diff --git a/README.md b/README.md index d2ee233903..74b29364b3 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ instance roles) # Cloud Providers -Currently the operator supports AWS, GCP, Azure, VMWare, OpenStack and oVirt. +Currently the operator supports AWS, Azure, GCP, KubeVirt, OpenStack. oVirt and VMWare. ## Credentials Root Secret Formats @@ -71,6 +71,18 @@ data: service_account.json: Base64encodeServiceAccount ``` +### Kubevirt + +```yaml +apiVersion: v1 +kind: Secret +metadata: + namespace: kube-system + name: kubevirt-credentials +data: + kubeconfig: Base64encodeKubeconfig +``` + ### OpenStack ```yaml @@ -163,7 +175,7 @@ Cons: * Credential permissions may need to be manually updated prior to any upgrade. * Each component has permissions used by all other components. -Supported clouds: AWS, GCP, Azure, VMWare, OpenStack, oVirt +Supported clouds: AWS, GCP, Azure, VMWare, OpenStack, oVirt, KubeVirt ## 3. Manual Credentials Management @@ -201,6 +213,7 @@ Cloud | Mint | Mint + Remove Admin Cred | Passthrough | Manual | Token AWS | Y | 4.4+ | Y | 4.3+ | 4.6+ (expected) Azure | Y | N | Y | unknown | N GCP | Y | 4.7+ | Y | unknown | N +KubeVirt | N | N | Y | N | N OpenStack | N | N | Y | N | N oVirt | N | N | Y | N | N VMWare | N | N | Y | N | N diff --git a/bindata/bootstrap/cloudcredential_v1_operator_config_custresdef.yaml b/bindata/bootstrap/cloudcredential_v1_operator_config_custresdef.yaml index 098de4470e..829cf05b36 100644 --- a/bindata/bootstrap/cloudcredential_v1_operator_config_custresdef.yaml +++ b/bindata/bootstrap/cloudcredential_v1_operator_config_custresdef.yaml @@ -62,6 +62,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -75,11 +81,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/go.mod b/go.mod index 670d3a3117..5046434dab 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/googleapis/gnostic v0.5.1 // indirect github.com/imdario/mergo v0.3.10 // indirect github.com/onsi/ginkgo v1.14.0 // indirect - github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971 + github.com/openshift/api v0.0.0-20201012140924-16436fa6166b github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 github.com/openshift/library-go v0.0.0-20200911100307-610c6e9e90b8 diff --git a/go.sum b/go.sum index 6e64d145da..1e6543542e 100644 --- a/go.sum +++ b/go.sum @@ -419,8 +419,8 @@ github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQ github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20191031171055-b133feaeeb2e/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/openshift/api v0.0.0-20200827090112-c05698d102cf/go.mod h1:M3xexPhgM8DISzzRpuFUy+jfPjQPIcs9yqEYj17mXV8= -github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971 h1:l4jU2pbYCFlWffDL8gQaN24UohhHI8Zq/zmiSpYzy7o= -github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971/go.mod h1:M3xexPhgM8DISzzRpuFUy+jfPjQPIcs9yqEYj17mXV8= +github.com/openshift/api v0.0.0-20201012140924-16436fa6166b h1:hnK7EIIqo8h8Ep0zVSkrdKnBpHF6tvrKZg6OAcgSkjg= +github.com/openshift/api v0.0.0-20201012140924-16436fa6166b/go.mod h1:Si/I9UGeRR3qzg01YWPmtlr0GeGk2fnuggXJRmjAZ6U= github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 h1:mOq7Mg1Q9d7nIDxe1SJ6pluMBQsbVxa6olyAGmfYWTg= github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 h1:E6WhVL5p3rfjtc+o+jVG/29Aclnf3XIF7akxXvadwR0= @@ -498,7 +498,6 @@ github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/y github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= @@ -534,18 +533,15 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3 h1:8sGtKOrtQqkN1bp2AtX+misvLIlOmsEsNd+9NIcPEm8= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.6.0 h1:Ezj3JGmsOnG1MoRWQkPBsKLe9DwWD9QeXzTRzzldNVk= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= -go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.5.0 h1:KCa4XfM8CWFCpxXRGok+Q0SS/0XBhMDbHHGABQLvD2A= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee h1:0mgffUl7nfd+FpvXMVz4IDEaUSmT1ysygQC7qYo7sG4= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= go.uber.org/zap v1.8.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.10.0 h1:ORx85nbTijNz8ljznvCMR1ZBIPKFn3jQrag10X2AsuM= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM= go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= @@ -560,9 +556,7 @@ golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 h1:ULYEB3JvPRE/IfO+9uO7vKV/xzVTO7XPAwm8xbf4w2g= golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975 h1:/Tl7pH94bvbAAHBdZJT947M/+gp0+CqQXDtMRC0fseo= golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -597,7 +591,6 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -628,9 +621,7 @@ golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7+slrESplyjG25HgL+k= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7 h1:AeiKBIuRw3UomYXSbLy0Mc2dDLfdtbT/IVn4keq83P0= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -684,7 +675,6 @@ golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d h1:nc5K6ox/4lTFbMVSL9WRR81ixkcwXThoiF6yf+R9scA= golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -694,14 +684,12 @@ golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fq golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e h1:EHBhcS0mlXEAVwNyO2dLfjToGsyY4j24pTs2ScHnX7s= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -745,7 +733,6 @@ golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4 h1:kDtqNkeBrZb8B+atrj50B5XLHpzXXqcCdZPP/ApQ5NY= golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= golang.org/x/tools v0.0.0-20200616133436-c1934b75d054 h1:HHeAlu5H9b71C+Fx0K+1dGgVFN1DM1/wz4aoGOA5qS8= golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -753,7 +740,6 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.0.1 h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0= gomodules.xyz/jsonpatch/v2 v2.0.1/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= gomodules.xyz/jsonpatch/v2 v2.1.0 h1:Phva6wqu+xR//Njw6iorylFFgn/z547tw5Ne3HZPQ+k= gomodules.xyz/jsonpatch/v2 v2.1.0/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= @@ -776,7 +762,6 @@ google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9Ywl google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= @@ -822,7 +807,6 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -831,7 +815,6 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogR gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -847,7 +830,6 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -908,7 +890,6 @@ k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.3.0 h1:WmkrnW7fdrm0/DMClc+HIxtftvxVIPAhlVwMQo5yLco= k8s.io/klog/v2 v2.3.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= @@ -947,7 +928,6 @@ sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/manifests/00-config-custresdef.yaml b/manifests/00-config-custresdef.yaml index 098de4470e..829cf05b36 100644 --- a/manifests/00-config-custresdef.yaml +++ b/manifests/00-config-custresdef.yaml @@ -62,6 +62,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -75,11 +81,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/pkg/apis/cloudcredential/v1/register.go b/pkg/apis/cloudcredential/v1/register.go index 53a8cb1010..43fed04946 100644 --- a/pkg/apis/cloudcredential/v1/register.go +++ b/pkg/apis/cloudcredential/v1/register.go @@ -58,6 +58,7 @@ func addKnownTypes(scheme *runtime.Scheme) error { &AzureProviderStatus{}, &AzureProviderSpec{}, &GCPProviderStatus{}, &GCPProviderSpec{}, &VSphereProviderStatus{}, &VSphereProviderSpec{}, + &KubevirtProviderStatus{}, &KubevirtProviderSpec{}, ) return nil diff --git a/pkg/apis/cloudcredential/v1/types_kubevirt.go b/pkg/apis/cloudcredential/v1/types_kubevirt.go new file mode 100644 index 0000000000..42cac102bb --- /dev/null +++ b/pkg/apis/cloudcredential/v1/types_kubevirt.go @@ -0,0 +1,36 @@ +/* +Copyright 2019 The OpenShift Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// TODO: these types should eventually be broken out, along with the actuator, +// to a separate repo. + +// KubevirtProviderSpec the specification of the credentials request in Kubevirt. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type KubevirtProviderSpec struct { + metav1.TypeMeta `json:",inline"` +} + +// KubevirtProviderSpec contains the status of the credentials request in Kubevirt. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type KubevirtProviderStatus struct { + metav1.TypeMeta `json:",inline"` +} diff --git a/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go b/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go index 6c2c5eaa23..4cc0306d0d 100644 --- a/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go +++ b/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go @@ -308,6 +308,56 @@ func (in *GCPProviderStatus) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtProviderSpec) DeepCopyInto(out *KubevirtProviderSpec) { + *out = *in + out.TypeMeta = in.TypeMeta + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderSpec. +func (in *KubevirtProviderSpec) DeepCopy() *KubevirtProviderSpec { + if in == nil { + return nil + } + out := new(KubevirtProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubevirtProviderSpec) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtProviderStatus) DeepCopyInto(out *KubevirtProviderStatus) { + *out = *in + out.TypeMeta = in.TypeMeta + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderStatus. +func (in *KubevirtProviderStatus) DeepCopy() *KubevirtProviderStatus { + if in == nil { + return nil + } + out := new(KubevirtProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubevirtProviderStatus) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OpenStackProviderSpec) DeepCopyInto(out *OpenStackProviderSpec) { *out = *in diff --git a/pkg/assets/bootstrap/bindata.go b/pkg/assets/bootstrap/bindata.go index cbf3a85b35..0a86591759 100644 --- a/pkg/assets/bootstrap/bindata.go +++ b/pkg/assets/bootstrap/bindata.go @@ -289,6 +289,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -302,11 +308,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/pkg/kubevirt/actuator.go b/pkg/kubevirt/actuator.go new file mode 100644 index 0000000000..4065421111 --- /dev/null +++ b/pkg/kubevirt/actuator.go @@ -0,0 +1,281 @@ +/* +Copyright 2019 The OpenShift Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package kubevirt + +import ( + "context" + "fmt" + "reflect" + + log "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" + + configv1 "github.com/openshift/api/config/v1" + operatorv1 "github.com/openshift/api/operator/v1" + minterv1 "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1" + "github.com/openshift/cloud-credential-operator/pkg/operator/constants" + actuatoriface "github.com/openshift/cloud-credential-operator/pkg/operator/credentialsrequest/actuator" +) + +type KubevirtActuator struct { + Client client.Client +} + +const ( + KubevirtCredentialsSecretKey = "kubeconfig" +) + +// NewActuator creates a new Kubevirt actuator. +func NewActuator(client client.Client) (*KubevirtActuator, error) { + return &KubevirtActuator{ + Client: client, + }, nil +} + +// Exists checks if the credentials currently exist. +// TODO: in the future validate the expiration of the credentials +func (a *KubevirtActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error) { + logger := a.getLogger(cr) + logger.Debug("running Exists") + + existingSecret, err := a.getSecret(ctx, cr, logger) + if err != nil { + return false, err + } + + return existingSecret != nil, nil +} + +// Create the credentials. +func (a *KubevirtActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error { + logger := a.getLogger(cr) + logger.Debug("running Create") + return a.sync(ctx, cr, logger) +} + +// Update the credentials to the provided definition. +func (a *KubevirtActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error { + logger := a.getLogger(cr) + logger.Debug("running Update") + return a.sync(ctx, cr, logger) +} + +// Delete credentials +func (a *KubevirtActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error { + logger := a.getLogger(cr) + logger.Debug("running Delete") + + existingSecret, err := a.getSecret(ctx, cr, logger) + if err != nil { + return err + } + if existingSecret != nil { + logger.Info("Deleting existing secret") + if err = a.Client.Delete(ctx, existingSecret); err != nil { + return err + } + } + + return nil +} + +// GetCredentialsRootSecretLocation returns the namespace and name where the parent credentials secret is stored. +func (a *KubevirtActuator) GetCredentialsRootSecretLocation() types.NamespacedName { + return types.NamespacedName{Namespace: constants.CloudCredSecretNamespace, Name: constants.KubevirtCloudCredSecretName} +} + +func (a *KubevirtActuator) GetCredentialsRootSecret(ctx context.Context, cr *minterv1.CredentialsRequest) (*corev1.Secret, error) { + logger := a.getLogger(cr) + + // get the secret of the kubevirt credentials + kubevirtCredentialsSecret := &corev1.Secret{} + if err := a.Client.Get(ctx, a.GetCredentialsRootSecretLocation(), kubevirtCredentialsSecret); err != nil { + msg := "unable to fetch root cloud cred secret" + logger.WithError(err).Error(msg) + return nil, &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: fmt.Sprintf("%v: %v", msg, err), + } + } + + return kubevirtCredentialsSecret, nil +} + +func (a *KubevirtActuator) sync(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) error { + logger.Debug("running sync") + + credentialsRootSecret, err := a.GetCredentialsRootSecret(context.TODO(), cr) + if err != nil { + logger.WithError(err).Error("issue with cloud credentials secret") + return err + } + + // get the secret data from the credentials request + kubevirtCredentialData, err := a.getCredentialsSecretData(credentialsRootSecret, logger) + if err != nil { + logger.WithError(err).Error("issue with cloud credentials secret") + return err + } + + // get the existing secret in order to check if need to update or create a new + logger.Debug("provisioning secret") + existingSecret, err := a.getSecret(ctx, cr, logger) + if err != nil { + return err + } + + // check if need to update or create a new one + if err = a.syncCredentialSecret(ctx, cr, &kubevirtCredentialData, existingSecret, logger); err != nil { + msg := "error creating/updating secret" + logger.WithError(err).Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: fmt.Sprintf("%v: %v", msg, err), + } + } + return nil +} + +func (a *KubevirtActuator) getCredentialsSecretData(cloudCredSecret *corev1.Secret, logger log.FieldLogger) ([]byte, error) { + // get the secret data - the infra kubeconfig + infraClusterKubeconfig, ok := cloudCredSecret.Data[KubevirtCredentialsSecretKey] + if !ok { + return nil, fmt.Errorf("kubeVirt credentials secret %s did not contain key %s", cloudCredSecret.Name, KubevirtCredentialsSecretKey) + } + + logger.Debug("extracted kubevirt credentials") + return infraClusterKubeconfig, nil +} + +func (a *KubevirtActuator) syncCredentialSecret(ctx context.Context, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, existingSecret *corev1.Secret, logger log.FieldLogger) error { + if existingSecret == nil { + if kubevirtCredentialData == nil { + msg := "new access key secret needed but no key data provided" + logger.Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: msg, + } + } + + return a.createNewSecret(logger, cr, kubevirtCredentialData, ctx) + } + + return a.updateExistingSecret(logger, existingSecret, cr, kubevirtCredentialData) +} + +func (a *KubevirtActuator) updateExistingSecret(logger log.FieldLogger, existingSecret *corev1.Secret, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte) error { + // Update the existing secret: + logger.Debug("updating secret") + origSecret := existingSecret.DeepCopy() + if existingSecret.Annotations == nil { + existingSecret.Annotations = map[string]string{} + } + existingSecret.Annotations[minterv1.AnnotationCredentialsRequest] = fmt.Sprintf("%s/%s", cr.Namespace, cr.Name) + if kubevirtCredentialData != nil { + existingSecret.Data = map[string][]byte{ + KubevirtCredentialsSecretKey: *kubevirtCredentialData, + } + } + + if !reflect.DeepEqual(existingSecret, origSecret) { + logger.Info("target secret has changed, updating") + if err := a.Client.Update(context.TODO(), existingSecret); err != nil { + msg := "error updating secret" + logger.WithError(err).Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: msg, + } + } + } else { + logger.Debug("target secret unchanged") + } + + return nil +} + +func (a *KubevirtActuator) createNewSecret(logger log.FieldLogger, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, ctx context.Context) error { + logger.Info("creating secret") + secret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: cr.Spec.SecretRef.Name, + Namespace: cr.Spec.SecretRef.Namespace, + Annotations: map[string]string{ + minterv1.AnnotationCredentialsRequest: fmt.Sprintf("%s/%s", cr.Namespace, cr.Name), + }, + }, + Data: map[string][]byte{ + KubevirtCredentialsSecretKey: *kubevirtCredentialData, + }, + } + + if err := a.Client.Create(ctx, secret); err != nil { + msg := "error in creating a secret" + logger.WithError(err).Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: msg, + } + } + + logger.Info("secret created successfully") + return nil +} + +func (a *KubevirtActuator) getSecret(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) (*corev1.Secret, error) { + logger.Debug("running getSecret") + + existingSecret := &corev1.Secret{} + if err := a.Client.Get(ctx, types.NamespacedName{Namespace: cr.Spec.SecretRef.Namespace, Name: cr.Spec.SecretRef.Name}, existingSecret); err != nil { + if errors.IsNotFound(err) { + logger.Debug("target secret does not exist") + return nil, nil + } + return nil, err + } + + if _, ok := existingSecret.Data[KubevirtCredentialsSecretKey]; !ok { + logger.Warningf("secret did not have expected key: %s", KubevirtCredentialsSecretKey) + } + + logger.Debug("target secret exists") + return existingSecret, nil +} + +func (a *KubevirtActuator) getLogger(cr *minterv1.CredentialsRequest) log.FieldLogger { + return log.WithFields(log.Fields{ + "actuator": "Kubevirt", + "targetSecret": fmt.Sprintf("%s/%s", cr.Spec.SecretRef.Namespace, cr.Spec.SecretRef.Name), + "cr": fmt.Sprintf("%s/%s", cr.Namespace, cr.Name), + }) +} + +func (a *KubevirtActuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition { + upgradeableCondition := &configv1.ClusterOperatorStatusCondition{ + Status: configv1.ConditionTrue, + Type: configv1.OperatorUpgradeable, + } + return upgradeableCondition +} + +func (a *KubevirtActuator) GetUpcomingCredSecrets() []types.NamespacedName { + return []types.NamespacedName{} +} diff --git a/pkg/kubevirt/actuator_test.go b/pkg/kubevirt/actuator_test.go new file mode 100644 index 0000000000..24384e6706 --- /dev/null +++ b/pkg/kubevirt/actuator_test.go @@ -0,0 +1,372 @@ +/* +Copyright 2019 The OpenShift Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kubevirt_test + +import ( + "context" + "fmt" + "k8s.io/apimachinery/pkg/api/errors" + "reflect" + "testing" + + minterv1 "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1" + "github.com/openshift/cloud-credential-operator/pkg/kubevirt" + "github.com/openshift/cloud-credential-operator/pkg/operator/constants" + "github.com/openshift/cloud-credential-operator/pkg/util" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + "k8s.io/client-go/kubernetes/scheme" + kubernetesclient "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/client/fake" +) + +const ( + testNamespace = "Kubevirt-cloud-credential-operator" + testCredRequestName = "openshift-machine-api-kubevirt" + testInfrastructureName = "test-cluster-abcd" + testRandomSuffix = "random" + testOpenshiftMachineApiKubevirtNamespace = "openshift-machine-api" +) + +var ( + kubevirtCredentialData = []byte("data") + + kubevirtSpec = &minterv1.KubevirtProviderSpec{} + + kubevirtCredentialsSecret = corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: constants.KubevirtCloudCredSecretName, + Namespace: constants.CloudCredSecretNamespace, + }, + Data: map[string][]byte{ + kubevirt.KubevirtCredentialsSecretKey: kubevirtCredentialData, + }, + } + + kubevirtOpenshiftMachineApiSecret = corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: constants.KubevirtCloudCredSecretName, + Namespace: testOpenshiftMachineApiKubevirtNamespace, + }, + Data: map[string][]byte{ + kubevirt.KubevirtCredentialsSecretKey: kubevirtCredentialData, + }, + } +) + +func TestDecodeToUnknown(t *testing.T) { + codec, err := minterv1.NewCodec() + if err != nil { + t.Fatalf("failed to create codec %#v", err) + } + var raw *runtime.RawExtension + aps := minterv1.KubevirtProviderSpec{} + raw, err = codec.EncodeProviderSpec(&aps) + if err != nil { + t.Fatalf("failed to encode codec %#v", err) + } + unknown := runtime.Unknown{} + err = codec.DecodeProviderStatus(raw, &unknown) + if err != nil { + t.Fatalf("should be able to decode to Unknown %#v", err) + } + if unknown.Kind != reflect.TypeOf(minterv1.KubevirtProviderSpec{}).Name() { + t.Fatalf("expected decoded kind to be %s but was %s", reflect.TypeOf(minterv1.KubevirtProviderSpec{}).Name(), unknown.Kind) + } +} + +func TestCreateCR(t *testing.T) { + util.SetupScheme(scheme.Scheme) + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesclient.Client) + }{ + { + name: "Create CR happy flow", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client) { + cr := getCredRequest(t, c) + assert.NotNil(t, cr) + + secret := getSecret(t, c) + assert.NotNil(t, secret) + + }, + }, + { + name: "Create CR fail on getCredentialSecret kube-system:kubevirt-credentials", + existing: []runtime.Object{}, + credentialsRequest: testCredentialsRequest(t), + expectedErr: fmt.Errorf("unable to fetch root cloud cred secret: secrets \"kubevirt-credentials\" not found"), + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := kubevirt.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + testErr := actuator.Create(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient) + } + + }) + } +} + +func TestDeleteCR(t *testing.T) { + util.SetupScheme(scheme.Scheme) + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesclient.Client) + }{ + { + name: "Delete CR happy flow", + existing: existingObjectsAfterCreate(t), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client) {}, + }, + { + name: "Delete CR happy flow - existingSecret not exist", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client) {}, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := kubevirt.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + testErr := actuator.Delete(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient) + } + + }) + } +} + +func TestExistsCR(t *testing.T) { + util.SetupScheme(scheme.Scheme) + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesclient.Client, bool) + }{ + { + name: "Exists CR happy flow (true)", + existing: existingObjectsAfterCreate(t), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client, isExists bool) { + secret := getSecret(t, c) + assert.Equal(t, isExists, true) + assert.NotNil(t, secret) + }, + }, + { + name: "Non Exists CR happy flow (false)", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client, isExists bool) { + secret := getSecret(t, c) + assert.Equal(t, isExists, false) + assert.Nil(t, secret) + }, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := kubevirt.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + isExists, testErr := actuator.Exists(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient, isExists) + } + + }) + } +} + +func TestUpdateCR(t *testing.T) { + util.SetupScheme(scheme.Scheme) + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesclient.Client) + }{ + { + name: "Update CR happy flow - non exists", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client) { + cr := getCredRequest(t, c) + assert.NotNil(t, cr) + }, + }, + { + name: "Update CR happy flow - exists", + existing: existingObjectsAfterCreate(t), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesclient.Client) { + cr := getCredRequest(t, c) + assert.NotNil(t, cr) + }, + }, + { + name: "Update CR fail on getCredentialSecret kube-system:kubevirt-credentials", + existing: []runtime.Object{}, + credentialsRequest: testCredentialsRequest(t), + expectedErr: fmt.Errorf("unable to fetch root cloud cred secret: secrets \"kubevirt-credentials\" not found"), + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := kubevirt.