Authz/Schema: Remove unused stub cue definitions (#100387)

kinds/accesspolicy/access_policy_kind.cue

@@ -1,51 +0,0 @@
-package kind
-
-name:              "AccessPolicy"
-maturity:          "merged"
-description:       "Access rules for a scope+role.  NOTE there is a unique constraint on role+scope"
-pluralName:        "AccessPolicies"
-machineName:       "accesspolicy"
-pluralMachineName: "accesspolicies"
-
-lineage: schemas: [{
-	version: [0, 0]
-	schema: {
-		spec: {
-			// The scope where these policies should apply
-			scope: #ResourceRef
-
-			// The role that must apply this policy 
-			role: #RoleRef
-
-			// The set of rules to apply.  Note that * is required to modify
-			// access policy rules, and that "none" will reject all actions
-			rules: [...#AccessRule]
-		} @cuetsy(kind="interface")
-
-		#RoleRef: {
-			// Policies can apply to roles, teams, or users
-			// Applying policies to individual users is supported, but discouraged
-			kind:  "Role" | "BuiltinRole" | "Team" | "User"
-			name:  string
-			xname: string // temporary
-		} @cuetsy(kind="interface")
-
-		#ResourceRef: {
-			kind: string // explicit resource or folder will cascade
-			name: string
-		} @cuetsy(kind="interface")
-
-		#AccessRule: {
-			// The kind this rule applies to (dashboards, alert, etc)
-			kind: "*" | string
-
-			// READ, WRITE, CREATE, DELETE, ...
-			// should move to k8s style verbs like: "get", "list", "watch", "create", "update", "patch", "delete" 
-			verb: "*" | "none" | string
-
-			// Specific sub-elements like "alert.rules" or "dashboard.permissions"????
-			target?: string
-		} @cuetsy(kind="interface")
-	}
-},
-]

kinds/role/role_kind.cue

@@ -1,25 +0,0 @@
-package kind
-
-name:        "Role"
-maturity:    "merged"
-description: "Roles represent a set of users+teams that should share similar access"
-
-lineage: schemas: [{
-	version: [0, 0]
-	schema: {
-		spec: {
-			// The role identifier `managed:builtins:editor:permissions`
-			name: string
-			// Optional display
-			displayName?: string
-			// Name of the team.
-			groupName?: string
-			// Role description
-			description?: string
-
-			// Do not show this role
-			hidden: bool | false
-		} @cuetsy(kind="interface")
-	}
-},
-]

kinds/rolebinding/role_binding_kind.cue

@@ -1,36 +0,0 @@
-package kind
-
-name:        "RoleBinding"
-maturity:    "merged"
-description: "Role bindings links a user|team to a configured role"
-
-lineage: schemas: [{
-	version: [0, 0]
-	schema: {
-		spec: {
-			// The role we are discussing
-			role: #BuiltinRoleRef | #CustomRoleRef
-
-			// The team or user that has the specified role
-			subject: #RoleBindingSubject
-		} @cuetsy(kind="interface")
-
-		#CustomRoleRef: {
-			kind: "Role"
-			name: string
-		} @cuetsy(kind="interface")
-
-		#BuiltinRoleRef: {
-			kind: "BuiltinRole"
-			name: "viewer" | "editor" | "admin"
-		} @cuetsy(kind="interface")
-
-		#RoleBindingSubject: {
-			kind: "Team" | "User"
-
-			// The team/user identifier name
-			name: string
-		} @cuetsy(kind="interface")
-	}
-},
-]

packages/grafana-schema/src/index.gen.ts

@@ -7,17 +7,6 @@
 //
 // Run 'make gen-cue' from repository root to regenerate.
 
-// Raw generated types from AccessPolicy kind.
-export type {
-  AccessPolicy,
-  RoleRef,
-  ResourceRef,
-  AccessRule
-} from './raw/accesspolicy/x/accesspolicy_types.gen';
-
-// Raw generated enums and default consts from accesspolicy kind.
-export { defaultAccessPolicy } from './raw/accesspolicy/x/accesspolicy_types.gen';
-
 // Raw generated types from Dashboard kind.
 export type {
   AnnotationTarget,
@@ -135,14 +124,3 @@ export { defaultNavbarPreference } from './raw/preferences/x/preferences_types.g
 
