metadata.go

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/pkg/dcl/metadata

     1  // Copyright 2022 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package metadata defines some KCC metadata around GCP services and DCL.
    16  package metadata
    17  
    18  import (
    19  	"strings"
    20  
    21  	"github.com/GoogleCloudPlatform/k8s-config-connector/pkg/k8s"
    22  	k8sschema "k8s.io/apimachinery/pkg/runtime/schema"
    23  )
    24  
    25  // Enable resources via DCL/KCC bridge.
    26  //
    27  // Some resources in the list have already been implemented via Terraform/KCC bridge;
    28  // they are listed here because we need to load their DCL OpenAPI schemas as well to fetch
    29  // the 'x-dcl-id' format which is required to resolve the standardized resource name for references.
    30  // NOTE THAT THOSE TF-BASED RESOURCES MUST BE MARKED AS `Releasable: false` UNTIL WE MIGRATE THEM TO DCL/KCC BRIDGE.
    31  var serviceList = []ServiceMetadata{
    32  	{
    33  		Name:       "Apigee",
    34  		APIVersion: k8s.KCCAPIVersion,
    35  		DCLVersion: "beta",
    36  		Resources: []Resource{
    37  			{
    38  				Kind:       "ApigeeEnvironment",
    39  				Releasable: true,
    40  			},
    41  			{
    42  				Kind:                           "ApigeeOrganization",
    43  				Releasable:                     true,
    44  				SupportsHierarchicalReferences: true,
    45  			},
    46  		},
    47  	},
    48  	{
    49  		Name:       "BigQuery",
    50  		APIVersion: k8s.KCCAPIVersion,
    51  		DCLVersion: "beta",
    52  		Resources: []Resource{
    53  			{
    54  				Kind:       "BigQueryDataset",
    55  				Releasable: false,
    56  			},
    57  			{
    58  				Kind:       "BigQueryTable",
    59  				Releasable: false,
    60  			},
    61  		},
    62  	},
    63  	{
    64  		Name:       "BillingBudgets",
    65  		APIVersion: k8s.KCCAPIVersion,
    66  		DCLVersion: "beta",
    67  		Resources: []Resource{
    68  			{
    69  				Kind:       "BillingBudgetsBudget",
    70  				Releasable: true,
    71  			},
    72  		},
    73  	},
    74  	{
    75  		Name:       "BinaryAuthorization",
    76  		APIVersion: k8s.KCCAPIVersion,
    77  		DCLVersion: "ga",
    78  		Resources: []Resource{
    79  			{
    80  				Kind:                           "BinaryAuthorizationAttestor",
    81  				Releasable:                     true,
    82  				SupportsHierarchicalReferences: true,
    83  			},
    84  			{
    85  				Kind:                           "BinaryAuthorizationPolicy",
    86  				Releasable:                     true,
    87  				SupportsHierarchicalReferences: true,
    88  			},
    89  		},
    90  	},
    91  	{
    92  		Name:       "CloudBilling",
    93  		APIVersion: "v1beta1",
    94  		DCLVersion: "ga",
    95  		Resources: []Resource{
    96  			{
    97  				Kind:       "CloudBillingBillingAccount",
    98  				Releasable: false,
    99  			},
   100  		},
   101  	},
   102  	{
   103  		Name:       "CloudFunctions",
   104  		APIVersion: k8s.KCCAPIVersion,
   105  		DCLVersion: "beta",
   106  		Resources: []Resource{
   107  			{
   108  				Kind:                           "CloudFunctionsFunction",
   109  				Releasable:                     true,
   110  				SupportsHierarchicalReferences: true,
   111  			},
   112  		},
   113  	},
   114  	{
   115  		Name:       "CloudIdentity",
   116  		APIVersion: k8s.KCCAPIVersion,
   117  		DCLVersion: "beta",
   118  		Resources: []Resource{
   119  			{
   120  				Kind: "CloudIdentityGroup",
   121  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   122  				Releasable: false,
   123  			},
   124  			{
   125  				Kind:       "CloudIdentityMembership",
   126  				Releasable: true,
   127  			},
   128  		},
   129  	},
   130  	{
   131  		Name:       "CloudScheduler",
   132  		APIVersion: k8s.KCCAPIVersion,
   133  		DCLVersion: "ga",
   134  		Resources: []Resource{
   135  			{
   136  				Kind:                         "CloudSchedulerJob",
   137  				Releasable:                   true,
   138  				SupportsContainerAnnotations: true,
   139  			},
   140  		},
   141  	},
   142  	{
   143  		Name:       "Compute",
   144  		APIVersion: k8s.KCCAPIVersion,
   145  		DCLVersion: "beta",
   146  		Resources: []Resource{
   147  			{
   148  				Kind:       "ComputeBackendService",
   149  				Releasable: false,
   150  			},
   151  			{
   152  				Kind:                           "ComputeFirewallPolicy",
   153  				Releasable:                     true,
   154  				SupportsHierarchicalReferences: true,
   155  			},
   156  			{
   157  				Kind:       "ComputeFirewallPolicyAssociation",