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + testErr := actuator.Update(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient) + } + + }) + } +} + +func getSecret(t *testing.T, c kubernetesclient.Client) *corev1.Secret { + credRequest := getCredRequest(t, c) + + secret := &corev1.Secret{} + err := c.Get(context.TODO(), types.NamespacedName{ + Namespace: credRequest.Spec.SecretRef.Namespace, + Name: credRequest.Spec.SecretRef.Name, + }, secret) + if err != nil && errors.IsNotFound(err) { + return nil + } + + assert.NoError(t, err) + return secret +} + +func getCredRequest(t *testing.T, c kubernetesclient.Client) *minterv1.CredentialsRequest { + cr := &minterv1.CredentialsRequest{} + assert.NoError(t, c.Get(context.TODO(), types.NamespacedName{Namespace: testNamespace, Name: testCredRequestName}, cr)) + return cr +} + +func defaultExistingObjects() []runtime.Object { + objs := []runtime.Object{ + &kubevirtCredentialsSecret, + } + return objs +} + +func existingObjectsAfterCreate(t *testing.T) []runtime.Object { + objs := []runtime.Object{ + &kubevirtCredentialsSecret, + &kubevirtOpenshiftMachineApiSecret, + } + return objs +} + +func testCredentialsRequest(t *testing.T) *minterv1.CredentialsRequest { + codec, err := minterv1.NewCodec() + if err != nil { + t.Fatalf("error creating Kubevirt codec: %v", err) + } + + rawObj, err := codec.EncodeProviderSpec(kubevirtSpec) + if err != nil { + t.Fatalf("error decoding provider v1 spec: %v", err) + } + + cr := &minterv1.CredentialsRequest{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: testNamespace, + Name: testCredRequestName, + }, + Spec: minterv1.CredentialsRequestSpec{ + SecretRef: corev1.ObjectReference{ + Namespace: testOpenshiftMachineApiKubevirtNamespace, + Name: constants.KubevirtCloudCredSecretName, + }, + ProviderSpec: rawObj, + }, + } + + return cr +} diff --git a/pkg/operator/constants/constants.go b/pkg/operator/constants/constants.go index 5fb2f6a369..9660feca45 100644 --- a/pkg/operator/constants/constants.go +++ b/pkg/operator/constants/constants.go @@ -114,6 +114,10 @@ const ( // VSphereCloudCredSecretName is the name of the secret where credentials // for vSphere are stored. VSphereCloudCredSecretName = "vsphere-creds" + + // KubevirtCloudCredSecretName is the name of the secret where credentials + // for Kubevirt are stored. + KubevirtCloudCredSecretName = "kubevirt-credentials" ) var ( diff --git a/pkg/operator/controller.go b/pkg/operator/controller.go index 08bcc2d64c..95860d4858 100644 --- a/pkg/operator/controller.go +++ b/pkg/operator/controller.go @@ -20,6 +20,7 @@ import ( awsactuator "github.com/openshift/cloud-credential-operator/pkg/aws/actuator" "github.com/openshift/cloud-credential-operator/pkg/azure" gcpactuator "github.com/openshift/cloud-credential-operator/pkg/gcp/actuator" + "github.com/openshift/cloud-credential-operator/pkg/kubevirt" "github.com/openshift/cloud-credential-operator/pkg/openstack" "github.com/openshift/cloud-credential-operator/pkg/operator/awspodidentity" "github.com/openshift/cloud-credential-operator/pkg/operator/configmap" @@ -124,6 +125,12 @@ func AddToManager(m manager.Manager, explicitKubeconfig string) error { if err != nil { return err } + case configv1.KubevirtPlatformType: + log.Info("initializing Kubevirt actuator") + a, err = kubevirt.NewActuator(m.GetClient()) + if err != nil { + return err + } default: log.Info("initializing no-op actuator (unsupported platform)") a = &actuator.DummyActuator{} diff --git a/pkg/operator/credentialsrequest/credentialsrequest_controller.go b/pkg/operator/credentialsrequest/credentialsrequest_controller.go index ff057f6bb3..0e233951d2 100644 --- a/pkg/operator/credentialsrequest/credentialsrequest_controller.go +++ b/pkg/operator/credentialsrequest/credentialsrequest_controller.go @@ -337,6 +337,7 @@ func isAdminCredSecret(namespace, secretName string) bool { secretName == constants.GCPCloudCredSecretName || secretName == constants.OpenStackCloudCredsSecretName || secretName == constants.OvirtCloudCredsSecretName || + secretName == constants.KubevirtCloudCredSecretName || secretName == constants.VSphereCloudCredSecretName { log.WithField("secret", secretName).WithField("namespace", namespace).Info("observed admin cloud credential secret event") return true @@ -787,6 +788,8 @@ func crInfraMatches(cr *minterv1.CredentialsRequest, clusterCloudPlatform config return cloudType == reflect.TypeOf(minterv1.OvirtProviderSpec{}).Name(), nil case configv1.VSpherePlatformType: return cloudType == reflect.TypeOf(minterv1.VSphereProviderSpec{}).Name(), nil + case configv1.KubevirtPlatformType: + return cloudType == reflect.TypeOf(minterv1.KubevirtProviderSpec{}).Name(), nil default: return false, fmt.Errorf("unsupported platorm type: %v", clusterCloudPlatform) } diff --git a/pkg/operator/metrics/metrics.go b/pkg/operator/metrics/metrics.go index b766d2d97c..9af3f58d08 100644 --- a/pkg/operator/metrics/metrics.go +++ b/pkg/operator/metrics/metrics.go @@ -169,6 +169,8 @@ func (mc *Calculator) getCloudSecret() (*corev1.Secret, error) { secretKey.Name = constants.OvirtCloudCredsSecretName case configv1.VSpherePlatformType: secretKey.Name = constants.VSphereCloudCredSecretName + case configv1.KubevirtPlatformType: + secretKey.Name = constants.KubevirtCloudCredSecretName default: mc.log.WithField("cloud", platformType).Info("unsupported cloud for determing CCO mode") return nil, nil @@ -191,6 +193,8 @@ func cloudProviderSpecToMetricsKey(cloud string) string { return "ovirt" case "VsphereProviderSpec": return "vsphere" + case "KubevirtProviderSpec": + return "kubevirt" default: return "unknown" } diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 7993192b6a..f1d7ca0003 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -30,6 +30,7 @@ $(call add-crd-gen,operatoringress,./operatoringress/v1,./operatoringress/v1,./o $(call add-crd-gen,quota,./quota/v1,./quota/v1,./quota/v1) $(call add-crd-gen,samples,./samples/v1,./samples/v1,./samples/v1) $(call add-crd-gen,security,./security/v1,./security/v1,./security/v1) +$(call add-crd-gen,securityinternal,./securityinternal/v1,./securityinternal/v1,./securityinternal/v1) $(call add-crd-gen,network,./network/v1,./network/v1,./network/v1) $(call add-crd-gen,operatorcontrolplane,./operatorcontrolplane/v1alpha1,./operatorcontrolplane/v1alpha1,./operatorcontrolplane/v1alpha1) diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml index 7287300e4e..57b7c6e2b9 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml @@ -112,6 +112,10 @@ spec: description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt + infrastructure provider. + type: object openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -127,8 +131,8 @@ spec: creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", - "VSphere", "oVirt", and "None". Individual components may not - support all platforms, and must handle unrecognized platforms + "VSphere", "oVirt", "KubeVirt" and "None". Individual components + may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. type: string enum: @@ -143,6 +147,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. @@ -190,6 +195,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt platformStatus: description: platformStatus holds status information specific to the underlying infrastructure provider. @@ -307,6 +313,24 @@ spec: description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. type: string + kubevirt: + description: Kubevirt contains settings specific to the kubevirt + infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact + the Kubernetes API server that can be used by components inside + the cluster, like kubelets using the infrastructure rather + than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + points to. It is the IP for a self-hosted load balancer in + front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the + default ingress controller. The IP is a suitable target of + a wildcard DNS record used to resolve default route host names. + type: string openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -385,6 +409,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 3c4bd788ff..efea0a41a4 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -79,7 +79,7 @@ type InfrastructureStatus struct { } // PlatformType is a specific supported infrastructure provider. -// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud +// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud;KubeVirt type