 // Raw generated types from PublicDashboard kind.
 export type { PublicDashboard } from './raw/publicdashboard/x/publicdashboard_types.gen';
-
-// Raw generated types from Role kind.
-export type { Role } from './raw/role/x/role_types.gen';
-
-// Raw generated types from RoleBinding kind.
-export type {
-  RoleBinding,
-  CustomRoleRef,
-  BuiltinRoleRef,
-  RoleBindingSubject
-} from './raw/rolebinding/x/rolebinding_types.gen';

packages/grafana-schema/src/raw/accesspolicy/x/accesspolicy_types.gen.ts

@@ -1,60 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     TSTypesJenny
-//     LatestMajorsOrXJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-export interface RoleRef {
-  /**
-   * Policies can apply to roles, teams, or users
-   * Applying policies to individual users is supported, but discouraged
-   */
-  kind: ('Role' | 'BuiltinRole' | 'Team' | 'User');
-  name: string;
-  xname: string; // temporary
-}
-
-export interface ResourceRef {
-  kind: string; // explicit resource or folder will cascade
-  name: string;
-}
-
-export interface AccessRule {
-  /**
-   * The kind this rule applies to (dashboards, alert, etc)
-   */
-  kind: ('*' | string);
-  /**
-   * Specific sub-elements like "alert.rules" or "dashboard.permissions"????
-   */
-  target?: string;
-  /**
-   * READ, WRITE, CREATE, DELETE, ...
-   * should move to k8s style verbs like: "get", "list", "watch", "create", "update", "patch", "delete"
-   */
-  verb: ('*' | 'none' | string);
-}
-
-export interface AccessPolicy {
-  /**
-   * The role that must apply this policy
-   */
-  role: RoleRef;
-  /**
-   * The set of rules to apply.  Note that * is required to modify
-   * access policy rules, and that "none" will reject all actions
-   */
-  rules: Array<AccessRule>;
-  /**
-   * The scope where these policies should apply
-   */
-  scope: ResourceRef;
-}
-
-export const defaultAccessPolicy: Partial<AccessPolicy> = {
-  rules: [],
-};

packages/grafana-schema/src/raw/role/x/role_types.gen.ts

@@ -1,32 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     TSTypesJenny
-//     LatestMajorsOrXJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-export interface Role {
-  /**
-   * Role description
-   */
-  description?: string;
-  /**
-   * Optional display
-   */
-  displayName?: string;
-  /**
-   * Name of the team.
-   */
-  groupName?: string;
-  /**
-   * Do not show this role
-   */
-  hidden: (boolean | false);
-  /**
-   * The role identifier `managed:builtins:editor:permissions`
-   */
-  name: string;
-}

packages/grafana-schema/src/raw/rolebinding/x/rolebinding_types.gen.ts

@@ -1,38 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     TSTypesJenny
-//     LatestMajorsOrXJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-export interface CustomRoleRef {
-  kind: 'Role';
-  name: string;
-}
-
-export interface BuiltinRoleRef {
-  kind: 'BuiltinRole';
-  name: ('viewer' | 'editor' | 'admin');
-}
-
-export interface RoleBindingSubject {
-  kind: ('Team' | 'User');
-  /**
-   * The team/user identifier name
-   */
-  name: string;
-}
-
-export interface RoleBinding {
-  /**
-   * The role we are discussing
-   */
-  role: (BuiltinRoleRef | CustomRoleRef);
-  /**
-   * The team or user that has the specified role
-   */
-  subject: RoleBindingSubject;
-}

pkg/kinds/accesspolicy/accesspolicy_gen.go

@@ -1,43 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package accesspolicy
-
-import (
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	"github.com/grafana/grafana/pkg/kinds"
-)
-
-// Resource is the kubernetes style representation of AccessPolicy. (TODO be better)
-type K8sResource = kinds.GrafanaResource[Spec, Status]
-
-// NewResource creates a new instance of the resource with a given name (UID)
-func NewK8sResource(name string, s *Spec) K8sResource {
-	return K8sResource{
-		TypeMeta: v1.TypeMeta{
-			Kind:       "AccessPolicy",
-			APIVersion: "v0-0-alpha",
-		},
-		ObjectMeta: v1.ObjectMeta{
-			Name:        name,
-			Annotations: make(map[string]string),
-			Labels:      make(map[string]string),
-		},
-		Spec: s,
-	}
-}
-
-// Resource is the wire representation of AccessPolicy.
-// It currently will soon be merged into the k8s flavor (TODO be better)
-type Resource struct {
-	Metadata Metadata `json:"metadata"`
-	Spec     Spec     `json:"spec"`
-	Status   Status   `json:"status"`
-}

