diff --git a/go.mod b/go.mod index a9b5d0e07..c5ca4a057 100644 --- a/go.mod +++ b/go.mod @@ -8,18 +8,18 @@ require ( github.com/gorilla/websocket v1.4.1 // indirect github.com/grpc-ecosystem/go-grpc-middleware v1.1.0 // indirect github.com/grpc-ecosystem/grpc-gateway v1.11.3 // indirect - github.com/openshift/api v0.0.0-20200929125329-c3027fc03b92 - github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 - github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 - github.com/openshift/library-go v0.0.0-20200915114203-ee518dab897a + github.com/openshift/api v0.0.0-20201019163320-c6a5ec25f267 + github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab + github.com/openshift/client-go v0.0.0-20201020074620-f8fd44879f7c + github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08 github.com/prometheus/client_golang v1.7.1 github.com/spf13/cobra v1.0.0 github.com/spf13/pflag v1.0.5 go.uber.org/zap v1.11.0 // indirect - k8s.io/api v0.19.0 - k8s.io/apimachinery v0.19.0 - k8s.io/client-go v0.19.0 - k8s.io/component-base v0.19.0 + k8s.io/api v0.19.2 + k8s.io/apimachinery v0.19.2 + k8s.io/client-go v0.19.2 + k8s.io/component-base v0.19.2 k8s.io/klog/v2 v2.3.0 ) diff --git a/go.sum b/go.sum index 58156991c..27851b5ab 100644 --- a/go.sum +++ b/go.sum @@ -346,16 +346,14 @@ github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20191031171055-b133feaeeb2e/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/openshift/api v0.0.0-20200827090112-c05698d102cf h1:s/d912Y7MW7bD/6XNL0gMe6lC0zPiDjq5w8u0OyCSpc= -github.com/openshift/api v0.0.0-20200827090112-c05698d102cf/go.mod h1:M3xexPhgM8DISzzRpuFUy+jfPjQPIcs9yqEYj17mXV8= -github.com/openshift/api v0.0.0-20200929125329-c3027fc03b92 h1:8yft0f/7xSau9/KiocrM65lpr6L4RmCqXzgVNy85xHo= -github.com/openshift/api v0.0.0-20200929125329-c3027fc03b92/go.mod h1:Si/I9UGeRR3qzg01YWPmtlr0GeGk2fnuggXJRmjAZ6U= -github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 h1:mOq7Mg1Q9d7nIDxe1SJ6pluMBQsbVxa6olyAGmfYWTg= -github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= -github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 h1:E6WhVL5p3rfjtc+o+jVG/29Aclnf3XIF7akxXvadwR0= -github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5/go.mod h1:5rGmrkQ8DJEUXA+AR3rEjfH+HFyg4/apY9iCQFgvPfE= -github.com/openshift/library-go v0.0.0-20200915114203-ee518dab897a h1:oH1HsankLxHBG27kcsiz3pFFzmStJhNLIet0REX3j/4= -github.com/openshift/library-go v0.0.0-20200915114203-ee518dab897a/go.mod h1:NI6xOQGuTnLXeHW8Z2glKSFhF7X+YxlAlqlBMaK0zEM= +github.com/openshift/api v0.0.0-20201019163320-c6a5ec25f267 h1:d6qOoblJz8DjQ44PRT0hYt3qLqJ/Lnvipk1vXr0gpfo= +github.com/openshift/api v0.0.0-20201019163320-c6a5ec25f267/go.mod h1:RDvBcRQMGLa3aNuDuejVBbTEQj/2i14NXdpOLqbNBvM= +github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab h1:lBrojddP6C9C2p67EMs2vcdpC8eF+H0DDom+fgI2IF0= +github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= +github.com/openshift/client-go v0.0.0-20201020074620-f8fd44879f7c h1:NB9g4Y/aegId7fyNqYyGxEfyNOytYFT5dxWJtfOJFQs= +github.com/openshift/client-go v0.0.0-20201020074620-f8fd44879f7c/go.mod h1:yZ3u8vgWC19I9gbDMRk8//9JwG/0Sth6v7C+m6R8HXs= +github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08 h1:Z+8t3ooTH2T+J/GoCZbgaOk5WqNZgPuHlUAKMfG1FEk= +github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08/go.mod h1:1xYaYQcQsn+AyCRsvOU+Qn5z6GGiCmcblXkT/RZLVfo= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= @@ -702,31 +700,31 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI= k8s.io/api v0.18.0-beta.2/go.mod h1:2oeNnWEqcSmaM/ibSh3t7xcIqbkGXhzZdn4ezV9T4m0= -k8s.io/api v0.19.0 h1:XyrFIJqTYZJ2DU7FBE/bSPz7b1HvbVBuBf07oeo6eTc= -k8s.io/api v0.19.0/go.mod h1:I1K45XlvTrDjmj5LoM5LuP/KYrhWbjUKT/SoPG0qTjw= +k8s.io/api v0.19.2 h1:q+/krnHWKsL7OBZg/rxnycsl9569Pud76UJ77MvKXms= +k8s.io/api v0.19.2/go.mod h1:IQpK0zFQ1xc5iNIQPqzgoOwuFugaYHK4iCknlAQP9nI= k8s.io/apiextensions-apiserver v0.17.0/go.mod h1:XiIFUakZywkUl54fVXa7QTEHcqQz9HG55nHd1DCoHj8= k8s.io/apiextensions-apiserver v0.18.0-beta.2/go.mod h1:Hnrg5jx8/PbxRbUoqDGxtQkULjwx8FDW4WYJaKNK+fk= -k8s.io/apiextensions-apiserver v0.19.0 h1:jlY13lvZp+0p9fRX2khHFdiT9PYzT7zUrANz6R1NKtY= -k8s.io/apiextensions-apiserver v0.19.0/go.mod h1:znfQxNpjqz/ZehvbfMg5N6fvBJW5Lqu5HVLTJQdP4Fs= +k8s.io/apiextensions-apiserver v0.19.2 h1:oG84UwiDsVDu7dlsGQs5GySmQHCzMhknfhFExJMz9tA= +k8s.io/apiextensions-apiserver v0.19.2/go.mod h1:EYNjpqIAvNZe+svXVx9j4uBaVhTB4C94HkY3w058qcg= k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= k8s.io/apimachinery v0.18.0-beta.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= -k8s.io/apimachinery v0.19.0 h1:gjKnAda/HZp5k4xQYjL0K/Yb66IvNqjthCb03QlKpaQ= -k8s.io/apimachinery v0.19.0/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= +k8s.io/apimachinery v0.19.2 h1:5Gy9vQpAGTKHPVOh5c4plE274X8D/6cuEiTO2zve7tc= +k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= k8s.io/apiserver v0.17.0/go.mod h1:ABM+9x/prjINN6iiffRVNCBR2Wk7uY4z+EtEGZD48cg= k8s.io/apiserver v0.18.0-beta.2/go.mod h1:bnblMkMoCFnIfVnVftd0SXJPzyvrk3RtaqSbblphF/A= -k8s.io/apiserver v0.19.0 h1:jLhrL06wGAADbLUUQm8glSLnAGP6c7y5R3p19grkBoY= -k8s.io/apiserver v0.19.0/go.mod h1:XvzqavYj73931x7FLtyagh8WibHpePJ1QwWrSJs2CLk= +k8s.io/apiserver v0.19.2 h1:xq2dXAzsAoHv7S4Xc/p7PKhiowdHV/PgdePWo3MxIYM= +k8s.io/apiserver v0.19.2/go.mod h1:FreAq0bJ2vtZFj9Ago/X0oNGC51GfubKK/ViOKfVAOA= k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k= k8s.io/client-go v0.18.0-beta.2/go.mod h1:UvuVxHjKWIcgy0iMvF+bwNDW7l0mskTNOaOW1Qv5BMA= -k8s.io/client-go v0.19.0 h1:1+0E0zfWFIWeyRhQYWzimJOyAk2UT7TiARaLNwJCf7k= -k8s.io/client-go v0.19.0/go.mod h1:H9E/VT95blcFQnlyShFgnFT9ZnJOAceiUHM3MlRC+mU= +k8s.io/client-go v0.19.2 h1:gMJuU3xJZs86L1oQ99R4EViAADUPMHHtS9jFshasHSc= +k8s.io/client-go v0.19.2/go.mod h1:S5wPhCqyDNAlzM9CnEdgTGV4OqhsW3jGO1UM1epwfJA= k8s.io/code-generator v0.17.0/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/code-generator v0.18.0-beta.2/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc= -k8s.io/code-generator v0.19.0/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= +k8s.io/code-generator v0.19.2/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= k8s.io/component-base v0.17.0/go.mod h1:rKuRAokNMY2nn2A6LP/MiwpoaMRHpfRnrPaUJJj1Yoc= k8s.io/component-base v0.18.0-beta.2/go.mod h1:HVk5FpRnyzQ/MjBr9//e/yEBjTVa2qjGXCTuUzcD7ks= -k8s.io/component-base v0.19.0 h1:OueXf1q3RW7NlLlUCj2Dimwt7E1ys6ZqRnq53l2YuoE= -k8s.io/component-base v0.19.0/go.mod h1:dKsY8BxkA+9dZIAh2aWJLL/UdASFDNtGYTCItL4LM7Y= +k8s.io/component-base v0.19.2 h1:jW5Y9RcZTb79liEhW3XDVTW7MuvEGP0tQZnfSX6/+gs= +k8s.io/component-base v0.19.2/go.mod h1:g5LrsiTiabMLZ40AR6Hl45f088DevyGY+cCE2agEIVo= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= @@ -741,8 +739,8 @@ k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.3.0 h1:WmkrnW7fdrm0/DMClc+HIxtftvxVIPAhlVwMQo5yLco= k8s.io/klog/v2 v2.3.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/kube-aggregator v0.18.0-beta.2/go.mod h1:O3Td9mheraINbLHH4pzoFP2gRzG0Wk1COqzdSL4rBPk= -k8s.io/kube-aggregator v0.19.0 h1:rL4fsftMaqkKjaibArYDaBeqN41CHaJzgRJjUB9IrIg= -k8s.io/kube-aggregator v0.19.0/go.mod h1:1Ln45PQggFAG8xOqWPIYMxUq8WNtpPnYsbUJ39DpF/A= +k8s.io/kube-aggregator v0.19.2 h1:iDJILLwIKjojE0bjZHKMGp8Ry5U1ugsJzrb/A9lD+00= +k8s.io/kube-aggregator v0.19.2/go.mod h1:wVsjy6OTeUrWkgG9WVsGftnjpm8JIY0vJV7LH2j4nhM= k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ= diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 7993192b6..f1d7ca000 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -30,6 +30,7 @@ $(call add-crd-gen,operatoringress,./operatoringress/v1,./operatoringress/v1,./o $(call add-crd-gen,quota,./quota/v1,./quota/v1,./quota/v1) $(call add-crd-gen,samples,./samples/v1,./samples/v1,./samples/v1) $(call add-crd-gen,security,./security/v1,./security/v1,./security/v1) +$(call add-crd-gen,securityinternal,./securityinternal/v1,./securityinternal/v1,./securityinternal/v1) $(call add-crd-gen,network,./network/v1,./network/v1,./network/v1) $(call add-crd-gen,operatorcontrolplane,./operatorcontrolplane/v1alpha1,./operatorcontrolplane/v1alpha1,./operatorcontrolplane/v1alpha1) diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml index f7767a124..9e79054c6 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml @@ -92,7 +92,9 @@ spec: format: date-time message: description: message provides additional information about the - current condition. This is only to be consumed by humans. + current condition. This is only to be consumed by humans. It + may contain Line Feed characters (U+000A), which should be rendered + as new lines. type: string reason: description: reason is the CamelCase reason for the condition's diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml index b5dc54376..1acda61af 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml @@ -218,7 +218,9 @@ spec: format: date-time message: description: message provides additional information about the - current condition. This is only to be consumed by humans. + current condition. This is only to be consumed by humans. It + may contain Line Feed characters (U+000A), which should be rendered + as new lines. type: string reason: description: reason is the CamelCase reason for the condition's diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml index 7287300e4..57b7c6e2b 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml @@ -112,6 +112,10 @@ spec: description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt + infrastructure provider. + type: object openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -127,8 +131,8 @@ spec: creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", - "VSphere", "oVirt", and "None". Individual components may not - support all platforms, and must handle unrecognized platforms + "VSphere", "oVirt", "KubeVirt" and "None". Individual components + may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. type: string enum: @@ -143,6 +147,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. @@ -190,6 +195,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt platformStatus: description: platformStatus holds status information specific to the underlying infrastructure provider. @@ -307,6 +313,24 @@ spec: description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. type: string + kubevirt: + description: Kubevirt contains settings specific to the kubevirt + infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact + the Kubernetes API server that can be used by components inside + the cluster, like kubelets using the infrastructure rather + than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + points to. It is the IP for a self-hosted load balancer in + front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the + default ingress controller. The IP is a suitable target of + a wildcard DNS record used to resolve default route host names. + type: string openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -385,6 +409,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go index 3681d0ff0..299adb1c9 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go @@ -130,7 +130,8 @@ type ClusterOperatorStatusCondition struct { Reason string `json:"reason,omitempty"` // message provides additional information about the current condition. - // This is only to be consumed by humans. + // This is only to be consumed by humans. It may contain Line Feed + // characters (U+000A), which should be rendered as new lines. // +optional Message string `json:"message,omitempty"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 3c4bd788f..efea0a41a 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -79,7 +79,7 @@ type InfrastructureStatus struct { } // PlatformType is a specific supported infrastructure provider. -// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud +// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud;KubeVirt type PlatformType string const ( @@ -112,6 +112,9 @@ const ( // IBMCloudPlatformType represents IBM Cloud infrastructure. IBMCloudPlatformType PlatformType = "IBMCloud" + + // KubevirtPlatformType represents KubeVirt/Openshift Virtualization infrastructure. + KubevirtPlatformType PlatformType = "KubeVirt" ) // IBMCloudProviderType is a specific supported IBM Cloud provider cluster type @@ -134,7 +137,7 @@ type PlatformSpec struct { // balancers, dynamic volume provisioning, machine creation and deletion, and // other integrations are enabled. If None, no infrastructure automation is // enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - // "OpenStack", "VSphere", "oVirt", and "None". Individual components may not support + // "OpenStack", "VSphere", "oVirt", "KubeVirt" and "None". Individual components may not support // all platforms, and must handle unrecognized platforms as None if they do // not support that platform. // @@ -172,6 +175,10 @@ type PlatformSpec struct { // IBMCloud contains settings specific to the IBMCloud infrastructure provider. // +optional IBMCloud *IBMCloudPlatformSpec `json:"ibmcloud,omitempty"` + + // Kubevirt contains settings specific to the kubevirt infrastructure provider. + // +optional + Kubevirt *KubevirtPlatformSpec `json:"kubevirt,omitempty"` } // PlatformStatus holds the current status specific to the underlying infrastructure provider @@ -222,6 +229,10 @@ type PlatformStatus struct { // IBMCloud contains settings specific to the IBMCloud infrastructure provider. // +optional IBMCloud *IBMCloudPlatformStatus `json:"ibmcloud,omitempty"` + + // Kubevirt contains settings specific to the kubevirt infrastructure provider. + // +optional + Kubevirt *KubevirtPlatformStatus `json:"kubevirt,omitempty"` } // AWSServiceEndpoint store the configuration of a custom url to @@ -433,6 +444,23 @@ type IBMCloudPlatformStatus struct { ProviderType IBMCloudProviderType `json:"providerType,omitempty"` } +// KubevirtPlatformSpec holds the desired state of the kubevirt infrastructure provider. +// This only includes fields that can be modified in the cluster. +type KubevirtPlatformSpec struct{} + +// KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider. +type KubevirtPlatformStatus struct { + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + APIServerInternalIP string `json:"apiServerInternalIP,omitempty"` + + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + IngressIP string `json:"ingressIP,omitempty"` +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // InfrastructureList is diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 7542490ef..4a41d1b7f 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -2259,6 +2259,38 @@ func (in *KubeClientConfig) DeepCopy() *KubeClientConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtPlatformSpec) DeepCopyInto(out *KubevirtPlatformSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtPlatformSpec. +func (in *KubevirtPlatformSpec) DeepCopy() *KubevirtPlatformSpec { + if in == nil { + return nil + } + out := new(KubevirtPlatformSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtPlatformStatus) DeepCopyInto(out *KubevirtPlatformStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtPlatformStatus. +func (in *KubevirtPlatformStatus) DeepCopy() *KubevirtPlatformStatus { + if in == nil { + return nil + } + out := new(KubevirtPlatformStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPAttributeMapping) DeepCopyInto(out *LDAPAttributeMapping) { *out = *in @@ -2949,6 +2981,11 @@ func (in *PlatformSpec) DeepCopyInto(out *PlatformSpec) { *out = new(IBMCloudPlatformSpec) **out = **in } + if in.Kubevirt != nil { + in, out := &in.Kubevirt, &out.Kubevirt + *out = new(KubevirtPlatformSpec) + **out = **in + } return } @@ -3005,6 +3042,11 @@ func (in *PlatformStatus) DeepCopyInto(out *PlatformStatus) { *out = new(IBMCloudPlatformStatus) **out = **in } + if in.Kubevirt != nil { + in, out := &in.Kubevirt, &out.Kubevirt + *out = new(KubevirtPlatformStatus) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 72d3bb2cf..118d7bb45 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -443,7 +443,7 @@ var map_ClusterOperatorStatusCondition = map[string]string{ "status": "status of the condition, one of True, False, Unknown.", "lastTransitionTime": "lastTransitionTime is the time of the last update to the current status property.", "reason": "reason is the CamelCase reason for the condition's current status.", - "message": "message provides additional information about the current condition. This is only to be consumed by humans.", + "message": "message provides additional information about the current condition. This is only to be consumed by humans. It may contain Line Feed characters (U+000A), which should be rendered as new lines.", } func (ClusterOperatorStatusCondition) SwaggerDoc() map[string]string { @@ -857,6 +857,24 @@ func (InfrastructureStatus) SwaggerDoc() map[string]string { return map_InfrastructureStatus } +var map_KubevirtPlatformSpec = map[string]string{ + "": "KubevirtPlatformSpec holds the desired state of the kubevirt infrastructure provider. This only includes fields that can be modified in the cluster.", +} + +func (KubevirtPlatformSpec) SwaggerDoc() map[string]string { + return map_KubevirtPlatformSpec +} + +var map_KubevirtPlatformStatus = map[string]string{ + "": "KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider.", + "apiServerInternalIP": "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers.", + "ingressIP": "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names.", +} + +func (KubevirtPlatformStatus) SwaggerDoc() map[string]string { + return map_KubevirtPlatformStatus +} + var map_OpenStackPlatformSpec = map[string]string{ "": "OpenStackPlatformSpec holds the desired state of the OpenStack infrastructure provider. This only includes fields that can be modified in the cluster.", } @@ -898,7 +916,7 @@ func (OvirtPlatformStatus) SwaggerDoc() map[string]string { var map_PlatformSpec = map[string]string{ "": "PlatformSpec holds the desired state specific to the underlying infrastructure provider of the current cluster. Since these are used at spec-level for the underlying cluster, it is supposed that only one of the spec structs is set.", - "type": "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform.", + "type": "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"KubeVirt\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform.", "aws": "AWS