Add early access control plane firewall new payload and structure def…

…inition (#894) * Add control plane firewall parameter to create and update request body * Add control plane firewall to response * Address PR comments * Address PR comments * PR comments * Fix control plane firewall description --------- Co-authored-by: Oliver Love <[email protected]>
digitalocean · Jun 27, 2024 · dbb43ed · dbb43ed
1 parent a67facb
commit dbb43ed
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 0 deletions.
diff --git a/specification/resources/kubernetes/models/cluster.yml b/specification/resources/kubernetes/models/cluster.yml
@@ -156,6 +156,8 @@ properties:
     description: A read-only boolean value indicating if a container registry is
       integrated with the cluster.
 
+  control_plane_firewall:
+    $ref: 'control_plane_firewall.yml'
 
 required:
   - name

diff --git a/specification/resources/kubernetes/models/cluster_update.yml b/specification/resources/kubernetes/models/cluster_update.yml
@@ -45,5 +45,8 @@ properties:
       is run in a highly available configuration in the cluster. Highly available
       control planes incur less downtime. The property cannot be disabled.
 
+  control_plane_firewall:
+    $ref: 'control_plane_firewall.yml'
+
 required:
   - name
diff --git a/specification/resources/kubernetes/models/control_plane_firewall.yml b/specification/resources/kubernetes/models/control_plane_firewall.yml
@@ -0,0 +1,18 @@
+type: object
+nullable: true
+description: An object specifying the control plane firewall for the Kubernetes cluster.
+  Control plane firewall is in early availability (invite only).
+properties:
+  enable:
+    type: boolean
+    description: Indicates whether the control plane firewall is enabled.
+    example: true
+
+  allowed_addresses:
+    type: array
+    description: An array of public addresses (IPv4 or CIDR) allowed to access the control plane.
+    items:
+      type: string
+    example:
+      - "1.2.3.4/32"
+      - "1.1.0.0/16"
diff --git a/specification/resources/kubernetes/responses/examples.yml b/specification/resources/kubernetes/responses/examples.yml
@@ -98,6 +98,11 @@ kubernetes_clusters_all:
       surge_upgrade: false
       registry_enabled: false
       ha: false
+      control_plane_firewall:
+        enabled: true
+        allowed_addresses:
+          - "1.2.3.4/32"
+          - "1.1.0.0/16"
     meta:
       total: 1
 
@@ -200,6 +205,11 @@ kubernetes_single:
       surge_upgrade: false
       registry_enabled: false
       ha: false
+      control_plane_firewall:
+        enabled: true
+        allowed_addresses:
+          - "1.2.3.4/32"
+          - "1.1.0.0/16"
 
 kubernetes_updated:
   value:
@@ -300,6 +310,11 @@ kubernetes_updated:
       surge_upgrade: true
       registry_enabled: false
       ha: false
+      control_plane_firewall:
+        enabled: true
+        allowed_addresses:
+          - "1.2.3.4/32"
+          - "1.1.0.0/16"
 
 kubernetes_clusters_create_basic_response:
   value:
@@ -365,6 +380,11 @@ kubernetes_clusters_create_basic_response:
       surge_upgrade: false
       registry_enabled: false
       ha: false
+      control_plane_firewall:
+        enabled: true
+        allowed_addresses:
+          - "1.2.3.4/32"
+          - "1.1.0.0/16"
 
 kubernetes_clusters_multi_pool_response:
   value:
@@ -467,6 +487,11 @@ kubernetes_clusters_multi_pool_response:
       surge_upgrade: false
       registry_enabled: false
       ha: false
+      control_plane_firewall:
+        enabled: true
+        allowed_addresses:
+          - "1.2.3.4/32"
+          - "1.1.0.0/16"
 
 kubernetes_options:
   value: