diff --git a/go.mod b/go.mod
index 6f126141d8..6b9803ae50 100644
--- a/go.mod
+++ b/go.mod
@@ -30,7 +30,7 @@ require (
github.com/gophercloud/utils/v2 v2.0.0-20240807081201-990d90b23c70
github.com/goware/urlx v0.3.2
github.com/jongio/azidext/go/azidext v0.5.0
- github.com/openshift/api v0.0.0-20240805090819-b8f07e1d8f62
+ github.com/openshift/api v0.0.0-20240816151955-65532e7f773e
github.com/openshift/build-machinery-go v0.0.0-20240419090851-af9c868bcf52
github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87
github.com/openshift/library-go v0.0.0-20240709182732-b94141242b0c
diff --git a/go.sum b/go.sum
index a71f795134..60f1fe9983 100644
--- a/go.sum
+++ b/go.sum
@@ -944,8 +944,8 @@ github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY
github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE=
github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk=
-github.com/openshift/api v0.0.0-20240805090819-b8f07e1d8f62 h1:2jyUqwnmL6DvVOfRz7yv21w3OjzrBe6qg0Ewxf+lIsk=
-github.com/openshift/api v0.0.0-20240805090819-b8f07e1d8f62/go.mod h1:OOh6Qopf21pSzqNVCB5gomomBXb8o5sGKZxG2KNpaXM=
+github.com/openshift/api v0.0.0-20240816151955-65532e7f773e h1:xypovjFuxCGdcxu2E1WJsBS47ZXyI8wQyEaeHQXrhFY=
+github.com/openshift/api v0.0.0-20240816151955-65532e7f773e/go.mod h1:OOh6Qopf21pSzqNVCB5gomomBXb8o5sGKZxG2KNpaXM=
github.com/openshift/build-machinery-go v0.0.0-20240419090851-af9c868bcf52 h1:bqBwrXG7sbJUqP1Og1bR8FvVh7qb7CrMgy9saKmOZFs=
github.com/openshift/build-machinery-go v0.0.0-20240419090851-af9c868bcf52/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE=
github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87 h1:JtLhaGpSEconE+1IKmIgCOof/Len5ceG6H1pk43yv5U=
diff --git a/pkg/operator/imageconfig.go b/pkg/operator/imageconfig.go
index 271f89918b..ba4504bfc4 100644
--- a/pkg/operator/imageconfig.go
+++ b/pkg/operator/imageconfig.go
@@ -23,6 +23,7 @@ import (
configapi "github.com/openshift/api/config/v1"
operatorv1 "github.com/openshift/api/operator/v1"
configset "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1"
+ configv1informers "github.com/openshift/client-go/config/informers/externalversions/config/v1"
routev1informers "github.com/openshift/client-go/route/informers/externalversions/route/v1"
routev1lister "github.com/openshift/client-go/route/listers/route/v1"
"github.com/openshift/library-go/pkg/operator/v1helpers"
@@ -36,12 +37,13 @@ import (
// Watches for changes on image registry routes and services, updating
// the resource status appropriately.
type ImageConfigController struct {
- configClient configset.ConfigV1Interface
- operatorClient v1helpers.OperatorClient
- routeLister routev1lister.RouteNamespaceLister
- serviceLister corev1listers.ServiceNamespaceLister
- cachesToSync []cache.InformerSynced
- queue workqueue.RateLimitingInterface
+ configClient configset.ConfigV1Interface
+ operatorClient v1helpers.OperatorClient
+ routeLister routev1lister.RouteNamespaceLister
+ serviceLister corev1listers.ServiceNamespaceLister
+ cachesToSync []cache.InformerSynced
+ queue workqueue.RateLimitingInterface
+ imageStreamImportModeEnabled bool
}
func NewImageConfigController(
@@ -49,13 +51,16 @@ func NewImageConfigController(
operatorClient v1helpers.OperatorClient,
routeInformer routev1informers.RouteInformer,
serviceInformer corev1informers.ServiceInformer,
+ imageConfigInformer configv1informers.ImageInformer,
+ imageStreamImportModeEnabled bool,
) (*ImageConfigController, error) {
icc := &ImageConfigController{
- configClient: configClient,
- operatorClient: operatorClient,
- routeLister: routeInformer.Lister().Routes(defaults.ImageRegistryOperatorNamespace),
- serviceLister: serviceInformer.Lister().Services(defaults.ImageRegistryOperatorNamespace),
- queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "ImageConfigController"),
+ configClient: configClient,
+ operatorClient: operatorClient,
+ routeLister: routeInformer.Lister().Routes(defaults.ImageRegistryOperatorNamespace),
+ serviceLister: serviceInformer.Lister().Services(defaults.ImageRegistryOperatorNamespace),
+ queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "ImageConfigController"),
+ imageStreamImportModeEnabled: imageStreamImportModeEnabled,
}
if _, err := serviceInformer.Informer().AddEventHandler(icc.eventHandler()); err != nil {
@@ -68,6 +73,12 @@ func NewImageConfigController(
}
icc.cachesToSync = append(icc.cachesToSync, routeInformer.Informer().HasSynced)
+ if imageStreamImportModeEnabled {
+ if _, err := imageConfigInformer.Informer().AddEventHandler(icc.eventHandler()); err != nil {
+ return nil, err
+ }
+ icc.cachesToSync = append(icc.cachesToSync, imageConfigInformer.Informer().HasSynced)
+ }
return icc, nil
}
@@ -159,6 +170,20 @@ func (icc *ImageConfigController) syncImageStatus() error {
cfg.Status.InternalRegistryHostname = internalHostname
modified = true
}
+ if icc.imageStreamImportModeEnabled {
+ var importmode configapi.ImportModeType
+ if cfg.Spec.ImageStreamImportMode != "" {
+ importmode = cfg.Spec.ImageStreamImportMode
+ } else {
+ // TODO: once clusterversion reports the type of payload in its status, use that to determine what the default will be
+ // i.e, multi payload => PreserveOriginal, single arch payload => Legacy
+ importmode = configapi.ImportModeLegacy
+ }
+ if cfg.Status.ImageStreamImportMode != importmode {
+ cfg.Status.ImageStreamImportMode = importmode
+ modified = true
+ }
+ }
if modified {
if _, err := icc.configClient.Images().UpdateStatus(context.TODO(), cfg, metav1.UpdateOptions{}); err != nil {
diff --git a/pkg/operator/starter.go b/pkg/operator/starter.go
index 78bbf8b64b..318dbf4112 100644
--- a/pkg/operator/starter.go
+++ b/pkg/operator/starter.go
@@ -11,6 +11,7 @@ import (
"k8s.io/klog/v2"
configv1 "github.com/openshift/api/config/v1"
+ "github.com/openshift/api/features"
configclient "github.com/openshift/client-go/config/clientset/versioned"
configinformers "github.com/openshift/client-go/config/informers/externalversions"
imageclient "github.com/openshift/client-go/image/clientset/versioned"
@@ -110,11 +111,19 @@ func RunOperator(ctx context.Context, kubeconfig *restclient.Config) error {
return err
}
+ featureGates, err := featureGateAccessor.CurrentFeatureGates()
+ if err != nil {
+ return err
+ }
+ imageStreamImportModeEnabled := featureGates.Enabled(features.FeatureGateImageStreamImportMode)
+
imageConfigStatusController, err := NewImageConfigController(
configClient.ConfigV1(),
configOperatorClient,
routeInformers.Route().V1().Routes(),
kubeInformers.Core().V1().Services(),
+ configInformers.Config().V1().Images(),
+ imageStreamImportModeEnabled,
)
if err != nil {
return err
diff --git a/vendor/github.com/openshift/api/README.md b/vendor/github.com/openshift/api/README.md
index 2054ba8151..655486527c 100644
--- a/vendor/github.com/openshift/api/README.md
+++ b/vendor/github.com/openshift/api/README.md
@@ -62,7 +62,7 @@ route/
tests/
routes.route.openshift.io/
AAA_ungated.yaml
- ExternalRouteCertificate.yaml
+ RouteExternalCertificate.yaml
```
Here's an `AAA_ungated.yaml` example:
```yaml
@@ -72,12 +72,12 @@ crdName: routes.route.openshift.io
tests:
```
-Here's an `ExternalRouteCertificate.yaml` example:
+Here's an `RouteExternalCertificate.yaml` example:
```yaml
apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this.
name: Route
crdName: routes.route.openshift.io
-featureGate: ExternalRouteCertificate
+featureGate: RouteExternalCertificate
tests:
```
diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go
index a344086c07..d3c694a56f 100644
--- a/vendor/github.com/openshift/api/config/v1/types_image.go
+++ b/vendor/github.com/openshift/api/config/v1/types_image.go
@@ -37,6 +37,23 @@ type Image struct {
Status ImageStatus `json:"status"`
}
+// ImportModeType describes how to import an image manifest.
+// +enum
+// +kubebuilder:validation:Enum:="";Legacy;PreserveOriginal
+type ImportModeType string
+
+const (
+ // ImportModeLegacy indicates that the legacy behaviour should be used.
+ // For manifest lists, the legacy behaviour will discard the manifest list and import a single
+ // sub-manifest. In this case, the platform is chosen in the following order of priority:
+ // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list.
+ // This mode is the default.
+ ImportModeLegacy ImportModeType = "Legacy"
+ // ImportModePreserveOriginal indicates that the original manifest will be preserved.
+ // For manifest lists, the manifest list and all its sub-manifests will be imported.