contains settings specific to the Amazon Web Services infrastructure provider.", "azure": "Azure contains settings specific to the Azure infrastructure provider.", "gcp": "GCP contains settings specific to the Google Cloud Platform infrastructure provider.", @@ -907,6 +925,7 @@ var map_PlatformSpec = map[string]string{ "ovirt": "Ovirt contains settings specific to the oVirt infrastructure provider.", "vsphere": "VSphere contains settings specific to the VSphere infrastructure provider.", "ibmcloud": "IBMCloud contains settings specific to the IBMCloud infrastructure provider.", + "kubevirt": "Kubevirt contains settings specific to the kubevirt infrastructure provider.", } func (PlatformSpec) SwaggerDoc() map[string]string { @@ -924,6 +943,7 @@ var map_PlatformStatus = map[string]string{ "ovirt": "Ovirt contains settings specific to the oVirt infrastructure provider.", "vsphere": "VSphere contains settings specific to the VSphere infrastructure provider.", "ibmcloud": "IBMCloud contains settings specific to the IBMCloud infrastructure provider.", + "kubevirt": "Kubevirt contains settings specific to the kubevirt infrastructure provider.", } func (PlatformStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/go.mod b/vendor/github.com/openshift/api/go.mod index 90ec46339..cc20c653d 100644 --- a/vendor/github.com/openshift/api/go.mod +++ b/vendor/github.com/openshift/api/go.mod @@ -4,11 +4,11 @@ go 1.15 require ( github.com/gogo/protobuf v1.3.1 - github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 + github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab github.com/spf13/pflag v1.0.5 golang.org/x/tools v0.0.0-20200616133436-c1934b75d054 - k8s.io/api v0.19.0 - k8s.io/apimachinery v0.19.0 - k8s.io/code-generator v0.19.0 + k8s.io/api v0.19.2 + k8s.io/apimachinery v0.19.2 + k8s.io/code-generator v0.19.2 k8s.io/klog/v2 v2.2.0 ) diff --git a/vendor/github.com/openshift/api/go.sum b/vendor/github.com/openshift/api/go.sum index c4f904ce5..f6055166a 100644 --- a/vendor/github.com/openshift/api/go.sum +++ b/vendor/github.com/openshift/api/go.sum @@ -104,8 +104,8 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 h1:mOq7Mg1Q9d7nIDxe1SJ6pluMBQsbVxa6olyAGmfYWTg= -github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= +github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab h1:lBrojddP6C9C2p67EMs2vcdpC8eF+H0DDom+fgI2IF0= +github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -214,12 +214,12 @@ gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.19.0 h1:XyrFIJqTYZJ2DU7FBE/bSPz7b1HvbVBuBf07oeo6eTc= -k8s.io/api v0.19.0/go.mod h1:I1K45XlvTrDjmj5LoM5LuP/KYrhWbjUKT/SoPG0qTjw= -k8s.io/apimachinery v0.19.0 h1:gjKnAda/HZp5k4xQYjL0K/Yb66IvNqjthCb03QlKpaQ= -k8s.io/apimachinery v0.19.0/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= -k8s.io/code-generator v0.19.0 h1:r0BxYnttP/r8uyKd4+Njg0B57kKi8wLvwEzaaVy3iZ8= -k8s.io/code-generator v0.19.0/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= +k8s.io/api v0.19.2 h1:q+/krnHWKsL7OBZg/rxnycsl9569Pud76UJ77MvKXms= +k8s.io/api v0.19.2/go.mod h1:IQpK0zFQ1xc5iNIQPqzgoOwuFugaYHK4iCknlAQP9nI= +k8s.io/apimachinery v0.19.2 h1:5Gy9vQpAGTKHPVOh5c4plE274X8D/6cuEiTO2zve7tc= +k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= +k8s.io/code-generator v0.19.2 h1:7uaWJll6fyCPj2j3sfNN1AiY2gZU1VFN2dFR2uoxGWI= +k8s.io/code-generator v0.19.2/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14 h1:t4L10Qfx/p7ASH3gXCdIUtPbbIuegCoUJf3TMSFekjw= k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= diff --git a/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml b/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml index b064daade..16bc8b5f2 100644 --- a/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml @@ -1,7 +1,6 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - creationTimestamp: null name: clusternetworks.network.openshift.io spec: group: network.openshift.io @@ -11,103 +10,6 @@ spec: plural: clusternetworks singular: clusternetwork scope: Cluster - validation: - # As compared to ValidateClusterNetwork, this does not validate that: - # - the hostSubnetLengths are valid for their CIDRs - # - the cluster/service networks do not overlap - # - .network and .hostsubnetlength are set if name == 'default' - # - .network and .hostsubnetlength are either unset, or equal to - # .clusterNetworks[0].CIDR and .clusterNetworks[0].hostSubnetLength - openAPIV3Schema: - description: ClusterNetwork describes the cluster network. There is normally - only one object of this type, named "default", which is created by the SDN - network plugin based on the master configuration when the cluster is brought - up for the first time. - type: object - required: - - clusterNetworks - - serviceNetwork - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - clusterNetworks: - description: ClusterNetworks is a list of ClusterNetwork objects that defines - the global overlay network's L3 space by specifying a set of CIDR and - netmasks that the SDN can allocate addresses from. - type: array - items: - description: ClusterNetworkEntry defines an individual cluster network. - The CIDRs cannot overlap with other cluster network CIDRs, CIDRs reserved - for external ips, CIDRs reserved for service networks, and CIDRs reserved - for ingress ips. - type: object - required: - - CIDR - - hostSubnetLength - properties: - CIDR: - description: CIDR defines the total range of a cluster networks address - space. - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ - hostSubnetLength: - description: HostSubnetLength is the number of bits of the accompanying - CIDR address to allocate to each node. eg, 8 would mean that each - node would have a /24 slice of the overlay network for its pods. - type: integer - format: int32 - maximum: 30 - minimum: 2 - hostsubnetlength: - description: HostSubnetLength is the number of bits of network to allocate - to each node. eg, 8 would mean that each node would have a /24 slice of - the overlay network for its pods - type: integer - format: int32 - maximum: 30 - minimum: 2 - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - mtu: - description: MTU is the MTU for the overlay network. This should be 50 less - than the MTU of the network connecting the nodes. It is normally autodetected - by the cluster network operator. - type: integer - format: int32 - maximum: 65536 - minimum: 576 - network: - description: Network is a CIDR string specifying the global overlay network's - L3 space - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ - pluginName: - description: PluginName is the name of the network plugin being used - type: string - serviceNetwork: - description: ServiceNetwork is the CIDR range that Service IP addresses - are allocated from - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ - vxlanPort: - description: VXLANPort sets the VXLAN destination port used by the cluster. - It is set by the master configuration file on startup and cannot be edited - manually. Valid values for VXLANPort are integers 1-65535 inclusive and - if unset defaults to 4789. Changing VXLANPort allows users to resolve - issues between openshift SDN and other software trying to use the same - VXLAN destination port. - type: integer - format: int32 - maximum: 65535 - minimum: 1 additionalPrinterColumns: - name: Cluster Network type: string @@ -126,6 +28,97 @@ spec: - name: v1 served: true storage: true + "schema": + "openAPIV3Schema": + description: ClusterNetwork describes the cluster network. There is normally + only one object of this type, named "default", which is created by the SDN + network plugin based on the master configuration when the cluster is brought + up for the first time. + type: object + required: + - clusterNetworks + - serviceNetwork + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + clusterNetworks: + description: ClusterNetworks is a list of ClusterNetwork objects that + defines the global overlay network's L3 space by specifying a set of + CIDR and netmasks that the SDN can allocate addresses from. + type: array + items: + description: ClusterNetworkEntry defines an individual cluster network. + The CIDRs cannot overlap with other cluster network CIDRs, CIDRs reserved + for external ips, CIDRs reserved for service networks, and CIDRs reserved + for ingress ips. + type: object + required: + - CIDR + - hostSubnetLength + properties: + CIDR: + description: CIDR defines the total range of a cluster networks + address space. + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + hostSubnetLength: + description: HostSubnetLength is the number of bits of the accompanying + CIDR address to allocate to each node. eg, 8 would mean that each + node would have a /24 slice of the overlay network for its pods. + type: integer + format: int32 + maximum: 30 + minimum: 2 + hostsubnetlength: + description: HostSubnetLength is the number of bits of network to allocate + to each node. eg, 8 would mean that each node would have a /24 slice + of the overlay network for its pods + type: integer + format: int32 + maximum: 30 + minimum: 2 + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + mtu: + description: MTU is the MTU for