diff --git a/charts/manager/crds/greenhouse.sap_plugins.yaml b/charts/manager/crds/greenhouse.sap_plugins.yaml
index f58f9a1c5..e12c835e2 100644
--- a/charts/manager/crds/greenhouse.sap_plugins.yaml
+++ b/charts/manager/crds/greenhouse.sap_plugins.yaml
@@ -185,6 +185,10 @@ spec:
HelmReleaseStatus reflects the status of the latest HelmChart release.
This is only configured if the pluginDefinition is backed by HelmChart.
properties:
+ diff:
+ description: Diff contains the difference between the deployed
+ helm chart and the helm chart in the last reconciliation
+ type: string
firstDeployed:
description: FirstDeployed is the timestamp of the first deployment
of the release.
diff --git a/docs/reference/api/index.html b/docs/reference/api/index.html
index d693872bb..e34f8c91c 100644
--- a/docs/reference/api/index.html
+++ b/docs/reference/api/index.html
@@ -1131,6 +1131,17 @@ HelmReleaseStatus
PluginOptionChecksum is the checksum of plugin option values.
+
+
+diff
+
+string
+
+ |
+
+ Diff contains the difference between the deployed helm chart and the helm chart in the last reconciliation
+ |
+
diff --git a/docs/reference/api/openapi.yaml b/docs/reference/api/openapi.yaml
index f5ae5faeb..dfeefca59 100755
--- a/docs/reference/api/openapi.yaml
+++ b/docs/reference/api/openapi.yaml
@@ -4,64 +4,64 @@ info:
version: main
description: PlusOne operations platform
paths:
- /ClusterKubeconfig:
+ /Team:
post:
responses:
default:
- description: ClusterKubeconfig
- /PluginDefinition:
+ description: Team
+ /TeamRole:
post:
responses:
default:
- description: PluginDefinition
- /Plugin:
+ description: TeamRole
+ /TeamMembership:
post:
responses:
default:
- description: Plugin
- /Team:
+ description: TeamMembership
+ /Organization:
post:
responses:
default:
- description: Team
- /TeamMembership:
+ description: Organization
+ /Cluster:
post:
responses:
default:
- description: TeamMembership
- /TeamRoleBinding:
+ description: Cluster
+ /Plugin:
post:
responses:
default:
- description: TeamRoleBinding
- /Organization:
+ description: Plugin
+ /PluginDefinition:
post:
responses:
default:
- description: Organization
- /PluginPreset:
+ description: PluginDefinition
+ /ClusterKubeconfig:
post:
responses:
default:
- description: PluginPreset
- /TeamRole:
+ description: ClusterKubeconfig
+ /TeamRoleBinding:
post:
responses:
default:
- description: TeamRole
- /Cluster:
+ description: TeamRoleBinding
+ /PluginPreset:
post:
responses:
default:
- description: Cluster
+ description: PluginPreset
components:
schemas:
- ClusterKubeconfig:
+ Team:
xml:
name: greenhouse.sap
namespace: v1alpha1
- title: ClusterKubeconfig
- description: ClusterKubeconfig is the Schema for the clusterkubeconfigs API\nObjectMeta.OwnerReferences is used to link the ClusterKubeconfig to the Cluster\nObjectMeta.Generation is used to detect changes in the ClusterKubeconfig and sync local kubeconfig files\nObjectMeta.Name is designed to be the same with the Cluster name
+ title: Team
+ description: Team is the Schema for the teams API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -72,92 +72,44 @@ components:
metadata:
type: object
spec:
- description: ClusterKubeconfigSpec stores the kubeconfig data for the cluster\nThe idea is to use kubeconfig data locally with minimum effort (with local tools or plain kubectl):\nkubectl get cluster-kubeconfig $NAME -o yaml | yq -y .spec.kubeconfig
+ description: TeamSpec defines the desired state of Team
properties:
- kubeconfig:
- description: 'ClusterKubeconfigData stores the kubeconfig data ready to use kubectl or other local tooling\nIt is a simplified version of clientcmdapi.Config: https://pkg.go.dev/k8s.io/client-go/tools/clientcmd/api#Config'
- properties:
- apiVersion:
- type: string
- clusters:
- items:
- properties:
- cluster:
- properties:
- certificate-authority-data:
- format: byte
- type: string
- server:
- type: string
- type: object
- name:
- type: string
- required:
- - cluster
- - name
- type: object
- type: array
- contexts:
- items:
- properties:
- context:
- properties:
- cluster:
- type: string
- namespace:
- type: string
- user:
- type: string
- required:
- - cluster
- - user
- type: object
- name:
- type: string
- required:
- - name
- type: object
- type: array
- current-context:
- type: string
- kind:
- type: string
- preferences:
- type: object
- users:
- items:
- properties:
- name:
- type: string
- user:
- properties:
- auth-provider:
- description: AuthProviderConfig holds the configuration for a specified auth provider.