+ ImportModePreserveOriginal ImportModeType = "PreserveOriginal"
+)
+
type ImageSpec struct {
// allowedRegistriesForImport limits the container image registries that normal users may import
// images from. Set this list to the registries that you trust to contain valid Docker
@@ -45,6 +62,7 @@ type ImageSpec struct {
// this policy - typically only administrators or system integrations will have those
// permissions.
// +optional
+ // +listType=atomic
AllowedRegistriesForImport []RegistryLocation `json:"allowedRegistriesForImport,omitempty"`
// externalRegistryHostnames provides the hostnames for the default external image
@@ -52,6 +70,7 @@ type ImageSpec struct {
// is exposed externally. The first value is used in 'publicDockerImageRepository'
// field in ImageStreams. The value must be in "hostname[:port]" format.
// +optional
+ // +listType=atomic
ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"`
// additionalTrustedCA is a reference to a ConfigMap containing additional CAs that
@@ -67,6 +86,21 @@ type ImageSpec struct {
// internal cluster registry.
// +optional
RegistrySources RegistrySources `json:"registrySources"`
+
+ // imageStreamImportMode controls the import mode behaviour of imagestreams.
+ // It can be set to `Legacy` or `PreserveOriginal` or the empty string. If this value
+ // is specified, this setting is applied to all newly created imagestreams which do not have the
+ // value set. `Legacy` indicates that the legacy behaviour should be used.
+ // For manifest lists, the legacy behaviour will discard the manifest list and import a single
+ // sub-manifest. In this case, the platform is chosen in the following order of priority:
+ // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list.
+ // `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists,
+ // the manifest list and all its sub-manifests will be imported. When empty, the behaviour will be
+ // decided based on the payload type advertised by the ClusterVersion status, i.e single arch payload
+ // implies the import mode is Legacy and multi payload implies PreserveOriginal.
+ // +openshift:enable:FeatureGate=ImageStreamImportMode
+ // +optional
+ ImageStreamImportMode ImportModeType `json:"imageStreamImportMode"`
}
type ImageStatus struct {
@@ -82,7 +116,22 @@ type ImageStatus struct {
// is exposed externally. The first value is used in 'publicDockerImageRepository'
// field in ImageStreams. The value must be in "hostname[:port]" format.
// +optional
+ // +listType=atomic
ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"`
+
+ // imageStreamImportMode controls the import mode behaviour of imagestreams. It can be
+ // `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used.
+ // For manifest lists, the legacy behaviour will discard the manifest list and import a single
+ // sub-manifest. In this case, the platform is chosen in the following order of priority:
+ // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list.
+ // `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists,
+ // the manifest list and all its sub-manifests will be imported. This value will be reconciled based
+ // on either the spec value or if no spec value is specified, the image registry operator would look
+ // at the ClusterVersion status to determine the payload type and set the import mode accordingly,
+ // i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal.
+ // +openshift:enable:FeatureGate=ImageStreamImportMode
+ // +optional
+ ImageStreamImportMode ImportModeType `json:"imageStreamImportMode,omitempty"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -116,16 +165,19 @@ type RegistryLocation struct {
type RegistrySources struct {
// insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.
// +optional
+ // +listType=atomic
InsecureRegistries []string `json:"insecureRegistries,omitempty"`
// blockedRegistries cannot be used for image pull and push actions. All other registries are permitted.
//
// Only one of BlockedRegistries or AllowedRegistries may be set.
// +optional
+ // +listType=atomic
BlockedRegistries []string `json:"blockedRegistries,omitempty"`
// allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied.
//
// Only one of BlockedRegistries or AllowedRegistries may be set.
// +optional
+ // +listType=atomic
AllowedRegistries []string `json:"allowedRegistries,omitempty"`
// containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified
// domains in their pull specs. Registries will be searched in the order provided in the list.
diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml
index ddc7594f75..8f390a988c 100644
--- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -218,7 +218,8 @@ images.config.openshift.io:
CRDName: images.config.openshift.io
Capability: ""
Category: ""
- FeatureGates: []
+ FeatureGates:
+ - ImageStreamImportMode
FilenameOperatorName: config-operator
FilenameOperatorOrdering: "01"
FilenameRunLevel: "0000_10"
diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go
index e5e9bdb897..15311b0b3e 100644
--- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go
@@ -1016,6 +1016,7 @@ var map_ImageSpec = map[string]string{
"externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.",
"additionalTrustedCA": "additionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted during imagestream import, pod image pull, build image pull, and imageregistry pullthrough. The namespace for this config map is openshift-config.",
"registrySources": "registrySources contains configuration that determines how the container runtime should treat individual registries when accessing images for builds+pods. (e.g. whether or not to allow insecure access). It does not contain configuration for the internal cluster registry.",
+ "imageStreamImportMode": "imageStreamImportMode controls the import mode behaviour of imagestreams. It can be set to `Legacy` or `PreserveOriginal` or the empty string. If this value is specified, this setting is applied to all newly created imagestreams which do not have the value set. `Legacy` indicates that the legacy behaviour should be used. For manifest lists, the legacy behaviour will discard the manifest list and import a single sub-manifest. In this case, the platform is chosen in the following order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, the manifest list and all its sub-manifests will be imported. When empty, the behaviour will be decided based on the payload type advertised by the ClusterVersion status, i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal.",
}
func (ImageSpec) SwaggerDoc() map[string]string {
@@ -1025,6 +1026,7 @@ func (ImageSpec) SwaggerDoc() map[string]string {
var map_ImageStatus = map[string]string{
"internalRegistryHostname": "internalRegistryHostname sets the hostname for the default internal image registry. The value must be in \"hostname[:port]\" format. This value is set by the image registry operator which controls the internal registry hostname.",
"externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.",
+ "imageStreamImportMode": "imageStreamImportMode controls the import mode behaviour of imagestreams. It can be `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used. For manifest lists, the legacy behaviour will discard the manifest list and import a single sub-manifest. In this case, the platform is chosen in the following order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, the manifest list and all its sub-manifests will be imported. This value will be reconciled based on either the spec value or if no spec value is specified, the image registry operator would look at the ClusterVersion status to determine the payload type and set the import mode accordingly, i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal.",
}
func (ImageStatus) SwaggerDoc() map[string]string {
diff --git a/vendor/github.com/openshift/api/envtest-releases.yaml b/vendor/github.com/openshift/api/envtest-releases.yaml
new file mode 100644
index 0000000000..fa789b18ce
--- /dev/null
+++ b/vendor/github.com/openshift/api/envtest-releases.yaml
@@ -0,0 +1,14 @@
+releases:
+ v1.30.3:
+ envtest-v1.30.3-darwin-amd64.tar.gz:
+ hash: 81ab2ad5841522976d9a5fc58642b745cf308230b0f2e634acfb2d5c8f288ef837f7b82144a5e91db607d86885101e06dd473a68bcac0d71be2297edc4aaa92e
+ selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-darwin-amd64.tar.gz
+ envtest-v1.30.3-darwin-arm64.tar.gz:
+ hash: 8913c1e2e4b6eab0c92d9ddc611cea1b8a5173374e7544a667366ea66bc98a7d3442f21d34e7da65ba2dbe8e5778b2b0497943514b7b3639fc793bd0e98086f5
+ selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-darwin-arm64.tar.gz
+ envtest-v1.30.3-linux-amd64.tar.gz:
+ hash: 6e81caf1d20c608b0149f36ca8dc6d68e97b22e07f69f1f0788d6c0057ae92fcaae402d26b6766819a31dac1911c6d07bf0328f152d6dd52dcebee94009de024
+ selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-linux-amd64.tar.gz
+ envtest-v1.30.3-linux-arm64.tar.gz:
+ hash: deb395d5e9578a58786c42b4e7d878b4aef984ac2dce510031fbecf12092162a4aee1cde774f1527cfae90f6885382dc7b3d79ec379b7f4160c3a35fad7cbc3b
+ selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-linux-arm64.tar.gz
diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md
index 36ce5af001..18e6f1015f 100644
--- a/vendor/github.com/openshift/api/features.md
+++ b/vendor/github.com/openshift/api/features.md
@@ -7,19 +7,18 @@
| MachineAPIOperatorDisableMachineHealthCheckController| | | | | | |
| MultiArchInstallAzure| | | | | | |
| GatewayAPI| | | Enabled | Enabled | | |
+| AWSEFSDriverVolumeMetrics| | | Enabled | Enabled | Enabled | Enabled |
+| AdditionalRoutingCapabilities| | | Enabled | Enabled | Enabled | Enabled |
| AutomatedEtcdBackup| | | Enabled | Enabled | Enabled | Enabled |
| BootcNodeManagement| | | Enabled | Enabled | Enabled | Enabled |
| CSIDriverSharedResource| | | Enabled | Enabled | Enabled | Enabled |
-| ClusterAPIInstallAzure| | | Enabled | Enabled | Enabled | Enabled |
-| ClusterAPIInstallPowerVS| | | Enabled | Enabled | Enabled | Enabled |
| ClusterMonitoringConfig| | | Enabled | Enabled | Enabled | Enabled |
| DNSNameResolver| | | Enabled | Enabled | Enabled | Enabled |
| DynamicResourceAllocation| | | Enabled | Enabled | Enabled | Enabled |
| EtcdBackendQuota| | | Enabled | Enabled | Enabled | Enabled |
| Example| | | Enabled | Enabled | Enabled | Enabled |
-| ExternalRouteCertificate| | | Enabled | Enabled | Enabled | Enabled |
| GCPClusterHostedDNS| | | Enabled | Enabled | Enabled | Enabled |
-| GCPLabelsTags| | | Enabled | Enabled | Enabled | Enabled |