   158  				Releasable: true,
   159  			},
   160  			{
   161  				Kind:       "ComputeFirewallPolicyRule",
   162  				Releasable: true,
   163  			},
   164  			{
   165  				Kind: "ComputeForwardingRule",
   166  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   167  				Releasable: false,
   168  			},
   169  			{
   170  				Kind: "ComputeHealthCheck",
   171  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   172  				Releasable: false,
   173  			},
   174  			{
   175  				Kind: "ComputeImage",
   176  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   177  				Releasable: false,
   178  			},
   179  			{
   180  				Kind: "ComputeInstance",
   181  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   182  				Releasable: false,
   183  			},
   184  			{
   185  				Kind:                           "ComputeInstanceGroupManager",
   186  				Releasable:                     true,
   187  				SupportsHierarchicalReferences: true,
   188  			},
   189  			{
   190  				Kind: "ComputeInstanceTemplate",
   191  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   192  				Releasable: false,
   193  			},
   194  			{
   195  				Kind: "ComputeInterconnectAttachment",
   196  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   197  				Releasable: false,
   198  			},
   199  			{
   200  				Kind: "ComputeNetwork",
   201  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   202  				Releasable: false,
   203  			},
   204  			{
   205  				Kind: "ComputeNodeGroup",
   206  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   207  				Releasable: false,
   208  			},
   209  			{
   210  				Kind:                           "ComputePacketMirroring",
   211  				Releasable:                     true,
   212  				SupportsHierarchicalReferences: true,
   213  			},
   214  			{
   215  				Kind:                           "ComputeServiceAttachment",
   216  				Releasable:                     true,
   217  				SupportsHierarchicalReferences: true,
   218  			},
   219  			{
   220  				Kind: "ComputeSubnetwork",
   221  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   222  				Releasable: false,
   223  			},
   224  			{
   225  				Kind: "ComputeTargetPool",
   226  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   227  				Releasable: false,
   228  			},
   229  			{
   230  				Kind:    "ComputeVPNTunnel",
   231  				DCLType: "VpnTunnel",
   232  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   233  				Releasable: false,
   234  			},
   235  		},
   236  	},
   237  	{
   238  		Name:       "ConfigController",
   239  		APIVersion: k8s.KCCAPIVersion,
   240  		DCLVersion: "alpha",
   241  		Resources: []Resource{
   242  			{
   243  				Kind:                           "ConfigControllerInstance",
   244  				Releasable:                     true,
   245  				SupportsHierarchicalReferences: true,
   246  			},
   247  		},
   248  	},
   249  	{
   250  		Name:       "Container",
   251  		APIVersion: k8s.KCCAPIVersion,
   252  		DCLVersion: "beta",
   253  		Resources: []Resource{
   254  			{
   255  				Kind: "ContainerCluster",
   256  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   257  				Releasable: false,
   258  			},
   259  			{
   260  				Kind: "ContainerNodePool",
   261  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   262  				Releasable: false,
   263  			},
   264  		},
   265  	},
   266  	{
   267  		Name:       "ContainerAnalysis",
   268  		APIVersion: k8s.KCCAPIVersion,
   269  		DCLVersion: "ga",
   270  		Resources: []Resource{
   271  			{
   272  				Kind:                         "ContainerAnalysisNote",
   273  				Releasable:                   true,
   274  				SupportsContainerAnnotations: true,
   275  			},
   276  		},
   277  	},
   278  	{
   279  		Name:       "DLP",
   280  		APIVersion: k8s.KCCAPIVersion,
   281  		DCLVersion: "beta",
   282  		Resources: []Resource{
   283  			{
   284  				Kind:                           "DLPDeidentifyTemplate",
   285  				Releasable:                     true,
   286  				SupportsHierarchicalReferences: true,
   287  			},
   288  			{
   289  				Kind:                           "DLPInspectTemplate",
   290  				Releasable:                     true,
   291  				SupportsHierarchicalReferences: true,
   292  			},
   293  			{
   294  				Kind:                           "DLPJobTrigger",
   295  				Releasable:                     true,
   296  				SupportsHierarchicalReferences: true,
   297  			},
   298  			{
   299  				Kind:                           "DLPStoredInfoType",
   300  				Releasable:                     true,