- properties:
- config:
- additionalProperties:
- type: string
- type: object
- name:
- type: string
- required:
- - name
- type: object
- client-certificate-data:
- format: byte
- type: string
- client-key-data:
- format: byte
- type: string
- type: object
- required:
- - name
- type: object
- type: array
- type: object
+ description:
+ description: Description provides additional details of the team.
+ type: string
+ joinUrl:
+ description: URL to join the IdP group.
+ type: string
+ mappedIdPGroup:
+ description: IdP group id matching team.
+ type: string
type: object
status:
+ description: TeamStatus defines the observed state of Team
properties:
+ members:
+ items:
+ description: User specifies a human person.
+ properties:
+ email:
+ description: Email of the user.
+ type: string
+ firstName:
+ description: FirstName of the user.
+ type: string
+ id:
+ description: ID is the unique identifier of the user.
+ type: string
+ lastName:
+ description: LastName of the user.
+ type: string
+ required:
+ - email
+ - firstName
+ - id
+ - lastName
+ type: object
+ type: array
statusConditions:
description: A StatusConditions contains a list of conditions.\nOnly one condition of a given type may exist in the list.
properties:
@@ -191,14 +143,16 @@ components:
- type
x-kubernetes-list-type: map
type: object
+ required:
+ - statusConditions
type: object
type: object
- PluginDefinition:
+ TeamRole:
xml:
name: greenhouse.sap
namespace: v1alpha1
- title: PluginDefinition
- description: PluginDefinition is the Schema for the PluginDefinitions API
+ title: TeamRole
+ description: TeamRole is the Schema for the TeamRoles API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -209,103 +163,464 @@ components:
metadata:
type: object
spec:
- description: PluginDefinitionSpec defines the desired state of PluginDefinitionSpec
+ description: TeamRoleSpec defines the desired state of a TeamRole
properties:
- description:
- description: Description provides additional details of the pluginDefinition.
- type: string
- displayName:
- description: DisplayName provides a human-readable label for the pluginDefinition.
- type: string
- docMarkDownUrl:
- description: DocMarkDownUrl specifies the URL to the markdown documentation file for this plugin.\nSource needs to allow all CORS origins.
- type: string
- helmChart:
- description: HelmChart specifies where the Helm Chart for this pluginDefinition can be found.
+ aggregationRule:
+ description: AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole on the remote cluster
properties:
- name:
- description: Name of the HelmChart chart.
- type: string
- repository:
- description: Repository of the HelmChart chart.
- type: string
- version:
- description: Version of the HelmChart chart.
- type: string
- required:
- - name
- - repository
- - version
+ clusterRoleSelectors:
+ description: ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.\nIf any of the selectors match, then the ClusterRole's permissions will be added
+ items:
+ description: A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is "key", the\noperator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ x-kubernetes-list-type: atomic
type: object
- icon:
- description: 'Icon specifies the icon to be used for this plugin in the Greenhouse UI.\nIcons can be either:\n- A string representing a juno icon in camel case from this list: https://github.com/sapcc/juno/blob/main/libs/juno-ui-components/src/components/Icon/Icon.component.js#L6-L52\n- A publicly accessible image reference to a .png file. Will be displayed 100x100px'
- type: string
- options:
- description: RequiredValues is a list of values required to create an instance of this PluginDefinition.
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels are applied to the ClusterRole created on the remote cluster.\nThis allows using TeamRoles as part of AggregationRules by other TeamRoles
+ type: object
+ rules:
+ description: Rules is a list of rbacv1.PolicyRules used on a managed RBAC (Cluster)Role
items:
+ description: PolicyRule holds information that describes a policy rule, but does not contain information\nabout who the rule applies to or which namespace the rule applies to.
properties:
- default:
- description: Default provides a default value for the option
- x-kubernetes-preserve-unknown-fields: true
- description:
- description: Description provides a human-readable text for the value as shown in the UI.
- type: string
- displayName:
- description: DisplayName provides a human-readable label for the configuration option
+ apiGroups:
+ description: APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of\nthe enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ nonResourceURLs:
+ description: NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ resourceNames:
+ description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ description: Resources is a list of resources this rule applies to. '*' represents all resources.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ verbs:
+ description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ required:
+ - verbs
+ type: object
+ type: array
+ type: object
+ status:
+ description: TeamRoleStatus defines the observed state of a TeamRole
+ type: object
+ type: object
+ TeamMembership:
+ xml:
+ name: greenhouse.sap
+ namespace: v1alpha1
+ title: TeamMembership
+ description: TeamMembership is the Schema for the teammemberships API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TeamMembershipSpec defines the desired state of TeamMembership
+ properties:
+ members:
+ description: Members list users that are part of a team.