pkg/kinds/accesspolicy/accesspolicy_metadata_gen.go

@@ -1,42 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package accesspolicy
-
-import (
-	"time"
-)
-
-// Metadata defines model for Metadata.
-type Metadata struct {
-	CreatedBy         string     `json:"createdBy"`
-	CreationTimestamp time.Time  `json:"creationTimestamp"`
-	DeletionTimestamp *time.Time `json:"deletionTimestamp,omitempty"`
-
-	// extraFields is reserved for any fields that are pulled from the API server metadata but do not have concrete fields in the CUE metadata
-	ExtraFields     map[string]any    `json:"extraFields"`
-	Finalizers      []string          `json:"finalizers"`
-	Labels          map[string]string `json:"labels"`
-	ResourceVersion string            `json:"resourceVersion"`
-	Uid             string            `json:"uid"`
-	UpdateTimestamp time.Time         `json:"updateTimestamp"`
-	UpdatedBy       string            `json:"updatedBy"`
-}
-
-// _kubeObjectMetadata is metadata found in a kubernetes object's metadata field.
-// It is not exhaustive and only includes fields which may be relevant to a kind's implementation,
-// As it is also intended to be generic enough to function with any API Server.
-type KubeObjectMetadata struct {
-	CreationTimestamp time.Time         `json:"creationTimestamp"`
-	DeletionTimestamp *time.Time        `json:"deletionTimestamp,omitempty"`
-	Finalizers        []string          `json:"finalizers"`
-	Labels            map[string]string `json:"labels"`
-	ResourceVersion   string            `json:"resourceVersion"`
-	Uid               string            `json:"uid"`
-}

pkg/kinds/accesspolicy/accesspolicy_spec_gen.go

@@ -1,79 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     GoResourceTypes
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-
-package accesspolicy
-
-type ResourceRef struct {
-	// explicit resource or folder will cascade
-	Kind string `json:"kind"`
-	Name string `json:"name"`
-}
-
-// NewResourceRef creates a new ResourceRef object.
-func NewResourceRef() *ResourceRef {
-	return &ResourceRef{}
-}
-
-type RoleRef struct {
-	// Policies can apply to roles, teams, or users
-	// Applying policies to individual users is supported, but discouraged
-	Kind RoleRefKind `json:"kind"`
-	Name string      `json:"name"`
-	// temporary
-	Xname string `json:"xname"`
-}
-
-// NewRoleRef creates a new RoleRef object.
-func NewRoleRef() *RoleRef {
-	return &RoleRef{}
-}
-
-type AccessRule struct {
-	// The kind this rule applies to (dashboards, alert, etc)
-	Kind string `json:"kind"`
-	// READ, WRITE, CREATE, DELETE, ...
-	// should move to k8s style verbs like: "get", "list", "watch", "create", "update", "patch", "delete"
-	Verb string `json:"verb"`
-	// Specific sub-elements like "alert.rules" or "dashboard.permissions"????
-	Target *string `json:"target,omitempty"`
-}
-
-// NewAccessRule creates a new AccessRule object.
-func NewAccessRule() *AccessRule {
-	return &AccessRule{}
-}
-
-type Spec struct {
-	// The scope where these policies should apply
-	Scope ResourceRef `json:"scope"`
-	// The role that must apply this policy
-	Role RoleRef `json:"role"`
-	// The set of rules to apply.  Note that * is required to modify
-	// access policy rules, and that "none" will reject all actions
-	Rules []AccessRule `json:"rules"`
-}
-
-// NewSpec creates a new Spec object.
-func NewSpec() *Spec {
-	return &Spec{
-		Scope: *NewResourceRef(),
-		Role:  *NewRoleRef(),
-	}
-}
-
-type RoleRefKind string
-
-const (
-	RoleRefKindRole        RoleRefKind = "Role"
-	RoleRefKindBuiltinRole RoleRefKind = "BuiltinRole"
-	RoleRefKindTeam        RoleRefKind = "Team"
-	RoleRefKindUser        RoleRefKind = "User"
-)

pkg/kinds/accesspolicy/accesspolicy_status_gen.go

@@ -1,74 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package accesspolicy
-
-// Defines values for OperatorStateState.
-const (
-	OperatorStateStateFailed     OperatorStateState = "failed"
-	OperatorStateStateInProgress OperatorStateState = "in_progress"
-	OperatorStateStateSuccess    OperatorStateState = "success"
-)
-
-// Defines values for StatusOperatorStateState.
-const (
-	StatusOperatorStateStateFailed     StatusOperatorStateState = "failed"
-	StatusOperatorStateStateInProgress StatusOperatorStateState = "in_progress"
-	StatusOperatorStateStateSuccess    StatusOperatorStateState = "success"
-)
-
-// OperatorState defines model for OperatorState.
-type OperatorState struct {
-	// descriptiveState is an optional more descriptive state field which has no requirements on format
-	DescriptiveState *string `json:"descriptiveState,omitempty"`
-
-	// details contains any extra information that is operator-specific
-	Details map[string]any `json:"details,omitempty"`
-
-	// lastEvaluation is the ResourceVersion last evaluated
-	LastEvaluation string `json:"lastEvaluation"`
-
-	// state describes the state of the lastEvaluation.
-	// It is limited to three possible states for machine evaluation.
-	State OperatorStateState `json:"state"`
-}
-
-// OperatorStateState state describes the state of the lastEvaluation.
-// It is limited to three possible states for machine evaluation.
-type OperatorStateState string
-
-// Status defines model for Status.
-type Status struct {
-	// additionalFields is reserved for future use
-	AdditionalFields map[string]any `json:"additionalFields,omitempty"`
-
-	// operatorStates is a map of operator ID to operator state evaluations.
-	// Any operator which consumes this kind SHOULD add its state evaluation information to this field.
-	OperatorStates map[string]StatusOperatorState `json:"operatorStates,omitempty"`
-}
-
-// StatusOperatorState defines model for status.#OperatorState.
-type StatusOperatorState struct {
-	// descriptiveState is an optional more descriptive state field which has no requirements on format
-	DescriptiveState *string `json:"descriptiveState,omitempty"`
-
-	// details contains any extra information that is operator-specific
-	Details map[string]any `json:"details,omitempty"`
-
-	// lastEvaluation is the ResourceVersion last evaluated
-	LastEvaluation string `json:"lastEvaluation"`
-
-	// state describes the state of the lastEvaluation.
-	// It is limited to three possible states for machine evaluation.
-	State StatusOperatorStateState `json:"state"`
-}
-
-// StatusOperatorStateState state describes the state of the lastEvaluation.
-// It is limited to three possible states for machine evaluation.
-type StatusOperatorStateState string

