Skip to content

Commit d630577

Browse files
ahmad-ibraahmad-ibra
authored
ci: add reviewable-ext make target to update chart crds (#443)
1 parent 8faabbc commit d630577

2 files changed

Lines changed: 83 additions & 1 deletion

File tree

Makefile

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,4 +9,12 @@ CHART_NAME=validator-plugin-aws
99

1010
.PHONY: dev
1111
dev:
12-
devspace dev -n validator
12+
devspace dev -n validator
13+
14+
# Static Analysis / CI
15+
16+
chartCrds = chart/validator-plugin-aws/crds/validation.spectrocloud.labs_awsvalidators.yaml
17+
18+
reviewable-ext:
19+
rm $(chartCrds)
20+
cp config/crd/bases/validation.spectrocloud.labs_awsvalidators.yaml $(chartCrds)

chart/validator-plugin-aws/crds/validation.spectrocloud.labs_awsvalidators.yaml

Lines changed: 74 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,55 @@ spec:
3939
spec:
4040
description: AwsValidatorSpec defines the desired state of AwsValidator
4141
properties:
42+
amiRules:
43+
items:
44+
description: |-
45+
AmiRule ensures that an EC2 AMI exists in a particular region.
46+
AMIs can be matched by any combination of ID, owner, and filter(s).
47+
Each AmiRule is intended to match a single AMI, as an AmiRule is considered successful if at least one AMI is found.
48+
Refer to https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html for more information.
49+
properties:
50+
amiIds:
51+
items:
52+
type: string
53+
type: array
54+
filters:
55+
items:
56+
description: Filter defines a filter to apply to an AWS API
57+
query.
58+
properties:
59+
isTag:
60+
type: boolean
61+
key:
62+
type: string
63+
values:
64+
items:
65+
type: string
66+
type: array
67+
required:
68+
- key
69+
- values
70+
type: object
71+
type: array
72+
name:
73+
type: string
74+
owners:
75+
items:
76+
type: string
77+
type: array
78+
region:
79+
type: string
80+
required:
81+
- name
82+
- region
83+
type: object
84+
maxItems: 5
85+
type: array
86+
x-kubernetes-validations:
87+
- message: AmiRules must have unique names
88+
rule: self.all(e, size(self.filter(x, x.name == e.name)) == 1)
4289
auth:
90+
description: AwsAuth defines authentication configuration for an AwsValidator.
4391
properties:
4492
implicit:
4593
description: |-
@@ -84,16 +132,20 @@ spec:
84132
type: string
85133
iamGroupRules:
86134
items:
135+
description: IamGroupRule compares the IAM permissions associated
136+
with an IAM group against an expected permission set.
87137
properties:
88138
iamGroupName:
89139
type: string
90140
iamPolicies:
91141
items:
142+
description: PolicyDocument defines an IAM policy document.
92143
properties:
93144
name:
94145
type: string
95146
statements:
96147
items:
148+
description: StatementEntry defines an IAM policy statement.
97149
properties:
98150
actions:
99151
items:
@@ -106,6 +158,7 @@ spec:
106158
type: string
107159
type: array
108160
type: object
161+
description: Condition defines an IAM policy condition.
109162
type: object
110163
effect:
111164
type: string
@@ -139,14 +192,18 @@ spec:
139192
== 1)
140193
iamPolicyRules:
141194
items:
195+
description: IamPolicyRule compares the IAM permissions associated
196+
with an IAM policy against an expected permission set.
142197
properties:
143198
iamPolicies:
144199
items:
200+
description: PolicyDocument defines an IAM policy document.
145201
properties:
146202
name:
147203
type: string
148204
statements:
149205
items:
206+
description: StatementEntry defines an IAM policy statement.
150207
properties:
151208
actions:
152209
items:
@@ -159,6 +216,7 @@ spec:
159216
type: string
160217
type: array
161218
type: object
219+
description: Condition defines an IAM policy condition.
162220
type: object
163221
effect:
164222
type: string
@@ -194,14 +252,18 @@ spec:
194252
== 1)
195253
iamRoleRules:
196254
items:
255+
description: IamRoleRule compares the IAM permissions associated
256+
with an IAM role against an expected permission set.
197257
properties:
198258
iamPolicies:
199259
items:
260+
description: PolicyDocument defines an IAM policy document.
200261
properties:
201262
name:
202263
type: string
203264
statements:
204265
items:
266+
description: StatementEntry defines an IAM policy statement.
205267
properties:
206268
actions:
207269
items:
@@ -214,6 +276,7 @@ spec:
214276
type: string
215277
type: array
216278
type: object
279+
description: Condition defines an IAM policy condition.
217280
type: object
218281
effect:
219282
type: string
@@ -249,14 +312,18 @@ spec:
249312
== 1)
250313
iamUserRules:
251314
items:
315+
description: IamUserRule compares the IAM permissions associated
316+
with an IAM user against an expected permission set.
252317
properties:
253318
iamPolicies:
254319
items:
320+
description: PolicyDocument defines an IAM policy document.
255321
properties:
256322
name:
257323
type: string
258324
statements:
259325
items:
326+
description: StatementEntry defines an IAM policy statement.
260327
properties:
261328
actions:
262329
items:
@@ -269,6 +336,7 @@ spec:
269336
type: string
270337
type: array
271338
type: object
339+
description: Condition defines an IAM policy condition.
272340
type: object
273341
effect:
274342
type: string
@@ -304,6 +372,8 @@ spec:
304372
== 1)
305373
serviceQuotaRules:
306374
items:
375+
description: ServiceQuotaRule ensures that AWS service quotas are
376+
within a particular threshold.
307377
properties:
308378
name:
309379
type: string
@@ -313,6 +383,8 @@ spec:
313383
type: string
314384
serviceQuotas:
315385
items:
386+
description: ServiceQuota defines an AWS service quota and
387+
an associated buffer.
316388
properties:
317389
buffer:
318390
type: integer
@@ -336,6 +408,8 @@ spec:
336408
rule: self.all(e, size(self.filter(x, x.name == e.name)) == 1)
337409
tagRules:
338410
items:
411+
description: TagRule ensures that the tags associated with a particular
412+
AWS resource match an expected tag set.
339413
properties:
340414
arns:
341415
items:

0 commit comments

Comments
 (0)