+ items:
+ description: User specifies a human person.
+ properties:
+ email:
+ description: Email of the user.
type: string
- name:
- description: Name/Key of the config option.
+ firstName:
+ description: FirstName of the user.
type: string
- regex:
- description: Regex specifies a match rule for validating configuration options.
+ id:
+ description: ID is the unique identifier of the user.
type: string
- required:
- description: Required indicates that this config option is required
- type: boolean
- type:
- description: Type of this configuration option.
- enum:
- - string
- - secret
- - bool
- - int
- - list
- - map
+ lastName:
+ description: LastName of the user.
type: string
required:
- - name
- - required
- - type
+ - email
+ - firstName
+ - id
+ - lastName
type: object
type: array
- uiApplication:
- description: UIApplication specifies a reference to a UI application
+ type: object
+ status:
+ description: TeamMembershipStatus defines the observed state of TeamMembership
+ properties:
+ lastSyncedTime:
+ description: LastSyncedTime is the information when was the last time the membership was synced
+ format: date-time
+ type: string
+ lastUpdateTime:
+ description: LastChangedTime is the information when was the last time the membership was actually changed
+ format: date-time
+ type: string
+ statusConditions:
+ description: StatusConditions contain the different conditions that constitute the status of the TeamMembership.
properties:
- name:
- description: Name of the UI application.
- type: string
- url:
- description: URL specifies the url to a built javascript asset.\nBy default, assets are loaded from the Juno asset server using the provided name and version.
- type: string
- version:
- description: Version of the frontend application.
- type: string
- required:
- - name
- - version
+ conditions:
+ items:
+ description: Condition contains additional information on the state of a resource.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition transitioned from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Message is an optional human readable message indicating details about the last transition.
+ type: string
+ reason:
+ description: Reason is a one-word, CamelCase reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition.
+ type: string
+ type:
+ description: Type of the condition.
+ type: string
+ required:
+ - lastTransitionTime
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ type: object
+ type: object
+ type: object
+ Organization:
+ xml:
+ name: greenhouse.sap
+ namespace: v1alpha1
+ title: Organization
+ description: Organization is the Schema for the organizations API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: OrganizationSpec defines the desired state of Organization
+ properties:
+ authentication:
+ description: Authentication configures the organizations authentication mechanism.
+ properties:
+ oidc:
+ description: OIDConfig configures the OIDC provider.
+ properties:
+ clientIDReference:
+ description: ClientIDReference references the Kubernetes secret containing the client id.
+ properties:
+ key:
+ description: Key in the secret to select the value from.
+ type: string
+ name:
+ description: Name of the secret in the same namespace.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ clientSecretReference:
+ description: ClientSecretReference references the Kubernetes secret containing the client secret.
+ properties:
+ key:
+ description: Key in the secret to select the value from.
+ type: string
+ name:
+ description: Name of the secret in the same namespace.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ issuer:
+ description: Issuer is the URL of the identity service.
+ type: string
+ redirectURI:
+ description: RedirectURI is the redirect URI.\nIf none is specified, the Greenhouse ID proxy will be used.
+ type: string
+ required:
+ - clientIDReference
+ - clientSecretReference
+ - issuer
+ type: object
+ scim:
+ description: SCIMConfig configures the SCIM client.
+ properties:
+ baseURL:
+ description: URL to the SCIM server.
+ type: string
+ basicAuthPw:
+ description: Password to be used for basic authentication.
+ properties:
+ secret:
+ description: Secret references the secret containing the value.
+ properties:
+ key:
+ description: Key in the secret to select the value from.
+ type: string
+ name:
+ description: Name of the secret in the same namespace.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ type: object
+ basicAuthUser:
+ description: User to be used for basic authentication.
+ properties:
+ secret:
+ description: Secret references the secret containing the value.
+ properties:
+ key:
+ description: Key in the secret to select the value from.
+ type: string
+ name:
+ description: Name of the secret in the same namespace.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ type: object
+ required:
+ - baseURL
+ - basicAuthPw
+ - basicAuthUser
+ type: object
+ type: object
+ description:
+ description: Description provides additional details of the organization.
+ type: string
+ displayName:
+ description: DisplayName is an optional name for the organization to be displayed in the Greenhouse UI.\nDefaults to a normalized version of metadata.name.
+ type: string
+ mappedOrgAdminIdPGroup:
+ description: MappedOrgAdminIDPGroup is the IDP group ID identifying org admins
+ type: string
+ type: object
+ status:
+ description: OrganizationStatus defines the observed state of an Organization
+ properties:
+ statusConditions:
+ description: StatusConditions contain the different conditions that constitute the status of the Organization.
+ properties:
+ conditions:
+ items:
+ description: Condition contains additional information on the state of a resource.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition transitioned from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Message is an optional human readable message indicating details about the last transition.
+ type: string
+ reason:
+ description: Reason is a one-word, CamelCase reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition.
+ type: string
+ type:
+ description: Type of the condition.
+ type: string
+ required:
+ - lastTransitionTime
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ type: object
+ type: object
+ type: object
+ Cluster:
+ xml:
+ name: greenhouse.sap
+ namespace: v1alpha1
+ title: Cluster
+ description: Cluster is the Schema for the clusters API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ClusterSpec defines the desired state of the Cluster.
+ properties:
+ accessMode:
+ description: AccessMode configures how the cluster is accessed from the Greenhouse operator.
+ enum:
+ - direct
+ type: string
+ kubeConfig:
+ description: KubeConfig contains specific values for `KubeConfig` for the cluster.
+ properties:
+ maxTokenValidity:
+ default: 72
+ description: MaxTokenValidity specifies the maximum duration for which a token remains valid in hours.
+ format: int32
+ maximum: 72
+ minimum: 24
+ type: integer
+ type: object
+ required:
+ - accessMode
+ type: object
+ status:
+ description: ClusterStatus defines the observed state of Cluster
+ properties:
+ bearerTokenExpirationTimestamp:
+ description: BearerTokenExpirationTimestamp reflects the expiration timestamp of the bearer token used to access the cluster.
+ format: date-time
+ type: string
+ kubernetesVersion:
+ description: KubernetesVersion reflects the detected Kubernetes version of the cluster.
+ type: string
+ nodes:
+ additionalProperties:
+ properties:
+ ready:
+ description: Fast track to the node ready condition.
+ type: boolean
+ statusConditions:
+ description: We mirror the node conditions here for faster reference
+ properties:
+ conditions:
+ items:
+ description: Condition contains additional information on the state of a resource.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition transitioned from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Message is an optional human readable message indicating details about the last transition.
+ type: string
+ reason:
+ description: Reason is a one-word, CamelCase reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition.
+ type: string
+ type:
+ description: Type of the condition.
+ type: string
+ required:
+ - lastTransitionTime
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ type: object
+ type: object
+ description: Nodes provides a map of cluster node names to node statuses
+ type: object
+ statusConditions:
+ description: StatusConditions contain the different conditions that constitute the status of the Cluster.
+ properties:
+ conditions:
+ items:
+ description: Condition contains additional information on the state of a resource.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition transitioned from one status to another.
+ format: date-time
+ type: string
+ message:
+ description: Message is an optional human readable message indicating details about the last transition.
+ type: string
+ reason:
+ description: Reason is a one-word, CamelCase reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition.
+ type: string
+ type:
+ description: Type of the condition.
+ type: string
+ required:
+ - lastTransitionTime
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
type: object
- version:
- description: Version of this pluginDefinition
- type: string
- weight:
- description: Weight configures the order in which Plugins are shown in the Greenhouse UI.\nDefaults to alphabetical sorting if not provided or on conflict.
- format: int32
- type: integer
- required:
- - version
- type: object
- status:
- description: PluginDefinitionStatus defines the observed state of PluginDefinition
type: object
type: object
Plugin:
@@ -427,6 +742,9 @@ components:
helmReleaseStatus:
description: HelmReleaseStatus reflects the status of the latest HelmChart release.\nThis is only configured if the pluginDefinition is backed by HelmChart.
properties:
+ diff:
+ description: Diff contains the difference between the deployed helm chart and the helm chart in the last reconciliation
+ type: string
firstDeployed:
description: FirstDeployed is the timestamp of the first deployment of the release.
format: date-time
@@ -502,12 +820,12 @@ components:
type: integer
type: object
type: object
- Team:
+ PluginDefinition:
xml:
name: greenhouse.sap
namespace: v1alpha1
- title: Team
- description: Team is the Schema for the teams API
+ title: PluginDefinition
+ description: PluginDefinition is the Schema for the PluginDefinitions API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
@@ -518,137 +836,209 @@ components:
metadata:
type: object
spec:
- description: TeamSpec defines the desired state of Team
+ description: PluginDefinitionSpec defines the desired state of PluginDefinitionSpec
properties:
description:
- description: Description provides additional details of the team.