pkg/kinds/accesspolicy/utils.go

@@ -1,99 +0,0 @@
-package accesspolicy
-
-import (
-	"sort"
-
-	"github.com/grafana/grafana/pkg/util"
-)
-
-const PermissionsTarget = "permissions"
-const AllowAll = "*"
-const AllowNone = "none"
-
-func ReduceRules(rules []AccessRule) []AccessRule {
-	type verbs struct {
-		Verb     map[string][]string
-		Terminal string
-	}
-
-	kinds := make(map[string]*verbs)
-	for _, rule := range rules {
-		if rule.Kind == "" || rule.Verb == "" {
-			continue // invalid
-		}
-
-		// flip write permission to *
-		if rule.Target != nil && *rule.Target == PermissionsTarget {
-			if rule.Verb == "write" {
-				rule.Verb = AllowAll
-			}
-		}
-		kind, ok := kinds[rule.Kind]
-		if !ok {
-			kind = &verbs{
-				Verb: make(map[string][]string),
-			}
-			kinds[rule.Kind] = kind
-		}
-
-		terminal := rule.Verb == AllowAll || rule.Verb == AllowNone
-		if terminal {
-			if rule.Kind == AllowAll {
-				return []AccessRule{rule}
-			}
-			kind.Terminal = rule.Verb
-		} else if kind.Terminal == "" {
-			targets, ok := kind.Verb[rule.Verb]
-			if !ok {
-				targets = []string{}
-			}
-			if rule.Target != nil && !contains(targets, *rule.Target) {
-				targets = append(targets, *rule.Target)
-				sort.Strings(targets)
-			}
-			kind.Verb[rule.Verb] = targets
-		}
-	}
-
-	results := make([]AccessRule, 0)
-	for _, kind := range getSortedKeys(kinds) {
-		verb := kinds[kind]
-		if verb.Terminal != "" {
-			results = append(results, AccessRule{Kind: kind, Verb: verb.Terminal})
-		} else {
-			for _, v := range getSortedKeys(verb.Verb) {
-				targets := verb.Verb[v]
-				if len(targets) == 0 {
-					results = append(results, AccessRule{Kind: kind, Verb: v})
-				} else {
-					for _, t := range targets {
-						results = append(results, AccessRule{
-							Kind:   kind,
-							Verb:   v,
-							Target: util.Pointer(t),
-						})
-					}
-				}
-			}
-		}
-	}
-	return results
-}
-
-func getSortedKeys[T any](vals map[string]T) []string {
-	keys := make([]string, 0, len(vals))
-	for k := range vals {
-		keys = append(keys, k)
-	}
-	sort.Strings(keys)
-	return keys
-}
-
-func contains[T comparable](s []T, e T) bool {
-	for _, v := range s {
-		if v == e {
-			return true
-		}
-	}
-	return false
-}