   301  				SupportsHierarchicalReferences: true,
   302  			},
   303  		},
   304  	},
   305  	{
   306  		Name:       "DataFusion",
   307  		APIVersion: k8s.KCCAPIVersion,
   308  		DCLVersion: "beta",
   309  		Resources: []Resource{
   310  			{
   311  				Kind:                         "DataFusionInstance",
   312  				Releasable:                   true,
   313  				SupportsContainerAnnotations: true,
   314  			},
   315  		},
   316  	},
   317  	{
   318  		Name:       "Dataproc",
   319  		APIVersion: k8s.KCCAPIVersion,
   320  		DCLVersion: "ga",
   321  		Resources: []Resource{
   322  			{
   323  				Kind:                           "DataprocAutoscalingPolicy",
   324  				Releasable:                     true,
   325  				SupportsHierarchicalReferences: true,
   326  				SupportsContainerAnnotations:   true,
   327  			},
   328  			{
   329  				Kind:                           "DataprocCluster",
   330  				Releasable:                     true,
   331  				SupportsHierarchicalReferences: true,
   332  				SupportsContainerAnnotations:   true,
   333  			},
   334  			{
   335  				Kind:                           "DataprocWorkflowTemplate",
   336  				Releasable:                     true,
   337  				SupportsHierarchicalReferences: true,
   338  				SupportsContainerAnnotations:   true,
   339  			},
   340  		},
   341  	},
   342  	{
   343  		Name:                 "DataprocMetastore",
   344  		ServiceNameUsedByDCL: "metastore",
   345  		APIVersion:           k8s.KCCAPIVersion,
   346  		Resources: []Resource{
   347  			{
   348  				Kind: "DataprocMetastoreService",
   349  				// This resource is not implemented yet, only define it to enable external-only references.
   350  				Releasable: false,
   351  			},
   352  		},
   353  	},
   354  	{
   355  		Name:       "Eventarc",
   356  		APIVersion: k8s.KCCAPIVersion,
   357  		DCLVersion: "beta",
   358  		Resources: []Resource{
   359  			{
   360  				Kind: "EventarcChannel",
   361  				// This resource is not implemented yet, only define it to enable external-only references.
   362  				Releasable: false,
   363  			},
   364  			{
   365  				Kind:                           "EventarcTrigger",
   366  				Releasable:                     true,
   367  				SupportsHierarchicalReferences: true,
   368  			},
   369  		},
   370  	},
   371  	{
   372  		Name:       "Filestore",
   373  		APIVersion: k8s.KCCAPIVersion,
   374  		DCLVersion: "beta",
   375  		Resources: []Resource{
   376  			{
   377  				Kind:                           "FilestoreBackup",
   378  				Releasable:                     true,
   379  				SupportsHierarchicalReferences: true,
   380  			},
   381  			{
   382  				Kind:                           "FilestoreInstance",
   383  				Releasable:                     true,
   384  				SupportsHierarchicalReferences: true,
   385  			},
   386  		},
   387  	},
   388  	{
   389  		Name:       "GKEHub",
   390  		APIVersion: k8s.KCCAPIVersion,
   391  		DCLVersion: "beta",
   392  		Resources: []Resource{
   393  			{
   394  				Kind:                           "GKEHubFeature",
   395  				Releasable:                     true,
   396  				SupportsHierarchicalReferences: true,
   397  			},
   398  			{
   399  				Kind:                           "GKEHubFeatureMembership",
   400  				Releasable:                     true,
   401  				SupportsHierarchicalReferences: true,
   402  			},
   403  			{
   404  				Kind:                         "GKEHubMembership",
   405  				Releasable:                   true,
   406  				SupportsContainerAnnotations: true,
   407  			},
   408  		},
   409  	},
   410  	{
   411  		Name:       "IAM",
   412  		APIVersion: k8s.KCCAPIVersion,
   413  		DCLVersion: "ga",
   414  		Resources: []Resource{
   415  			{
   416  				Kind: "IAMServiceAccount",
   417  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   418  				Releasable: false,
   419  			},
   420  			{
   421  				Kind:                           "IAMWorkforcePool",
   422  				Releasable:                     true,
   423  				SupportsHierarchicalReferences: true,
   424  			},
   425  			{
   426  				Kind:                           "IAMWorkforcePoolProvider",
   427  				Releasable:                     true,
   428  				SupportsHierarchicalReferences: false,
   429  			},
   430  			{
   431  				Kind:                           "IAMWorkloadIdentityPool",
   432  				Releasable:                     true,
   433  				SupportsHierarchicalReferences: true,
   434  			},
   435  			{
   436  				Kind:                           "IAMWorkloadIdentityPoolProvider",
   437  				Releasable:                     true,