+ description: Description provides additional details of the pluginDefinition.
type: string
- joinUrl:
- description: URL to join the IdP group.
+ displayName:
+ description: DisplayName provides a human-readable label for the pluginDefinition.
type: string
- mappedIdPGroup:
- description: IdP group id matching team.
+ docMarkDownUrl:
+ description: DocMarkDownUrl specifies the URL to the markdown documentation file for this plugin.\nSource needs to allow all CORS origins.
type: string
- type: object
- status:
- description: TeamStatus defines the observed state of Team
- properties:
- members:
+ helmChart:
+ description: HelmChart specifies where the Helm Chart for this pluginDefinition can be found.
+ properties:
+ name:
+ description: Name of the HelmChart chart.
+ type: string
+ repository:
+ description: Repository of the HelmChart chart.
+ type: string
+ version:
+ description: Version of the HelmChart chart.
+ type: string
+ required:
+ - name
+ - repository
+ - version
+ type: object
+ icon:
+ description: 'Icon specifies the icon to be used for this plugin in the Greenhouse UI.\nIcons can be either:\n- A string representing a juno icon in camel case from this list: https://github.com/sapcc/juno/blob/main/libs/juno-ui-components/src/components/Icon/Icon.component.js#L6-L52\n- A publicly accessible image reference to a .png file. Will be displayed 100x100px'
+ type: string
+ options:
+ description: RequiredValues is a list of values required to create an instance of this PluginDefinition.
items:
- description: User specifies a human person.
properties:
- email:
- description: Email of the user.
+ default:
+ description: Default provides a default value for the option
+ x-kubernetes-preserve-unknown-fields: true
+ description:
+ description: Description provides a human-readable text for the value as shown in the UI.
type: string
- firstName:
- description: FirstName of the user.
+ displayName:
+ description: DisplayName provides a human-readable label for the configuration option
type: string
- id:
- description: ID is the unique identifier of the user.
+ name:
+ description: Name/Key of the config option.
type: string
- lastName:
- description: LastName of the user.
+ regex:
+ description: Regex specifies a match rule for validating configuration options.
+ type: string
+ required:
+ description: Required indicates that this config option is required
+ type: boolean
+ type:
+ description: Type of this configuration option.
+ enum:
+ - string
+ - secret
+ - bool
+ - int
+ - list
+ - map
type: string
required:
- - email
- - firstName
- - id
- - lastName
+ - name
+ - required
+ - type
type: object
type: array
- statusConditions:
- description: A StatusConditions contains a list of conditions.\nOnly one condition of a given type may exist in the list.
+ uiApplication:
+ description: UIApplication specifies a reference to a UI application
properties:
- conditions:
+ name:
+ description: Name of the UI application.
+ type: string
+ url:
+ description: URL specifies the url to a built javascript asset.\nBy default, assets are loaded from the Juno asset server using the provided name and version.
+ type: string
+ version:
+ description: Version of the frontend application.
+ type: string
+ required:
+ - name
+ - version
+ type: object
+ version:
+ description: Version of this pluginDefinition
+ type: string
+ weight:
+ description: Weight configures the order in which Plugins are shown in the Greenhouse UI.\nDefaults to alphabetical sorting if not provided or on conflict.
+ format: int32
+ type: integer
+ required:
+ - version
+ type: object
+ status:
+ description: PluginDefinitionStatus defines the observed state of PluginDefinition
+ type: object
+ type: object
+ ClusterKubeconfig:
+ xml:
+ name: greenhouse.sap
+ namespace: v1alpha1
+ title: ClusterKubeconfig
+ description: ClusterKubeconfig is the Schema for the clusterkubeconfigs API\nObjectMeta.OwnerReferences is used to link the ClusterKubeconfig to the Cluster\nObjectMeta.Generation is used to detect changes in the ClusterKubeconfig and sync local kubeconfig files\nObjectMeta.Name is designed to be the same with the Cluster name
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ClusterKubeconfigSpec stores the kubeconfig data for the cluster\nThe idea is to use kubeconfig data locally with minimum effort (with local tools or plain kubectl):\nkubectl get cluster-kubeconfig $NAME -o yaml | yq -y .spec.kubeconfig
+ properties:
+ kubeconfig:
+ description: 'ClusterKubeconfigData stores the kubeconfig data ready to use kubectl or other local tooling\nIt is a simplified version of clientcmdapi.Config: https://pkg.go.dev/k8s.io/client-go/tools/clientcmd/api#Config'
+ properties:
+ apiVersion:
+ type: string
+ clusters:
items:
- description: Condition contains additional information on the state of a resource.
properties:
- lastTransitionTime:
- description: LastTransitionTime is the last time the condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: Message is an optional human readable message indicating details about the last transition.