pkg/kinds/accesspolicy/utils_test.go

@@ -1,68 +0,0 @@
-package accesspolicy
-
-import (
-	"encoding/json"
-	"fmt"
-	"testing"
-
-	"github.com/grafana/grafana/pkg/util"
-	"github.com/stretchr/testify/require"
-)
-
-func TestRuleReducer(t *testing.T) {
-	t.Run("Check write pointer becomes star", func(t *testing.T) {
-		rules := ReduceRules([]AccessRule{
-			{Kind: "dashboard", Verb: "read"},
-			{Kind: "dashboard", Verb: "write", Target: util.Pointer("permissions")},
-			{Kind: "dashboard", Verb: "read"},
-		})
-		require.Len(t, rules, 1)
-		require.Equal(t, rules[0], AccessRule{Kind: "dashboard", Verb: "*"})
-	})
-
-	t.Run("Check sort", func(t *testing.T) {
-		rules := ReduceRules([]AccessRule{
-			{Kind: "x", Verb: "b"},
-			{Kind: "x", Verb: "a"},
-			{Kind: "x", Verb: "a"}, // ignore duplicates
-			{Kind: "x", Verb: "a"}, // ignore duplicates
-			{Kind: "x", Verb: "a"}, // ignore duplicates
-			{Kind: "x", Verb: "a"},
-			{Kind: "z", Verb: "b"},
-			{Kind: "AAA", Verb: ""}, // ignore
-			{Kind: "", Verb: "XXX"}, // ignore
-			{Kind: "z", Verb: "a"},
-			{Kind: "y", Verb: "b"},
-			{Kind: "y", Verb: "a"},
-		})
-		out, err := json.MarshalIndent(rules, "", "  ")
-		fmt.Printf("%s", string(out))
-		require.NoError(t, err)
-		require.JSONEq(t, `[
-			{
-			  "kind": "x",
-			  "verb": "a"
-			},
-			{
-			  "kind": "x",
-			  "verb": "b"
-			},
-			{
-			  "kind": "y",
-			  "verb": "a"
-			},
-			{
-			  "kind": "y",
-			  "verb": "b"
-			},
-			{
-			  "kind": "z",
-			  "verb": "a"
-			},
-			{
-			  "kind": "z",
-			  "verb": "b"
-			}
-		  ]`, string(out))
-	})
-}

pkg/kinds/role/role_gen.go

@@ -1,43 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package role
-
-import (
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	"github.com/grafana/grafana/pkg/kinds"
-)
-
-// Resource is the kubernetes style representation of Role. (TODO be better)
-type K8sResource = kinds.GrafanaResource[Spec, Status]
-
-// NewResource creates a new instance of the resource with a given name (UID)
-func NewK8sResource(name string, s *Spec) K8sResource {
-	return K8sResource{
-		TypeMeta: v1.TypeMeta{
-			Kind:       "Role",
-			APIVersion: "v0-0-alpha",
-		},
-		ObjectMeta: v1.ObjectMeta{
-			Name:        name,
-			Annotations: make(map[string]string),
-			Labels:      make(map[string]string),
-		},
-		Spec: s,
-	}
-}
-
-// Resource is the wire representation of Role.
-// It currently will soon be merged into the k8s flavor (TODO be better)
-type Resource struct {
-	Metadata Metadata `json:"metadata"`
-	Spec     Spec     `json:"spec"`
-	Status   Status   `json:"status"`
-}

pkg/kinds/role/role_metadata_gen.go

@@ -1,42 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package role
-
-import (
-	"time"
-)
-
-// Metadata defines model for Metadata.
-type Metadata struct {
-	CreatedBy         string     `json:"createdBy"`
-	CreationTimestamp time.Time  `json:"creationTimestamp"`
-	DeletionTimestamp *time.Time `json:"deletionTimestamp,omitempty"`
-
-	// extraFields is reserved for any fields that are pulled from the API server metadata but do not have concrete fields in the CUE metadata
-	ExtraFields     map[string]any    `json:"extraFields"`
-	Finalizers      []string          `json:"finalizers"`
-	Labels          map[string]string `json:"labels"`
-	ResourceVersion string            `json:"resourceVersion"`
-	Uid             string            `json:"uid"`
-	UpdateTimestamp time.Time         `json:"updateTimestamp"`
-	UpdatedBy       string            `json:"updatedBy"`
-}
-
-// _kubeObjectMetadata is metadata found in a kubernetes object's metadata field.
-// It is not exhaustive and only includes fields which may be relevant to a kind's implementation,
-// As it is also intended to be generic enough to function with any API Server.
-type KubeObjectMetadata struct {
-	CreationTimestamp time.Time         `json:"creationTimestamp"`
-	DeletionTimestamp *time.Time        `json:"deletionTimestamp,omitempty"`
-	Finalizers        []string          `json:"finalizers"`
-	Labels            map[string]string `json:"labels"`
-	ResourceVersion   string            `json:"resourceVersion"`
-	Uid               string            `json:"uid"`
-}

pkg/kinds/role/role_spec_gen.go

@@ -1,30 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     GoResourceTypes
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-
-package role
-
-type Spec struct {
-	// The role identifier `managed:builtins:editor:permissions`
-	Name string `json:"name"`
-	// Optional display
-	DisplayName *string `json:"displayName,omitempty"`
-	// Name of the team.
-	GroupName *string `json:"groupName,omitempty"`
-	// Role description
-	Description *string `json:"description,omitempty"`
-	// Do not show this role
-	Hidden bool `json:"hidden"`
-}
-
-// NewSpec creates a new Spec object.
-func NewSpec() *Spec {
-	return &Spec{}
-}