   438  				SupportsHierarchicalReferences: true,
   439  			},
   440  		},
   441  	},
   442  	{
   443  		Name:       "IAP",
   444  		APIVersion: k8s.KCCAPIVersion,
   445  		DCLVersion: "ga",
   446  		Resources: []Resource{
   447  			{
   448  				Kind:                         "IAPBrand",
   449  				Releasable:                   true,
   450  				SupportsContainerAnnotations: true,
   451  			},
   452  			{
   453  				Kind:                         "IAPIdentityAwareProxyClient",
   454  				Releasable:                   true,
   455  				SupportsContainerAnnotations: true,
   456  			},
   457  		},
   458  	},
   459  	{
   460  		Name:                 "IdentityPlatform",
   461  		ServiceNameUsedByDCL: "identitytoolkit",
   462  		APIVersion:           k8s.KCCAPIVersion,
   463  		DCLVersion:           "ga",
   464  		Resources: []Resource{
   465  			{
   466  				Kind:                           "IdentityPlatformConfig",
   467  				Releasable:                     true,
   468  				SupportsHierarchicalReferences: true,
   469  			},
   470  			{
   471  				Kind:                         "IdentityPlatformOAuthIDPConfig",
   472  				DCLType:                      "OAuthIdpConfig",
   473  				Releasable:                   true,
   474  				SupportsContainerAnnotations: true,
   475  			},
   476  			{
   477  				Kind:                         "IdentityPlatformTenant",
   478  				Releasable:                   true,
   479  				SupportsContainerAnnotations: true,
   480  			},
   481  			{
   482  				Kind:                         "IdentityPlatformTenantOAuthIDPConfig",
   483  				DCLType:                      "TenantOAuthIdpConfig",
   484  				Releasable:                   true,
   485  				SupportsContainerAnnotations: true,
   486  			},
   487  		},
   488  	},
   489  	{
   490  		Name:                 "KMS",
   491  		APIVersion:           k8s.KCCAPIVersion,
   492  		ServiceNameUsedByDCL: "cloudkms",
   493  		DCLVersion:           "ga",
   494  		Resources: []Resource{
   495  			{
   496  				Kind: "KMSCryptoKey",
   497  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   498  				Releasable: false,
   499  			},
   500  			{
   501  				Kind: "KMSCryptoKeyVersion",
   502  				// This resource is not implemented yet, only load its DCL OpenAPI schema for resource references.
   503  				Releasable: false,
   504  			},
   505  		},
   506  	},
   507  	{
   508  		Name:       "Logging",
   509  		APIVersion: k8s.KCCAPIVersion,
   510  		DCLVersion: "ga",
   511  		Resources: []Resource{
   512  			{
   513  				Kind:                           "LoggingLogBucket",
   514  				Releasable:                     true,
   515  				SupportsHierarchicalReferences: true,
   516  			},
   517  			{
   518  				Kind:                           "LoggingLogExclusion",
   519  				Releasable:                     true,
   520  				SupportsHierarchicalReferences: true,
   521  			},
   522  			{
   523  				Kind:                           "LoggingLogMetric",
   524  				Releasable:                     true,
   525  				SupportsHierarchicalReferences: true,
   526  			},
   527  			{
   528  				Kind:                           "LoggingLogView",
   529  				Releasable:                     true,
   530  				SupportsHierarchicalReferences: true,
   531  			},
   532  		},
   533  	},
   534  	{
   535  		Name:       "Monitoring",
   536  		APIVersion: k8s.KCCAPIVersion,
   537  		DCLVersion: "ga",
   538  		Resources: []Resource{
   539  			{
   540  				Kind:                           "MonitoringDashboard",
   541  				Releasable:                     true,
   542  				SupportsHierarchicalReferences: true,
   543  			},
   544  			{
   545  				Kind:                           "MonitoringGroup",
   546  				Releasable:                     true,
   547  				SupportsHierarchicalReferences: true,
   548  				SupportsContainerAnnotations:   true,
   549  			},
   550  			{
   551  				Kind:                           "MonitoringMetricDescriptor",
   552  				Releasable:                     true,
   553  				SupportsHierarchicalReferences: true,
   554  			},
   555  			{
   556  				Kind:                           "MonitoringMonitoredProject",
   557  				Releasable:                     true,
   558  				SupportsHierarchicalReferences: false,
   559  			},
   560  			{
   561  				Kind: "MonitoringNotificationChannel",
   562  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   563  				Releasable: false,
   564  			},
   565  			{
   566  				Kind:                           "MonitoringService",
   567  				Releasable:                     true,
   568  				SupportsHierarchicalReferences: true,