the overlay network. This should be 50 + less than the MTU of the network connecting the nodes. It is normally + autodetected by the cluster network operator. + type: integer + format: int32 + maximum: 65536 + minimum: 576 + network: + description: Network is a CIDR string specifying the global overlay network's + L3 space + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + pluginName: + description: PluginName is the name of the network plugin being used + type: string + serviceNetwork: + description: ServiceNetwork is the CIDR range that Service IP addresses + are allocated from + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + vxlanPort: + description: VXLANPort sets the VXLAN destination port used by the cluster. + It is set by the master configuration file on startup and cannot be + edited manually. Valid values for VXLANPort are integers 1-65535 inclusive + and if unset defaults to 4789. Changing VXLANPort allows users to resolve + issues between openshift SDN and other software trying to use the same + VXLAN destination port. + type: integer + format: int32 + maximum: 65535 + minimum: 1 status: acceptedNames: kind: "" diff --git a/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml b/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml index 9b8af4914..1cc4ebd5f 100644 --- a/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml @@ -1,7 +1,6 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - creationTimestamp: null name: hostsubnets.network.openshift.io spec: group: network.openshift.io @@ -11,70 +10,6 @@ spec: plural: hostsubnets singular: hostsubnet scope: Cluster - validation: - # As compared to ValidateHostSubnet, this does not validate that: - # - .host == .name - # - either .subnet is set or the assign-subnet annotation is present - # As compared to ValidateHostSubnetUpdate, this does not validate that: - # - .subnet is not changed on an existing object - openAPIV3Schema: - description: HostSubnet describes the container subnet network on a node. The - HostSubnet object must have the same name as the Node object it corresponds - to. - type: object - required: - - host - - hostIP - - subnet - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - egressCIDRs: - description: EgressCIDRs is the list of CIDR ranges available for automatically - assigning egress IPs to this node from. If this field is set then EgressIPs - should be treated as read-only. - type: array - items: - description: HostSubnetEgressCIDR represents one egress CIDR from which - to assign IP addresses for this node represented by the HostSubnet - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ - egressIPs: - description: EgressIPs is the list of automatic egress IP addresses currently - hosted by this node. If EgressCIDRs is empty, this can be set by hand; - if EgressCIDRs is set then the master will overwrite the value here with - its own allocation of egress IPs. - type: array - items: - description: HostSubnetEgressIP represents one egress IP address currently - hosted on the node represented by HostSubnet - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ - host: - description: Host is the name of the node. (This is the same as the object's - name, but both fields must be set.) - type: string - pattern: ^[a-z0-9.-]+$ - hostIP: - description: HostIP is the IP address to be used as a VTEP by other nodes - in the overlay network - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - subnet: - description: Subnet is the CIDR range of the overlay network assigned to - the node for its pods - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ additionalPrinterColumns: - name: Host type: string @@ -103,6 +38,65 @@ spec: - name: v1 served: true storage: true + "schema": + "openAPIV3Schema": + description: HostSubnet describes the container subnet network on a node. + The HostSubnet object must have the same name as the Node object it corresponds + to. + type: object + required: + - host + - hostIP + - subnet + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + egressCIDRs: + description: EgressCIDRs is the list of CIDR ranges available for automatically + assigning egress IPs to this node from. If this field is set then EgressIPs + should be treated as read-only. + type: array + items: + description: HostSubnetEgressCIDR represents one egress CIDR from which + to assign IP addresses for this node represented by the HostSubnet + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + egressIPs: + description: EgressIPs is the list of automatic egress IP addresses currently + hosted by this node. If EgressCIDRs is empty, this can be set by hand; + if EgressCIDRs is set then the master will overwrite the value here + with its own allocation of egress IPs. + type: array + items: + description: HostSubnetEgressIP represents one egress IP address currently + hosted on the node represented by HostSubnet + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ + host: + description: Host is the name of the node. (This is the same as the object's + name, but both fields must be set.) + type: string + pattern: ^[a-z0-9.-]+$ + hostIP: + description: HostIP is the IP address to be used as a VTEP by other nodes + in the overlay network + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + subnet: + description: Subnet is the CIDR range of the overlay network assigned + to the node for its pods + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ status: acceptedNames: kind: "" diff --git a/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml b/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml index 80fa3b05f..efe4ebec5 100644 --- a/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml @@ -1,7 +1,6 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - creationTimestamp: null name: netnamespaces.network.openshift.io spec: group: network.openshift.io @@ -11,56 +10,6 @@ spec: plural: netnamespaces singular: netnamespace scope: Cluster - validation: - # As compared to ValidateNetNamespace, this does not validate that: - # - .netname == .name - # - .netid is not 1-9 - openAPIV3Schema: - description: NetNamespace describes a single isolated network. When using the - redhat/openshift-ovs-multitenant plugin, every Namespace will have a corresponding - NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, - NetNamespaces are not used.) - type: object - required: - - netid - - netname - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - egressIPs: - description: EgressIPs is a list of reserved IPs that will be used as the - source for external traffic coming from pods in this namespace. (If empty, - external traffic will be masqueraded to Node IPs.) - type: array - items: - description: NetNamespaceEgressIP is a single egress IP out of a list - of reserved IPs used as source of external traffic coming from pods - in this namespace - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - netid: - description: NetID is the network identifier of the network namespace assigned - to each overlay network packet. This can be manipulated with the "oc adm - pod-network" commands. - type: integer - format: int32 - maximum: 16777215 - minimum: 0 - netname: - description: NetName is the name of the network namespace. (This is the - same as the object's name, but both fields must be set.) - type: string - pattern: ^[a-z0-9.-]+$ additionalPrinterColumns: - name: NetID type: integer @@ -75,6 +24,53 @@ spec: - name: v1 served: true storage: true + "schema": + "openAPIV3Schema": + description: NetNamespace describes a single isolated network. When using + the redhat/openshift-ovs-multitenant plugin, every Namespace will have a + corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, + NetNamespaces are not used.) + type: object + required: + - netid + - netname + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + egressIPs: + description: EgressIPs is a list of reserved IPs that will be used as + the source for external traffic coming from pods in this namespace. + (If empty, external traffic will be masqueraded to Node IPs.) + type: array + items: + description: NetNamespaceEgressIP is a single egress IP out of a list + of reserved IPs used as source of external traffic coming from pods + in this namespace + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + netid: + description: NetID is the network identifier of the network namespace + assigned to each overlay network packet. This can be manipulated with + the "oc adm pod-network" commands. + type: integer + format: int32 + maximum: 16777215 + minimum: 0 + netname: + description: NetName is the name of the network namespace. (This is the + same as the object's name, but both fields must be set.) + type: string + pattern: ^[a-z0-9.