pkg/kinds/role/role_status_gen.go

@@ -1,74 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package role
-
-// Defines values for OperatorStateState.
-const (
-	OperatorStateStateFailed     OperatorStateState = "failed"
-	OperatorStateStateInProgress OperatorStateState = "in_progress"
-	OperatorStateStateSuccess    OperatorStateState = "success"
-)
-
-// Defines values for StatusOperatorStateState.
-const (
-	StatusOperatorStateStateFailed     StatusOperatorStateState = "failed"
-	StatusOperatorStateStateInProgress StatusOperatorStateState = "in_progress"
-	StatusOperatorStateStateSuccess    StatusOperatorStateState = "success"
-)
-
-// OperatorState defines model for OperatorState.
-type OperatorState struct {
-	// descriptiveState is an optional more descriptive state field which has no requirements on format
-	DescriptiveState *string `json:"descriptiveState,omitempty"`
-
-	// details contains any extra information that is operator-specific
-	Details map[string]any `json:"details,omitempty"`
-
-	// lastEvaluation is the ResourceVersion last evaluated
-	LastEvaluation string `json:"lastEvaluation"`
-
-	// state describes the state of the lastEvaluation.
-	// It is limited to three possible states for machine evaluation.
-	State OperatorStateState `json:"state"`
-}
-
-// OperatorStateState state describes the state of the lastEvaluation.
-// It is limited to three possible states for machine evaluation.
-type OperatorStateState string
-
-// Status defines model for Status.
-type Status struct {
-	// additionalFields is reserved for future use
-	AdditionalFields map[string]any `json:"additionalFields,omitempty"`
-
-	// operatorStates is a map of operator ID to operator state evaluations.
-	// Any operator which consumes this kind SHOULD add its state evaluation information to this field.
-	OperatorStates map[string]StatusOperatorState `json:"operatorStates,omitempty"`
-}
-
-// StatusOperatorState defines model for status.#OperatorState.
-type StatusOperatorState struct {
-	// descriptiveState is an optional more descriptive state field which has no requirements on format
-	DescriptiveState *string `json:"descriptiveState,omitempty"`
-
-	// details contains any extra information that is operator-specific
-	Details map[string]any `json:"details,omitempty"`
-
-	// lastEvaluation is the ResourceVersion last evaluated
-	LastEvaluation string `json:"lastEvaluation"`
-
-	// state describes the state of the lastEvaluation.
-	// It is limited to three possible states for machine evaluation.
-	State StatusOperatorStateState `json:"state"`
-}
-
-// StatusOperatorStateState state describes the state of the lastEvaluation.
-// It is limited to three possible states for machine evaluation.
-type StatusOperatorStateState string

pkg/kinds/rolebinding/rolebinding_gen.go

@@ -1,43 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package rolebinding
-
-import (
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	"github.com/grafana/grafana/pkg/kinds"
-)
-
-// Resource is the kubernetes style representation of RoleBinding. (TODO be better)
-type K8sResource = kinds.GrafanaResource[Spec, Status]
-
-// NewResource creates a new instance of the resource with a given name (UID)
-func NewK8sResource(name string, s *Spec) K8sResource {
-	return K8sResource{
-		TypeMeta: v1.TypeMeta{
-			Kind:       "RoleBinding",
-			APIVersion: "v0-0-alpha",
-		},
-		ObjectMeta: v1.ObjectMeta{
-			Name:        name,
-			Annotations: make(map[string]string),
-			Labels:      make(map[string]string),
-		},
-		Spec: s,
-	}
-}
-
-// Resource is the wire representation of RoleBinding.
-// It currently will soon be merged into the k8s flavor (TODO be better)
-type Resource struct {
-	Metadata Metadata `json:"metadata"`
-	Spec     Spec     `json:"spec"`
-	Status   Status   `json:"status"`
-}

pkg/kinds/rolebinding/rolebinding_metadata_gen.go

@@ -1,42 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package rolebinding
-
-import (
-	"time"
-)
-
-// Metadata defines model for Metadata.
-type Metadata struct {
-	CreatedBy         string     `json:"createdBy"`
-	CreationTimestamp time.Time  `json:"creationTimestamp"`
-	DeletionTimestamp *time.Time `json:"deletionTimestamp,omitempty"`
-
-	// extraFields is reserved for any fields that are pulled from the API server metadata but do not have concrete fields in the CUE metadata
-	ExtraFields     map[string]any    `json:"extraFields"`
-	Finalizers      []string          `json:"finalizers"`
-	Labels          map[string]string `json:"labels"`
-	ResourceVersion string            `json:"resourceVersion"`
-	Uid             string            `json:"uid"`
-	UpdateTimestamp time.Time         `json:"updateTimestamp"`
-	UpdatedBy       string            `json:"updatedBy"`
-}
-
-// _kubeObjectMetadata is metadata found in a kubernetes object's metadata field.
-// It is not exhaustive and only includes fields which may be relevant to a kind's implementation,
-// As it is also intended to be generic enough to function with any API Server.
-type KubeObjectMetadata struct {
-	CreationTimestamp time.Time         `json:"creationTimestamp"`
-	DeletionTimestamp *time.Time        `json:"deletionTimestamp,omitempty"`
-	Finalizers        []string          `json:"finalizers"`
-	Labels            map[string]string `json:"labels"`
-	ResourceVersion   string            `json:"resourceVersion"`
-	Uid               string            `json:"uid"`
-}

