diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index f03801a6ae1..6be8327681f 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -932,6 +932,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/openshift/api/operator/v1.IPv4OVNKubernetesConfig": schema_openshift_api_operator_v1_IPv4OVNKubernetesConfig(ref), "github.com/openshift/api/operator/v1.IPv6GatewayConfig": schema_openshift_api_operator_v1_IPv6GatewayConfig(ref), "github.com/openshift/api/operator/v1.IPv6OVNKubernetesConfig": schema_openshift_api_operator_v1_IPv6OVNKubernetesConfig(ref), + "github.com/openshift/api/operator/v1.Ingress": schema_openshift_api_operator_v1_Ingress(ref), "github.com/openshift/api/operator/v1.IngressController": schema_openshift_api_operator_v1_IngressController(ref), "github.com/openshift/api/operator/v1.IngressControllerCaptureHTTPCookie": schema_openshift_api_operator_v1_IngressControllerCaptureHTTPCookie(ref), "github.com/openshift/api/operator/v1.IngressControllerCaptureHTTPCookieUnion": schema_openshift_api_operator_v1_IngressControllerCaptureHTTPCookieUnion(ref), @@ -45326,12 +45327,19 @@ func schema_openshift_api_operator_v1_ConsoleSpec(ref common.ReferenceCallback) }, }, }, + "ingress": { + SchemaProps: spec.SchemaProps{ + Description: "ingress allows to configure the alternative ingress for the console. This field is intended for clusters without ingress capability, where access to routes is not possible.", + Default: map[string]interface{}{}, + Ref: ref("github.com/openshift/api/operator/v1.Ingress"), + }, + }, }, Required: []string{"managementState", "providers"}, }, }, Dependencies: []string{ - "github.com/openshift/api/operator/v1.ConsoleConfigRoute", "github.com/openshift/api/operator/v1.ConsoleCustomization", "github.com/openshift/api/operator/v1.ConsoleProviders", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + "github.com/openshift/api/operator/v1.ConsoleConfigRoute", "github.com/openshift/api/operator/v1.ConsoleCustomization", "github.com/openshift/api/operator/v1.ConsoleProviders", "github.com/openshift/api/operator/v1.Ingress", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, } } @@ -47220,6 +47228,35 @@ func schema_openshift_api_operator_v1_IPv6OVNKubernetesConfig(ref common.Referen } } +func schema_openshift_api_operator_v1_Ingress(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Ingress allows cluster admin to configure alternative ingress for the console.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "consoleURL": { + SchemaProps: spec.SchemaProps{ + Description: "consoleURL is a URL to be used as the base console address. If not specified, the console route hostname will be used. This field is required for clusters without ingress capability, where access to routes is not possible. Make sure that appropriate ingress is set up at this URL. The console operator will monitor the URL and may go degraded if it's unreachable for an extended period. Must use the HTTPS scheme.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "clientDownloadsURL": { + SchemaProps: spec.SchemaProps{ + Description: "clientDownloadsURL is a URL to be used as the address to download client binaries. If not specified, the downloads route hostname will be used. This field is required for clusters without ingress capability, where access to routes is not possible. The console operator will monitor the URL and may go degraded if it's unreachable for an extended period. Must use the HTTPS scheme.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + func schema_openshift_api_operator_v1_IngressController(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/openapi/openapi.json b/openapi/openapi.json index 1c6419b45df..acd5e4e9592 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -26353,6 +26353,11 @@ "default": {}, "$ref": "#/definitions/com.github.openshift.api.operator.v1.ConsoleCustomization" }, + "ingress": { + "description": "ingress allows to configure the alternative ingress for the console. This field is intended for clusters without ingress capability, where access to routes is not possible.", + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.operator.v1.Ingress" + }, "logLevel": { "description": "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", "type": "string" @@ -27494,6 +27499,22 @@ } } }, + "com.github.openshift.api.operator.v1.Ingress": { + "description": "Ingress allows cluster admin to configure alternative ingress for the console.", + "type": "object", + "properties": { + "clientDownloadsURL": { + "description": "clientDownloadsURL is a URL to be used as the address to download client binaries. If not specified, the downloads route hostname will be used. This field is required for clusters without ingress capability, where access to routes is not possible. The console operator will monitor the URL and may go degraded if it's unreachable for an extended period. Must use the HTTPS