   569  			},
   570  			{
   571  				Kind:                           "MonitoringServiceLevelObjective",
   572  				Releasable:                     true,
   573  				SupportsHierarchicalReferences: true,
   574  			},
   575  			{
   576  				Kind:                           "MonitoringUptimeCheckConfig",
   577  				Releasable:                     true,
   578  				SupportsHierarchicalReferences: true,
   579  			},
   580  		},
   581  	},
   582  	{
   583  		Name:       "NetworkConnectivity",
   584  		APIVersion: k8s.KCCAPIVersion,
   585  		DCLVersion: "ga",
   586  		Resources: []Resource{
   587  			{
   588  				Kind:                           "NetworkConnectivityHub",
   589  				Releasable:                     true,
   590  				SupportsHierarchicalReferences: true,
   591  			},
   592  			{
   593  				Kind:                           "NetworkConnectivitySpoke",
   594  				Releasable:                     true,
   595  				SupportsHierarchicalReferences: true,
   596  			},
   597  		},
   598  	},
   599  	{
   600  		Name:       "NetworkSecurity",
   601  		APIVersion: k8s.KCCAPIVersion,
   602  		DCLVersion: "beta",
   603  		Resources: []Resource{
   604  			{
   605  				Kind:                           "NetworkSecurityAuthorizationPolicy",
   606  				Releasable:                     true,
   607  				SupportsHierarchicalReferences: true,
   608  			},
   609  			{
   610  				Kind:                           "NetworkSecurityClientTLSPolicy",
   611  				DCLType:                        "ClientTlsPolicy",
   612  				Releasable:                     true,
   613  				SupportsContainerAnnotations:   true,
   614  				SupportsHierarchicalReferences: true,
   615  			},
   616  			{
   617  				Kind:                           "NetworkSecurityServerTLSPolicy",
   618  				DCLType:                        "ServerTlsPolicy",
   619  				Releasable:                     true,
   620  				SupportsContainerAnnotations:   true,
   621  				SupportsHierarchicalReferences: true,
   622  			},
   623  		},
   624  	},
   625  	{
   626  		Name:       "NetworkServices",
   627  		APIVersion: k8s.KCCAPIVersion,
   628  		DCLVersion: "beta",
   629  		Resources: []Resource{
   630  			{
   631  				Kind:                           "NetworkServicesEndpointPolicy",
   632  				Releasable:                     true,
   633  				SupportsHierarchicalReferences: true,
   634  			},
   635  			{
   636  				Kind:                           "NetworkServicesGRPCRoute",
   637  				DCLType:                        "GrpcRoute",
   638  				Releasable:                     true,
   639  				SupportsHierarchicalReferences: true,
   640  				DCLVersion:                     "ga",
   641  			},
   642  			{
   643  				Kind:                           "NetworkServicesGateway",
   644  				Releasable:                     true,
   645  				SupportsHierarchicalReferences: true,
   646  				DCLVersion:                     "ga",
   647  			},
   648  			{
   649  				Kind:                           "NetworkServicesHTTPRoute",
   650  				DCLType:                        "HttpRoute",
   651  				Releasable:                     true,
   652  				SupportsHierarchicalReferences: true,
   653  				DCLVersion:                     "ga",
   654  			},
   655  			{
   656  				Kind:                           "NetworkServicesMesh",
   657  				Releasable:                     true,
   658  				SupportsHierarchicalReferences: true,
   659  				DCLVersion:                     "ga",
   660  			},
   661  			{
   662  				Kind:                           "NetworkServicesTCPRoute",
   663  				DCLType:                        "TcpRoute",
   664  				Releasable:                     true,
   665  				SupportsHierarchicalReferences: true,
   666  				DCLVersion:                     "ga",
   667  			},
   668  			{
   669  				Kind:                           "NetworkServicesTLSRoute",
   670  				DCLType:                        "TlsRoute",
   671  				Releasable:                     true,
   672  				SupportsHierarchicalReferences: true,
   673  				DCLVersion:                     "ga",
   674  			},
   675  		},
   676  	},
   677  	{
   678  		Name:       "OSConfig",
   679  		APIVersion: k8s.KCCAPIVersion,
   680  		DCLVersion: "beta",
   681  		Resources: []Resource{
   682  			{
   683  				Kind:                         "OSConfigGuestPolicy",
   684  				Releasable:                   true,
   685  				SupportsContainerAnnotations: true,
   686  			},
   687  			{
   688  				Kind:                           "OSConfigOSPolicyAssignment",
   689  				Releasable:                     true,
   690  				SupportsHierarchicalReferences: true,
