Merge pull request #941 from gdbranco/feat/ocm-8260

OCM-8260 | feat: include `access transparency` service

CHANGES.md

@@ -4,6 +4,7 @@ This document describes the relevant changes between releases of the API model.
 
 ## 0.0.374 May 23 2024
 - Add `CreationTimestamp` and `LastUpdateTimestamp` to `RolePolicyBinding` type
+- Add `access_transparecy` Service and it's resources
 
 ## 0.0.373 May 13 2024
 - Add `subnet_resource_id` to `Azure` resource

model/access_transparency/v1/access_protection_resource.model

@@ -0,0 +1,36 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Manages the Access Protection resource.
+resource AccessProtection {
+	// Retrieves an Access Protection by organization/cluster/subscription query param.
+	method Get {
+		// Check status by Subscription.
+		@http(name = "subscriptionId")
+		in SubscriptionId String
+
+		// Check status by Cluter.
+		@http(name = "clusterId")
+		in ClusterId String
+
+		// Check status by Organization.
+		@http(name = "organizationId")
+		in OrganizationId String
+
+		// AccessProtection status response.
+		out Body AccessProtection
+	}
+}

model/access_transparency/v1/access_protection_type.model

@@ -0,0 +1,20 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Representation of an access protection.
+struct AccessProtection {
+  Enabled boolean
+}

model/access_transparency/v1/access_request_post_request_type.model

@@ -0,0 +1,39 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Representation of an access request post request.
+struct AccessRequestPostRequest {
+	// Justification of the Access Request.
+	Justification String
+
+	// Support case ID linking to JIRA ticket.
+	SupportCaseId String
+
+	// Internal support case id linking to jira ticket.
+	InternalSupportCaseId String
+
+	// Subscription from which the Access Request belongs to.
+	SubscriptionId String
+
+	// Cluster from which the Access Request belongs to.
+	ClusterId String
+
+	// How long the access will last after it's been approved.
+	Duration String
+
+	// How long the Access Request can be in pending state waiting for a customer decision.
+	Deadline String
+}

model/access_transparency/v1/access_request_resource.model

@@ -0,0 +1,28 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Manages a specific access request.
+resource AccessRequest {
+	// Retrieves the details of the access request.
+	method Get {
+		out Body AccessRequest
+	}
+
+	// Reference to the resource that manages the collection of decisions.
+	locator Decisions {
+		target Decisions
+	}
+}

model/access_transparency/v1/access_request_state.model

@@ -0,0 +1,30 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Possible states to an access request status.
+enum AccessRequestState {
+    @json(name = "Pending")
+    Pending
+
+    @json(name = "Approved")
+    Approved
+
+    @json(name = "Expired")
+    Expired
+
+    @json(name = "Denied")
+    Denied
+}

model/access_transparency/v1/access_request_status.type

@@ -0,0 +1,25 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Representation of an access request status.
+struct AccessRequestStatus {
+  // Current state of the Access Request.
+  State AccessRequestState
+
+  // Date and time when the access request will expire, using the
+  // format defined in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt).
+  ExpiresAt Date
+}

model/access_transparency/v1/access_request_type.model

@@ -0,0 +1,63 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Representation of an access request.
+class AccessRequest {
+	// Date and time when the access request was initially created, using the
+	// format defined in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt).
+	CreatedAt Date
+
+	// Date and time when the access request was lastly updated, using the
+	// format defined in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt).
+	UpdatedAt Date
+
+	// Decisions attached to the Access Request.
+	Decisions []Decision
+
+	// Justification of the Access Request.
+	Justification String
+
+	// User that requested the Access.
+	RequestedBy String
+
+	// Support case ID linking to JIRA ticket.
+	SupportCaseId String
+
+	// Internal support case id linking to jira ticket.
+	InternalSupportCaseId String
+
+	// Organization from which the Access Request belongs to.
+	OrganizationId String
+
+	// Subscription from which the Access Request belongs to.
+	SubscriptionId String
+
+	// Cluster from which the Access Request belongs to.
+	ClusterId String
+
+	// How long the access will last after it's been approved.
+	Duration String
+
+	// How long the Access Request can be in pending state waiting for a customer decision.
+	Deadline String
+
+	// Date and time for the deadline that the Access Request needs to be decided, using the
+	// format defined in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt).
+	DeadlineAt Date
+
+	// Access Request status.
+	Status AccessRequestStatus
+}

model/access_transparency/v1/access_requests_resource.model

@@ -0,0 +1,79 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Manages the collection of access requests.
+resource AccessRequests {
+	// Retrieves the list of access requests.
+	method List {
+		// Index of the requested page, where one corresponds to the first page.
+		in out Page Integer = 1
+
+		// Maximum number of items that will be contained in the returned page.
+		in out Size Integer = 100
+
+		// Search criteria.
+		//
+		// The syntax of this parameter is similar to the syntax of the _where_ clause of an
+		// SQL statement, but using the names of the attributes of the access request instead of
+		// the names of the columns of a table. For example, in order to retrieve all the
+		// access requests with a requested_by starting with `my` the value should be:
+		//
+		// ```sql
+		// requested_by like 'my%'
+		// ```
+		//
+		// If the parameter isn't provided, or if the value is empty, then all the access requests
+		// that the user has permission to see will be returned.
+		in Search String
+
+		// Order criteria.
+		//
+		// The syntax of this parameter is similar to the syntax of the _order by_ clause of
+		// a SQL statement, but using the names of the attributes of the access request instead of
+		// the names of the columns of a table. For example, in order to sort the access requests
+		// descending by created_at the value should be:
+		//
+		// ```sql
+		// created_at desc
+		// ```
+		//
+		// If the parameter isn't provided, or if the value is empty, then the order of the
+		// results is undefined.
+		in Order String
+
+		// Total number of items of the collection that match the search criteria,
+		// regardless of the size of the page.
+		out Total Integer
+
+		// Retrieved list of access requests.
+		out Items []AccessRequest
+	}
+
+	// Create a new access request and add it to the collection of access requests.
+	method Post {
+		// Input to include new access request.
+		in Body AccessRequestPostRequest
+
+		// Newly access request.
+		out Body AccessRequest
+	}
+
+	// Returns a reference to the service that manages a specific access request.
+	locator AccessRequest {
+		target AccessRequest
+		variable ID
+	}
+}

model/access_transparency/v1/decision_decision_type.model

@@ -0,0 +1,27 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Possible decisions to a decision status.
+enum DecisionDecision {
+    @json(name = "Approved")
+    Approved
+
+    @json(name = "Expired")
+    Expired
+
+    @json(name = "Denied")
+    Denied
+}

model/access_transparency/v1/decision_resource.model

@@ -0,0 +1,23 @@
+/*
+Copyright (c) 2024 Red Hat, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Manages a specific decision.
+resource Decision {
+	// Retrieves the details of the decision.
+	method Get {
+		out Body Decision
+	}
+}