Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 8 additions & 42 deletions .golangci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,30 +4,9 @@ run:
issues-exit-code: 1
build-tags:
- mytag
skip-dirs:
- "mocks"
skip-dirs-use-default: true
skip-files:
- "mock_.*\\.go"

modules-download-mode: mod
allow-parallel-runners: false

output:
format: colored-line-number
print-issued-lines: true

# print linter name in the end of issue text, default is true
print-linter-name: true

# make issues output unique by line, default is true
uniq-by-line: true

# add a prefix to the output file references; default is no prefix
path-prefix: ""

# sorts results by: filepath, line and column
sort-results: false
allow-parallel-runners: true


# all available settings of specific linters
Expand Down Expand Up @@ -66,11 +45,6 @@ linters-settings:
# default is false: such cases aren't reported by default.
check-blank: false

# [deprecated] comma-separated list of pairs of the form pkg:regex
# the regex is used to ignore names within pkg. (default "fmt:.*").
# see https://github.com/kisielk/errcheck#the-deprecated-method for details
ignore: fmt:.*,io/ioutil:^Read.*

# # [deprecated] use exclude-functions instead.
# # path to a file containing a list of functions to exclude from checking
# # see https://github.com/kisielk/errcheck#excluding-functions for details
Expand Down Expand Up @@ -193,9 +167,9 @@ linters-settings:
# By default list of stable checks is used.
enabled-checks:
- nestingReduce
- unnamedresult
- ruleguard
- truncateCmp
- unnamedResult

# Which checks should be disabled; can't be combined with 'enabled-checks'; default is empty
disabled-checks:
Expand Down Expand Up @@ -302,9 +276,6 @@ linters-settings:
simplify: true

gofumpt:
# Select the Go version to target. The default is `1.15`.
lang-version: "1.15"

# Choose whether or not to use the extra rules that are disabled
# by default
extra-rules: false
Expand Down Expand Up @@ -420,9 +391,6 @@ linters-settings:
checks: [ "all" ]

govet:
# report about shadowed variables
check-shadowing: true

# settings per analyzer
settings:
printf: # analyzer name, run `go tool vet help` to see all analyzers
Expand Down Expand Up @@ -458,6 +426,7 @@ linters-settings:
- nilness
- printf
- reflectvaluecompare
- shadow
- shift
- sigchanyzer
- sortslice
Expand Down Expand Up @@ -771,9 +740,8 @@ linters:
- errchkjson
- errname
- errorlint
- execinquery
- exhaustive
- exportloopref
- copyloopvar
- forbidigo
- gci
- goconst
Expand All @@ -785,19 +753,13 @@ linters:
- ineffassign
- typecheck
- revive
- megacheck
- decorder
- forcetypeassert
- funlen
- gochecknoinits
- wrapcheck
- wsl
- unused

disabled:
- exhaustruct
- contextcheck #Disabled due to issue https://github.com/golangci/golangci-lint/issues/2649.
- bodyclose #Disabled due to issue https://github.com/timakin/bodyclose/issues/30
fast: false

issues:
Expand Down Expand Up @@ -836,6 +798,10 @@ issues:
- cyclop
- funlen
text: 'Reconcile'
exclude-files:
- "mock_.*\\.go"
exclude-dirs:
- "mocks"

# Independently of option `exclude` we use default exclude patterns,
# it can be disabled by this option. To list all
Expand Down
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ helm-docs: helmdocs ## generate helm docs
GOLANGCILINT = ${CURRENT_DIR}/bin/golangci-lint
.PHONY: golangci-lint
golangci-lint: ## Download golangci-lint locally if necessary.
$(call go-get-tool,$(GOLANGCILINT),github.com/golangci/golangci-lint/cmd/golangci-lint,v1.55.2)
$(call go-get-tool,$(GOLANGCILINT),github.com/golangci/golangci-lint/cmd/golangci-lint,v1.62.0)

.PHONY: install
install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
Expand Down Expand Up @@ -218,4 +218,4 @@ mocks: mockery
MOCKERY = $(LOCALBIN)/mockery
.PHONY: mockery
mockery: ## Download mockery locally if necessary.
$(call go-get-tool,$(MOCKERY),github.com/vektra/mockery/v2,v2.43.0)
$(call go-get-tool,$(MOCKERY),github.com/vektra/mockery/v2,v2.46.3)
106 changes: 106 additions & 0 deletions api/common/realm.go
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
// +kubebuilder:object:generate=true
package common