   691  			},
   692  		},
   693  	},
   694  	{
   695  		Name:       "PrivateCA",
   696  		APIVersion: k8s.KCCAPIVersion,
   697  		DCLVersion: "ga",
   698  		Resources: []Resource{
   699  			{
   700  				Kind:                           "PrivateCACAPool",
   701  				DCLType:                        "CaPool",
   702  				Releasable:                     true,
   703  				SupportsHierarchicalReferences: true,
   704  			},
   705  			{
   706  				Kind:                           "PrivateCACertificate",
   707  				Releasable:                     true,
   708  				SupportsHierarchicalReferences: true,
   709  			},
   710  			{
   711  				Kind:                           "PrivateCACertificateAuthority",
   712  				Releasable:                     true,
   713  				SupportsHierarchicalReferences: true,
   714  			},
   715  			{
   716  				Kind:                           "PrivateCACertificateTemplate",
   717  				Releasable:                     true,
   718  				SupportsHierarchicalReferences: true,
   719  			},
   720  		},
   721  	},
   722  	{
   723  		Name:       "PubSub",
   724  		APIVersion: k8s.KCCAPIVersion,
   725  		DCLVersion: "ga",
   726  		Resources: []Resource{
   727  			{
   728  				Kind: "PubSubTopic",
   729  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   730  				Releasable: false,
   731  			},
   732  		},
   733  	},
   734  	{
   735  		Name:       "RecaptchaEnterprise",
   736  		APIVersion: k8s.KCCAPIVersion,
   737  		DCLVersion: "ga",
   738  		Resources: []Resource{
   739  			{
   740  				Kind:                           "RecaptchaEnterpriseKey",
   741  				Releasable:                     true,
   742  				SupportsHierarchicalReferences: true,
   743  			},
   744  		},
   745  	},
   746  	{
   747  		Name:                 "ResourceManager",
   748  		APIVersion:           k8s.KCCAPIVersion,
   749  		DCLVersion:           "ga",
   750  		ServiceNameUsedByDCL: "cloudresourcemanager",
   751  		Resources: []Resource{
   752  			{
   753  				Kind: "BillingAccount",
   754  				// This resource is not supported by DCL. This is added here to allow references from other resources to this resource.
   755  				Releasable: false,
   756  			},
   757  			{
   758  				Kind: "Folder",
   759  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   760  				Releasable: false,
   761  			},
   762  			{
   763  				Kind: "Organization",
   764  				// This resource is not supported by DCL. This is added here to allow references from other resources to this resource.
   765  				Releasable: false,
   766  			},
   767  			{
   768  				Kind: "Project",
   769  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   770  				Releasable: false,
   771  			},
   772  		},
   773  	},
   774  	{
   775  		Name:       "Run",
   776  		APIVersion: "v1beta1",
   777  		DCLVersion: "alpha",
   778  		Resources: []Resource{
   779  			{
   780  				Kind:                           "RunService",
   781  				Releasable:                     true,
   782  				SupportsHierarchicalReferences: true,
   783  			},
   784  		},
   785  	},
   786  	{
   787  		Name:       "SQL",
   788  		APIVersion: "v1beta1",
   789  		DCLVersion: "beta",
   790  		Resources: []Resource{
   791  			{
   792  				Kind: "SQLInstance",
   793  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   794  				Releasable: false,
   795  			},
   796  		},
   797  	},
   798  	{
   799  		Name:       "SecretManager",
   800  		APIVersion: "v1beta1",
   801  		DCLVersion: "beta",
   802  		Resources: []Resource{
   803  			{
   804  				Kind: "SecretManagerSecret",
   805  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   806  				Releasable: false,
   807  			},
   808  			{
   809  				Kind: "SecretManagerSecretVersion",
   810  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   811  				Releasable: false,
   812  			},
   813  		},
   814  	},
   815  	{
   816  		Name:       "Storage",
   817  		APIVersion: k8s.KCCAPIVersion,
   818  		DCLVersion: "ga",
   819  		Resources: []Resource{
   820  			{
   821  				Kind: "StorageBucket",
   822  				// This resource is implemented through Terraform/KCC bridge, only load its DCL OpenAPI schema for resource references
   823  				Releasable: false,
   824  			},
   825  		},
   826  	},
   827  	{
   828  		Name:       "VPCAccess",
   829  		APIVersion: "v1beta1",
   830  		DCLVersion: "beta",
   831  		Resources: []Resource{
   832  			{
   833  				Kind: "VPCAccessConnector",
   834  				// This resource is migrated to Terraform-based implementation, only load its DCL OpenAPI schema for resource references.
