieR-o-o-t
committed
feat(manager): Add forbiddenAnnotations,forbiddenLabels to serviceOptions
Signed-off-by: Siarhei Rasiukevich <s.rasiukevich@gmail.com>
1 parent 8695dfb commit 339adb3

File tree

12 files changed

+658
-104
lines changed

12 files changed

+658
-104
lines changed

charts/capsule/crds/tenant-crd.yaml

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3133,6 +3133,28 @@ spec:
31333133
type: string
31343134
type: object
31353135
type: object
3136+
forbiddenAnnotations:
3137+
description: Define the annotations that a Tenant Owner cannot
3138+
set for their Service resources.
3139+
properties:
3140+
denied:
3141+
items:
3142+
type: string
3143+
type: array
3144+
deniedRegex:
3145+
type: string
3146+
type: object
3147+
forbiddenLabels:
3148+
description: Define the labels that a Tenant Owner cannot set
3149+
for their Service resources.
3150+
properties:
3151+
denied:
3152+
items:
3153+
type: string
3154+
type: array
3155+
deniedRegex:
3156+
type: string
3157+
type: object
31363158
allowedServices:
31373159
description: Block or deny certain type of Services. Optional.
31383160
properties:

config/crd/bases/capsule.clastix.io_tenants.yaml

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1873,6 +1873,28 @@ spec:
18731873
required:
18741874
- allowed
18751875
type: object
1876+
forbiddenAnnotations:
1877+
description: Define the annotations that a Tenant Owner cannot
1878+
set for their Service resources.
1879+
properties:
1880+
denied:
1881+
items:
1882+
type: string
1883+
type: array
1884+
deniedRegex:
1885+
type: string
1886+
type: object
1887+
forbiddenLabels:
1888+
description: Define the labels that a Tenant Owner cannot set
1889+
for their Service resources.
1890+
properties:
1891+
denied:
1892+
items:
1893+
type: string
1894+
type: array
1895+
deniedRegex:
1896+
type: string
1897+
type: object
18761898
type: object
18771899
storageClasses:
18781900
description: Specifies the allowed StorageClasses assigned to the
@@ -3125,6 +3147,28 @@ spec:
31253147
required:
31263148
- allowed
31273149
type: object
3150+
forbiddenAnnotations:
3151+
description: Define the annotations that a Tenant Owner cannot
3152+
set for their Service resources.
3153+
properties:
3154+
denied:
3155+
items:
3156+
type: string
3157+
type: array
3158+
deniedRegex:
3159+
type: string
3160+
type: object
3161+
forbiddenLabels:
3162+
description: Define the labels that a Tenant Owner cannot set
3163+
for their Service resources.
3164+
properties:
3165+
denied:
3166+
items:
3167+
type: string
3168+
type: array
3169+
deniedRegex:
3170+
type: string
3171+
type: object
31283172
type: object
31293173
storageClasses:
31303174
description: Specifies the allowed StorageClasses assigned to the

docs/content/general/crds-apis.md

Lines changed: 160 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4822,6 +4822,20 @@ Specifies options for the Service, such as additional metadata or block of certa
48224822
Specifies the external IPs that can be used in Services with type ClusterIP. An empty list means no IPs are allowed. Optional.<br/>
48234823
</td>
48244824
<td>false</td>
4825+
</tr><tr>
4826+
<td><b><a href="#tenantspecserviceoptionsforbiddenannotations-1">forbiddenAnnotations</a></b></td>
4827+
<td>object</td>
4828+
<td>
4829+
Define the annotations that a Tenant Owner cannot set for their Service resources.<br/>
4830+
</td>
4831+
<td>false</td>
4832+
</tr><tr>
4833+
<td><b><a href="#tenantspecserviceoptionsforbiddenlabels-1">forbiddenLabels</a></b></td>
4834+
<td>object</td>
4835+
<td>
4836+
Define the labels that a Tenant Owner cannot set for their Service resources.<br/>
4837+
</td>
4838+
<td>false</td>
48254839
</tr></tbody>
48264840
</table>
48274841

@@ -4931,6 +4945,72 @@ Specifies the external IPs that can be used in Services with type ClusterIP. An
49314945
</table>
49324946