+| ImageStreamImportMode| | | Enabled | Enabled | Enabled | Enabled |
| InsightsConfig| | | Enabled | Enabled | Enabled | Enabled |
| InsightsConfigAPI| | | Enabled | Enabled | Enabled | Enabled |
| InsightsOnDemandDataGather| | | Enabled | Enabled | Enabled | Enabled |
@@ -30,18 +29,17 @@
| MaxUnavailableStatefulSet| | | Enabled | Enabled | Enabled | Enabled |
| MetricsCollectionProfiles| | | Enabled | Enabled | Enabled | Enabled |
| MixedCPUsAllocation| | | Enabled | Enabled | Enabled | Enabled |
-| MultiArchInstallAWS| | | Enabled | Enabled | Enabled | Enabled |
-| MultiArchInstallGCP| | | Enabled | Enabled | Enabled | Enabled |
| NetworkSegmentation| | | Enabled | Enabled | Enabled | Enabled |
| NewOLM| | | Enabled | Enabled | Enabled | Enabled |
| NodeSwap| | | Enabled | Enabled | Enabled | Enabled |
+| OVNObservability| | | Enabled | Enabled | Enabled | Enabled |
| OnClusterBuild| | | Enabled | Enabled | Enabled | Enabled |
| PersistentIPsForVirtualization| | | Enabled | Enabled | Enabled | Enabled |
| PinnedImages| | | Enabled | Enabled | Enabled | Enabled |
| PlatformOperators| | | Enabled | Enabled | Enabled | Enabled |
+| RouteAdvertisements| | | Enabled | Enabled | Enabled | Enabled |
| RouteExternalCertificate| | | Enabled | Enabled | Enabled | Enabled |
| ServiceAccountTokenNodeBinding| | | Enabled | Enabled | Enabled | Enabled |
-| SetEIPForNLBIngressController| | | Enabled | Enabled | Enabled | Enabled |
| SignatureStores| | | Enabled | Enabled | Enabled | Enabled |
| SigstoreImageVerification| | | Enabled | Enabled | Enabled | Enabled |
| TranslateStreamCloseWebsocketRequests| | | Enabled | Enabled | Enabled | Enabled |
@@ -57,25 +55,31 @@
| ChunkSizeMiB| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| CloudDualStackNodeIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ClusterAPIInstallAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallNutanix| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallOpenStack| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ClusterAPIInstallPowerVS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallVSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| DisableKubeletCloudCredentialProviders| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProvider| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProviderAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProviderExternal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProviderGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| GCPLabelsTags| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| HardwareSpeed| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| IngressControllerLBSubnetsAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| MetricsServer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| MultiArchInstallAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| MultiArchInstallGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| NetworkDiagnosticsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| NodeDisruptionPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| PrivateHostedZoneAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| SetEIPForNLBIngressController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| VSphereControlPlaneMachineSet| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| VSphereDriverConfiguration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| VSphereStaticIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
diff --git a/vendor/github.com/openshift/api/features/features.go b/vendor/github.com/openshift/api/features/features.go
new file mode 100644
index 0000000000..557944378a
--- /dev/null
+++ b/vendor/github.com/openshift/api/features/features.go
@@ -0,0 +1,620 @@
+package features
+
+import (
+ "fmt"
+
+ configv1 "github.com/openshift/api/config/v1"
+)
+
+func FeatureSets(clusterProfile ClusterProfileName, featureSet configv1.FeatureSet) (*FeatureGateEnabledDisabled, error) {
+ byFeatureSet, ok := allFeatureGates[clusterProfile]
+ if !ok {
+ return nil, fmt.Errorf("no information found for ClusterProfile=%q", clusterProfile)
+ }
+ featureGates, ok := byFeatureSet[featureSet]
+ if !ok {
+ return nil, fmt.Errorf("no information found for FeatureSet=%q under ClusterProfile=%q", featureSet, clusterProfile)
+ }
+ return featureGates.DeepCopy(), nil
+}
+
+func AllFeatureSets() map[ClusterProfileName]map[configv1.FeatureSet]*FeatureGateEnabledDisabled {
+ ret := map[ClusterProfileName]map[configv1.FeatureSet]*FeatureGateEnabledDisabled{}
+
+ for clusterProfile, byFeatureSet := range allFeatureGates {
+ newByFeatureSet := map[configv1.FeatureSet]*FeatureGateEnabledDisabled{}
+
+ for featureSet, enabledDisabled := range byFeatureSet {
+ newByFeatureSet[featureSet] = enabledDisabled.DeepCopy()
+ }
+ ret[clusterProfile] = newByFeatureSet
+ }
+
+ return ret
+}
+
+var (
+ allFeatureGates = map[ClusterProfileName]map[configv1.FeatureSet]*FeatureGateEnabledDisabled{}
+
+ FeatureGateServiceAccountTokenNodeBinding = newFeatureGate("ServiceAccountTokenNodeBinding").
+ reportProblemsToJiraComponent("apiserver-auth").
+ contactPerson("stlaz").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateValidatingAdmissionPolicy = newFeatureGate("ValidatingAdmissionPolicy").
+ reportProblemsToJiraComponent("kube-apiserver").
+ contactPerson("benluddy").
+ productScope(kubernetes).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateGatewayAPI = newFeatureGate("GatewayAPI").
+ reportProblemsToJiraComponent("Routing").
+ contactPerson("miciah").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateSetEIPForNLBIngressController = newFeatureGate("SetEIPForNLBIngressController").
+ reportProblemsToJiraComponent("Networking / router").
+ contactPerson("miheer").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission").
+ reportProblemsToJiraComponent("auth").
+ contactPerson("stlaz").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateExternalCloudProvider = newFeatureGate("ExternalCloudProvider").
+ reportProblemsToJiraComponent("cloud-provider").
+ contactPerson("jspeed").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateExternalCloudProviderAzure = newFeatureGate("ExternalCloudProviderAzure").
+ reportProblemsToJiraComponent("cloud-provider").
+ contactPerson("jspeed").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateExternalCloudProviderGCP = newFeatureGate("ExternalCloudProviderGCP").
+ reportProblemsToJiraComponent("cloud-provider").
+ contactPerson("jspeed").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateExternalCloudProviderExternal = newFeatureGate("ExternalCloudProviderExternal").
+ reportProblemsToJiraComponent("cloud-provider").
+ contactPerson("elmiko").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateCSIDriverSharedResource = newFeatureGate("CSIDriverSharedResource").
+ reportProblemsToJiraComponent("builds").
+ contactPerson("adkaplan").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateBuildCSIVolumes = newFeatureGate("BuildCSIVolumes").
+ reportProblemsToJiraComponent("builds").
+ contactPerson("adkaplan").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateNodeSwap = newFeatureGate("NodeSwap").
+ reportProblemsToJiraComponent("node").
+ contactPerson("ehashman").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMachineAPIProviderOpenStack = newFeatureGate("MachineAPIProviderOpenStack").
+ reportProblemsToJiraComponent("openstack").
+ contactPerson("egarcia").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateInsightsConfigAPI = newFeatureGate("InsightsConfigAPI").
+ reportProblemsToJiraComponent("insights").
+ contactPerson("tremes").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateDynamicResourceAllocation = newFeatureGate("DynamicResourceAllocation").
+ reportProblemsToJiraComponent("scheduling").
+ contactPerson("jchaloup").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAzureWorkloadIdentity = newFeatureGate("AzureWorkloadIdentity").
+ reportProblemsToJiraComponent("cloud-credential-operator").
+ contactPerson("abutcher").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMaxUnavailableStatefulSet = newFeatureGate("MaxUnavailableStatefulSet").
+ reportProblemsToJiraComponent("apps").
+ contactPerson("atiratree").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateEventedPLEG = newFeatureGate("EventedPLEG").
+ reportProblemsToJiraComponent("node").
+ contactPerson("sairameshv").
+ productScope(kubernetes).
+ mustRegister()
+
+ FeatureGatePrivateHostedZoneAWS = newFeatureGate("PrivateHostedZoneAWS").
+ reportProblemsToJiraComponent("Routing").
+ contactPerson("miciah").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateSigstoreImageVerification = newFeatureGate("SigstoreImageVerification").
+ reportProblemsToJiraComponent("node").
+ contactPerson("sgrunert").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateGCPLabelsTags = newFeatureGate("GCPLabelsTags").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("bhb").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAlibabaPlatform = newFeatureGate("AlibabaPlatform").
+ reportProblemsToJiraComponent("cloud-provider").
+ contactPerson("jspeed").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateCloudDualStackNodeIPs = newFeatureGate("CloudDualStackNodeIPs").
+ reportProblemsToJiraComponent("machine-config-operator/platform-baremetal").
+ contactPerson("mkowalsk").
+ productScope(kubernetes).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateVSphereMultiVCenters = newFeatureGate("VSphereMultiVCenters").
+ reportProblemsToJiraComponent("splat").
+ contactPerson("vr4manta").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateVSphereStaticIPs = newFeatureGate("VSphereStaticIPs").
+ reportProblemsToJiraComponent("splat").
+ contactPerson("rvanderp3").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateRouteExternalCertificate = newFeatureGate("RouteExternalCertificate").
+ reportProblemsToJiraComponent("router").
+ contactPerson("thejasn").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAdminNetworkPolicy = newFeatureGate("AdminNetworkPolicy").
+ reportProblemsToJiraComponent("Networking/ovn-kubernetes").
+ contactPerson("tssurya").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateNetworkSegmentation = newFeatureGate("NetworkSegmentation").
+ reportProblemsToJiraComponent("Networking/ovn-kubernetes").
+ contactPerson("tssurya").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAdditionalRoutingCapabilities = newFeatureGate("AdditionalRoutingCapabilities").