-]+$ status: acceptedNames: kind: "" diff --git a/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml b/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml index 16e84c104..766073948 100644 --- a/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml +++ b/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml @@ -1,7 +1,6 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - creationTimestamp: null name: egressnetworkpolicies.network.openshift.io spec: group: network.openshift.io @@ -11,75 +10,75 @@ spec: plural: egressnetworkpolicies singular: egressnetworkpolicy scope: Namespaced - validation: - # This should be mostly equivalent to ValidateEgressNetworkPolicy - openAPIV3Schema: - description: EgressNetworkPolicy describes the current egress network policy - for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network - plugin, traffic from a pod to an IP address outside the cluster will be checked - against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, - in order. If no rule matches (or no EgressNetworkPolicy is present) then the - traffic will be allowed by default. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec is the specification of the current egress network policy - type: object - required: - - egress - properties: - egress: - description: egress contains the list of egress policy rules - type: array - items: - description: EgressNetworkPolicyRule contains a single egress network - policy rule - type: object - required: - - to - - type - properties: - to: - description: to is the target that traffic is allowed/denied to - type: object - properties: - cidrSelector: - description: CIDRSelector is the CIDR range to allow/deny - traffic to. If this is set, dnsName must be unset Ideally - we would have liked to use the cidr openapi format for this - property. But openshift-sdn only supports v4 while specifying - the cidr format allows both v4 and v6 cidrs We are therefore - using a regex pattern to validate instead. - type: string - pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ - dnsName: - description: DNSName is the domain name to allow/deny traffic - to. If this is set, cidrSelector must be unset - type: string - pattern: ^([A-Za-z0-9-]+\.)*[A-Za-z0-9-]+\.?$ - type: - description: type marks this as an "Allow" or "Deny" rule - type: string - pattern: ^Allow|Deny$ version: v1 versions: - name: v1 served: true storage: true + "schema": + "openAPIV3Schema": + description: EgressNetworkPolicy describes the current egress network policy + for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network + plugin, traffic from a pod to an IP address outside the cluster will be + checked against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, + in order. If no rule matches (or no EgressNetworkPolicy is present) then + the traffic will be allowed by default. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the current egress network policy + type: object + required: + - egress + properties: + egress: + description: egress contains the list of egress policy rules + type: array + items: + description: EgressNetworkPolicyRule contains a single egress network + policy rule + type: object + required: + - to + - type + properties: + to: + description: to is the target that traffic is allowed/denied + to + type: object + properties: + cidrSelector: + description: CIDRSelector is the CIDR range to allow/deny + traffic to. If this is set, dnsName must be unset Ideally + we would have liked to use the cidr openapi format for + this property. But openshift-sdn only supports v4 while + specifying the cidr format allows both v4 and v6 cidrs + We are therefore using a regex pattern to validate instead. + type: string + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + dnsName: + description: DNSName is the domain name to allow/deny traffic + to. If this is set, cidrSelector must be unset + type: string + pattern: ^([A-Za-z0-9-]+\.)*[A-Za-z0-9-]+\.?$ + type: + description: type marks this as an "Allow" or "Deny" rule + type: string + pattern: ^Allow|Deny$ status: acceptedNames: kind: "" diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index 9f1c4238d..75d757d99 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -1031,4 +1031,8 @@ spec: served: true storage: true subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.availableReplicas status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml index 329a72377..0e3960596 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml @@ -353,7 +353,10 @@ spec: description: The address to "bind" on Defaults to 0.0.0.0 type: string iptablesSyncPeriod: - description: 'The period that iptables rules are refreshed. Default: + description: 'An internal kube-proxy parameter. In older releases + of OCP, this sometimes needed to be adjusted in large clusters + for performance reasons, but this is no longer necessary, and + there is no reason to change this from the default value. Default: 30s' type: string proxyArguments: @@ -367,11 +370,14 @@ spec: items: type: string logLevel: - description: logLevel allows configuring the logging level of the + description: "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive - logging may affect performance. The default value is "Normal". + logging may affect performance. The default value is \"Normal\". + \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". + Defaults to \"Normal\"." type: string + default: Normal enum: - "" - Normal diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml index 6bfa31c97..8404b1a0f 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml @@ -35,6 +35,7 @@ spec: name: enum: - ebs.csi.aws.com + - cinder.csi.openstack.org - manila.csi.openstack.org - csi.ovirt.org type: string diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch index 22f3a1294..7f1945a9c 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch @@ -5,5 +5,6 @@ type: string enum: - ebs.csi.aws.com + - cinder.csi.openstack.org - manila.csi.openstack.org - csi.ovirt.org diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index e6217ab8c..3e897b9f3 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -41,6 +41,7 @@ type CSIDriverName string // and 0000_90_cluster_csi_driver_01_config.crd.yaml-merge-patch file is also updated with new driver name. const ( AWSEBSCSIDriver CSIDriverName = "ebs.csi.aws.com" + CinderCSIDriver CSIDriverName = "cinder.csi.openstack.org" ManilaCSIDriver CSIDriverName = "manila.csi.openstack.org" OvirtCSIDriver CSIDriverName = "csi.ovirt.org" ) diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 7e678d11a..71cf5a35e 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -74,8 +74,12 @@ type NetworkSpec struct { // by the operator. Currently only Kuryr SDN is affected by this setting. // Please note that turning on extensive logging may affect performance. // The default value is "Normal". + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". // +optional - LogLevel LogLevel `json:"logLevel"` + // +kubebuilder:default=Normal + LogLevel LogLevel `json:"logLevel,omitempty"` } // ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size @@ -337,7 +341,9 @@ type ProxyArgumentList []string // ProxyConfig defines the configuration knobs for kubeproxy // All of these are optional and have sensible defaults type ProxyConfig struct { - // The period that iptables rules are refreshed. + // An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + // in large clusters for performance reasons, but this is no longer necessary, and there is no reason + // to change this from the default value. // Default: 30s IptablesSyncPeriod string `json:"iptablesSyncPeriod,omitempty"` diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index cc82d26e2..cb241c784 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -794,7 +794,7 @@ var map_NetworkSpec = map[string]string{ "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.", "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.", - "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".", + "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -835,7 +835,7 @@ func (OpenShiftSDNConfig) SwaggerDoc() map[string]string { var map_ProxyConfig = map[string]string{ "": "ProxyConfig defines the configuration knobs for kubeproxy All of these are optional and have sensible defaults", - "iptablesSyncPeriod": "The period that iptables rules are refreshed. Default: 30s", + "iptablesSyncPeriod": "An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted in large clusters for performance reasons, but this is no longer necessary, and there is no reason to change this from the default value. Default: 30s", "bindAddress": "The address to \"bind\" on Defaults to 0.0.0.0", "proxyArguments": "Any additional arguments to pass to the kubeproxy process", } diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml index a6b300345..a11af8884 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml @@ -11,7 +11,7 @@ spec: listKind: PodNetworkConnectivityCheckList plural: podnetworkconnectivitychecks singular: podnetworkconnectivitycheck - scope: "" + scope: Namespaced versions: - name: v1alpha1 served: true diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index c4bc446e3..abf11f4c4 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -212,6 +212,10 @@ message RouterShard { // TLSConfig defines config used to secure a route and provide termination message TLSConfig { // termination indicates termination type. + // + // * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + // * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + // * reencrypt - TLS termination is done by the router and https is used to communicate with the backend optional string termination = 1; // certificate provides certificate contents diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index 9e59c6978..e36e192d8 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -212,6 +212,10 @@ type RouterShard struct { // TLSConfig defines config used to secure a route and provide termination type TLSConfig struct { // termination indicates termination type. + // + // * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + // * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + // * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Termination TLSTerminationType `json:"termination" protobuf:"bytes,1,opt,name=termination,casttype=TLSTerminationType"` // certificate provides certificate contents diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go index 9974795f6..83b92816b 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go @@ -113,7 +113,7 @@ func (RouterShard) SwaggerDoc() map[string]string { var map_TLSConfig = map[string]string{ "": "TLSConfig defines config used to secure a route and provide termination", - "termination": "termination indicates termination type.", + "termination": "termination indicates termination type.