   835  				Releasable: false,
   836  			},
   837  		},
   838  	},
   839  	{
   840  		Name:       "Workflows",
   841  		APIVersion: "v1beta1",
   842  		DCLVersion: "beta",
   843  		Resources: []Resource{
   844  			{
   845  				Kind: "WorkflowsWorkflow",
   846  				// This resource is not supported by DCL. This is added here to allow references from other resources to this resource.
   847  				Releasable: false,
   848  			},
   849  		},
   850  	},
   851  }
   852  
   853  type ServiceMetadataLoader interface {
   854  	GetAllServiceMetadata() []ServiceMetadata
   855  	GetServiceMetadata(service string) (ServiceMetadata, bool)
   856  
   857  	// GetResourceWithGVK gets the Resource object that corresponds to the
   858  	// given GroupVersionKind.
   859  	GetResourceWithGVK(gvk k8sschema.GroupVersionKind) (Resource, bool)
   860  }
   861  
   862  type loader struct {
   863  	services []ServiceMetadata
   864  }
   865  
   866  // ServiceMetadata defines some KCC metadata around GCP services and DCL.
   867  type ServiceMetadata struct {
   868  	// Name is the name of the GCP service used by KCC following KRM naming convention, e.g. Spanner, PubSub, KMS
   869  	Name string
   870  	// APIVersion is the k8s API version of all the resource CRDs belong to this Service, e.g. v1beta, v1
   871  	APIVersion string
   872  	// DCLVersion is the version of DCL client used for this service, e.g. "ga", "beta" and "alpha".
   873  	// Each resource of the service can choose to use a different version by setting Resource.DCLVersion.
   874  	DCLVersion string
   875  	// DCLServiceName is the name of the GCP service used by DCL, by convention it's the service host name, e.g cloudkms
   876  	// If omitted, it assumes that DCL and KCC use the exact same name (case-insensitive) for this service
   877  	ServiceNameUsedByDCL string
   878  	// Resources is a list of GCP resources to support.
   879  	Resources []Resource
   880  }
   881  
   882  type Resource struct {
   883  	// Kind is the Kubernetes kind for the GCP resource
   884  	Kind string
   885  	// DCLVersion is the version of DCL client used for this resource, e.g. "ga", "beta" and "alpha".
   886  	// If omitted, it will default to the DCLVersion specified at the service level.
   887  	DCLVersion string
   888  	// DCLType is the resource type named by DCL, see https://source.corp.google.com/piper///depot/google3/cloud/graphite/mmv2/dcl/resource.go
   889  	// If omitted, it assumes that DCL and KCC use the exact same name (case-sensitive) for this resource.
   890  	// This field should only be specified if we want to change acronyms in the resource name to consistent capitalization to follow k8s naming conventions
   891  	// e.g OAuthIdpConfig -> OAuthIDPConfig.
   892  	DCLType string
   893  	// Releasable indicates if this resource is ready to release via DCL/KCC bridge.
   894  	// For existing tf-based resource kinds, this flag should be false, to only enable loading its OpenAPI schema.
   895  	Releasable bool
   896  	// SupportsHierarchicalReferences indicates if this resource supports
   897  	// hierarchical references (i.e. if the DCL resource supports one of the
   898  	// following top-level configurable fields: project, folder, organization,
   899  	// parent).
   900  	//
   901  	// TODO(b/186159460): Delete this field once all resources support
   902  	// hierarchical references since supporting hierarchical references is the
   903  	// future default behavior that is intended.
   904  	SupportsHierarchicalReferences bool
   905  	// Deprecated. New resources should not set this field. See
   906  	// SupportsHierarchicalReferences instead.
   907  	//
   908  	// SupportsContainerAnnotations indicates if this resource supports
   909  	// resource-level container annotations. This field can only be set if the
   910  	// resource supports the x-dcl-parent-container extension.
   911  	SupportsContainerAnnotations bool
   912  	// ReconciliationIntervalInSeconds specifies the default mean reconciliation interval for this resource.
   913  	// Providing the value in DCL metadata config is optional. If not explicity configured a global
   914  	// default value of 600 will be used.