+ reportProblemsToJiraComponent("Networking/cluster-network-operator").
+ contactPerson("jcaamano").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateRouteAdvertisements = newFeatureGate("RouteAdvertisements").
+ reportProblemsToJiraComponent("Networking/ovn-kubernetes").
+ contactPerson("jcaamano").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateNetworkLiveMigration = newFeatureGate("NetworkLiveMigration").
+ reportProblemsToJiraComponent("Networking/ovn-kubernetes").
+ contactPerson("pliu").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateNetworkDiagnosticsConfig = newFeatureGate("NetworkDiagnosticsConfig").
+ reportProblemsToJiraComponent("Networking/cluster-network-operator").
+ contactPerson("kyrtapz").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateOVNObservability = newFeatureGate("OVNObservability").
+ reportProblemsToJiraComponent("Networking").
+ contactPerson("npinaeva").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateHardwareSpeed = newFeatureGate("HardwareSpeed").
+ reportProblemsToJiraComponent("etcd").
+ contactPerson("hasbro17").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateBackendQuotaGiB = newFeatureGate("EtcdBackendQuota").
+ reportProblemsToJiraComponent("etcd").
+ contactPerson("hasbro17").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAutomatedEtcdBackup = newFeatureGate("AutomatedEtcdBackup").
+ reportProblemsToJiraComponent("etcd").
+ contactPerson("hasbro17").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMachineAPIOperatorDisableMachineHealthCheckController = newFeatureGate("MachineAPIOperatorDisableMachineHealthCheckController").
+ reportProblemsToJiraComponent("ecoproject").
+ contactPerson("msluiter").
+ productScope(ocpSpecific).
+ mustRegister()
+
+ FeatureGateDNSNameResolver = newFeatureGate("DNSNameResolver").
+ reportProblemsToJiraComponent("dns").
+ contactPerson("miciah").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateVSphereControlPlaneMachineset = newFeatureGate("VSphereControlPlaneMachineSet").
+ reportProblemsToJiraComponent("splat").
+ contactPerson("rvanderp3").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMachineConfigNodes = newFeatureGate("MachineConfigNodes").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("cdoern").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstall = newFeatureGate("ClusterAPIInstall").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("vincepri").
+ productScope(ocpSpecific).
+ mustRegister()
+
+ FeatureGateMetricsServer = newFeatureGate("MetricsServer").
+ reportProblemsToJiraComponent("Monitoring").
+ contactPerson("slashpai").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateInstallAlternateInfrastructureAWS = newFeatureGate("InstallAlternateInfrastructureAWS").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("padillon").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateGCPClusterHostedDNS = newFeatureGate("GCPClusterHostedDNS").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("barbacbd").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMixedCPUsAllocation = newFeatureGate("MixedCPUsAllocation").
+ reportProblemsToJiraComponent("NodeTuningOperator").
+ contactPerson("titzhak").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateManagedBootImages = newFeatureGate("ManagedBootImages").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("djoshy").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateManagedBootImagesAWS = newFeatureGate("ManagedBootImagesAWS").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("djoshy").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateDisableKubeletCloudCredentialProviders = newFeatureGate("DisableKubeletCloudCredentialProviders").
+ reportProblemsToJiraComponent("cloud-provider").
+ contactPerson("jspeed").
+ productScope(kubernetes).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateOnClusterBuild = newFeatureGate("OnClusterBuild").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("dkhater").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateBootcNodeManagement = newFeatureGate("BootcNodeManagement").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("inesqyx").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateSignatureStores = newFeatureGate("SignatureStores").
+ reportProblemsToJiraComponent("Cluster Version Operator").
+ contactPerson("lmohanty").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateKMSv1 = newFeatureGate("KMSv1").
+ reportProblemsToJiraComponent("kube-apiserver").
+ contactPerson("dgrisonnet").
+ productScope(kubernetes).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGatePinnedImages = newFeatureGate("PinnedImages").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("jhernand").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateUpgradeStatus = newFeatureGate("UpgradeStatus").
+ reportProblemsToJiraComponent("Cluster Version Operator").
+ contactPerson("pmuller").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateTranslateStreamCloseWebsocketRequests = newFeatureGate("TranslateStreamCloseWebsocketRequests").
+ reportProblemsToJiraComponent("kube-apiserver").
+ contactPerson("akashem").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateVolumeGroupSnapshot = newFeatureGate("VolumeGroupSnapshot").
+ reportProblemsToJiraComponent("Storage / Kubernetes External Components").
+ contactPerson("fbertina").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateExternalOIDC = newFeatureGate("ExternalOIDC").
+ reportProblemsToJiraComponent("authentication").
+ contactPerson("stlaz").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableForClusterProfile(Hypershift, configv1.Default, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateExample = newFeatureGate("Example").
+ reportProblemsToJiraComponent("cluster-config").
+ contactPerson("deads").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGatePlatformOperators = newFeatureGate("PlatformOperators").
+ reportProblemsToJiraComponent("olm").
+ contactPerson("joe").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateNewOLM = newFeatureGate("NewOLM").
+ reportProblemsToJiraComponent("olm").
+ contactPerson("joe").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateInsightsOnDemandDataGather = newFeatureGate("InsightsOnDemandDataGather").
+ reportProblemsToJiraComponent("insights").
+ contactPerson("tremes").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateBareMetalLoadBalancer = newFeatureGate("BareMetalLoadBalancer").
+ reportProblemsToJiraComponent("metal").
+ contactPerson("EmilienM").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateInsightsConfig = newFeatureGate("InsightsConfig").
+ reportProblemsToJiraComponent("insights").
+ contactPerson("tremes").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateNodeDisruptionPolicy = newFeatureGate("NodeDisruptionPolicy").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("jerzhang").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMetricsCollectionProfiles = newFeatureGate("MetricsCollectionProfiles").
+ reportProblemsToJiraComponent("Monitoring").
+ contactPerson("rexagod").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateVSphereDriverConfiguration = newFeatureGate("VSphereDriverConfiguration").
+ reportProblemsToJiraComponent("Storage / Kubernetes External Components").
+ contactPerson("rbednar").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallAWS = newFeatureGate("ClusterAPIInstallAWS").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallAzure = newFeatureGate("ClusterAPIInstallAzure").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("jhixson74").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallGCP = newFeatureGate("ClusterAPIInstallGCP").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("bfournie").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallIBMCloud = newFeatureGate("ClusterAPIInstallIBMCloud").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("cjschaef").
+ productScope(ocpSpecific).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallNutanix = newFeatureGate("ClusterAPIInstallNutanix").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("yanhua121").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallOpenStack = newFeatureGate("ClusterAPIInstallOpenStack").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("stephenfin").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallPowerVS = newFeatureGate("ClusterAPIInstallPowerVS").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("mjturek").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterAPIInstallVSphere = newFeatureGate("ClusterAPIInstallVSphere").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("rvanderp3").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateChunkSizeMiB = newFeatureGate("ChunkSizeMiB").
+ reportProblemsToJiraComponent("Image Registry").
+ contactPerson("flavianmissi").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMachineAPIMigration = newFeatureGate("MachineAPIMigration").
+ reportProblemsToJiraComponent("OCPCLOUD").
+ contactPerson("jspeed").
+ productScope(ocpSpecific).
+ mustRegister()
+
+ FeatureGatePersistentIPsForVirtualization = newFeatureGate("PersistentIPsForVirtualization").
+ reportProblemsToJiraComponent("CNV Network").
+ contactPerson("mduarted").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterMonitoringConfig = newFeatureGate("ClusterMonitoringConfig").
+ reportProblemsToJiraComponent("Monitoring").
+ contactPerson("marioferh").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMultiArchInstallAWS = newFeatureGate("MultiArchInstallAWS").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMultiArchInstallAzure = newFeatureGate("MultiArchInstallAzure").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ mustRegister()
+
+ FeatureGateMultiArchInstallGCP = newFeatureGate("MultiArchInstallGCP").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateIngressControllerLBSubnetsAWS = newFeatureGate("IngressControllerLBSubnetsAWS").
+ reportProblemsToJiraComponent("Routing").
+ contactPerson("miciah").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAWSEFSDriverVolumeMetrics = newFeatureGate("AWSEFSDriverVolumeMetrics").
+ reportProblemsToJiraComponent("Storage / Kubernetes External Components").
+ contactPerson("fbertina").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+ FeatureGateImageStreamImportMode = newFeatureGate("ImageStreamImportMode").
+ reportProblemsToJiraComponent("Multi-Arch").
+ contactPerson("psundara").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+)
diff --git a/vendor/github.com/openshift/api/features/util.go b/vendor/github.com/openshift/api/features/util.go
new file mode 100644
index 0000000000..d8d8e94a0e
--- /dev/null
+++ b/vendor/github.com/openshift/api/features/util.go
@@ -0,0 +1,193 @@
+package features
+
+import (
+ "fmt"
+ configv1 "github.com/openshift/api/config/v1"
+)
+
+// FeatureGateDescription is a golang-only interface used to contains details for a feature gate.
+type FeatureGateDescription struct {
+ // FeatureGateAttributes is the information that appears in the API
+ FeatureGateAttributes configv1.FeatureGateAttributes
+
+ // OwningJiraComponent is the jira component that owns most of the impl and first assignment for the bug.
+ // This is the team that owns the feature long term.
+ OwningJiraComponent string
+ // ResponsiblePerson is the person who is on the hook for first contact. This is often, but not always, a team lead.
+ // It is someone who can make the promise on the behalf of the team.