scheme.", + "type": "string", + "default": "" + }, + "consoleURL": { + "description": "consoleURL is a URL to be used as the base console address. If not specified, the console route hostname will be used. This field is required for clusters without ingress capability, where access to routes is not possible. Make sure that appropriate ingress is set up at this URL. The console operator will monitor the URL and may go degraded if it's unreachable for an extended period. Must use the HTTPS scheme.", + "type": "string", + "default": "" + } + } + }, "com.github.openshift.api.operator.v1.IngressController": { "description": "IngressController describes a managed ingress controller for the cluster. The controller can service OpenShift Route and Kubernetes Ingress resources.\n\nWhen an IngressController is created, a new ingress controller deployment is created to allow external traffic to reach the services that expose Ingress or Route resources. Updating this resource may lead to disruption for public facing network connections as a new ingress controller revision may be rolled out.\n\nhttps://kubernetes.io/docs/concepts/services-networking/ingress-controllers\n\nWhenever possible, sensible defaults for the platform are used. See each field for more details.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "type": "object", diff --git a/operator/v1/tests/consoles.operator.openshift.io/AAA_ungated.yaml b/operator/v1/tests/consoles.operator.openshift.io/AAA_ungated.yaml index bf060fc1953..9e63a8532ee 100644 --- a/operator/v1/tests/consoles.operator.openshift.io/AAA_ungated.yaml +++ b/operator/v1/tests/consoles.operator.openshift.io/AAA_ungated.yaml @@ -155,3 +155,85 @@ tests: resource: Deployment version: v1 expectedError: "spec.customization.perspectives[0].pinnedResources[0].resource in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'" + - name: Should be able to add https urls + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + consoleURL: "https://testingress.com" + clientDownloadsURL: "https://testingress.com" + expected: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + logLevel: Normal + operatorLogLevel: Normal + ingress: + consoleURL: "https://testingress.com" + clientDownloadsURL: "https://testingress.com" + - name: Should be able to add empty urls + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + consoleURL: "" + clientDownloadsURL: "" + expected: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + logLevel: Normal + operatorLogLevel: Normal + ingress: + consoleURL: "" + clientDownloadsURL: "" + - name: Should throw an error if the value of console url has http scheme + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + consoleURL: "http://testingress.com" + expectedError: "spec.ingress.consoleURL: Invalid value: \"string\": console url scheme must be https" + - name: Should throw an error if the value of client downloads url has http scheme + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + clientDownloadsURL: "http://testingress.com" + expectedError: "spec.ingress.clientDownloadsURL: Invalid value: \"string\": client downloads url scheme must be https" + - name: Should throw an error if console url is invalid + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + consoleURL: "https://\ntestingress.com" + expectedError: "spec.ingress.consoleURL: Invalid value: \"string\": console url must be a valid absolute URL" + - name: Should throw an error if client downloads url is invalid + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + clientDownloadsURL: "https://\ntestingress.com" + expectedError: "spec.ingress.clientDownloadsURL: Invalid value: \"string\": client downloads url must be a valid absolute URL" + - name: Should throw an invalid url error if console url is invalid and has no scheme + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + consoleURL: "\ntestingress.com" + expectedError: "spec.ingress.consoleURL: Invalid value: \"string\": console url must be a valid absolute URL" + - name: Should throw an invalid error if client downloads url is invalid and has no scheme + initial: | + apiVersion: operator.openshift.io/v1 + kind: Console + spec: + ingress: + clientDownloadsURL: "\ntestingress.com" + expectedError: "spec.ingress.clientDownloadsURL: Invalid value: \"string\": client downloads url must be a valid absolute URL" diff --git a/operator/v1/types_console.go b/operator/v1/types_console.go index 474253d5d71..66e3798d924 100644 --- a/operator/v1/types_console.go +++ b/operator/v1/types_console.go @@ -57,6 +57,11 @@ type ConsoleSpec struct { // plugins defines a list of enabled console plugin names. // +optional Plugins []string `json:"plugins,omitempty"` + // ingress allows to configure the alternative ingress for the console. + // This field is intended for clusters without ingress capability, + // where access to routes is not possible. + // +optional + Ingress Ingress `json:"ingress"` } // ConsoleConfigRoute holds information on external route access to console. @@ -375,6 +380,35 @@ const ( BrandROSA Brand = "ROSA" ) +// Ingress allows cluster admin to configure alternative ingress for the console. +type Ingress struct { + // consoleURL is a URL to be used as the base console address. + // If not specified, the console route hostname will be used. + // This field is required for clusters without ingress capability, + // where access to routes is not possible. + // Make sure that appropriate ingress is set up at this URL. + // The console operator will monitor the URL and may go degraded + // if it's unreachable for an extended period. + // Must use the HTTPS scheme. + // +optional + // +kubebuilder:validation:XValidation:rule="size(self) == 0 || isURL(self)",message="console url must be a valid absolute URL" + // +kubebuilder:validation:XValidation:rule="size(self) == 0 || url(self).getScheme() == 'https'",message="console url scheme must be https" + // +kubebuilder:validation:MaxLength=1024 + ConsoleURL string `json:"consoleURL"` + // clientDownloadsURL is a URL to be used as the address to download client binaries. + // If not specified, the downloads route hostname will be used. + // This field is required for clusters without ingress capability, + // where access to routes is not possible. + // The console operator will monitor the URL and may go degraded + // if it's unreachable for an extended period. + // Must use the HTTPS scheme. + // +optional + // +kubebuilder:validation:XValidation:rule="size(self) == 0 || isURL(self)",message="client downloads url must be a valid absolute URL" + // +kubebuilder:validation:XValidation:rule="size(self) == 0 || url(self).getScheme() == 'https'",message="client downloads url scheme must be https" + // +kubebuilder:validation:MaxLength=1024 + ClientDownloadsURL string `json:"clientDownloadsURL"` +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). diff --git a/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml index 427450931c5..c0284cf48eb 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml @@ -456,6 +456,42 @@ spec: type: array type: object type: object + ingress: + description: ingress allows to configure the alternative ingress for + the console. This field is intended for clusters without ingress + capability, where access to routes is not possible. + properties: + clientDownloadsURL: + description: clientDownloadsURL is a URL to be used as the address + to download client binaries. If not specified, the downloads + route hostname will be used. This field is required for clusters + without ingress capability, where access to routes is not possible. + The console operator will monitor the URL and may go degraded + if it's unreachable for an extended period. Must use the HTTPS + scheme. + maxLength: 1024 + type: string + x-kubernetes-validations: + - message: client downloads url must be a valid absolute URL + rule: size(self) == 0 || isURL(self) + - message: client downloads url scheme must be https + rule: size(self) == 0 || url(self).getScheme() == 'https' + consoleURL: + description: consoleURL is a URL to be used as the base console + address. If not specified, the console route hostname will be + used. This field is required for clusters without ingress capability, + where access to routes is not possible. Make sure that appropriate + ingress is set up at this URL. The console operator will monitor + the URL and may go degraded if it's unreachable for an extended + period. Must use the HTTPS scheme. + maxLength: 1024 + type: string + x-kubernetes-validations: + - message: console url must be a valid absolute URL + rule: size(self) == 0 || isURL(self) + - message: console url scheme must be https + rule: size(self) == 0 || url(self).getScheme() == 'https' + type: object logLevel: default: Normal description: "logLevel is an intent based logging for an overall component. diff --git a/operator/v1/zz_generated.deepcopy.go b/operator/v1/zz_generated.deepcopy.go index 8b8ef769183..da3ce4e1077 100644 --- a/operator/v1/zz_generated.deepcopy.go +++ b/operator/v1/zz_generated.deepcopy.go @@ -885,6 +885,7 @@ func (in *ConsoleSpec) DeepCopyInto(out *ConsoleSpec) { *out = make([]string, len(*in)) copy(*out, *in) } + out.Ingress = in.Ingress return } @@ -1846,6 +1847,22 @@ func (in *IPv6OVNKubernetesConfig) DeepCopy() *IPv6OVNKubernetesConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Ingress) DeepCopyInto(out *Ingress) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress. +func (in *Ingress) DeepCopy() *Ingress { + if in == nil { + return nil + } + out := new(Ingress) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IngressController) DeepCopyInto(out *IngressController) { *out = *in diff --git a/operator/v1/zz_generated.featuregated-crd-manifests/consoles.operator.openshift.io/AAA_ungated.yaml