   915  	ReconciliationIntervalInSeconds *uint32
   916  }
   917  
   918  func New() ServiceMetadataLoader {
   919  	return NewFromServiceList(serviceList)
   920  }
   921  
   922  func NewFromServiceList(serviceList []ServiceMetadata) ServiceMetadataLoader {
   923  	loader := loader{
   924  		services: make([]ServiceMetadata, 0),
   925  	}
   926  	// make a local copy
   927  	for _, s := range serviceList {
   928  		s = defaultDCLServiceNameIfOmitted(s)
   929  		s = defaultDCLVersionInResourceIfOmitted(s)
   930  		s = defaultDCLTypeNameIfOmitted(s)
   931  		loader.services = append(loader.services, s)
   932  	}
   933  	return &loader
   934  }
   935  
   936  func (l *loader) GetAllServiceMetadata() []ServiceMetadata {
   937  	ret := make([]ServiceMetadata, 0)
   938  	for _, v := range l.services {
   939  		ret = append(ret, v)
   940  	}
   941  	return ret
   942  }
   943  
   944  // GetServiceMetadata returns the service metadata given the service name.
   945  func (l *loader) GetServiceMetadata(service string) (ServiceMetadata, bool) {
   946  	serviceName := CanonicalizeServiceName(service)
   947  	for _, sm := range l.services {
   948  		if CanonicalizeServiceName(sm.ServiceNameUsedByDCL) == serviceName {
   949  			return sm, true
   950  		}
   951  		if CanonicalizeServiceName(sm.Name) == serviceName {
   952  			return sm, true
   953  		}
   954  	}
   955  	return ServiceMetadata{}, false
   956  }
   957  
   958  func (l *loader) GetResourceWithGVK(gvk k8sschema.GroupVersionKind) (Resource, bool) {
   959  	service := groupToService(gvk.Group)
   960  	sm, found := l.GetServiceMetadata(service)
   961  	if !found {
   962  		return Resource{}, false
   963  	}
   964  	return sm.GetResourceWithKind(gvk.Kind)
   965  }
   966  
   967  func (sm *ServiceMetadata) GetResourceWithKind(kind string) (Resource, bool) {
   968  	for _, r := range sm.Resources {
   969  		if r.Kind == kind {
   970  			return r, true
   971  		}
   972  	}
   973  	return Resource{}, false
   974  }
   975  
   976  func (sm *ServiceMetadata) GetResourceWithType(t string) (Resource, bool) {
   977  	for _, r := range sm.Resources {
   978  		if r.DCLType == t {
   979  			return r, true
   980  		}
   981  	}
   982  	return Resource{}, false
   983  }
   984  
   985  func GVKForResource(sm ServiceMetadata, r Resource) k8sschema.GroupVersionKind {
   986  	return k8sschema.GroupVersionKind{
   987  		Group:   strings.ToLower(sm.Name) + "." + k8s.CNRMGroup,
   988  		Kind:    r.Kind,
   989  		Version: sm.APIVersion,
   990  	}
   991  }
   992  
   993  func CanonicalizeServiceName(service string) string {
   994  	// always uses lower cases to avoid different KRM and GCP naming conventions
   995  	// e.g. PubSub vs Pubsub, IAM vs Iam
   996  	return strings.ToLower(service)
   997  }
   998  
   999  func defaultDCLTypeNameIfOmitted(s ServiceMetadata) ServiceMetadata {
  1000  	for i := range s.Resources {
  1001  		if s.Resources[i].DCLType == "" {
  1002  			gvk := GVKForResource(s, s.Resources[i])
  1003  			// Extract out the DCLType from the KRM Kind
  1004  			kindWithoutServicePrefix := k8s.KindWithoutServicePrefix(gvk)
  1005  			s.Resources[i].DCLType = kindWithoutServicePrefix
  1006  		}
  1007  	}
  1008  	return s
  1009  }
  1010  
  1011  func defaultDCLVersionInResourceIfOmitted(s ServiceMetadata) ServiceMetadata {
  1012  	for i := range s.Resources {
  1013  		if s.Resources[i].DCLVersion == "" {
  1014  			s.Resources[i].DCLVersion = s.DCLVersion
  1015  		}
  1016  	}
  1017  	return s
  1018  }
  1019  
  1020  func defaultDCLServiceNameIfOmitted(s ServiceMetadata) ServiceMetadata {
  1021  	if s.ServiceNameUsedByDCL == "" {
  1022  		s.ServiceNameUsedByDCL = strings.ToLower(s.Name)
  1023  	}
  1024  	return s
  1025  }
  1026
View as plain text