+ ResponsiblePerson string
+ // OwningProduct is the product that owns the lifecycle of the gate.
+ OwningProduct OwningProduct
+}
+
+type FeatureGateEnabledDisabled struct {
+ Enabled []FeatureGateDescription
+ Disabled []FeatureGateDescription
+}
+
+type ClusterProfileName string
+
+var (
+ Hypershift = ClusterProfileName("include.release.openshift.io/ibm-cloud-managed")
+ SelfManaged = ClusterProfileName("include.release.openshift.io/self-managed-high-availability")
+ AllClusterProfiles = []ClusterProfileName{Hypershift, SelfManaged}
+)
+
+type OwningProduct string
+
+var (
+ ocpSpecific = OwningProduct("OCP")
+ kubernetes = OwningProduct("Kubernetes")
+)
+
+type featureGateBuilder struct {
+ name string
+ owningJiraComponent string
+ responsiblePerson string
+ owningProduct OwningProduct
+
+ statusByClusterProfileByFeatureSet map[ClusterProfileName]map[configv1.FeatureSet]bool
+}
+
+// newFeatureGate featuregate are disabled in every FeatureSet and selectively enabled
+func newFeatureGate(name string) *featureGateBuilder {
+ b := &featureGateBuilder{
+ name: name,
+ statusByClusterProfileByFeatureSet: map[ClusterProfileName]map[configv1.FeatureSet]bool{},
+ }
+ for _, clusterProfile := range AllClusterProfiles {
+ byFeatureSet := map[configv1.FeatureSet]bool{}
+ for _, featureSet := range configv1.AllFixedFeatureSets {
+ byFeatureSet[featureSet] = false
+ }
+ b.statusByClusterProfileByFeatureSet[clusterProfile] = byFeatureSet
+ }
+ return b
+}
+
+func (b *featureGateBuilder) reportProblemsToJiraComponent(owningJiraComponent string) *featureGateBuilder {
+ b.owningJiraComponent = owningJiraComponent
+ return b
+}
+
+func (b *featureGateBuilder) contactPerson(responsiblePerson string) *featureGateBuilder {
+ b.responsiblePerson = responsiblePerson
+ return b
+}
+
+func (b *featureGateBuilder) productScope(owningProduct OwningProduct) *featureGateBuilder {
+ b.owningProduct = owningProduct
+ return b
+}
+
+func (b *featureGateBuilder) enableIn(featureSets ...configv1.FeatureSet) *featureGateBuilder {
+ for clusterProfile := range b.statusByClusterProfileByFeatureSet {
+ for _, featureSet := range featureSets {
+ b.statusByClusterProfileByFeatureSet[clusterProfile][featureSet] = true
+ }
+ }
+ return b
+}
+
+func (b *featureGateBuilder) enableForClusterProfile(clusterProfile ClusterProfileName, featureSets ...configv1.FeatureSet) *featureGateBuilder {
+ for _, featureSet := range featureSets {
+ b.statusByClusterProfileByFeatureSet[clusterProfile][featureSet] = true
+ }
+ return b
+}
+
+func (b *featureGateBuilder) register() (configv1.FeatureGateName, error) {
+ if len(b.name) == 0 {
+ return "", fmt.Errorf("missing name")
+ }
+ if len(b.owningJiraComponent) == 0 {
+ return "", fmt.Errorf("missing owningJiraComponent")
+ }
+ if len(b.responsiblePerson) == 0 {
+ return "", fmt.Errorf("missing responsiblePerson")
+ }
+ if len(b.owningProduct) == 0 {
+ return "", fmt.Errorf("missing owningProduct")
+ }
+
+ featureGateName := configv1.FeatureGateName(b.name)
+ description := FeatureGateDescription{
+ FeatureGateAttributes: configv1.FeatureGateAttributes{
+ Name: featureGateName,
+ },
+ OwningJiraComponent: b.owningJiraComponent,
+ ResponsiblePerson: b.responsiblePerson,
+ OwningProduct: b.owningProduct,
+ }
+
+ // statusByClusterProfileByFeatureSet is initialized by constructor to be false for every combination
+ for clusterProfile, byFeatureSet := range b.statusByClusterProfileByFeatureSet {
+ for featureSet, enabled := range byFeatureSet {
+ if _, ok := allFeatureGates[clusterProfile]; !ok {
+ allFeatureGates[clusterProfile] = map[configv1.FeatureSet]*FeatureGateEnabledDisabled{}
+ }
+ if _, ok := allFeatureGates[clusterProfile][featureSet]; !ok {
+ allFeatureGates[clusterProfile][featureSet] = &FeatureGateEnabledDisabled{}
+ }
+
+ if enabled {
+ allFeatureGates[clusterProfile][featureSet].Enabled = append(allFeatureGates[clusterProfile][featureSet].Enabled, description)
+ } else {
+ allFeatureGates[clusterProfile][featureSet].Disabled = append(allFeatureGates[clusterProfile][featureSet].Disabled, description)
+ }
+ }
+ }
+
+ return featureGateName, nil
+}
+
+func (b *featureGateBuilder) mustRegister() configv1.FeatureGateName {
+ ret, err := b.register()
+ if err != nil {
+ panic(err)
+ }
+ return ret
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FeatureGateEnabledDisabled) DeepCopyInto(out *FeatureGateEnabledDisabled) {
+ *out = *in
+ if in.Enabled != nil {
+ in, out := &in.Enabled, &out.Enabled
+ *out = make([]FeatureGateDescription, len(*in))
+ copy(*out, *in)
+ }
+ if in.Disabled != nil {
+ in, out := &in.Disabled, &out.Disabled
+ *out = make([]FeatureGateDescription, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateEnabledDisabled.
+func (in *FeatureGateEnabledDisabled) DeepCopy() *FeatureGateEnabledDisabled {
+ if in == nil {
+ return nil
+ }
+ out := new(FeatureGateEnabledDisabled)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FeatureGateDescription) DeepCopyInto(out *FeatureGateDescription) {
+ *out = *in
+ out.FeatureGateAttributes = in.FeatureGateAttributes
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureGateDescription.
+func (in *FeatureGateDescription) DeepCopy() *FeatureGateDescription {
+ if in == nil {
+ return nil
+ }
+ out := new(FeatureGateDescription)
+ in.DeepCopyInto(out)
+ return out
+}
diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go
index 66b76ec8f9..b2c66b7072 100644
--- a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go
+++ b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go
@@ -91,6 +91,10 @@ type AWSMachineProviderConfig struct {
// +kubebuilder:validation:Maximum:=7
// +optional
PlacementGroupPartition *int32 `json:"placementGroupPartition,omitempty"`
+ // capacityReservationId specifies the target Capacity Reservation into which the instance should be launched.
+ // The field size should be greater than 0 and the field input must start with cr-***
+ // +optional
+ CapacityReservationID string `json:"capacityReservationId"`
}
// BlockDeviceMappingSpec describes a block device mapping
diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go
index f2173537c9..5bba232bf7 100644
--- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go
@@ -32,6 +32,7 @@ var map_AWSMachineProviderConfig = map[string]string{
"metadataServiceOptions": "MetadataServiceOptions allows users to configure instance metadata service interaction options. If nothing specified, default AWS IMDS settings will be applied. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html",
"placementGroupName": "PlacementGroupName specifies the name of the placement group in which to launch the instance. The placement group must already be created and may use any placement strategy. When omitted, no placement group is used when creating the EC2 instance.",
"placementGroupPartition": "placementGroupPartition is the partition number within the placement group in which to launch the instance. This must be an integer value between 1 and 7. It is only valid if the placement group, referred in `PlacementGroupName` was created with strategy set to partition.",
+ "capacityReservationId": "capacityReservationId specifies the target Capacity Reservation into which the instance should be launched. The field size should be greater than 0 and the field input must start with cr-***",
}
func (AWSMachineProviderConfig) SwaggerDoc() map[string]string {
diff --git a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go
index f077f98ab0..33e3cf2912 100644
--- a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go
+++ b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go
@@ -117,6 +117,23 @@ type RoutingConfig struct {
Subdomain string `json:"subdomain"`
}
+// ImportModeType describes how to import an image manifest.
+// +enum
+// +kubebuilder:validation:Enum:="";Legacy;PreserveOriginal
+type ImportModeType string
+
+const (
+ // ImportModeLegacy indicates that the legacy behaviour should be used.
+ // For manifest lists, the legacy behaviour will discard the manifest list and import a single
+ // sub-manifest. In this case, the platform is chosen in the following order of priority:
+ // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list.
+ // This mode is the default.
+ ImportModeLegacy ImportModeType = "Legacy"
+ // ImportModePreserveOriginal indicates that the original manifest will be preserved.
+ // For manifest lists, the manifest list and all its sub-manifests will be imported.
+ ImportModePreserveOriginal ImportModeType = "PreserveOriginal"
+)
+
type ImagePolicyConfig struct {
// maxImagesBulkImportedPerRepository controls the number of images that are imported when a user
// does a bulk import of a container repository. This number is set low to prevent users from
@@ -142,6 +159,19 @@ type ImagePolicyConfig struct {
// additionalTrustedCA is a path to a pem bundle file containing additional CAs that
// should be trusted during imagestream import.
AdditionalTrustedCA string `json:"additionalTrustedCA"`
+
+ // imageStreamImportMode provides the import mode value for imagestreams.
+ // It can be `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour
+ // should be used. For manifest lists, the legacy behaviour will discard the manifest list
+ // and import a single sub-manifest. In this case, the platform is chosen in the following
+ // order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first
+ // manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved.