- type: string
- reason:
- description: Reason is a one-word, CamelCase reason for the condition's last transition.
+ cluster:
+ properties:
+ certificate-authority-data:
+ format: byte
+ type: string
+ server:
+ type: string
+ type: object
+ name:
type: string
- status:
- description: Status of the condition.
+ required:
+ - cluster
+ - name
+ type: object
+ type: array
+ contexts:
+ items:
+ properties:
+ context:
+ properties:
+ cluster:
+ type: string
+ namespace:
+ type: string
+ user:
+ type: string
+ required:
+ - cluster
+ - user
+ type: object
+ name:
type: string
- type:
- description: Type of the condition.
+ required:
+ - name
+ type: object
+ type: array
+ current-context:
+ type: string
+ kind:
+ type: string
+ preferences:
+ type: object
+ users:
+ items:
+ properties:
+ name:
type: string
+ user:
+ properties:
+ auth-provider:
+ description: AuthProviderConfig holds the configuration for a specified auth provider.
+ properties:
+ config:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ client-certificate-data:
+ format: byte
+ type: string
+ client-key-data:
+ format: byte
+ type: string
+ type: object
required:
- - lastTransitionTime
- - status
- - type
+ - name
type: object
type: array
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
type: object
- required:
- - statusConditions
- type: object
- type: object
- TeamMembership:
- xml:
- name: greenhouse.sap
- namespace: v1alpha1
- title: TeamMembership
- description: TeamMembership is the Schema for the teammemberships API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: TeamMembershipSpec defines the desired state of TeamMembership
- properties:
- members:
- description: Members list users that are part of a team.
- items:
- description: User specifies a human person.
- properties:
- email:
- description: Email of the user.
- type: string
- firstName:
- description: FirstName of the user.
- type: string
- id:
- description: ID is the unique identifier of the user.
- type: string
- lastName:
- description: LastName of the user.
- type: string
- required:
- - email
- - firstName
- - id
- - lastName
- type: object
- type: array
type: object
status:
- description: TeamMembershipStatus defines the observed state of TeamMembership
properties:
- lastSyncedTime:
- description: LastSyncedTime is the information when was the last time the membership was synced
- format: date-time
- type: string
- lastUpdateTime:
- description: LastChangedTime is the information when was the last time the membership was actually changed
- format: date-time
- type: string
statusConditions:
- description: StatusConditions contain the different conditions that constitute the status of the TeamMembership.
+ description: A StatusConditions contains a list of conditions.\nOnly one condition of a given type may exist in the list.
properties:
conditions:
items:
@@ -768,185 +1158,30 @@ components:
type: string
message:
description: Message is an optional human readable message indicating details about the last transition.
- type: string
- reason:
- description: Reason is a one-word, CamelCase reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition.
- type: string
- type:
- description: Type of the condition.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- required:
- - clusterName
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - clusterName
- x-kubernetes-list-type: map
- statusConditions:
- description: StatusConditions contain the different conditions that constitute the status of the TeamRoleBinding.
- properties:
- conditions:
- items:
- description: Condition contains additional information on the state of a resource.
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the last time the condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: Message is an optional human readable message indicating details about the last transition.
- type: string
- reason:
- description: Reason is a one-word, CamelCase reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition.
- type: string
- type:
- description: Type of the condition.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- type: object
- type: object
- type: object
- Organization:
- xml:
- name: greenhouse.sap
- namespace: v1alpha1
- title: Organization
- description: Organization is the Schema for the organizations API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OrganizationSpec defines the desired state of Organization
- properties:
- authentication:
- description: Authentication configures the organizations authentication mechanism.
- properties:
- oidc:
- description: OIDConfig configures the OIDC provider.
- properties:
- clientIDReference:
- description: ClientIDReference references the Kubernetes secret containing the client id.
- properties:
- key:
- description: Key in the secret to select the value from.
- type: string
- name:
- description: Name of the secret in the same namespace.
- type: string
- required:
- - key
- - name
- type: object
- clientSecretReference:
- description: ClientSecretReference references the Kubernetes secret containing the client secret.
- properties:
- key:
- description: Key in the secret to select the value from.
- type: string
- name:
- description: Name of the secret in the same namespace.
- type: string
- required:
- - key
- - name
- type: object
- issuer:
- description: Issuer is the URL of the identity service.