\n\n* edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend", "certificate": "certificate provides certificate contents", "key": "key provides key file contents", "caCertificate": "caCertificate provides the cert authority certificate contents", diff --git a/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/crd-schema-gen.mk b/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/crd-schema-gen.mk index 3a24a57e1..25f92fe9a 100644 --- a/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/crd-schema-gen.mk +++ b/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/crd-schema-gen.mk @@ -51,7 +51,7 @@ update-codegen-crds: update-codegen-crds-$(1) verify-codegen-crds-$(1): VERIFY_CODEGEN_CRD_TMP_DIR:=$$(shell mktemp -d) verify-codegen-crds-$(1): ensure-controller-gen ensure-yq ensure-yaml-patch $(call run-crd-gen,$(2),$(3),$$(VERIFY_CODEGEN_CRD_TMP_DIR)) - $$(foreach p,$$(wildcard $(3)/*crd.yaml),$$(call diff-file,$$(p),$$(subst $(3),$$(VERIFY_CODEGEN_CRD_TMP_DIR),$$(p)))) + $$(foreach p,$$(wildcard $(4)/*crd.yaml),$$(call diff-file,$$(p),$$(subst $(4),$$(VERIFY_CODEGEN_CRD_TMP_DIR),$$(p)))) .PHONY: verify-codegen-crds-$(1) verify-codegen-crds: verify-codegen-crds-$(1) diff --git a/vendor/github.com/openshift/library-go/pkg/config/client/client_config.go b/vendor/github.com/openshift/library-go/pkg/config/client/client_config.go index a24731105..e2b90ca53 100644 --- a/vendor/github.com/openshift/library-go/pkg/config/client/client_config.go +++ b/vendor/github.com/openshift/library-go/pkg/config/client/client_config.go @@ -2,14 +2,12 @@ package client import ( "io/ioutil" - "net" - "net/http" - "time" - "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" + "net/http" configv1 "github.com/openshift/api/config/v1" + "github.com/openshift/library-go/pkg/network" ) // GetKubeConfigOrInClusterConfig loads in-cluster config if kubeConfigFile is empty or the file if not, @@ -101,10 +99,7 @@ func (c ClientTransportOverrides) DefaultClientTransport(rt http.RoundTripper) h return rt } - transport.DialContext = (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).DialContext + transport.DialContext = network.DefaultClientDialContext() // Hold open more internal idle connections transport.MaxIdleConnsPerHost = 100 diff --git a/vendor/github.com/openshift/library-go/pkg/network/dialer.go b/vendor/github.com/openshift/library-go/pkg/network/dialer.go new file mode 100644 index 000000000..f19be44a3 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/network/dialer.go @@ -0,0 +1,13 @@ +package network + +import ( + "context" + "net" +) + +type DialContext func(ctx context.Context, network, address string) (net.Conn, error) + +// DefaultDialContext returns a DialContext function from a network dialer with default options sets. +func DefaultClientDialContext() DialContext { + return dialerWithDefaultOptions() +} diff --git a/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go b/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go new file mode 100644 index 000000000..e3cd3f4d3 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/network/dialer_linux.go @@ -0,0 +1,91 @@ +// +build linux + +package network + +import ( + "context" + "net" + "os" + "syscall" + "time" + + "golang.org/x/sys/unix" +) + +func dialerWithDefaultOptions() DialContext { + nd := &net.Dialer{ + // TCP_USER_TIMEOUT does affect the behaviour of connect() which is controlled by this field so we set it to the same value + Timeout: 25 * time.Second, + } + return wrapDialContext(nd.DialContext) +} + +func wrapDialContext(dc DialContext) DialContext { + return func(ctx context.Context, network, address string) (net.Conn, error) { + conn, err := dc(ctx, network, address) + if err != nil { + return conn, err + } + + if tcpCon, ok := conn.(*net.TCPConn); ok { + tcpFD, err := tcpCon.File() + if err != nil { + return conn, err + } + if err := setDefaultSocketOptions(int(tcpFD.Fd())); err != nil { + return conn, err + } + } + return conn, nil + } +} + +// setDefaultSocketOptions sets custom socket options so that we can detect connections to an unhealthy (dead) peer quickly. +// In particular we set TCP_USER_TIMEOUT that specifies the maximum amount of time that transmitted data may remain +// unacknowledged before TCP will forcibly close the connection. +// +// Note +// TCP_USER_TIMEOUT can't be too low because a single dropped packet might drop the entire connection. +// Ideally it should be set to: TCP_KEEPIDLE + TCP_KEEPINTVL * TCP_KEEPCNT +func setDefaultSocketOptions(fd int) error { + // specifies the maximum amount of time in milliseconds that transmitted data may remain + // unacknowledged before TCP will forcibly close the corresponding connection and return ETIMEDOUT to the application + tcpUserTimeoutInMilliSeconds := int(25 * time.Second / time.Millisecond) + + // specifies the interval at which probes are sent in seconds + tcpKeepIntvl := int(roundDuration(5*time.Second, time.Second)) + + // specifies the threshold for sending the first KEEP ALIVE probe in seconds + tcpKeepIdle := int(roundDuration(2*time.Second, time.Second)) + + if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, unix.TCP_USER_TIMEOUT, tcpUserTimeoutInMilliSeconds); err != nil { + return wrapSyscallError("setsockopt", err) + } + + if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, syscall.TCP_KEEPINTVL, tcpKeepIntvl); err != nil { + return wrapSyscallError("setsockopt", err) + } + + if err := syscall.SetsockoptInt(int(fd), syscall.IPPROTO_TCP, syscall.TCP_KEEPIDLE, tcpKeepIdle); err != nil { + return wrapSyscallError("setsockopt", err) + } + return nil +} + +// roundDurationUp rounds d to the next multiple of to. +// +// note that it was copied from the std library +func roundDuration(d time.Duration, to time.Duration) time.Duration { + return (d + to - 1) / to +} + +// wrapSyscallError takes an error and a syscall name. If the error is +// a syscall.Errno, it wraps it in a os.SyscallError using the syscall name. +// +// note that it was copied from the std library +func wrapSyscallError(name string, err error) error { + if _, ok := err.(syscall.Errno); ok { + err = os.NewSyscallError(name, err) + } + return err +} diff --git a/vendor/github.com/openshift/library-go/pkg/network/dialer_others.go b/vendor/github.com/openshift/library-go/pkg/network/dialer_others.go new file mode 100644 index 000000000..6519b0986 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/network/dialer_others.go @@ -0,0 +1,19 @@ +// +build !linux + +package network + +import ( + "net" + "time" + + "k8s.io/klog/v2" +) + +func dialerWithDefaultOptions() DialContext { + klog.V(2).Info("Creating the default network Dialer (unsupported platform). It may take up to 15 minutes to detect broken connections and establish a new one") + nd := &net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + } + return nd.DialContext +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/configobserver/network/observe_network.go b/vendor/github.com/openshift/library-go/pkg/operator/configobserver/network/observe_network.go index 8bce9504a..f33d5abbd 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/configobserver/network/observe_network.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/configobserver/network/observe_network.go @@ -40,24 +40,24 @@ func GetClusterCIDRs(lister configlistersv1.NetworkLister, recorder events.Recor return clusterCIDRs, nil } -// GetServiceCIDR reads the service IP range from the global network configuration resource. Emits events if CIDRs are not found. -func GetServiceCIDR(lister configlistersv1.NetworkLister, recorder events.Recorder) (string, error) { +// GetServiceCIDRs reads the service IP ranges from the global network configuration resource. Emits events if CIDRs are not found. +func GetServiceCIDRs(lister configlistersv1.NetworkLister, recorder events.Recorder) ([]string, error) { network, err := lister.Get("cluster") if errors.IsNotFound(err) { recorder.Warningf("GetServiceCIDRFailed", "Required networks.