sa_8001/dsk-devops-toolchains
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Teleport Chart 업데이트

Browse Source
This commit is contained in:
ByeonJungHun
2024-01-22 12:12:36 +09:00
parent fde2f5f8a7
commit 7c1afcf6d7
163 changed files with 15784 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
helm/teleport-cluster/charts/teleport-operator/Chart.yaml
View File

@@ -1,8 +1,8 @@
apiVersion: v2
appVersion: 13.3.9
appVersion: 14.2.0
description: Teleport Operator provides management of select Teleport resources.
icon: https://goteleport.com/images/logos/logo-teleport-square.svg
keywords:
- Teleport
name: teleport-operator
version: 13.3.9
version: 14.2.0

57
helm/teleport-cluster/charts/teleport-operator/templates/resources.teleport.dev_provisiontokens.yaml
View File

@@ -192,20 +192,38 @@ spec:
must match one allow rule to use this token.
items:
properties:
ci_config_ref_uri:
type: string
ci_config_sha:
type: string
deployment_tier:
type: string
environment:
type: string
environment_protected:
type: boolean
namespace_path:
type: string
pipeline_source:
type: string
project_path:
type: string
project_visibility:
type: string
ref:
type: string
ref_protected:
type: boolean
ref_type:
type: string
sub:
type: string
user_email:
type: string
user_id:
type: string
user_login:
type: string
type: object
nullable: true
type: array
@@ -235,6 +253,19 @@ spec:
type: object
nullable: true
type: array
static_jwks:
description: StaticJWKS is the configuration specific to the `static_jwks`
type.
nullable: true
properties:
jwks:
type: string
type: object
type:
description: 'Type controls which behavior should be used for
validating the Kubernetes Service Account token. Support values:
- `in_cluster` - `static_jwks` If unset, this defaults to `in_cluster`.'
type: string
type: object
roles:
description: Roles is a list of roles associated with the token, that
@@ -244,6 +275,32 @@ spec:
type: string
nullable: true
type: array
spacelift:
description: Spacelift allows the configuration of options specific
to the "spacelift" join method.
nullable: true
properties:
allow:
description: Allow is a list of Rules, nodes using this token
must match one allow rule to use this token.
items:
properties:
caller_id:
type: string
caller_type:
type: string
scope:
type: string
space_id:
type: string
type: object
nullable: true
type: array
hostname:
description: Hostname is the hostname of the Spacelift tenant
that tokens will originate from. E.g `example.app.spacelift.io`
type: string
type: object
suggested_agent_matcher_labels:
additionalProperties:
x-kubernetes-preserve-unknown-fields: true

64
helm/teleport-cluster/charts/teleport-operator/templates/resources.teleport.dev_roles.yaml
View File

@@ -236,6 +236,13 @@ spec:
description: Namespace is the resource namespace. It supports
wildcards.
type: string
verbs:
description: Verbs are the allowed Kubernetes verbs for
the following resource.
items:
type: string
nullable: true
type: array
type: object
type: array
kubernetes_users:
@@ -690,6 +697,13 @@ spec:
description: Namespace is the resource namespace. It supports
wildcards.
type: string
verbs:
description: Verbs are the allowed Kubernetes verbs for
the following resource.
items:
type: string
nullable: true
type: array
type: object
type: array
kubernetes_users:
@@ -949,8 +963,7 @@ spec:
mode:
description: Mode is the type of extension to be used --
currently critical-option is not supported
format: int32
type: integer
x-kubernetes-int-or-string: true
name:
description: Name specifies the key to be used in the cert
extension.
@@ -958,8 +971,7 @@ spec:
type:
description: Type represents the certificate type being
extended, only ssh is supported at this time.
format: int32
type: integer
x-kubernetes-int-or-string: true
value:
description: Value specifies the value to be used in the
cert extension.
@@ -981,6 +993,10 @@ spec:
description: CreateDatabaseUser enabled automatic database user
creation.
type: boolean
create_db_user_mode:
description: CreateDatabaseUserMode allows users to be automatically
created on a database when not set to off.
x-kubernetes-int-or-string: true
create_desktop_user:
description: CreateDesktopUser allows users to be automatically
created on a Windows desktop
@@ -992,8 +1008,7 @@ spec:
create_host_user_mode:
description: CreateHostUserMode allows users to be automatically
created on a host when not set to off
format: int32
type: integer
x-kubernetes-int-or-string: true
desktop_clipboard:
description: DesktopClipboard indicates whether clipboard sharing
is allowed between the user's workstation and the remote desktop.
@@ -1099,13 +1114,12 @@ spec:
type: string
request_prompt:
description: RequestPrompt is an optional message which tells
users what they aught to
users what they aught to request.
type: string
require_session_mfa:
description: RequireMFAType is the type of MFA requirement enforced
for this user.
format: int32
type: integer
x-kubernetes-int-or-string: true
ssh_file_copy:
description: SSHFileCopy indicates whether remote file operations
via SCP or SFTP are allowed over an SSH session. It defaults
@@ -1419,6 +1433,13 @@ spec:
description: Namespace is the resource namespace. It supports
wildcards.
type: string
verbs:
description: Verbs are the allowed Kubernetes verbs for
the following resource.
items:
type: string
nullable: true
type: array
type: object
type: array
kubernetes_users:
@@ -1873,6 +1894,13 @@ spec:
description: Namespace is the resource namespace. It supports
wildcards.
type: string
verbs:
description: Verbs are the allowed Kubernetes verbs for
the following resource.
items:
type: string
nullable: true
type: array
type: object
type: array
kubernetes_users:
@@ -2132,8 +2160,7 @@ spec:
mode:
description: Mode is the type of extension to be used --
currently critical-option is not supported
format: int32
type: integer
x-kubernetes-int-or-string: true
name:
description: Name specifies the key to be used in the cert
extension.
@@ -2141,8 +2168,7 @@ spec:
type:
description: Type represents the certificate type being
extended, only ssh is supported at this time.
format: int32
type: integer
x-kubernetes-int-or-string: true
value:
description: Value specifies the value to be used in the
cert extension.
@@ -2164,6 +2190,10 @@ spec:
description: CreateDatabaseUser enabled automatic database user
creation.
type: boolean
create_db_user_mode:
description: CreateDatabaseUserMode allows users to be automatically
created on a database when not set to off.
x-kubernetes-int-or-string: true
create_desktop_user:
description: CreateDesktopUser allows users to be automatically
created on a Windows desktop
@@ -2175,8 +2205,7 @@ spec:
create_host_user_mode:
description: CreateHostUserMode allows users to be automatically
created on a host when not set to off
format: int32
type: integer
x-kubernetes-int-or-string: true
desktop_clipboard:
description: DesktopClipboard indicates whether clipboard sharing
is allowed between the user's workstation and the remote desktop.
@@ -2282,13 +2311,12 @@ spec:
type: string
request_prompt:
description: RequestPrompt is an optional message which tells
users what they aught to
users what they aught to request.
type: string
require_session_mfa:
description: RequireMFAType is the type of MFA requirement enforced
for this user.
format: int32
type: integer
x-kubernetes-int-or-string: true
ssh_file_copy:
description: SSHFileCopy indicates whether remote file operations
via SCP or SFTP are allowed over an SSH session. It defaults