b/operator/v1/zz_generated.featuregated-crd-manifests/consoles.operator.openshift.io/AAA_ungated.yaml index f7709a46a7a..901544eba5c 100644 --- a/operator/v1/zz_generated.featuregated-crd-manifests/consoles.operator.openshift.io/AAA_ungated.yaml +++ b/operator/v1/zz_generated.featuregated-crd-manifests/consoles.operator.openshift.io/AAA_ungated.yaml @@ -457,6 +457,42 @@ spec: type: array type: object type: object + ingress: + description: ingress allows to configure the alternative ingress for + the console. This field is intended for clusters without ingress + capability, where access to routes is not possible. + properties: + clientDownloadsURL: + description: clientDownloadsURL is a URL to be used as the address + to download client binaries. If not specified, the downloads + route hostname will be used. This field is required for clusters + without ingress capability, where access to routes is not possible. + The console operator will monitor the URL and may go degraded + if it's unreachable for an extended period. Must use the HTTPS + scheme. + maxLength: 1024 + type: string + x-kubernetes-validations: + - message: client downloads url must be a valid absolute URL + rule: size(self) == 0 || isURL(self) + - message: client downloads url scheme must be https + rule: size(self) == 0 || url(self).getScheme() == 'https' + consoleURL: + description: consoleURL is a URL to be used as the base console + address. If not specified, the console route hostname will be + used. This field is required for clusters without ingress capability, + where access to routes is not possible. Make sure that appropriate + ingress is set up at this URL. The console operator will monitor + the URL and may go degraded if it's unreachable for an extended + period. Must use the HTTPS scheme. + maxLength: 1024 + type: string + x-kubernetes-validations: + - message: console url must be a valid absolute URL + rule: size(self) == 0 || isURL(self) + - message: console url scheme must be https + rule: size(self) == 0 || url(self).getScheme() == 'https' + type: object logLevel: default: Normal description: "logLevel is an intent based logging for an overall component. diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index 09718520ebd..1b8b18e3f5c 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -265,6 +265,7 @@ var map_ConsoleSpec = map[string]string{ "providers": "providers contains configuration for using specific service providers.", "route": "route contains hostname and secret reference that contains the serving certificate. If a custom route is specified, a new route will be created with the provided hostname, under which console will be available. In case of custom hostname uses the default routing suffix of the cluster, the Secret specification for a serving certificate will not be needed. In case of custom hostname points to an arbitrary domain, manual DNS configurations steps are necessary. The default console route will be maintained to reserve the default hostname for console if the custom route is removed. If not specified, default route will be used. DEPRECATED", "plugins": "plugins defines a list of enabled console plugin names.", + "ingress": "ingress allows to configure the alternative ingress for the console. This field is intended for clusters without ingress capability, where access to routes is not possible.", } func (ConsoleSpec) SwaggerDoc() map[string]string { @@ -320,6 +321,16 @@ func (DeveloperConsoleCatalogTypes) SwaggerDoc() map[string]string { return map_DeveloperConsoleCatalogTypes } +var map_Ingress = map[string]string{ + "": "Ingress allows cluster admin to configure alternative ingress for the console.", + "consoleURL": "consoleURL is a URL to be used as the base console address. If not specified, the console route hostname will be used. This field is required for clusters without ingress capability, where access to routes is not possible. Make sure that appropriate ingress is set up at this URL. The console operator will monitor the URL and may go degraded if it's unreachable for an extended period. Must use the HTTPS scheme.", + "clientDownloadsURL": "clientDownloadsURL is a URL to be used as the address to download client binaries. If not specified, the downloads route hostname will be used. This field is required for clusters without ingress capability, where access to routes is not possible. The console operator will monitor the URL and may go degraded if it's unreachable for an extended period. Must use the HTTPS scheme.", +} + +func (Ingress) SwaggerDoc() map[string]string { + return map_Ingress +} + var map_Perspective = map[string]string{ "": "Perspective defines a perspective that cluster admins want to show/hide in the perspective switcher dropdown", "id": "id defines the id of the perspective. Example: \"dev\", \"admin\". The available perspective ids can be found in the code snippet section next to the yaml editor. Incorrect or unknown ids will be ignored.",