* Feat: add the rbac data model
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add some api about the project
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add CRUD about the project and the project user
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add CRUD about the role and perm check filter function
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: update swagger config
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add default roles and perm policies
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add perm check filter for all webservice
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: change the method that find project name
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: query applications and envs by user perm
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: support get login user info
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Fix: change default permissions
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: change PermPolicy to Permission
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add some unit test and fix the e2e test error
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Fix: change some comment word
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Fix: e2e api path error
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Fix(context): add support for context.appLables and context.appAnnotations (#3463)
Signed-off-by: zxbyoyoyo <596908030@qq.com>
Signed-off-by: 朱晓兵 <596908030@qq.com>
* Fix: unit test
Signed-off-by: 朱晓兵 <596908030@qq.com>
* Fix: recover deleted field
Signed-off-by: 朱晓兵 <596908030@qq.com>
* Feat: support the mountPath parameter of trait-storage-secret is optional Signed-off-by: maxiangbo maxiangboo@cmbchina.com
Signed-off-by: fourierr <maxiangboo@qq.com>
* Feat: support the mountPath parameter of trait-storage is optional Signed-off-by: maxiangbo maxiangboo@cmbchina.com
Signed-off-by: fourierr <maxiangboo@qq.com>
* Feat: add auto clear data function for the memory cache
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add memory cache store
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: add some test case for the utils package
Signed-off-by: barnettZQG <barnett.zqg@gmail.com>
* Feat: poll multi-cluster metrics and export to prometheus
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* pass context to polling loop
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* move metrics definition to montitor/metrics/multicluster.go
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* remove pod usage metric and make reviewable
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* revert the change of GetClusterMetricsFromMetricsAPI
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* revert the change of GetClusterMetricsFromMetricsAPI
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* Separate the polling logic into a function
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* add start menber function
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* make refreshPeriod a menber var
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* fix typo
Signed-off-by: zhukunshuai <jookunshuai@gmail.com>
* Refactor: refactor multi cluster round trippers
Before adding more RoundTrippers, it would be better to expose common
logic in the utility package.
This commit exports `tryCancelRequest` at `utils` package, and make
`secretMultiClusterRoundTripper` implement `RoundTripperWrapper`
interface to allow chaining multiple round trippers.
Refs #3432
Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
* Feat: reconcile app with scoped permissions
Currently, all Application resources are reconciled by the Roles bound
to the controller service account. This behavior gives us the power to
manage resources across multiple namespaces. However, this behavior can
be problematic in the soft-multitenancy environment.
This commit adds `serviceAccountName` to ApplicationSepc to reconcile
Application with the given service account for reconciling Application
with scoped permissions.
Refs #3432
Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
* Refactor: extract context setter as method
https://github.com/oam-dev/kubevela/pull/3434#discussion_r825561603
Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
* Feat: use annotation instead of spec
https://github.com/oam-dev/kubevela/issues/3432#issuecomment-1066460269
Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
* Refactor: unify service account setter caller
https://github.com/oam-dev/kubevela/pull/3434#discussion_r825853612
Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
* Refactor: rename GetServiceAccountName
https://github.com/oam-dev/kubevela/pull/3434#discussion_r826514565
Signed-off-by: Sunghoon Kang <hoon@linecorp.com>