%s/cluster not found", configv1.GroupName) - return "", nil + return nil, nil } if err != nil { recorder.Warningf("GetServiceCIDRFailed", "error getting networks.%s/cluster: %v", configv1.GroupName, err) - return "", err + return nil, err } if len(network.Status.ServiceNetwork) == 0 || len(network.Status.ServiceNetwork[0]) == 0 { recorder.Warningf("GetServiceCIDRFailed", "Required status.serviceNetwork field is not set in networks.%s/cluster", configv1.GroupName) - return "", fmt.Errorf("networks.%s/cluster: status.serviceNetwork not found", configv1.GroupName) + return nil, fmt.Errorf("networks.%s/cluster: status.serviceNetwork not found", configv1.GroupName) } - return network.Status.ServiceNetwork[0], nil + return network.Status.ServiceNetwork, nil } // GetExternalIPPolicy retrieves the ExternalIPPolicy for the cluster. diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go new file mode 100644 index 000000000..0edc44349 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissions.go @@ -0,0 +1,77 @@ +package resourceapply + +import ( + "context" + + admissionv1 "k8s.io/api/admissionregistration/v1" + "k8s.io/apimachinery/pkg/api/equality" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + admissionclientv1 "k8s.io/client-go/kubernetes/typed/admissionregistration/v1" + "k8s.io/klog/v2" + + "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" +) + +// ApplyValidatingWebhookConfiguration merges objectmeta, update webhooks. +func ApplyValidatingWebhookConfiguration(client admissionclientv1.ValidatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionv1.ValidatingWebhookConfiguration) (*admissionv1.ValidatingWebhookConfiguration, bool, error) { + existing, err := client.ValidatingWebhookConfigurations().Get(context.TODO(), required.Name, metav1.GetOptions{}) + if apierrors.IsNotFound(err) { + actual, err := client.ValidatingWebhookConfigurations(). + Create(context.TODO(), required, metav1.CreateOptions{}) + reportCreateEvent(recorder, required, err) + return actual, true, err + } + if err != nil { + return nil, false, err + } + + modified := resourcemerge.BoolPtr(false) + existingCopy := existing.DeepCopy() + + resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) + contentSame := equality.Semantic.DeepEqual(existingCopy.Webhooks, required.Webhooks) + if contentSame && !*modified { + return existingCopy, false, nil + } + + if klog.V(4).Enabled() { + klog.Infof("ValidatingWebhookConfiguration %q changes: %v", required.Name, JSONPatchNoError(existing, required)) + } + + actual, err := client.ValidatingWebhookConfigurations().Update(context.TODO(), required, metav1.UpdateOptions{}) + reportUpdateEvent(recorder, required, err) + return actual, true, err +} + +// ApplyMutatingWebhookConfiguration merges objectmeta, update webhooks. +func ApplyMutatingWebhookConfiguration(client admissionclientv1.MutatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionv1.MutatingWebhookConfiguration) (*admissionv1.MutatingWebhookConfiguration, bool, error) { + existing, err := client.MutatingWebhookConfigurations().Get(context.TODO(), required.Name, metav1.GetOptions{}) + if apierrors.IsNotFound(err) { + actual, err := client.MutatingWebhookConfigurations(). + Create(context.TODO(), required, metav1.CreateOptions{}) + reportCreateEvent(recorder, required, err) + return actual, true, err + } + if err != nil { + return nil, false, err + } + + modified := resourcemerge.BoolPtr(false) + existingCopy := existing.DeepCopy() + + resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) + contentSame := equality.Semantic.DeepEqual(existingCopy.Webhooks, required.Webhooks) + if contentSame && !*modified { + return existingCopy, false, nil + } + + if klog.V(4).Enabled() { + klog.Infof("ValidatingWebhookConfiguration %q changes: %v", required.Name, JSONPatchNoError(existing, required)) + } + + actual, err := client.MutatingWebhookConfigurations().Update(context.TODO(), required, metav1.UpdateOptions{}) + reportUpdateEvent(recorder, required, err) + return actual, true, err +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go index 7f62f87ab..43a4ce30f 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go @@ -9,6 +9,7 @@ import ( "github.com/openshift/api" "github.com/openshift/library-go/pkg/operator/events" + admissionv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" storagev1 "k8s.io/api/storage/v1" @@ -165,6 +166,16 @@ func ApplyDirectly(clients *ClientHolder, recorder events.Recorder, manifests As result.Error = fmt.Errorf("missing kubeClient") } result.Result, result.Changed, result.Error = ApplyCSIDriver(clients.kubeClient.StorageV1(), recorder, t) + case *admissionv1.ValidatingWebhookConfiguration: + if clients.kubeClient == nil { + result.Error = fmt.Errorf("missing kubeClient") + } + result.Result, result.Changed, result.Error = ApplyValidatingWebhookConfiguration(clients.kubeClient.AdmissionregistrationV1(), recorder, t) + case *admissionv1.MutatingWebhookConfiguration: + if clients.kubeClient == nil { + result.Error = fmt.Errorf("missing kubeClient") + } + result.Result, result.Changed, result.Error = ApplyMutatingWebhookConfiguration(clients.kubeClient.AdmissionregistrationV1(), recorder, t) default: result.Error = fmt.Errorf("unhandled type %T", requiredObj) } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/apiextensions.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/apiextensions.go index 09428268d..e21f774e1 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/apiextensions.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/apiextensions.go @@ -27,7 +27,7 @@ func ReadCustomResourceDefinitionV1Beta1OrDie(objBytes []byte) *apiextensionsv1b } func ReadCustomResourceDefinitionV1OrDie(objBytes []byte) *apiextensionsv1.CustomResourceDefinition { - requiredObj, err := runtime.Decode(apiExtensionsCodecs.UniversalDecoder(apiextensionsv1beta1.SchemeGroupVersion), objBytes) + requiredObj, err := runtime.Decode(apiExtensionsCodecs.UniversalDecoder(apiextensionsv1.SchemeGroupVersion), objBytes) if err != nil { panic(err) } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/core.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/core.go index ac2b47758..daa27c7b5 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/core.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/core.go @@ -58,11 +58,19 @@ func ReadServiceV1OrDie(objBytes []byte) *corev1.Service { } func ReadPodV1OrDie(objBytes []byte) *corev1.Pod { - requiredObj, err := runtime.Decode(coreCodecs.UniversalDecoder(corev1.SchemeGroupVersion), objBytes) + requiredObj, err := ReadPodV1(objBytes) if err != nil { panic(err) } - return requiredObj.(*corev1.Pod) + return requiredObj +} + +func ReadPodV1(objBytes []byte) (*corev1.Pod, error) { + requiredObj, err := runtime.Decode(coreCodecs.UniversalDecoder(corev1.SchemeGroupVersion), objBytes) + if err != nil { + return nil, err + } + return requiredObj.(*corev1.Pod), nil } func WritePodV1OrDie(obj *corev1.Pod) string { diff --git a/vendor/github.com/openshift/library-go/pkg/operator/status/condition.go b/vendor/github.com/openshift/library-go/pkg/operator/status/condition.go index 0520f8030..fd3bde5e6 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/status/condition.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/status/condition.go @@ -64,6 +64,9 @@ func UnionCondition(conditionType string, defaultConditionStatus operatorv1.Cond if len(elderBadConditions) == 0 { unionedCondition.Status = defaultConditionStatus unionedCondition.Message = unionMessage(interestingConditions) + if unionedCondition.Message == "" { + unionedCondition.Message = "All is well" + } unionedCondition.Reason = "AsExpected" unionedCondition.LastTransitionTime = latestTransitionTime(interestingConditions) diff --git a/vendor/github.com/openshift/library-go/pkg/operator/v1helpers/informers.go b/vendor/github.com/openshift/library-go/pkg/operator/v1helpers/informers.go index 8a3636b33..ba3769252 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/v1helpers/informers.