+ // For manifest lists, the manifest list and all its sub-manifests will be imported.If this value
+ // is specified, this setting is applied to all newly created imagestreams which do not have the
+ // value set.
+ // +openshift:enable:FeatureGate=ImageStreamImportMode
+ // +optional
+ ImageStreamImportMode ImportModeType `json:"imageStreamImportMode"`
}
// AllowedRegistries represents a list of registries allowed for the image import.
diff --git a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go
index 25a9333bbf..5162e46ba0 100644
--- a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go
@@ -114,6 +114,7 @@ var map_ImagePolicyConfig = map[string]string{
"internalRegistryHostname": "internalRegistryHostname sets the hostname for the default internal image registry. The value must be in \"hostname[:port]\" format.",
"externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.",
"additionalTrustedCA": "additionalTrustedCA is a path to a pem bundle file containing additional CAs that should be trusted during imagestream import.",
+ "imageStreamImportMode": "imageStreamImportMode provides the import mode value for imagestreams. It can be `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used. For manifest lists, the legacy behaviour will discard the manifest list and import a single sub-manifest. In this case, the platform is chosen in the following order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, the manifest list and all its sub-manifests will be imported.If this value is specified, this setting is applied to all newly created imagestreams which do not have the value set.",
}
func (ImagePolicyConfig) SwaggerDoc() map[string]string {
diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go
index 4fccecb9f6..0644b6a93c 100644
--- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go
+++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go
@@ -168,6 +168,65 @@ type AWSCSIDriverConfigSpec struct {
// +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)\/.*$`
// +optional
KMSKeyARN string `json:"kmsKeyARN,omitempty"`
+
+ // efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.
+ // +openshift:enable:FeatureGate=AWSEFSDriverVolumeMetrics
+ // +optional
+ EFSVolumeMetrics *AWSEFSVolumeMetrics `json:"efsVolumeMetrics,omitempty"`
+}
+
+// AWSEFSVolumeMetricsState defines the modes for collecting volume metrics in the AWS EFS CSI Driver.
+// This can either enable recursive collection of volume metrics or disable metric collection entirely.
+// +kubebuilder:validation:Enum:="RecursiveWalk";"Disabled"
+type AWSEFSVolumeMetricsState string
+
+const (
+ // AWSEFSVolumeMetricsRecursiveWalk indicates that volume metrics collection in the AWS EFS CSI Driver
+ // is performed by recursively walking through the files in the volume.
+ AWSEFSVolumeMetricsRecursiveWalk AWSEFSVolumeMetricsState = "RecursiveWalk"
+
+ // AWSEFSVolumeMetricsDisabled indicates that volume metrics collection in the AWS EFS CSI Driver is disabled.
+ AWSEFSVolumeMetricsDisabled AWSEFSVolumeMetricsState = "Disabled"
+)
+
+// AWSEFSVolumeMetrics defines the configuration for volume metrics in the EFS CSI Driver.
+// +union
+type AWSEFSVolumeMetrics struct {
+ // state defines the state of metric collection in the AWS EFS CSI Driver.
+ // This field is required and must be set to one of the following values: Disabled or RecursiveWalk.
+ // Disabled means no metrics collection will be performed. This is the default value.
+ // RecursiveWalk means the AWS EFS CSI Driver will recursively scan volumes to collect metrics.
+ // This process may result in high CPU and memory usage, depending on the volume size.
+ // +unionDiscriminator
+ // +kubebuilder:validation:Required
+ State AWSEFSVolumeMetricsState `json:"state"`
+
+ // recursiveWalk provides additional configuration for collecting volume metrics in the AWS EFS CSI Driver
+ // when the state is set to RecursiveWalk.
+ // +unionMember
+ // +optional
+ RecursiveWalk *AWSEFSVolumeMetricsRecursiveWalkConfig `json:"recursiveWalk,omitempty"`
+}
+
+// AWSEFSVolumeMetricsRecursiveWalkConfig defines options for volume metrics in the EFS CSI Driver.
+type AWSEFSVolumeMetricsRecursiveWalkConfig struct {
+ // refreshPeriodMinutes specifies the frequency, in minutes, at which volume metrics are refreshed.
+ // When omitted, this means no opinion and the platform is left to choose a reasonable
+ // default, which is subject to change over time. The current default is 240.
+ // The valid range is from 1 to 43200 minutes (30 days).
+ // +kubebuilder:validation:Minimum=1
+ // +kubebuilder:validation:Maximum=43200
+ // +optional
+ RefreshPeriodMinutes int32 `json:"refreshPeriodMinutes,omitempty"`
+
+ // fsRateLimit defines the rate limit, in goroutines per file system, for processing volume metrics.
+ // When omitted, this means no opinion and the platform is left to choose a reasonable
+ // default, which is subject to change over time. The current default is 5.
+ // The valid range is from 1 to 100 goroutines.
+ // +kubebuilder:validation:Minimum=1
+ // +kubebuilder:validation:Maximum=100
+ // +optional
+ FSRateLimit int32 `json:"fsRateLimit,omitempty"`
}
// AzureDiskEncryptionSet defines the configuration for a disk encryption set.
diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go
index 35bb5ada36..1e2d25109f 100644
--- a/vendor/github.com/openshift/api/operator/v1/types_network.go
+++ b/vendor/github.com/openshift/api/operator/v1/types_network.go
@@ -53,17 +53,20 @@ type NetworkList struct {
// NetworkSpec is the top-level network configuration object.
// +kubebuilder:validation:XValidation:rule="!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Restricted' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Global'",message="invalid value for IPForwarding, valid values are 'Restricted' or 'Global'"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=AdditionalRoutingCapabilities,rule="(has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != 'Enabled'",message="Route advertisements cannot be Enabled if 'FRR' routing capability provider is not available"
type NetworkSpec struct {
OperatorSpec `json:",inline"`
// clusterNetwork is the IP address pool to use for pod IPs.
// Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks.
// Others only support one. This is equivalent to the cluster-cidr.
+ // +listType=atomic
ClusterNetwork []ClusterNetworkEntry `json:"clusterNetwork"`
// serviceNetwork is the ip address pool to use for Service IPs
// Currently, all existing network providers only support a single value
// here, but this is an array to allow for growth.
+ // +listType=atomic
ServiceNetwork []string `json:"serviceNetwork"`
// defaultNetwork is the "default" network that all pods will receive
@@ -71,6 +74,8 @@ type NetworkSpec struct {
// additionalNetworks is a list of extra networks to make available to pods
// when multiple networks are enabled.
+ // +listType=map
+ // +listMapKey=name
AdditionalNetworks []AdditionalNetworkDefinition `json:"additionalNetworks,omitempty"`
// disableMultiNetwork specifies whether or not multiple pod network
@@ -119,6 +124,19 @@ type NetworkSpec struct {
// migration procedure allows to change the network type and the MTU.
// +optional
Migration *NetworkMigration `json:"migration,omitempty"`
+
+ // additionalRoutingCapabilities describes components and relevant
+ // configuration providing additional routing capabilities. When set, it
+ // enables such components and the usage of the routing capabilities they
+ // provide for the machine network. Upstream operators, like MetalLB
+ // operator, requiring these capabilities may rely on, or automatically set
+ // this attribute. Network plugins may leverage advanced routing
+ // capabilities acquired through the enablement of these components but may
+ // require specific configuration on their side to do so; refer to their
+ // respective documentation and configuration options.
+ // +openshift:enable:FeatureGate=AdditionalRoutingCapabilities
+ // +optional
+ AdditionalRoutingCapabilities *AdditionalRoutingCapabilities `json:"additionalRoutingCapabilities,omitempty"`
}
// NetworkMigrationMode is an enumeration of the possible mode of the network migration
@@ -287,12 +305,14 @@ type StaticIPAMRoutes struct {
type StaticIPAMDNS struct {
// Nameservers points DNS servers for IP lookup
// +optional
+ // +listType=atomic
Nameservers []string `json:"nameservers,omitempty"`
// Domain configures the domainname the local domain used for short hostname lookups
// +optional
Domain string `json:"domain,omitempty"`
// Search configures priority ordered search domains for short hostname lookups
// +optional
+ // +listType=atomic
Search []string `json:"search,omitempty"`
}
@@ -300,9 +320,11 @@ type StaticIPAMDNS struct {
type StaticIPAMConfig struct {
// Addresses configures IP address for the interface
// +optional
+ // +listType=atomic
Addresses []StaticIPAMAddresses `json:"addresses,omitempty"`
// Routes configures IP routes for the interface
// +optional
+ // +listType=atomic
Routes []StaticIPAMRoutes `json:"routes,omitempty"`
// DNS configures DNS for the interface
// +optional
@@ -330,6 +352,7 @@ type AdditionalNetworkDefinition struct {
// name is the name of the network. This will be populated in the resulting CRD
// This must be unique.
+ // +kubebuilder:validation:Required
Name string `json:"name"`
// namespace is the namespace of the network. This will be populated in the resulting CRD
@@ -433,6 +456,19 @@ type OVNKubernetesConfig struct {
// fields within ipv4 for details of default values.
// +optional
IPv6 *IPv6OVNKubernetesConfig `json:"ipv6,omitempty"`
+
+ // routeAdvertisements determines if the functionality to advertise cluster
+ // network routes through a dynamic routing protocol, such as BGP, is
+ // enabled or not. This functionality is configured through the
+ // ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing
+ // capability provider to be enabled as an additional routing capability.
+ // Allowed values are "Enabled", "Disabled" and ommited. When omitted, this
+ // means the user has no opinion and the platform is left to choose
+ // reasonable defaults. These defaults are subject to change over time. The
+ // current default is "Disabled".