// TokenSettings is the configuration for tokens in the realm.
Expand Down Expand Up @@ -53,3 +54,108 @@ type TokenSettings struct {
// +kubebuilder:default=43200
ActionTokenGeneratedByAdminLifespan int `json:"actionTokenGeneratedByAdminLifespan,omitempty"`
}

// UserProfileConfig defines the configuration for user profile in the realm.
type UserProfileConfig struct {
// UnmanagedAttributePolicy are user attributes not explicitly defined in the user profile configuration.
// Empty value means that unmanaged attributes are disabled.
// Possible values:
// ENABLED - unmanaged attributes are allowed.
// ADMIN_VIEW - unmanaged attributes are read-only and only available through the administration console and API.
// ADMIN_EDIT - unmanaged attributes can be managed only through the administration console and API.
// +optional
UnmanagedAttributePolicy string `json:"unmanagedAttributePolicy,omitempty"`

// Attributes specifies the list of user profile attributes.
Attributes []UserProfileAttribute `json:"attributes,omitempty"`

// Groups specifies the list of user profile groups.
Groups []UserProfileGroup `json:"groups,omitempty"`
}

type UserProfileAttribute struct {
// Name of the user attribute, used to uniquely identify an attribute.
// +required
Name string `json:"name"`

// Display name for the attribute.
DisplayName string `json:"displayName,omitempty"`

// Group to which the attribute belongs.
Group string `json:"group,omitempty"`

// Multivalued specifies if this attribute supports multiple values.
// This setting is an indicator and does not enable any validation
Multivalued bool `json:"multivalued,omitempty"`

// Permissions specifies the permissions for the attribute.
Permissions *UserProfileAttributePermissions `json:"permissions,omitempty"`

// Required indicates that the attribute must be set by users and administrators.
Required *UserProfileAttributeRequired `json:"required,omitempty"`

// Selector specifies the scopes for which the attribute is available.
Selector *UserProfileAttributeSelector `json:"selector,omitempty"`

// Annotations specifies the annotations for the attribute.
Annotations map[string]string `json:"annotations,omitempty"`

// Validations specifies the validations for the attribute.
Validations map[string]map[string]UserProfileAttributeValidation `json:"validations,omitempty"`
}

type UserProfileAttributeValidation struct {
// +optional
StringVal string `json:"stringVal,omitempty"`

// +optional
// +nullable
MapVal map[string]string `json:"mapVal,omitempty"`

// +optional
IntVal int `json:"intVal,omitempty"`

// +optional
// +nullable
SliceVal []string `json:"sliceVal,omitempty"`
}

type UserProfileAttributePermissions struct {
// Edit specifies who can edit the attribute.
Edit []string `json:"edit,omitempty"`

// View specifies who can view the attribute.
View []string `json:"view,omitempty"`
}

// UserProfileAttributeRequired defines model for UserProfileAttributeRequired.
type UserProfileAttributeRequired struct {
// Roles specifies the roles for whom the attribute is required.
Roles []string `json:"roles,omitempty"`

// Scopes specifies the scopes when the attribute is required.
Scopes []string `json:"scopes,omitempty"`
}

// UserProfileAttributeSelector defines model for UserProfileAttributeSelector.
type UserProfileAttributeSelector struct {
// Scopes specifies the scopes for which the attribute is available.
Scopes []string `json:"scopes,omitempty"`
}

type UserProfileGroup struct {
// Name is unique name of the group.
// +required
Name string `json:"name"`

// Annotations specifies the annotations for the group.
// +optional
// nullable
Annotations map[string]string `json:"annotations,omitempty"`

// DisplayDescription specifies a user-friendly name for the group that should be used when rendering a group of attributes in user-facing forms.
DisplayDescription string `json:"displayDescription,omitempty"`

// DisplayHeader specifies a text that should be used as a header when rendering user-facing forms.
DisplayHeader string `json:"displayHeader,omitempty"`
}
2 changes: 2 additions & 0 deletions api/common/ref.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,12 @@ type RealmRef struct {
Name string `json:"name,omitempty"`
}

// +kubebuilder:object:generate=false
type HasRealmRef interface {
GetRealmRef() RealmRef
}

// +kubebuilder:object:generate=false
type HasKeycloakRef interface {
GetKeycloakRef() KeycloakRef
}
Expand Down
Loading
Loading