pkg/kinds/rolebinding/rolebinding_spec_gen.go

@@ -1,144 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     GoResourceTypes
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-
-package rolebinding
-
-import (
-	json "encoding/json"
-	errors "errors"
-	fmt "fmt"
-)
-
-type BuiltinRoleRef struct {
-	Kind string             `json:"kind"`
-	Name BuiltinRoleRefName `json:"name"`
-}
-
-// NewBuiltinRoleRef creates a new BuiltinRoleRef object.
-func NewBuiltinRoleRef() *BuiltinRoleRef {
-	return &BuiltinRoleRef{
-		Kind: "BuiltinRole",
-	}
-}
-
-type CustomRoleRef struct {
-	Kind string `json:"kind"`
-	Name string `json:"name"`
-}
-
-// NewCustomRoleRef creates a new CustomRoleRef object.
-func NewCustomRoleRef() *CustomRoleRef {
-	return &CustomRoleRef{
-		Kind: "Role",
-	}
-}
-
-type RoleBindingSubject struct {
-	Kind RoleBindingSubjectKind `json:"kind"`
-	// The team/user identifier name
-	Name string `json:"name"`
-}
-
-// NewRoleBindingSubject creates a new RoleBindingSubject object.
-func NewRoleBindingSubject() *RoleBindingSubject {
-	return &RoleBindingSubject{}
-}
-
-type Spec struct {
-	// The role we are discussing
-	Role BuiltinRoleRefOrCustomRoleRef `json:"role"`
-	// The team or user that has the specified role
-	Subject RoleBindingSubject `json:"subject"`
-}
-
-// NewSpec creates a new Spec object.
-func NewSpec() *Spec {
-	return &Spec{
-		Role:    *NewBuiltinRoleRefOrCustomRoleRef(),
-		Subject: *NewRoleBindingSubject(),
-	}
-}
-
-type BuiltinRoleRefName string
-
-const (
-	BuiltinRoleRefNameViewer BuiltinRoleRefName = "viewer"
-	BuiltinRoleRefNameEditor BuiltinRoleRefName = "editor"
-	BuiltinRoleRefNameAdmin  BuiltinRoleRefName = "admin"
-)
-
-type RoleBindingSubjectKind string
-
-const (
-	RoleBindingSubjectKindTeam RoleBindingSubjectKind = "Team"
-	RoleBindingSubjectKindUser RoleBindingSubjectKind = "User"
-)
-
-type BuiltinRoleRefOrCustomRoleRef struct {
-	BuiltinRoleRef *BuiltinRoleRef `json:"BuiltinRoleRef,omitempty"`
-	CustomRoleRef  *CustomRoleRef  `json:"CustomRoleRef,omitempty"`
-}
-
-// NewBuiltinRoleRefOrCustomRoleRef creates a new BuiltinRoleRefOrCustomRoleRef object.
-func NewBuiltinRoleRefOrCustomRoleRef() *BuiltinRoleRefOrCustomRoleRef {
-	return &BuiltinRoleRefOrCustomRoleRef{}
-}
-
-// MarshalJSON implements a custom JSON marshalling logic to encode `BuiltinRoleRefOrCustomRoleRef` as JSON.
-func (resource BuiltinRoleRefOrCustomRoleRef) MarshalJSON() ([]byte, error) {
-	if resource.BuiltinRoleRef != nil {
-		return json.Marshal(resource.BuiltinRoleRef)
-	}
-	if resource.CustomRoleRef != nil {
-		return json.Marshal(resource.CustomRoleRef)
-	}
-
-	return nil, fmt.Errorf("no value for disjunction of refs")
-}
-
-// UnmarshalJSON implements a custom JSON unmarshalling logic to decode `BuiltinRoleRefOrCustomRoleRef` from JSON.
-func (resource *BuiltinRoleRefOrCustomRoleRef) UnmarshalJSON(raw []byte) error {
-	if raw == nil {
-		return nil
-	}
-
-	// FIXME: this is wasteful, we need to find a more efficient way to unmarshal this.
-	parsedAsMap := make(map[string]any)
-	if err := json.Unmarshal(raw, &parsedAsMap); err != nil {
-		return err
-	}
-
-	discriminator, found := parsedAsMap["kind"]
-	if !found {
-		return errors.New("discriminator field 'kind' not found in payload")
-	}
-
-	switch discriminator {
-	case "BuiltinRole":
-		var builtinRoleRef BuiltinRoleRef
-		if err := json.Unmarshal(raw, &builtinRoleRef); err != nil {
-			return err
-		}
-
-		resource.BuiltinRoleRef = &builtinRoleRef
-		return nil
-	case "Role":
-		var customRoleRef CustomRoleRef
-		if err := json.Unmarshal(raw, &customRoleRef); err != nil {
-			return err
-		}
-
-		resource.CustomRoleRef = &customRoleRef
-		return nil
-	}
-
-	return fmt.Errorf("could not unmarshal resource with `kind = %v`", discriminator)
-}