- type: string
- redirectURI:
- description: RedirectURI is the redirect URI.\nIf none is specified, the Greenhouse ID proxy will be used.
- type: string
- required:
- - clientIDReference
- - clientSecretReference
- - issuer
- type: object
- scim:
- description: SCIMConfig configures the SCIM client.
- properties:
- baseURL:
- description: URL to the SCIM server.
- type: string
- basicAuthPw:
- description: Password to be used for basic authentication.
- properties:
- secret:
- description: Secret references the secret containing the value.
- properties:
- key:
- description: Key in the secret to select the value from.
- type: string
- name:
- description: Name of the secret in the same namespace.
- type: string
- required:
- - key
- - name
- type: object
- type: object
- basicAuthUser:
- description: User to be used for basic authentication.
- properties:
- secret:
- description: Secret references the secret containing the value.
- properties:
- key:
- description: Key in the secret to select the value from.
- type: string
- name:
- description: Name of the secret in the same namespace.
- type: string
- required:
- - key
- - name
- type: object
- type: object
- required:
- - baseURL
- - basicAuthPw
- - basicAuthUser
- type: object
- type: object
- description:
- description: Description provides additional details of the organization.
- type: string
- displayName:
- description: DisplayName is an optional name for the organization to be displayed in the Greenhouse UI.\nDefaults to a normalized version of metadata.name.
- type: string
- mappedOrgAdminIdPGroup:
- description: MappedOrgAdminIDPGroup is the IDP group ID identifying org admins
- type: string
- type: object
- status:
- description: OrganizationStatus defines the observed state of an Organization
- properties:
+ type: string
+ reason:
+ description: Reason is a one-word, CamelCase reason for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition.
+ type: string
+ type:
+ description: Type of the condition.
+ type: string
+ required:
+ - lastTransitionTime
+ - status
+ - type
+ type: object
+ required:
+ - clusterName
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - clusterName
+ x-kubernetes-list-type: map
statusConditions:
- description: StatusConditions contain the different conditions that constitute the status of the Organization.
+ description: StatusConditions contain the different conditions that constitute the status of the TeamRoleBinding.
properties:
conditions:
items:
@@ -1170,235 +1405,3 @@ components:
type: object
type: object
type: object
- TeamRole:
- xml:
- name: greenhouse.sap
- namespace: v1alpha1
- title: TeamRole
- description: TeamRole is the Schema for the TeamRoles API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: TeamRoleSpec defines the desired state of a TeamRole
- properties:
- aggregationRule:
- description: AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole on the remote cluster
- properties:
- clusterRoleSelectors:
- description: ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.\nIf any of the selectors match, then the ClusterRole's permissions will be added
- items:
- description: A label selector is a label query over a set of resources. The result of matchLabels and\nmatchExpressions are ANDed. An empty label selector matches all objects. A null\nlabel selector matches no objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- required:
- - key
- - operator
- type: object
- type: array
- x-kubernetes-list-type: atomic
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is "key", the\noperator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- type: array
- x-kubernetes-list-type: atomic
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels are applied to the ClusterRole created on the remote cluster.\nThis allows using TeamRoles as part of AggregationRules by other TeamRoles
- type: object
- rules:
- description: Rules is a list of rbacv1.PolicyRules used on a managed RBAC (Cluster)Role
- items:
- description: PolicyRule holds information that describes a policy rule, but does not contain information\nabout who the rule applies to or which namespace the rule applies to.
- properties:
- apiGroups:
- description: APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of\nthe enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- nonResourceURLs:
- description: NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path\nSince non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.\nRules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- resourceNames:
- description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- resources:
- description: Resources is a list of resources this rule applies to. '*' represents all resources.
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- verbs:
- description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
- items:
- type: string
- type: array
- x-kubernetes-list-type: atomic
- required:
- - verbs
- type: object
- type: array
- type: object
- status:
- description: TeamRoleStatus defines the observed state of a TeamRole
- type: object
- type: object
- Cluster:
- xml:
- name: greenhouse.sap
- namespace: v1alpha1
- title: Cluster
- description: Cluster is the Schema for the clusters API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterSpec defines the desired state of the Cluster.
- properties:
- accessMode:
- description: AccessMode configures how the cluster is accessed from the Greenhouse operator.
- enum:
- - direct
- type: string
- kubeConfig:
- description: KubeConfig contains specific values for `KubeConfig` for the cluster.
- properties:
- maxTokenValidity:
- default: 72
- description: MaxTokenValidity specifies the maximum duration for which a token remains valid in hours.
