From d4ac3f7f1a368d2b0136535a3a336403b801de8e Mon Sep 17 00:00:00 2001 From: Joshua Reese Date: Wed, 8 Oct 2025 16:49:15 -0500 Subject: [PATCH] Update CRD generator to handle errors encountered during generation. In addition to the generator fix, adjustments have been made to existing CRDs to correct errors which were not handled before, and `./hack/update-codegen.sh` was executed. The listType marker was added to two non-list fields in 78496d8f897031a5335fb1fbcdfe422721646f4b The MaxLength validation marker was used on an array field instead of MaxItems in 110bcaf60d1178b18af7588feddcc1f22474dd4a --- apis/v1/backendtlspolicy_types.go | 1 - apis/v1/gateway_types.go | 1 - apis/v1/httproute_types.go | 6 +++--- .../gateway.networking.k8s.io_httproutes.yaml | 12 ++++++++++++ go.mod | 2 +- pkg/generated/openapi/zz_generated.openapi.go | 10 ---------- pkg/generator/main.go | 5 +++++ 7 files changed, 21 insertions(+), 16 deletions(-) diff --git a/apis/v1/backendtlspolicy_types.go b/apis/v1/backendtlspolicy_types.go index 5a755eb1ba..5e44936cc8 100644 --- a/apis/v1/backendtlspolicy_types.go +++ b/apis/v1/backendtlspolicy_types.go @@ -189,7 +189,6 @@ type BackendTLSPolicyValidation struct { // Support: Implementation-specific // // +optional - // +listType=atomic WellKnownCACertificates *WellKnownCACertificatesType `json:"wellKnownCACertificates,omitempty"` // Hostname is used for two purposes in the connection between Gateways and diff --git a/apis/v1/gateway_types.go b/apis/v1/gateway_types.go index 58d9751866..3b856a1567 100644 --- a/apis/v1/gateway_types.go +++ b/apis/v1/gateway_types.go @@ -803,7 +803,6 @@ type AllowedRoutes struct { // Support: Core // // +optional - // +listType=atomic // +kubebuilder:default={from: Same} Namespaces *RouteNamespaces `json:"namespaces,omitempty"` diff --git a/apis/v1/httproute_types.go b/apis/v1/httproute_types.go index 3d89af0da7..97ffd1e719 100644 --- a/apis/v1/httproute_types.go +++ b/apis/v1/httproute_types.go @@ -1671,7 +1671,7 @@ type GRPCAuthConfig struct { // // +optional // +listType=set - // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:MaxItems=64 AllowedRequestHeaders []string `json:"allowedHeaders,omitempty"` } @@ -1719,7 +1719,7 @@ type HTTPAuthConfig struct { // // +optional // +listType=set - // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:MaxItems=64 AllowedRequestHeaders []string `json:"allowedHeaders,omitempty"` // AllowedResponseHeaders specifies what headers from the authorization response @@ -1730,7 +1730,7 @@ type HTTPAuthConfig struct { // // +optional // +listType=set - // +kubebuilder:validation:MaxLength=64 + // +kubebuilder:validation:MaxItems=64 AllowedResponseHeaders []string `json:"allowedResponseHeaders,omitempty"` } diff --git a/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml b/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml index 1d0b55c9af..1f51e9a882 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml @@ -915,6 +915,7 @@ spec: If the list has entries, only those entries must be sent. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set type: object @@ -953,6 +954,7 @@ spec: request must be set to the actual number of bytes forwarded. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set allowedResponseHeaders: @@ -964,6 +966,7 @@ spec: except Authority or Host must be copied. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set path: @@ -2395,6 +2398,7 @@ spec: If the list has entries, only those entries must be sent. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set type: object @@ -2433,6 +2437,7 @@ spec: request must be set to the actual number of bytes forwarded. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set allowedResponseHeaders: @@ -2444,6 +2449,7 @@ spec: except Authority or Host must be copied. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set path: @@ -5073,6 +5079,7 @@ spec: If the list has entries, only those entries must be sent. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set type: object @@ -5111,6 +5118,7 @@ spec: request must be set to the actual number of bytes forwarded. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set allowedResponseHeaders: @@ -5122,6 +5130,7 @@ spec: except Authority or Host must be copied. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set path: @@ -6553,6 +6562,7 @@ spec: If the list has entries, only those entries must be sent. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set type: object @@ -6591,6 +6601,7 @@ spec: request must be set to the actual number of bytes forwarded. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set allowedResponseHeaders: @@ -6602,6 +6613,7 @@ spec: except Authority or Host must be copied. items: type: string + maxItems: 64 type: array x-kubernetes-list-type: set path: diff --git a/go.mod b/go.mod index 49d60fca96..717ee99494 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/stretchr/testify v1.11.1 golang.org/x/net v0.44.0 golang.org/x/sync v0.17.0 + golang.org/x/tools v0.36.0 google.golang.org/grpc v1.75.1 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1 google.golang.org/protobuf v1.36.8 @@ -81,7 +82,6 @@ require ( golang.org/x/term v0.35.0 // indirect golang.org/x/text v0.29.0 // indirect golang.org/x/time v0.12.0 // indirect - golang.org/x/tools v0.36.0 // indirect golang.org/x/tools/go/expect v0.1.1-deprecated // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250826171959-ef028d996bc1 // indirect gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect diff --git a/pkg/generated/openapi/zz_generated.openapi.go b/pkg/generated/openapi/zz_generated.openapi.go index 34b5ca191d..0968ead79a 100644 --- a/pkg/generated/openapi/zz_generated.openapi.go +++ b/pkg/generated/openapi/zz_generated.openapi.go @@ -2882,11 +2882,6 @@ func schema_sigsk8sio_gateway_api_apis_v1_AllowedRoutes(ref common.ReferenceCall Type: []string{"object"}, Properties: map[string]spec.Schema{ "namespaces": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, SchemaProps: spec.SchemaProps{ Description: "Namespaces indicates namespaces from which Routes may be attached to this Listener. This is restricted to the namespace of this Gateway by default.\n\nSupport: Core", Ref: ref("sigs.k8s.io/gateway-api/apis/v1.RouteNamespaces"), @@ -3210,11 +3205,6 @@ func schema_sigsk8sio_gateway_api_apis_v1_BackendTLSPolicyValidation(ref common. }, }, "wellKnownCACertificates": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, SchemaProps: spec.SchemaProps{ Description: "WellKnownCACertificates specifies whether system CA certificates may be used in the TLS handshake between the gateway and backend pod.\n\nIf WellKnownCACertificates is unspecified or empty (\"\"), then CACertificateRefs must be specified with at least one entry for a valid configuration. Only one of CACertificateRefs or WellKnownCACertificates may be specified, not both. If an implementation does not support the WellKnownCACertificates field, or the supplied value is not recognized, the implementation MUST ensure the `Accepted` Condition on the BackendTLSPolicy is set to `status: False`, with a Reason `Invalid`.\n\nSupport: Implementation-specific", Type: []string{"string"}, diff --git a/pkg/generator/main.go b/pkg/generator/main.go index 0916864b93..1559e1e6a0 100644 --- a/pkg/generator/main.go +++ b/pkg/generator/main.go @@ -23,6 +23,7 @@ import ( "regexp" "strings" + "golang.org/x/tools/go/packages" apiext "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "sigs.k8s.io/controller-tools/pkg/crd" "sigs.k8s.io/controller-tools/pkg/loader" @@ -135,6 +136,10 @@ func main() { } } } + + if loader.PrintErrors(roots, packages.TypeError) { + log.Fatalf("not all generators ran successfully") + } } func gatewayTweaksMap(channel string, props map[string]apiext.JSONSchemaProps) map[string]apiext.JSONSchemaProps {