PlatformType string const ( @@ -112,6 +112,9 @@ const ( // IBMCloudPlatformType represents IBM Cloud infrastructure. IBMCloudPlatformType PlatformType = "IBMCloud" + + // KubevirtPlatformType represents KubeVirt/Openshift Virtualization infrastructure. + KubevirtPlatformType PlatformType = "KubeVirt" ) // IBMCloudProviderType is a specific supported IBM Cloud provider cluster type @@ -134,7 +137,7 @@ type PlatformSpec struct { // balancers, dynamic volume provisioning, machine creation and deletion, and // other integrations are enabled. If None, no infrastructure automation is // enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - // "OpenStack", "VSphere", "oVirt", and "None". Individual components may not support + // "OpenStack", "VSphere", "oVirt", "KubeVirt" and "None". Individual components may not support // all platforms, and must handle unrecognized platforms as None if they do // not support that platform. // @@ -172,6 +175,10 @@ type PlatformSpec struct { // IBMCloud contains settings specific to the IBMCloud infrastructure provider. // +optional IBMCloud *IBMCloudPlatformSpec `json:"ibmcloud,omitempty"` + + // Kubevirt contains settings specific to the kubevirt infrastructure provider. + // +optional + Kubevirt *KubevirtPlatformSpec `json:"kubevirt,omitempty"` } // PlatformStatus holds the current status specific to the underlying infrastructure provider @@ -222,6 +229,10 @@ type PlatformStatus struct { // IBMCloud contains settings specific to the IBMCloud infrastructure provider. // +optional IBMCloud *IBMCloudPlatformStatus `json:"ibmcloud,omitempty"` + + // Kubevirt contains settings specific to the kubevirt infrastructure provider. + // +optional + Kubevirt *KubevirtPlatformStatus `json:"kubevirt,omitempty"` } // AWSServiceEndpoint store the configuration of a custom url to @@ -433,6 +444,23 @@ type IBMCloudPlatformStatus struct { ProviderType IBMCloudProviderType `json:"providerType,omitempty"` } +// KubevirtPlatformSpec holds the desired state of the kubevirt infrastructure provider. +// This only includes fields that can be modified in the cluster. +type KubevirtPlatformSpec struct{} + +// KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider. +type KubevirtPlatformStatus struct { + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + APIServerInternalIP string `json:"apiServerInternalIP,omitempty"` + + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + IngressIP string `json:"ingressIP,omitempty"` +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // InfrastructureList is diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 7542490ef9..4a41d1b7f2 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -2259,6 +2259,38 @@ func (in *KubeClientConfig) DeepCopy() *KubeClientConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtPlatformSpec) DeepCopyInto(out *KubevirtPlatformSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtPlatformSpec. +func (in *KubevirtPlatformSpec) DeepCopy() *KubevirtPlatformSpec { + if in == nil { + return nil + } + out := new(KubevirtPlatformSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtPlatformStatus) DeepCopyInto(out *KubevirtPlatformStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtPlatformStatus. +func (in *KubevirtPlatformStatus) DeepCopy() *KubevirtPlatformStatus { + if in == nil { + return nil + } + out := new(KubevirtPlatformStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPAttributeMapping) DeepCopyInto(out *LDAPAttributeMapping) { *out = *in @@ -2949,6 +2981,11 @@ func (in *PlatformSpec) DeepCopyInto(out *PlatformSpec) { *out = new(IBMCloudPlatformSpec) **out = **in } + if in.Kubevirt != nil { + in, out := &in.Kubevirt, &out.Kubevirt + *out = new(KubevirtPlatformSpec) + **out = **in + } return } @@ -3005,6 +3042,11 @@ func (in *PlatformStatus) DeepCopyInto(out *PlatformStatus) { *out = new(IBMCloudPlatformStatus) **out = **in } + if in.Kubevirt != nil { + in, out := &in.Kubevirt, &out.Kubevirt + *out = new(KubevirtPlatformStatus) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 72d3bb2cfd..61fae076c2 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -857,6 +857,24 @@ func (InfrastructureStatus) SwaggerDoc() map[string]string { return map_InfrastructureStatus } +var map_KubevirtPlatformSpec = map[string]string{ + "": "KubevirtPlatformSpec holds the desired state of the kubevirt infrastructure provider. This only includes fields that can be modified in the cluster.", +} + +func (KubevirtPlatformSpec) SwaggerDoc() map[string]string { + return map_KubevirtPlatformSpec +} + +var map_KubevirtPlatformStatus = map[string]string{ + "": "KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider.", + "apiServerInternalIP": "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers.", + "ingressIP": "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names.", +} + +func (KubevirtPlatformStatus) SwaggerDoc() map[string]string { + return map_KubevirtPlatformStatus +} + var map_OpenStackPlatformSpec = map[string]string{ "": "OpenStackPlatformSpec holds the desired state of the OpenStack infrastructure provider. This only includes fields that can be modified in the cluster.", } @@ -898,7 +916,7 @@ func (OvirtPlatformStatus) SwaggerDoc() map[string]string { var map_PlatformSpec = map[string]string{ "": "PlatformSpec holds the desired state specific to the underlying infrastructure provider of the current cluster. Since these are used at spec-level for the underlying cluster, it is supposed that only one of the spec structs is set.", - "type": "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform.", + "type": "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"KubeVirt\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform.", "aws": "AWS contains settings specific to the Amazon Web Services infrastructure provider.", "azure": "Azure contains settings specific to the Azure infrastructure provider.", "gcp": "GCP contains settings specific to the Google Cloud Platform infrastructure provider.", @@ -907,6 +925,7 @@ var map_PlatformSpec = map[string]string{ "ovirt": "Ovirt contains settings specific to the oVirt infrastructure provider.", "vsphere": "VSphere contains settings specific to the VSphere infrastructure provider.", "ibmcloud": "IBMCloud contains settings specific to the IBMCloud infrastructure provider.", + "kubevirt": "Kubevirt contains settings specific to the kubevirt infrastructure provider.", } func (PlatformSpec) SwaggerDoc() map[string]string { @@ -924,6 +943,7 @@ var map_PlatformStatus = map[string]string{ "ovirt": "Ovirt contains settings specific to the oVirt infrastructure provider.", "vsphere": "VSphere contains settings specific to the VSphere infrastructure provider.", "ibmcloud": "IBMCloud contains settings specific to the IBMCloud infrastructure provider.", + "kubevirt": "Kubevirt contains settings specific to the kubevirt infrastructure provider.", } func (PlatformStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/go.mod b/vendor/github.com/openshift/api/go.mod index 24b746a76f..90ec463394 100644 --- a/vendor/github.com/openshift/api/go.mod +++ b/vendor/github.com/openshift/api/go.mod @@ -1,6 +1,6 @@ module github.com/openshift/api -go 1.13 +go 1.15 require ( github.com/gogo/protobuf v1.3.1 diff --git a/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml index 14297e9ac3..8f7d5c5ce0 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml @@ -651,6 +651,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll logging: description: logging is deprecated, use logLevel instead. type: integer @@ -674,11 +680,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll proxy: description: proxy defines the proxy to be used when calling master api, upstream registries, etc. diff --git a/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml index a1f7cce99e..8f1ac60773 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml @@ -656,6 +656,18 @@ spec: pruning. Defaults to 60m (60 minutes). type: string format: duration + logLevel: + description: "logLevel sets the level of log output for the pruner + job. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". + Defaults to \"Normal\"." + type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll nodeSelector: description: nodeSelector defines the node selection constraints for the image pruner pod. diff --git a/vendor/github.com/openshift/api/imageregistry/v1/types.go b/vendor/github.com/openshift/api/imageregistry/v1/types.go index a9988843a4..debb34c092 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/types.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/types.go @@ -82,7 +82,7 @@ type ImageRegistrySpec struct { Replicas int32 `json:"replicas"` // logging is deprecated, use logLevel instead. // +optional - Logging int64 `json:"logging"` + Logging int64 `json:"logging,omitempty"` // resources defines the resource requests+limits for the registry pod. // +optional Resources *corev1.ResourceRequirements `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go b/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go index 0ed892e009..08948924df 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go @@ -80,6 +80,13 @@ type ImagePrunerSpec struct { // errors while parsing image references. // +optional IgnoreInvalidImageReferences bool `json:"ignoreInvalidImageReferences,omitempty"` + // logLevel sets the level of log output for the pruner job. + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". + // +optional + // +kubebuilder:default=Normal + LogLevel operatorv1.LogLevel `json:"logLevel,omitempty"` } // ImagePrunerStatus reports image pruner operational status. diff --git a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go index 0084cc3669..5149a2d22a 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go @@ -232,6 +232,7 @@ var map_ImagePrunerSpec = map[string]string{ "successfulJobsHistoryLimit": "successfulJobsHistoryLimit specifies how many successful image pruner jobs to retain. Defaults to 3 if not set.", "failedJobsHistoryLimit": "failedJobsHistoryLimit specifies how many failed image pruner jobs to retain. Defaults to 3 if not set.", "ignoreInvalidImageReferences": "ignoreInvalidImageReferences indicates whether the pruner can ignore errors while parsing image references.", + "logLevel": "logLevel sets the level of log output for the pruner job.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", } func (ImagePrunerSpec) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml index 6beaeb259d..5fe799ffe6 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml @@ -51,6 +51,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -64,11 +70,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_20_etcd-operator_01.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml similarity index 92% rename from vendor/github.com/openshift/api/operator/v1/0000_20_etcd-operator_01.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml index 14f6aeb576..150a872661 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_20_etcd-operator_01.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml @@ -63,6 +63,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -76,11 +82,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, diff --git a/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml index b695ce8381..58a1d3bc13 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml @@ -54,6 +54,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -68,10 +74,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static diff --git a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml index 6f08cec5d9..efd88b3c98 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml @@ -56,6 +56,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -70,10 +76,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static diff --git a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml index faf3f04486..3cb62b80b2 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml @@ -56,6 +56,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -70,10 +76,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static diff --git a/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml index b6bba3cc6e..269edb4d85 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml @@ -52,6 +52,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -65,11 +71,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml index 098de4470e..829cf05b36 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml @@ -62,6 +62,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -75,11 +81,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml index 9adbb29e60..d0133c88a3 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml @@ -49,6 +49,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -62,11 +68,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml index 20cac90b4a..ceb754a52c 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml @@ -48,6 +48,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -61,11 +67,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml index 0d9403cd3a..ce10a15762 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml @@ -50,6 +50,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -63,11 +69,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml index a05f408887..0ae3d95689 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml @@ -49,6 +49,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -62,11 +68,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index 9f1c4238d0..75d757d991 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -1031,4 +1031,8 @@ spec: served: true storage: true subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.availableReplicas status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml index 3f9f7b10a5..b33eff67f8 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml @@ -7,6 +7,11 @@ metadata: spec: scope: Cluster group: operator.openshift.io + names: + kind: ServiceCA + listKind: ServiceCAList + plural: servicecas + singular: serviceca versions: - name: v1 served: true @@ -38,11 +43,19 @@ spec: type: object properties: logLevel: - description: logLevel is an intent based logging for an overall component. It - does not give fine grained control, but it is a simple way to manage - coarse grained logging choices that operators have to interpret - for their operands. + description: "logLevel is an intent based logging for an overall component. + \ It does not give fine grained control, but it is a simple way + to manage coarse grained logging choices that operators have to + interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", + \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -56,11 +69,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml index 0f16866957..0e39605962 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml @@ -353,7 +353,10 @@ spec: description: The address to "bind" on Defaults to 0.0.0.0 type: string iptablesSyncPeriod: - description: 'The period that iptables rules are refreshed. Default: + description: 'An internal kube-proxy parameter. In older releases + of OCP, this sometimes needed to be adjusted in large clusters + for performance reasons, but this is no longer necessary, and + there is no reason to change this from the default value. Default: 30s' type: string proxyArguments: @@ -367,11 +370,20 @@ spec: items: type: string logLevel: - description: logLevel allows configuring the logging level of the + description: "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive - logging may affect performance. The default value is "Normal". + logging may affect performance. The default value is \"Normal\". + \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". + Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll serviceNetwork: description: serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml index f23db5fef2..ae39ae7164 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml @@ -95,6 +95,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -108,11 +114,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll providers: description: providers contains configuration for using specific service providers. diff --git a/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml index 16e04f4c79..709eff4fe4 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml @@ -49,6 +49,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -62,11 +68,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml index 4b44f35bdc..8404b1a0f4 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml @@ -35,6 +35,7 @@ spec: name: enum: - ebs.csi.aws.com + - cinder.csi.openstack.org - manila.csi.openstack.org - csi.ovirt.org type: string @@ -49,6 +50,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -63,10 +70,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch index 22f3a12944..7f1945a9c0 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch @@ -5,5 +5,6 @@ type: string enum: - ebs.csi.aws.com + - cinder.csi.openstack.org - manila.csi.openstack.org - csi.ovirt.org diff --git a/vendor/github.com/openshift/api/operator/v1/types.go b/vendor/github.com/openshift/api/operator/v1/types.go index ed11b32191..c4cd345052 100644 --- a/vendor/github.com/openshift/api/operator/v1/types.go +++ b/vendor/github.com/openshift/api/operator/v1/types.go @@ -56,12 +56,16 @@ type OperatorSpec struct { // Defaults to "Normal". // +optional // +kubebuilder:default=Normal - LogLevel LogLevel `json:"logLevel"` + LogLevel LogLevel `json:"logLevel,omitempty"` // operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a // simple way to manage coarse grained logging choices that operators have to interpret for themselves. + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". // +optional - OperatorLogLevel LogLevel `json:"operatorLogLevel"` + // +kubebuilder:default=Normal + OperatorLogLevel LogLevel `json:"operatorLogLevel,omitempty"` // unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override // it will end up overlaying in the following order: @@ -81,6 +85,7 @@ type OperatorSpec struct { ObservedConfig runtime.RawExtension `json:"observedConfig"` } +// +kubebuilder:validation:Enum="";Normal;Debug;Trace;TraceAll type LogLevel string var ( diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index e6217ab8c0..3e897b9f3f 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -41,6 +41,7 @@ type CSIDriverName string // and 0000_90_cluster_csi_driver_01_config.crd.yaml-merge-patch file is also updated with new driver name. const ( AWSEBSCSIDriver CSIDriverName = "ebs.csi.aws.com" + CinderCSIDriver CSIDriverName = "cinder.csi.openstack.org" ManilaCSIDriver CSIDriverName = "manila.csi.openstack.org" OvirtCSIDriver CSIDriverName = "csi.ovirt.org" ) diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 7e678d11ae..71cf5a35e5 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -74,8 +74,12 @@ type NetworkSpec struct { // by the operator. Currently only Kuryr SDN is affected by this setting. // Please note that turning on extensive logging may affect performance. // The default value is "Normal". + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". // +optional - LogLevel LogLevel `json:"logLevel"` + // +kubebuilder:default=Normal + LogLevel LogLevel `json:"logLevel,omitempty"` } // ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size @@ -337,7 +341,9 @@ type ProxyArgumentList []string // ProxyConfig defines the configuration knobs for kubeproxy // All of these are optional and have sensible defaults type ProxyConfig struct { - // The period that iptables rules are refreshed. + // An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + // in large clusters for performance reasons, but this is no longer necessary, and there is no reason + // to change this from the default value. // Default: 30s IptablesSyncPeriod string `json:"iptablesSyncPeriod,omitempty"` diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index f4cef5edd3..cb241c7842 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -58,7 +58,7 @@ var map_OperatorSpec = map[string]string{ "": "OperatorSpec contains common fields operators need. It is intended to be anonymous included inside of the Spec struct for your particular operator.", "managementState": "managementState indicates whether and how the operator should manage the component", "logLevel": "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", - "operatorLogLevel": "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.", + "operatorLogLevel": "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", "unsupportedConfigOverrides": "unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides", "observedConfig": "observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator", } @@ -794,7 +794,7 @@ var map_NetworkSpec = map[string]string{ "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.", "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.", - "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".", + "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -835,7 +835,7 @@ func (OpenShiftSDNConfig) SwaggerDoc() map[string]string { var map_ProxyConfig = map[string]string{ "": "ProxyConfig defines the configuration knobs for kubeproxy All of these are optional and have sensible defaults", - "iptablesSyncPeriod": "The period that iptables rules are refreshed. Default: 30s", + "iptablesSyncPeriod": "An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted in large clusters for performance reasons, but this is no longer necessary, and there is no reason to change this from the default value. Default: 30s", "bindAddress": "The address to \"bind\" on Defaults to 0.0.0.0", "proxyArguments": "Any additional arguments to pass to the kubeproxy process", } diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml index 5cc8e56f90..a11af8884c 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml @@ -1,9 +1,8 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - creationTimestamp: null name: podnetworkconnectivitychecks.controlplane.operator.openshift.io spec: group: controlplane.operator.openshift.io @@ -12,255 +11,248 @@ spec: listKind: PodNetworkConnectivityCheckList plural: podnetworkconnectivitychecks singular: podnetworkconnectivitycheck - scope: "" - subresources: - status: {} - validation: - openAPIV3Schema: - description: PodNetworkConnectivityCheck - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the source and target of the connectivity check - type: object - required: - - sourcePod - - targetEndpoint - properties: - sourcePod: - description: SourcePod names the pod from which the condition will be - checked - type: string - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - targetEndpoint: - description: EndpointAddress to check. A TCP address of the form host:port. - Note that if host is a DNS name, then the check would fail if the - DNS name cannot be resolved. Specify an IP address for host to bypass - DNS name lookup. - type: string - pattern: ^\S+:\d*$ - tlsClientCert: - description: TLSClientCert, if specified, references a kubernetes.io/tls - type secret with 'tls.crt' and 'tls.key' entries containing an optional - TLS client certificate and key to be used when checking endpoints - that require a client certificate in order to gracefully preform the - scan without causing excessive logging in the endpoint process. The - secret must exist in the same namespace as this resource. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - status: - description: Status contains the observed status of the connectivity check - type: object - properties: - conditions: - description: Conditions summarize the status of the check - type: array - items: - description: PodNetworkConnectivityCheckCondition represents the overall - status of the pod network connectivity. - type: object - required: - - lastTransitionTime - - status - - type - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - format: date-time - nullable: true - message: - description: Message indicating details about last transition - in a human readable format. - type: string - reason: - description: Reason for the condition's last status transition - in a machine readable format. - type: string - status: - description: Status of the condition - type: string - type: - description: Type of the condition - type: string - failures: - description: Failures contains logs of unsuccessful check actions - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned in - the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates a success - or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - outages: - description: Outages contains logs of time periods of outages - type: array - items: - description: OutageEntry records time period of an outage - type: object - required: - - start - properties: - end: - description: End of outage detected - type: string - format: date-time - nullable: true - endLogs: - description: EndLogs contains log entries related to the end of - this outage. Should contain the success entry that resolved - the outage and possibly a few of the failure log entries that - preceded it. - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned - in the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable - format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates - a success or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - message: - description: Message summarizes outage details in a human readable - format. - type: string - start: - description: Start of outage detected - type: string - format: date-time - nullable: true - startLogs: - description: StartLogs contains log entries related to the start - of this outage. Should contain the original failure, any entries - where the failure mode changed. - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned - in the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable - format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates - a success or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - successes: - description: Successes contains logs successful check actions - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned in - the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates a success - or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - version: v1alpha1 + scope: Namespaced versions: - name: v1alpha1 served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + subresources: + status: {} + schema: + openAPIV3Schema: + description: PodNetworkConnectivityCheck + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the source and target of the connectivity check + type: object + required: + - sourcePod + - targetEndpoint + properties: + sourcePod: + description: SourcePod names the pod from which the condition will + be checked + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + targetEndpoint: + description: EndpointAddress to check. A TCP address of the form host:port. + Note that if host is a DNS name, then the check would fail if the + DNS name cannot be resolved. Specify an IP address for host to bypass + DNS name lookup. + type: string + pattern: ^\S+:\d*$ + tlsClientCert: + description: TLSClientCert, if specified, references a kubernetes.io/tls + type secret with 'tls.crt' and 'tls.key' entries containing an optional + TLS client certificate and key to be used when checking endpoints + that require a client certificate in order to gracefully preform + the scan without causing excessive logging in the endpoint process. + The secret must exist in the same namespace as this resource. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + status: + description: Status contains the observed status of the connectivity check + type: object + properties: + conditions: + description: Conditions summarize the status of the check + type: array + items: + description: PodNetworkConnectivityCheckCondition represents the + overall status of the pod network connectivity. + type: object + required: + - lastTransitionTime + - status + - type + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + format: date-time + nullable: true + message: + description: Message indicating details about last transition + in a human readable format. + type: string + reason: + description: Reason for the condition's last status transition + in a machine readable format. + type: string + status: + description: Status of the condition + type: string + type: + description: Type of the condition + type: string + failures: + description: Failures contains logs of unsuccessful check actions + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned in + the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates a + success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true + outages: + description: Outages contains logs of time periods of outages + type: array + items: + description: OutageEntry records time period of an outage + type: object + required: + - start + properties: + end: + description: End of outage detected + type: string + format: date-time + nullable: true + endLogs: + description: EndLogs contains log entries related to the end + of this outage. Should contain the success entry that resolved + the outage and possibly a few of the failure log entries that + preceded it. + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned + in the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable + format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates + a success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true + message: + description: Message summarizes outage details in a human readable + format. + type: string + start: + description: Start of outage detected + type: string + format: date-time + nullable: true + startLogs: + description: StartLogs contains log entries related to the start + of this outage. Should contain the original failure, any entries + where the failure mode changed. + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned + in the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable + format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates + a success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true + successes: + description: Successes contains logs successful check actions + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned in + the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates a + success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index c4bc446e34..abf11f4c4a 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -212,6 +212,10 @@ message RouterShard { // TLSConfig defines config used to secure a route and provide termination message TLSConfig { // termination indicates termination type. + // + // * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + // * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + // * reencrypt - TLS termination is done by the router and https is used to communicate with the backend optional string termination = 1; // certificate provides certificate contents diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index 9e59c69782..e36e192d8f 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -212,6 +212,10 @@ type RouterShard struct { // TLSConfig defines config used to secure a route and provide termination type TLSConfig struct { // termination indicates termination type. + // + // * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + // * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + // * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Termination TLSTerminationType `json:"termination" protobuf:"bytes,1,opt,name=termination,casttype=TLSTerminationType"` // certificate provides certificate contents diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go index 9974795f62..83b92816b4 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go @@ -113,7 +113,7 @@ func (RouterShard) SwaggerDoc() map[string]string { var map_TLSConfig = map[string]string{ "": "TLSConfig defines config used to secure a route and provide termination", - "termination": "termination indicates termination type.", + "termination": "termination indicates termination type.\n\n* edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend", "certificate": "certificate provides certificate contents", "key": "key provides key file contents", "caCertificate": "caCertificate provides the cert authority certificate contents", diff --git a/vendor/modules.txt b/vendor/modules.txt index 1eb7c93435..a43d17a71f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -171,7 +171,7 @@ github.com/mitchellh/go-homedir github.com/modern-go/concurrent # github.com/modern-go/reflect2 v1.0.1 github.com/modern-go/reflect2 -# github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971 +# github.com/openshift/api v0.0.0-20201012140924-16436fa6166b github.com/openshift/api github.com/openshift/api/apps github.com/openshift/api/apps/v1