- format: int32
- maximum: 72
- minimum: 24
- type: integer
- type: object
- required:
- - accessMode
- type: object
- status:
- description: ClusterStatus defines the observed state of Cluster
- properties:
- bearerTokenExpirationTimestamp:
- description: BearerTokenExpirationTimestamp reflects the expiration timestamp of the bearer token used to access the cluster.
- format: date-time
- type: string
- kubernetesVersion:
- description: KubernetesVersion reflects the detected Kubernetes version of the cluster.
- type: string
- nodes:
- additionalProperties:
- properties:
- ready:
- description: Fast track to the node ready condition.
- type: boolean
- statusConditions:
- description: We mirror the node conditions here for faster reference
- properties:
- conditions:
- items:
- description: Condition contains additional information on the state of a resource.
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the last time the condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: Message is an optional human readable message indicating details about the last transition.
- type: string
- reason:
- description: Reason is a one-word, CamelCase reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition.
- type: string
- type:
- description: Type of the condition.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- type: object
- type: object
- description: Nodes provides a map of cluster node names to node statuses
- type: object
- statusConditions:
- description: StatusConditions contain the different conditions that constitute the status of the Cluster.
- properties:
- conditions:
- items:
- description: Condition contains additional information on the state of a resource.
- properties:
- lastTransitionTime:
- description: LastTransitionTime is the last time the condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: Message is an optional human readable message indicating details about the last transition.
- type: string
- reason:
- description: Reason is a one-word, CamelCase reason for the condition's last transition.
- type: string
- status:
- description: Status of the condition.
- type: string
- type:
- description: Type of the condition.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- type: object
- type: object
- type: object
diff --git a/e2e/plugin/e2e_test.go b/e2e/plugin/e2e_test.go
index cf047d6f4..544142dfc 100644
--- a/e2e/plugin/e2e_test.go
+++ b/e2e/plugin/e2e_test.go
@@ -147,6 +147,14 @@ var _ = Describe("Plugin E2E", Ordered, func() {
g.Expect(err).NotTo(HaveOccurred())
}).Should(Succeed())
+ By("Check the diff status")
+ Eventually(func(g Gomega) {
+ err = adminClient.Get(ctx, client.ObjectKey{Name: testPlugin.Name, Namespace: env.TestNamespace}, testPlugin)
+ g.Expect(err).NotTo(HaveOccurred())
+ g.Expect(testPlugin.Status.HelmReleaseStatus).ToNot(BeNil())
+ g.Expect(len(testPlugin.Status.HelmReleaseStatus.Diff) > 0).To(BeTrue())
+ }).Should(Succeed())
+
By("Check replicas in deployment list")
Eventually(func(g Gomega) {
err = remoteClient.List(ctx, deploymentList, client.InNamespace(env.TestNamespace))
diff --git a/pkg/apis/greenhouse/v1alpha1/plugin_types.go b/pkg/apis/greenhouse/v1alpha1/plugin_types.go
index 3a38e8cc7..5b27053cd 100644
--- a/pkg/apis/greenhouse/v1alpha1/plugin_types.go
+++ b/pkg/apis/greenhouse/v1alpha1/plugin_types.go
@@ -128,6 +128,8 @@ type HelmReleaseStatus struct {
LastDeployed metav1.Time `json:"lastDeployed,omitempty"`
// PluginOptionChecksum is the checksum of plugin option values.
PluginOptionChecksum string `json:"pluginOptionChecksum,omitempty"`
+ // Diff contains the difference between the deployed helm chart and the helm chart in the last reconciliation
+ Diff string `json:"diff,omitempty"`
}
//+kubebuilder:object:root=true
diff --git a/pkg/controllers/plugin/plugin_controller.go b/pkg/controllers/plugin/plugin_controller.go
index a4aa64144..ee1037bd6 100644
--- a/pkg/controllers/plugin/plugin_controller.go
+++ b/pkg/controllers/plugin/plugin_controller.go
@@ -276,6 +276,8 @@ func (r *PluginReconciler) reconcileHelmRelease(
return nil
}
+ plugin.Status.HelmReleaseStatus.Diff = diffObjects.String()
+
if err := helm.InstallOrUpgradeHelmChartFromPlugin(ctx, r.Client, restClientGetter, pluginDefinition, plugin); err != nil {
errorMessage := "Helm install/upgrade failed: " + err.Error()
plugin.SetCondition(greenhousev1alpha1.TrueCondition(
@@ -303,6 +305,7 @@ func (r *PluginReconciler) reconcileStatus(ctx context.Context,
Status: "unknown",
FirstDeployed: metav1.Time{},
LastDeployed: metav1.Time{},
+ Diff: pluginStatus.HelmReleaseStatus.Diff,
}
)