pkg/kinds/rolebinding/rolebinding_status_gen.go

@@ -1,74 +0,0 @@
-// Code generated - EDITING IS FUTILE. DO NOT EDIT.
-//
-// Generated by:
-//     kinds/gen.go
-// Using jennies:
-//     K8ResourcesJenny
-//
-// Run 'make gen-cue' from repository root to regenerate.
-
-package rolebinding
-
-// Defines values for OperatorStateState.
-const (
-	OperatorStateStateFailed     OperatorStateState = "failed"
-	OperatorStateStateInProgress OperatorStateState = "in_progress"
-	OperatorStateStateSuccess    OperatorStateState = "success"
-)
-
-// Defines values for StatusOperatorStateState.
-const (
-	StatusOperatorStateStateFailed     StatusOperatorStateState = "failed"
-	StatusOperatorStateStateInProgress StatusOperatorStateState = "in_progress"
-	StatusOperatorStateStateSuccess    StatusOperatorStateState = "success"
-)
-
-// OperatorState defines model for OperatorState.
-type OperatorState struct {
-	// descriptiveState is an optional more descriptive state field which has no requirements on format
-	DescriptiveState *string `json:"descriptiveState,omitempty"`
-
-	// details contains any extra information that is operator-specific
-	Details map[string]any `json:"details,omitempty"`
-
-	// lastEvaluation is the ResourceVersion last evaluated
-	LastEvaluation string `json:"lastEvaluation"`
-
-	// state describes the state of the lastEvaluation.
-	// It is limited to three possible states for machine evaluation.
-	State OperatorStateState `json:"state"`
-}
-
-// OperatorStateState state describes the state of the lastEvaluation.
-// It is limited to three possible states for machine evaluation.
-type OperatorStateState string
-
-// Status defines model for Status.
-type Status struct {
-	// additionalFields is reserved for future use
-	AdditionalFields map[string]any `json:"additionalFields,omitempty"`
-
-	// operatorStates is a map of operator ID to operator state evaluations.
-	// Any operator which consumes this kind SHOULD add its state evaluation information to this field.
-	OperatorStates map[string]StatusOperatorState `json:"operatorStates,omitempty"`
-}
-
-// StatusOperatorState defines model for status.#OperatorState.
-type StatusOperatorState struct {
-	// descriptiveState is an optional more descriptive state field which has no requirements on format
-	DescriptiveState *string `json:"descriptiveState,omitempty"`
-
-	// details contains any extra information that is operator-specific
-	Details map[string]any `json:"details,omitempty"`
-
-	// lastEvaluation is the ResourceVersion last evaluated
-	LastEvaluation string `json:"lastEvaluation"`
-
-	// state describes the state of the lastEvaluation.
-	// It is limited to three possible states for machine evaluation.
-	State StatusOperatorStateState `json:"state"`
-}
-
-// StatusOperatorStateState state describes the state of the lastEvaluation.
-// It is limited to three possible states for machine evaluation.
-type StatusOperatorStateState string

pkg/registry/schemas/core_kind.go

@@ -30,15 +30,6 @@ func GetCoreKinds() ([]CoreKind, error) {
 	_, caller, _, _ := runtime.Caller(0)
 	root := filepath.Join(caller, "../../../..")
 
-	accesspolicyCue, err := loadCueFile(ctx, filepath.Join(root, "./kinds/accesspolicy/access_policy_kind.cue"))
-	if err != nil {
-		return nil, err
-	}
-	kinds = append(kinds, CoreKind{
-		Name:    "accesspolicy",
-		CueFile: accesspolicyCue,
-	})
-
 	dashboardCue, err := loadCueFile(ctx, filepath.Join(root, "./kinds/dashboard/dashboard_kind.cue"))
 	if err != nil {
 		return nil, err
@@ -75,24 +66,6 @@ func GetCoreKinds() ([]CoreKind, error) {
 		CueFile: publicdashboardCue,
 	})
 
-	roleCue, err := loadCueFile(ctx, filepath.Join(root, "./kinds/role/role_kind.cue"))
-	if err != nil {
-		return nil, err
-	}
-	kinds = append(kinds, CoreKind{
-		Name:    "role",
-		CueFile: roleCue,
-	})
-
-	rolebindingCue, err := loadCueFile(ctx, filepath.Join(root, "./kinds/rolebinding/role_binding_kind.cue"))
-	if err != nil {
-		return nil, err
-	}
-	kinds = append(kinds, CoreKind{
-		Name:    "rolebinding",
-		CueFile: rolebindingCue,
-	})
-
 	return kinds, nil
 }