+ // +openshift:enable:FeatureGate=RouteAdvertisements
+ // +optional
+ RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"`
}
type IPv4OVNKubernetesConfig struct {
@@ -505,6 +541,7 @@ type IPv6OVNKubernetesConfig struct {
type HybridOverlayConfig struct {
// HybridClusterNetwork defines a network space given to nodes on an additional overlay network.
+ // +listType=atomic
HybridClusterNetwork []ClusterNetworkEntry `json:"hybridClusterNetwork"`
// HybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network.
// Default is 4789
@@ -617,6 +654,7 @@ type NetFlowConfig struct {
// It is a list of strings formatted as ip:port with a maximum of ten items
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=10
+ // +listType=atomic
Collectors []IPPort `json:"collectors,omitempty"`
}
@@ -624,6 +662,7 @@ type SFlowConfig struct {
// sFlowCollectors is list of strings formatted as ip:port with a maximum of ten items
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=10
+ // +listType=atomic
Collectors []IPPort `json:"collectors,omitempty"`
}
@@ -631,6 +670,7 @@ type IPFIXConfig struct {
// ipfixCollectors is list of strings formatted as ip:port with a maximum of ten items
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=10
+ // +listType=atomic
Collectors []IPPort `json:"collectors,omitempty"`
}
@@ -684,6 +724,7 @@ type PolicyAuditConfig struct {
type NetworkType string
// ProxyArgumentList is a list of arguments to pass to the kubeproxy process
+// +listType=atomic
type ProxyArgumentList []string
// ProxyConfig defines the configuration knobs for kubeproxy
@@ -788,3 +829,38 @@ const (
// between pods on the cluster network.
IPsecModeFull IPsecMode = "Full"
)
+
+// +kubebuilder:validation:Enum:="";"Enabled";"Disabled"
+type RouteAdvertisementsEnablement string
+
+var (
+ // RouteAdvertisementsEnabled enables route advertisements for ovn-kubernetes
+ RouteAdvertisementsEnabled RouteAdvertisementsEnablement = "Enabled"
+ // RouteAdvertisementsDisabled disables route advertisements for ovn-kubernetes
+ RouteAdvertisementsDisabled RouteAdvertisementsEnablement = "Disabled"
+)
+
+// RoutingCapabilitiesProvider is a component providing routing capabilities.
+// +kubebuilder:validation:Enum=FRR
+type RoutingCapabilitiesProvider string
+
+const (
+ // RoutingCapabilitiesProviderFRR determines FRR is providing advanced
+ // routing capabilities.
+ RoutingCapabilitiesProviderFRR RoutingCapabilitiesProvider = "FRR"
+)
+
+// AdditionalRoutingCapabilities describes components and relevant configuration providing
+// advanced routing capabilities.
+type AdditionalRoutingCapabilities struct {
+ // providers is a set of enabled components that provide additional routing
+ // capabilities. Entries on this list must be unique. The only valid value
+ // is currrently "FRR" which provides FRR routing capabilities through the
+ // deployment of FRR.
+ // +listType=atomic
+ // +kubebuilder:validation:Required
+ // +kubebuilder:validation:MinItems=1
+ // +kubebuilder:validation:MaxItems=1
+ // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))"
+ Providers []RoutingCapabilitiesProvider `json:"providers"`
+}
diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go
index 9a37e8e385..fc6b94ceb2 100644
--- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go
+++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go
@@ -16,6 +16,11 @@ import (
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AWSCSIDriverConfigSpec) DeepCopyInto(out *AWSCSIDriverConfigSpec) {
*out = *in
+ if in.EFSVolumeMetrics != nil {
+ in, out := &in.EFSVolumeMetrics, &out.EFSVolumeMetrics
+ *out = new(AWSEFSVolumeMetrics)
+ (*in).DeepCopyInto(*out)
+ }
return
}
@@ -51,6 +56,43 @@ func (in *AWSClassicLoadBalancerParameters) DeepCopy() *AWSClassicLoadBalancerPa
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AWSEFSVolumeMetrics) DeepCopyInto(out *AWSEFSVolumeMetrics) {
+ *out = *in
+ if in.RecursiveWalk != nil {
+ in, out := &in.RecursiveWalk, &out.RecursiveWalk
+ *out = new(AWSEFSVolumeMetricsRecursiveWalkConfig)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEFSVolumeMetrics.
+func (in *AWSEFSVolumeMetrics) DeepCopy() *AWSEFSVolumeMetrics {
+ if in == nil {
+ return nil
+ }
+ out := new(AWSEFSVolumeMetrics)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AWSEFSVolumeMetricsRecursiveWalkConfig) DeepCopyInto(out *AWSEFSVolumeMetricsRecursiveWalkConfig) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEFSVolumeMetricsRecursiveWalkConfig.
+func (in *AWSEFSVolumeMetricsRecursiveWalkConfig) DeepCopy() *AWSEFSVolumeMetricsRecursiveWalkConfig {
+ if in == nil {
+ return nil
+ }
+ out := new(AWSEFSVolumeMetricsRecursiveWalkConfig)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AWSLoadBalancerParameters) DeepCopyInto(out *AWSLoadBalancerParameters) {
*out = *in
@@ -194,6 +236,27 @@ func (in *AdditionalNetworkDefinition) DeepCopy() *AdditionalNetworkDefinition {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AdditionalRoutingCapabilities) DeepCopyInto(out *AdditionalRoutingCapabilities) {
+ *out = *in
+ if in.Providers != nil {
+ in, out := &in.Providers, &out.Providers
+ *out = make([]RoutingCapabilitiesProvider, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalRoutingCapabilities.
+func (in *AdditionalRoutingCapabilities) DeepCopy() *AdditionalRoutingCapabilities {
+ if in == nil {
+ return nil
+ }
+ out := new(AdditionalRoutingCapabilities)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Authentication) DeepCopyInto(out *Authentication) {
*out = *in
@@ -333,7 +396,7 @@ func (in *CSIDriverConfigSpec) DeepCopyInto(out *CSIDriverConfigSpec) {
if in.AWS != nil {
in, out := &in.AWS, &out.AWS
*out = new(AWSCSIDriverConfigSpec)
- **out = **in
+ (*in).DeepCopyInto(*out)
}
if in.Azure != nil {
in, out := &in.Azure, &out.Azure
@@ -3382,6 +3445,11 @@ func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) {
*out = new(NetworkMigration)
(*in).DeepCopyInto(*out)
}
+ if in.AdditionalRoutingCapabilities != nil {
+ in, out := &in.AdditionalRoutingCapabilities, &out.AdditionalRoutingCapabilities
+ *out = new(AdditionalRoutingCapabilities)
+ (*in).DeepCopyInto(*out)
+ }
return
}
diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml
index 595f49e276..c152b0e84f 100644
--- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -69,6 +69,7 @@ clustercsidrivers.operator.openshift.io:
Capability: ""
Category: ""
FeatureGates:
+ - AWSEFSDriverVolumeMetrics
- VSphereDriverConfiguration
FilenameOperatorName: csi-driver
FilenameOperatorOrdering: "01"
@@ -328,7 +329,9 @@ networks.operator.openshift.io:
Capability: ""
Category: ""
FeatureGates:
+ - AdditionalRoutingCapabilities
- NetworkLiveMigration
+ - RouteAdvertisements
FilenameOperatorName: network
FilenameOperatorOrdering: "01"
FilenameRunLevel: "0000_70"
diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go
index 2c53fdb80b..c498c9e9e5 100644
--- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go
@@ -421,14 +421,35 @@ func (StatuspageProvider) SwaggerDoc() map[string]string {
}
var map_AWSCSIDriverConfigSpec = map[string]string{
- "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.",
- "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.",
+ "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.",
+ "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.",
+ "efsVolumeMetrics": "efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.",
}
func (AWSCSIDriverConfigSpec) SwaggerDoc() map[string]string {
return map_AWSCSIDriverConfigSpec
}
+var map_AWSEFSVolumeMetrics = map[string]string{
+ "": "AWSEFSVolumeMetrics defines the configuration for volume metrics in the EFS CSI Driver.",
+ "state": "state defines the state of metric collection in the AWS EFS CSI Driver. This field is required and must be set to one of the following values: Disabled or RecursiveWalk. Disabled means no metrics collection will be performed. This is the default value. RecursiveWalk means the AWS EFS CSI Driver will recursively scan volumes to collect metrics. This process may result in high CPU and memory usage, depending on the volume size.",
+ "recursiveWalk": "recursiveWalk provides additional configuration for collecting volume metrics in the AWS EFS CSI Driver when the state is set to RecursiveWalk.",
+}
+
+func (AWSEFSVolumeMetrics) SwaggerDoc() map[string]string {
+ return map_AWSEFSVolumeMetrics
+}
+
+var map_AWSEFSVolumeMetricsRecursiveWalkConfig = map[string]string{
+ "": "AWSEFSVolumeMetricsRecursiveWalkConfig defines options for volume metrics in the EFS CSI Driver.",
+ "refreshPeriodMinutes": "refreshPeriodMinutes specifies the frequency, in minutes, at which volume metrics are refreshed. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is 240. The valid range is from 1 to 43200 minutes (30 days).",
+ "fsRateLimit": "fsRateLimit defines the rate limit, in goroutines per file system, for processing volume metrics. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is 5. The valid range is from 1 to 100 goroutines.",
+}
+
+func (AWSEFSVolumeMetricsRecursiveWalkConfig) SwaggerDoc() map[string]string {
+ return map_AWSEFSVolumeMetricsRecursiveWalkConfig
+}
+
var map_AzureCSIDriverConfigSpec = map[string]string{
"": "AzureCSIDriverConfigSpec defines properties that can be configured for the Azure CSI driver.",
"diskEncryptionSet": "diskEncryptionSet sets the cluster default storage class to encrypt volumes with a customer-managed encryption set, rather than the default platform-managed keys.",
@@ -1518,6 +1539,15 @@ func (AdditionalNetworkDefinition) SwaggerDoc() map[string]string {
return map_AdditionalNetworkDefinition
}
+var map_AdditionalRoutingCapabilities = map[string]string{
+ "": "AdditionalRoutingCapabilities describes components and relevant configuration providing advanced routing capabilities.",
+ "providers": "providers is a set of enabled components that provide additional routing capabilities. Entries on this list must be unique. The only valid value is currrently \"FRR\" which provides FRR routing capabilities through the deployment of FRR.",
+}
+
+func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string {
+ return map_AdditionalRoutingCapabilities
+}
+
var map_ClusterNetworkEntry = map[string]string{
"": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks",
}
@@ -1708,18 +1738,19 @@ func (NetworkMigration) SwaggerDoc() map[string]string {