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/v1helpers/informers.go @@ -20,8 +20,13 @@ type KubeInformersForNamespaces interface { ConfigMapLister() corev1listers.ConfigMapLister SecretLister() corev1listers.SecretLister + + // Used in by workloads controller and controllers that report deployment pods status + PodLister() corev1listers.PodLister } +var _ KubeInformersForNamespaces = kubeInformersForNamespaces{} + func NewKubeInformersForNamespaces(kubeClient kubernetes.Interface, namespaces ...string) KubeInformersForNamespaces { ret := kubeInformersForNamespaces{} for _, namespace := range namespaces { @@ -103,3 +108,28 @@ func (l secretLister) Secrets(namespace string) corev1listers.SecretNamespaceLis return informer.Core().V1().Secrets().Lister().Secrets(namespace) } + +type podLister kubeInformersForNamespaces + +func (i kubeInformersForNamespaces) PodLister() corev1listers.PodLister { + return podLister(i) +} + +func (l podLister) List(selector labels.Selector) (ret []*corev1.Pod, err error) { + globalInformer, ok := l[""] + if !ok { + return nil, fmt.Errorf("combinedLister does not support cross namespace list") + } + + return globalInformer.Core().V1().Pods().Lister().List(selector) +} + +func (l podLister) Pods(namespace string) corev1listers.PodNamespaceLister { + informer, ok := l[namespace] + if !ok { + // coding error + panic(fmt.Sprintf("namespace %q is missing", namespace)) + } + + return informer.Core().V1().Pods().Lister().Pods(namespace) +} diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go b/vendor/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go index ab767695f..1246ae863 100644 --- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go +++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go @@ -117,10 +117,37 @@ func WithImpersonation(handler http.Handler, a authorizer.Authorizer, s runtime. } } - if !groupsSpecified && username != user.Anonymous { - // When impersonating a non-anonymous user, if no groups were specified - // include the system:authenticated group in the impersonated user info - groups = append(groups, user.AllAuthenticated) + if username != user.Anonymous { + // When impersonating a non-anonymous user, include the 'system:authenticated' group + // in the impersonated user info: + // - if no groups were specified + // - if a group has been specified other than 'system:authenticated' + // + // If 'system:unauthenticated' group has been specified we should not include + // the 'system:authenticated' group. + addAuthenticated := true + for _, group := range groups { + if group == user.AllAuthenticated || group == user.AllUnauthenticated { + addAuthenticated = false + break + } + } + + if addAuthenticated { + groups = append(groups, user.AllAuthenticated) + } + } else { + addUnauthenticated := true + for _, group := range groups { + if group == user.AllUnauthenticated { + addUnauthenticated = false + break + } + } + + if addUnauthenticated { + groups = append(groups, user.AllUnauthenticated) + } } newUser := &user.DefaultInfo{ diff --git a/vendor/k8s.io/client-go/tools/cache/controller.go b/vendor/k8s.io/client-go/tools/cache/controller.go index 916ca9cc1..3ad9b53bb 100644 --- a/vendor/k8s.io/client-go/tools/cache/controller.go +++ b/vendor/k8s.io/client-go/tools/cache/controller.go @@ -144,11 +144,11 @@ func (c *controller) Run(stopCh <-chan struct{}) { c.reflectorMutex.Unlock() var wg wait.Group - defer wg.Wait() wg.StartWithChannel(stopCh, r.Run) wait.Until(c.processLoop, time.Second, stopCh) + wg.Wait() } // Returns true once this controller has completed an initial resource listing diff --git a/vendor/k8s.io/client-go/tools/cache/reflector.go b/vendor/k8s.io/client-go/tools/cache/reflector.go index a92b36f2c..e995abe25 100644 --- a/vendor/k8s.io/client-go/tools/cache/reflector.go +++ b/vendor/k8s.io/client-go/tools/cache/reflector.go @@ -570,5 +570,26 @@ func isExpiredError(err error) bool { } func isTooLargeResourceVersionError(err error) bool { - return apierrors.HasStatusCause(err, metav1.CauseTypeResourceVersionTooLarge) + if apierrors.HasStatusCause(err, metav1.CauseTypeResourceVersionTooLarge) { + return true + } + // In Kubernetes 1.17.0-1.18.5, the api server doesn't set the error status cause to + // metav1.CauseTypeResourceVersionTooLarge to indicate that the requested minimum resource + // version is larger than the largest currently available resource version. To ensure backward + // compatibility with these server versions we also need to detect the error based on the content + // of the error message field. + if !apierrors.IsTimeout(err) { + return false + } + apierr, ok := err.(apierrors.APIStatus) + if !ok || apierr == nil || apierr.Status().Details == nil { + return false + } + for _, cause := range apierr.Status().Details.Causes { + // Matches the message returned by api server 1.17.0-1.18.5 for this error condition + if cause.Message == "Too large resource version" { + return true + } + } + return false } diff --git a/vendor/k8s.io/component-base/logs/registry.go b/vendor/k8s.io/component-base/logs/registry.go index 515bba280..c71899db6 100644 --- a/vendor/k8s.io/component-base/logs/registry.go +++ b/vendor/k8s.io/component-base/logs/registry.go @@ -18,6 +18,7 @@ package logs import ( "fmt" + "sort" "github.com/go-logr/logr" json "k8s.io/component-base/logs/json" @@ -84,12 +85,13 @@ func (lfr *LogFormatRegistry) Delete(name string) error { return nil } -// List names of registered log formats +// List names of registered log formats (sorted) func (lfr *LogFormatRegistry) List() []string { formats := make([]string, 0, len(lfr.registry)) for f := range lfr.registry { formats = append(formats, f) } + sort.Strings(formats) return formats } diff --git a/vendor/modules.txt b/vendor/modules.txt index 730451678..d0c6e9786 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -95,7 +95,7 @@ github.com/modern-go/concurrent github.com/modern-go/reflect2 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 github.com/munnerz/goautoneg -# github.com/openshift/api v0.0.0-20200929125329-c3027fc03b92 +# github.com/openshift/api v0.0.0-20201019163320-c6a5ec25f267 github.com/openshift/api github.com/openshift/api/apps github.com/openshift/api/apps/v1 @@ -146,7 +146,7 @@ github.com/openshift/api/template github.com/openshift/api/template/v1 github.com/openshift/api/user github.com/openshift/api/user/v1 -# github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 +# github.com/openshift/build-machinery-go v0.0.0-20200917070002-f171684f77ab github.com/openshift/build-machinery-go github.com/openshift/build-machinery-go/make github.com/openshift/build-machinery-go/make/lib @@ -155,7 +155,7 @@ github.com/openshift/build-machinery-go/make/targets/golang github.com/openshift/build-machinery-go/make/targets/openshift github.com/openshift/build-machinery-go/make/targets/openshift/operator github.com/openshift/build-machinery-go/scripts -# github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 +# github.com/openshift/client-go v0.0.0-20201020074620-f8fd44879f7c github.com/openshift/client-go/config/clientset/versioned github.com/openshift/client-go/config/clientset/versioned/fake github.com/openshift/client-go/config/clientset/versioned/scheme @@ -180,7 +180,7 @@ github.com/openshift/client-go/operator/informers/externalversions/operator/v1 github.com/openshift/client-go/operator/informers/externalversions/operator/v1alpha1 github.com/openshift/client-go/operator/listers/operator/v1 github.com/openshift/client-go/operator/listers/operator/v1alpha1 -# github.com/openshift/library-go v0.0.0-20200915114203-ee518dab897a +# github.com/openshift/library-go v0.0.0-20201102091359-c4fa0f5b3a08 github.com/openshift/library-go/pkg/assets github.com/openshift/library-go/pkg/config/client github.com/openshift/library-go/pkg/config/clusteroperator/v1helpers @@ -192,6 +192,7 @@ github.com/openshift/library-go/pkg/controller/factory github.com/openshift/library-go/pkg/controller/fileobserver github.com/openshift/library-go/pkg/controller/metrics github.com/openshift/library-go/pkg/crypto +github.com/openshift/library-go/pkg/network github.com/openshift/library-go/pkg/operator/condition github.com/openshift/library-go/pkg/operator/configobserver github.com/openshift/library-go/pkg/operator/configobserver/network @@ -390,7 +391,7 @@ gopkg.in/inf.v0 gopkg.in/natefinch/lumberjack.v2 # gopkg.in/yaml.v2 v2.3.0 gopkg.in/yaml.v2 -# k8s.io/api v0.19.0 +# k8s.io/api v0.19.2 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 k8s.io/api/admissionregistration/v1 @@ -435,7 +436,7 @@ k8s.io/api/settings/v1alpha1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.19.0 +# k8s.io/apiextensions-apiserver v0.19.2 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1 @@ -443,7 +444,7 @@ k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1 k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1 -# k8s.io/apimachinery v0.19.0 +# k8s.io/apimachinery v0.19.2 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors k8s.io/apimachinery/pkg/api/meta @@ -496,7 +497,7 @@ k8s.io/apimachinery/pkg/version k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.19.0 +# k8s.io/apiserver v0.19.2 k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/configuration k8s.io/apiserver/pkg/admission/initializer @@ -617,7 +618,7 @@ k8s.io/apiserver/plugin/pkg/audit/truncate k8s.io/apiserver/plugin/pkg/audit/webhook k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook -# k8s.io/client-go v0.19.0 +# k8s.io/client-go v0.19.2 k8s.io/client-go/discovery k8s.io/client-go/discovery/fake k8s.io/client-go/dynamic @@ -831,7 +832,7 @@ k8s.io/client-go/util/homedir k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/component-base v0.19.0 +# k8s.io/component-base v0.19.2 k8s.io/component-base/cli/flag k8s.io/component-base/featuregate k8s.io/component-base/logs @@ -842,7 +843,7 @@ k8s.io/component-base/metrics/testutil k8s.io/component-base/version # k8s.io/klog/v2 v2.3.0 k8s.io/klog/v2 -# k8s.io/kube-aggregator v0.19.0 +# k8s.io/kube-aggregator v0.19.2 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/v1 k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1