49334947

4948+
### Tenant.spec.serviceOptions.forbiddenAnnotations
4949+
4950+
4951+
4952+
Define the annotations that a Tenant Owner cannot set for their Service resources.
4953+
4954+
<table>
4955+
<thead>
4956+
<tr>
4957+
<th>Name</th>
4958+
<th>Type</th>
4959+
<th>Description</th>
4960+
<th>Required</th>
4961+
</tr>
4962+
</thead>
4963+
<tbody><tr>
4964+
<td><b>denied</b></td>
4965+
<td>[]string</td>
4966+
<td>
4967+
<br/>
4968+
</td>
4969+
<td>false</td>
4970+
</tr><tr>
4971+
<td><b>deniedRegex</b></td>
4972+
<td>string</td>
4973+
<td>
4974+
<br/>
4975+
</td>
4976+
<td>false</td>
4977+
</tr></tbody>
4978+
</table>
4979+
4980+
4981+
### Tenant.spec.serviceOptions.forbiddenLabels
4982+
4983+
4984+
4985+
Define the labels that a Tenant Owner cannot set for their Service resources.
4986+
4987+
<table>
4988+
<thead>
4989+
<tr>
4990+
<th>Name</th>
4991+
<th>Type</th>
4992+
<th>Description</th>
4993+
<th>Required</th>
4994+
</tr>
4995+
</thead>
4996+
<tbody><tr>
4997+
<td><b>denied</b></td>
4998+
<td>[]string</td>
4999+
<td>
5000+
<br/>
5001+
</td>
5002+
<td>false</td>
5003+
</tr><tr>
5004+
<td><b>deniedRegex</b></td>
5005+
<td>string</td>
5006+
<td>
5007+
<br/>
5008+
</td>
5009+
<td>false</td>
5010+
</tr></tbody>
5011+
</table>
5012+
5013+
49345014
### Tenant.spec.storageClasses
49355015

49365016

@@ -6681,6 +6761,20 @@ Specifies options for the Service, such as additional metadata or block of certa
66816761
Specifies the external IPs that can be used in Services with type ClusterIP. An empty list means no IPs are allowed. Optional.<br/>
66826762
</td>
66836763
<td>false</td>
6764+
</tr><tr>
6765+
<td><b><a href="#tenantspecserviceoptionsforbiddenannotations">forbiddenAnnotations</a></b></td>
6766+
<td>object</td>
6767+
<td>
6768+
Define the annotations that a Tenant Owner cannot set for their Service resources.<br/>
6769+
</td>
6770+
<td>false</td>
6771+
</tr><tr>
6772+
<td><b><a href="#tenantspecserviceoptionsforbiddenlabels">forbiddenLabels</a></b></td>
6773+
<td>object</td>
6774+
<td>
6775+
Define the labels that a Tenant Owner cannot set for their Service resources.<br/>
6776+
</td>
6777+
<td>false</td>
66846778
</tr></tbody>
66856779
</table>
66866780

@@ -6790,6 +6884,72 @@ Specifies the external IPs that can be used in Services with type ClusterIP. An
67906884
</table>
67916885

67926886

6887+
### Tenant.spec.serviceOptions.forbiddenAnnotations
6888+
6889+
6890+
6891+
Define the annotations that a Tenant Owner cannot set for their Service resources.
6892+
6893+
<table>
6894+
<thead>
6895+
<tr>
6896+
<th>Name</th>
6897+
<th>Type</th>
6898+
<th>Description</th>
6899+
<th>Required</th>
6900+
</tr>
6901+
</thead>
6902+
<tbody><tr>
6903+
<td><b>denied</b></td>
6904+
<td>[]string</td>
6905+
<td>
6906+
<br/>
6907+
</td>
6908+
<td>false</td>
6909+
</tr><tr>
6910+
<td><b>deniedRegex</b></td>
6911+
<td>string</td>
6912+
<td>
6913+
<br/>
6914+
</td>
6915+
<td>false</td>
6916+
</tr></tbody>
6917+
</table>
6918+
6919+
6920+
### Tenant.spec.serviceOptions.forbiddenLabels
6921+
6922+
6923+
6924+
Define the labels that a Tenant Owner cannot set for their Service resources.
6925+
6926+
<table>
6927+
<thead>
6928+
<tr>
6929+
<th>Name</th>
6930+
<th>Type</th>
6931+
<th>Description</th>
6932+
<th>Required</th>
6933+
</tr>
6934+
</thead>
6935+
<tbody><tr>
6936+
<td><b>denied</b></td>
6937+
<td>[]string</td>
6938+
<td>
6939+
<br/>
6940+
</td>
6941+
<td>false</td>
6942+
</tr><tr>
6943+
<td><b>deniedRegex</b></td>
6944+
<td>string</td>
6945+
<td>
6946+
<br/>
6947+
</td>
6948+
<td>false</td>
6949+
</tr></tbody>
6950+
</table>
6951+
6952+
67936953
### Tenant.spec.storageClasses
67946954

67956955

0 commit comments

Comments
 (0)