From 2556db7d6975383813497d557dfebb489ebdb000 Mon Sep 17 00:00:00 2001
From: kimorris27 <kimorris@redhat.com>
Date: Mon, 15 Apr 2024 08:46:48 -0500
Subject: [PATCH] Add new admin API types

---
 .../admin/platformworkloadidentityroleset.go  | 46 +++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 pkg/api/admin/platformworkloadidentityroleset.go

diff --git a/pkg/api/admin/platformworkloadidentityroleset.go b/pkg/api/admin/platformworkloadidentityroleset.go
new file mode 100644
index 00000000000..9ed4680bceb
--- /dev/null
+++ b/pkg/api/admin/platformworkloadidentityroleset.go
@@ -0,0 +1,46 @@
+package admin
+
+// Copyright (c) Microsoft Corporation.
+// Licensed under the Apache License 2.0.
+
+// PlatformWorkloadIdentityRoleSetList represents a List of role sets.
+type PlatformWorkloadIdentityRoleSetList struct {
+	// The list of role sets.
+	PlatformWorkloadIdentityRoleSets []*PlatformWorkloadIdentityRoleSet `json:"value"`
+}
+
+// PlatformWorkloadIdentityRoleSet represents a mapping from the names of OCP operators to the built-in roles that should be assigned to those operator's corresponding managed identities for a particular OCP version.
+type PlatformWorkloadIdentityRoleSet struct {
+	// The ID for the resource.
+	ID string `json:"id,omitempty" mutable:"case"`
+
+	// Name of the resource.
+	Name string `json:"name,omitempty" mutable:"case"`
+
+	// The properties for the PlatformWorkloadIdentityRoleSet resource.
+	Properties PlatformWorkloadIdentityRoleSetProperties `json:"properties,omitempty"`
+}
+
+// PlatformWorkloadIdentityRoleSetProperties represents the properties of a PlatformWorkloadIdentityRoleSet resource.
+type PlatformWorkloadIdentityRoleSetProperties struct {
+	// OpenShiftVersion represents the version associated with this set of roles.
+	OpenShiftVersion string `json:"openShiftVersion,omitempty"`
+
+	// PlatformWorkloadIdentityRoles represents the set of roles associated with this version.
+	PlatformWorkloadIdentityRoles []PlatformWorkloadIdentityRole `json:"platformWorkloadIdentityRoles,omitempty" mutable:"true"`
+}
+
+// PlatformWorkloadIdentityRole represents a mapping from a particular OCP operator to the built-in role that should be assigned to that operator's corresponding managed identity.
+type PlatformWorkloadIdentityRole struct {
+	// OperatorName represents the name of the operator that this role is for.
+	OperatorName string `json:"operatorName,omitempty" mutable:"true"`
+
+	// RoleDefinitionName represents the name of the role.
+	RoleDefinitionName string `json:"roleDefinitionName,omitempty" mutable:"true"`
+
+	// RoleDefinitionID represents the resource ID of the role definition.
+	RoleDefinitionID string `json:"roleDefinitionId,omitempty" mutable:"true"`
+
+	// ServiceAccounts represents the set of service accounts associated with the given operator, since each service account needs its own federated credential.
+	ServiceAccounts []string `json:"serviceAccounts,omitempty" mutable:"true"`
+}