}
var map_NetworkSpec = map[string]string{
- "": "NetworkSpec is the top-level network configuration object.",
- "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.",
- "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.",
- "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive",
- "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.",
- "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.",
- "useMultiNetworkPolicy": "useMultiNetworkPolicy enables a controller which allows for MultiNetworkPolicy objects to be used on additional networks as created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy objects, but NetworkPolicy objects only apply to the primary interface. With MultiNetworkPolicy, you can control the traffic that a pod can receive over the secondary interfaces. If unset, this property defaults to 'false' and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is 'true' then the value of this field is ignored.",
- "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.",
- "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.",
- "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.",
- "exportNetworkFlows": "exportNetworkFlows enables and configures the export of network flow metadata from the pod network by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. If unset, flows will not be exported to any collector.",
- "migration": "migration enables and configures the cluster network migration. The migration procedure allows to change the network type and the MTU.",
+ "": "NetworkSpec is the top-level network configuration object.",
+ "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.",
+ "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.",
+ "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive",
+ "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.",
+ "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.",
+ "useMultiNetworkPolicy": "useMultiNetworkPolicy enables a controller which allows for MultiNetworkPolicy objects to be used on additional networks as created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy objects, but NetworkPolicy objects only apply to the primary interface. With MultiNetworkPolicy, you can control the traffic that a pod can receive over the secondary interfaces. If unset, this property defaults to 'false' and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is 'true' then the value of this field is ignored.",
+ "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.",
+ "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.",
+ "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.",
+ "exportNetworkFlows": "exportNetworkFlows enables and configures the export of network flow metadata from the pod network by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. If unset, flows will not be exported to any collector.",
+ "migration": "migration enables and configures the cluster network migration. The migration procedure allows to change the network type and the MTU.",
+ "additionalRoutingCapabilities": "additionalRoutingCapabilities describes components and relevant configuration providing additional routing capabilities. When set, it enables such components and the usage of the routing capabilities they provide for the machine network. Upstream operators, like MetalLB operator, requiring these capabilities may rely on, or automatically set this attribute. Network plugins may leverage advanced routing capabilities acquired through the enablement of these components but may require specific configuration on their side to do so; refer to their respective documentation and configuration options.",
}
func (NetworkSpec) SwaggerDoc() map[string]string {
@@ -1747,6 +1778,7 @@ var map_OVNKubernetesConfig = map[string]string{
"egressIPConfig": "egressIPConfig holds the configuration for EgressIP options.",
"ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.",
"ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.",
+ "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".",
}
func (OVNKubernetesConfig) SwaggerDoc() map[string]string {
diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto
index 621bec09b0..82bf94d304 100644
--- a/vendor/github.com/openshift/api/route/v1/generated.proto
+++ b/vendor/github.com/openshift/api/route/v1/generated.proto
@@ -199,6 +199,8 @@ message RouteIngress {
optional string routerName = 2;
// Conditions is the state of the route, may be empty.
+ // +listType=map
+ // +listMapKey=type
repeated RouteIngressCondition conditions = 3;
// Wildcard policy is the wildcard policy that was allowed where this route is exposed.
@@ -331,6 +333,9 @@ message RouteSpec {
// Use the weight field in RouteTargetReference object to specify relative preference.
//
// +kubebuilder:validation:MaxItems=3
+ // +listType=map
+ // +listMapKey=name
+ // +listMapKey=kind
repeated RouteTargetReference alternateBackends = 4;
// If specified, the port to be used by the router. Most routers will use all
@@ -360,6 +365,7 @@ message RouteStatus {
// ingress describes the places where the route may be exposed. The list of
// ingress points may contain duplicate Host or RouterName values. Routes
// are considered live once they are `Ready`
+ // +listType=atomic
repeated RouteIngress ingress = 1;
}
@@ -404,7 +410,7 @@ message RouterShard {
// TLSConfig defines config used to secure a route and provide termination
//
// +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow"
-// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalRouteCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=RouteExternalCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
message TLSConfig {
// termination indicates termination type.
//
@@ -453,7 +459,7 @@ message TLSConfig {
// be present in the same namespace as that of the Route.
// Forbidden when `certificate` is set.
//
- // +openshift:enable:FeatureGate=ExternalRouteCertificate
+ // +openshift:enable:FeatureGate=RouteExternalCertificate
// +optional
optional LocalObjectReference externalCertificate = 7;
}
diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go
index fadc4b618b..9416199946 100644
--- a/vendor/github.com/openshift/api/route/v1/types.go
+++ b/vendor/github.com/openshift/api/route/v1/types.go
@@ -136,6 +136,9 @@ type RouteSpec struct {
// Use the weight field in RouteTargetReference object to specify relative preference.
//
// +kubebuilder:validation:MaxItems=3
+ // +listType=map
+ // +listMapKey=name
+ // +listMapKey=kind
AlternateBackends []RouteTargetReference `json:"alternateBackends,omitempty" protobuf:"bytes,4,rep,name=alternateBackends"`
// If specified, the port to be used by the router. Most routers will use all
@@ -350,6 +353,7 @@ type RouteStatus struct {
// ingress describes the places where the route may be exposed. The list of
// ingress points may contain duplicate Host or RouterName values. Routes
// are considered live once they are `Ready`
+ // +listType=atomic
Ingress []RouteIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"`
}
@@ -360,6 +364,8 @@ type RouteIngress struct {
// Name is a name chosen by the router to identify itself; this value is required
RouterName string `json:"routerName,omitempty" protobuf:"bytes,2,opt,name=routerName"`
// Conditions is the state of the route, may be empty.
+ // +listType=map
+ // +listMapKey=type
Conditions []RouteIngressCondition `json:"conditions,omitempty" protobuf:"bytes,3,rep,name=conditions"`
// Wildcard policy is the wildcard policy that was allowed where this route is exposed.
WildcardPolicy WildcardPolicyType `json:"wildcardPolicy,omitempty" protobuf:"bytes,4,opt,name=wildcardPolicy"`
@@ -415,7 +421,7 @@ type RouterShard struct {
// TLSConfig defines config used to secure a route and provide termination
//
// +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow"
-// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalRouteCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=RouteExternalCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
type TLSConfig struct {
// termination indicates termination type.
//
@@ -464,7 +470,7 @@ type TLSConfig struct {
// be present in the same namespace as that of the Route.
// Forbidden when `certificate` is set.
//
- // +openshift:enable:FeatureGate=ExternalRouteCertificate
+ // +openshift:enable:FeatureGate=RouteExternalCertificate
// +optional
ExternalCertificate *LocalObjectReference `json:"externalCertificate,omitempty" protobuf:"bytes,7,opt,name=externalCertificate"`
}
diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml
index aced0855f4..0277ba2f32 100644
--- a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -5,7 +5,7 @@ routes.route.openshift.io:
Capability: ""
Category: ""
FeatureGates:
- - ExternalRouteCertificate
+ - RouteExternalCertificate
FilenameOperatorName: ""
FilenameOperatorOrdering: ""
FilenameRunLevel: ""
diff --git a/vendor/github.com/openshift/api/security/v1/consts.go b/vendor/github.com/openshift/api/security/v1/consts.go
index 3b686c31d6..7e8adf6e64 100644
--- a/vendor/github.com/openshift/api/security/v1/consts.go
+++ b/vendor/github.com/openshift/api/security/v1/consts.go
@@ -10,4 +10,7 @@ const (
// This annotation pins required SCCs for core OpenShift workloads to prevent preemption of custom SCCs.
// It is being used in the SCC admission plugin.
RequiredSCCAnnotation = "openshift.io/required-scc"
+
+ // MinimallySufficientPodSecurityStandard indicates the PodSecurityStandard that matched the SCCs available to the users of the namespace.
+ MinimallySufficientPodSecurityStandard = "security.openshift.io/MinimallySufficientPodSecurityStandard"
)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index f524b16c02..59b7dffcba 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -530,7 +530,7 @@ github.com/munnerz/goautoneg
# github.com/oklog/ulid v1.3.1
## explicit
github.com/oklog/ulid
-# github.com/openshift/api v0.0.0-20240805090819-b8f07e1d8f62
+# github.com/openshift/api v0.0.0-20240816151955-65532e7f773e
## explicit; go 1.22.0
github.com/openshift/api
github.com/openshift/api/annotations
@@ -549,6 +549,7 @@ github.com/openshift/api/config/v1
github.com/openshift/api/config/v1alpha1
github.com/openshift/api/console
github.com/openshift/api/console/v1
+github.com/openshift/api/features
github.com/openshift/api/helm
github.com/openshift/api/helm/v1beta1
github.com/openshift/api/image