diff --git a/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-Default.yaml b/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-Default.yaml index 85766649462..855f6c6020c 100644 --- a/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-Default.yaml +++ b/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-Default.yaml @@ -23,6 +23,9 @@ }, { "name": "HCPPodsLabels" + }, + { + "name": "DisableClusterCapabilities" } ], "enabled": [ @@ -42,4 +45,4 @@ } ] } -} \ No newline at end of file +} diff --git a/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml b/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml index c67a7d1639f..a85fe6b0df9 100644 --- a/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml +++ b/api/hypershift/v1beta1/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml @@ -33,6 +33,9 @@ }, { "name": "HCPPodsLabels" + }, + { + "name": "DisableClusterCapabilities" } ], "version": "" diff --git a/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-Default.yaml b/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-Default.yaml index 85766649462..855f6c6020c 100644 --- a/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-Default.yaml +++ b/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-Default.yaml @@ -23,6 +23,9 @@ }, { "name": "HCPPodsLabels" + }, + { + "name": "DisableClusterCapabilities" } ], "enabled": [ @@ -42,4 +45,4 @@ } ] } -} \ No newline at end of file +} diff --git a/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml b/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml index c67a7d1639f..a85fe6b0df9 100644 --- a/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml +++ b/api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml @@ -33,6 +33,9 @@ }, { "name": "HCPPodsLabels" + }, + { + "name": "DisableClusterCapabilities" } ], "version": "" diff --git a/api/hypershift/v1beta1/hosted_controlplane.go b/api/hypershift/v1beta1/hosted_controlplane.go index a9aa8e81a97..ce677743356 100644 --- a/api/hypershift/v1beta1/hosted_controlplane.go +++ b/api/hypershift/v1beta1/hosted_controlplane.go @@ -196,6 +196,14 @@ type HostedControlPlaneSpec struct { // +kubebuilder:validation:MaxProperties=20 // +optional Labels map[string]string `json:"labels,omitempty"` + + // capabilities allows for disabling optional components at cluster install time. + // This field is optional and once set cannot be changed. + // +immutable + // +optional + // +kubebuilder:default={} + // +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Capabilities is immutable. Changes might result in unpredictable and disruptive behavior." + Capabilities *Capabilities `json:"capabilities,omitempty"` } // availabilityPolicy specifies a high level availability policy for components. diff --git a/api/hypershift/v1beta1/hostedcluster_types.go b/api/hypershift/v1beta1/hostedcluster_types.go index df4a768072c..d1c77a43dfe 100644 --- a/api/hypershift/v1beta1/hostedcluster_types.go +++ b/api/hypershift/v1beta1/hostedcluster_types.go @@ -349,6 +349,30 @@ const ( ControlPlaneOperatorV2EnvVar = "CPO_V2" ) +// +kubebuilder:validation:Enum=ImageRegistry +type OptionalCapability string + +const ImageRegistryCapability OptionalCapability = OptionalCapability(configv1.ClusterVersionCapabilityImageRegistry) + +// capabilities allows disabling optional components at install time. +// Once set, it cannot be changed. +type Capabilities struct { + // disabled when specified, sets the cluster version baselineCapabilitySet to None + // and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + // This effectively disables that capability on the hosted cluster. + // + // When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + // OpenShift version. + // + // Once set, this field cannot be changed. + // + // +listType=atomic + // +immutable + // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Disabled is immutable. Changes might result in unpredictable and disruptive behavior." + Disabled []OptionalCapability `json:"disabled,omitempty"` +} + // HostedClusterSpec is the desired behavior of a HostedCluster. // +kubebuilder:validation:XValidation:rule=`self.platform.type != "IBMCloud" ? self.services == oldSelf.services : true`, message="Services is immutable. Changes might result in unpredictable and disruptive behavior." @@ -626,6 +650,14 @@ type HostedClusterSpec struct { // +optional // +openshift:enable:FeatureGate=HCPPodsLabels Labels map[string]string `json:"labels,omitempty"` + + // capabilities allows for disabling optional components at cluster install time. + // This field is optional and once set cannot be changed. + // +immutable + // +optional + // +kubebuilder:default={} + // +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Capabilities is immutable. Changes might result in unpredictable and disruptive behavior." + Capabilities *Capabilities `json:"capabilities,omitempty"` } // OLMCatalogPlacement is an enum specifying the placement of OLM catalog components. diff --git a/api/hypershift/v1beta1/zz_generated.deepcopy.go b/api/hypershift/v1beta1/zz_generated.deepcopy.go index eb282b5cb86..e7f61d22565 100644 --- a/api/hypershift/v1beta1/zz_generated.deepcopy.go +++ b/api/hypershift/v1beta1/zz_generated.deepcopy.go @@ -701,6 +701,26 @@ func (in *AzureVMImage) DeepCopy() *AzureVMImage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Capabilities) DeepCopyInto(out *Capabilities) { + *out = *in + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = make([]OptionalCapability, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Capabilities. +func (in *Capabilities) DeepCopy() *Capabilities { + if in == nil { + return nil + } + out := new(Capabilities) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateSigningRequestApproval) DeepCopyInto(out *CertificateSigningRequestApproval) { *out = *in @@ -1410,6 +1430,11 @@ func (in *HostedClusterSpec) DeepCopyInto(out *HostedClusterSpec) { (*out)[key] = val } } + if in.Capabilities != nil { + in, out := &in.Capabilities, &out.Capabilities + *out = new(Capabilities) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostedClusterSpec. @@ -1609,6 +1634,11 @@ func (in *HostedControlPlaneSpec) DeepCopyInto(out *HostedControlPlaneSpec) { (*out)[key] = val } } + if in.Capabilities != nil { + in, out := &in.Capabilities, &out.Capabilities + *out = new(Capabilities) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostedControlPlaneSpec. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml index 5a876b3c6dd..fb62b3e45ff 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AROHCPManagedIdentities.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AROHCPManagedIdentities.yaml index 379a398d6c9..dd728f648b7 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AROHCPManagedIdentities.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AROHCPManagedIdentities.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/DynamicResourceAllocation.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/DynamicResourceAllocation.yaml index cbb84661a2d..7889fe4b55e 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/DynamicResourceAllocation.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/DynamicResourceAllocation.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml index b3c700d2a74..680cf79b4b4 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPPodsLabels.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPPodsLabels.yaml index 9da3c838801..b762f823d5a 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPPodsLabels.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPPodsLabels.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml index 914c06b11b7..262cf6f088a 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml index ba6ee2461a1..38fad6c7160 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/OpenStack.yaml @@ -149,6 +149,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml index 9727d49ec75..5bbd5d68af2 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AAA_ungated.yaml @@ -117,6 +117,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AROHCPManagedIdentities.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AROHCPManagedIdentities.yaml index 0c4b850412e..62bdee4a928 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AROHCPManagedIdentities.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/AROHCPManagedIdentities.yaml @@ -117,6 +117,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/DynamicResourceAllocation.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/DynamicResourceAllocation.yaml index bcd61bf0452..fce0806299f 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/DynamicResourceAllocation.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/DynamicResourceAllocation.yaml @@ -117,6 +117,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml index 2468b0cd93f..c387de03c40 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/ExternalOIDC.yaml @@ -117,6 +117,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml index be21c50acfe..74fb95659fa 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/NetworkDiagnosticsConfig.yaml @@ -117,6 +117,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml index aac12af75c6..4d1e88d1e52 100644 --- a/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml +++ b/api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedcontrolplanes.hypershift.openshift.io/OpenStack.yaml @@ -117,6 +117,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/client/applyconfiguration/hypershift/v1beta1/capabilities.go b/client/applyconfiguration/hypershift/v1beta1/capabilities.go new file mode 100644 index 00000000000..20a4fe7b167 --- /dev/null +++ b/client/applyconfiguration/hypershift/v1beta1/capabilities.go @@ -0,0 +1,44 @@ +/* + + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/openshift/hypershift/api/hypershift/v1beta1" +) + +// CapabilitiesApplyConfiguration represents an declarative configuration of the Capabilities type for use +// with apply. +type CapabilitiesApplyConfiguration struct { + Disabled []v1beta1.OptionalCapability `json:"disabled,omitempty"` +} + +// CapabilitiesApplyConfiguration constructs an declarative configuration of the Capabilities type for use with +// apply. +func Capabilities() *CapabilitiesApplyConfiguration { + return &CapabilitiesApplyConfiguration{} +} + +// WithDisabled adds the given value to the Disabled field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Disabled field. +func (b *CapabilitiesApplyConfiguration) WithDisabled(values ...v1beta1.OptionalCapability) *CapabilitiesApplyConfiguration { + for i := range values { + b.Disabled = append(b.Disabled, values[i]) + } + return b +} diff --git a/client/applyconfiguration/hypershift/v1beta1/hostedclusterspec.go b/client/applyconfiguration/hypershift/v1beta1/hostedclusterspec.go index 3abc109f56c..b750e708402 100644 --- a/client/applyconfiguration/hypershift/v1beta1/hostedclusterspec.go +++ b/client/applyconfiguration/hypershift/v1beta1/hostedclusterspec.go @@ -55,6 +55,7 @@ type HostedClusterSpecApplyConfiguration struct { NodeSelector map[string]string `json:"nodeSelector,omitempty"` Tolerations []corev1.Toleration `json:"tolerations,omitempty"` Labels map[string]string `json:"labels,omitempty"` + Capabilities *CapabilitiesApplyConfiguration `json:"capabilities,omitempty"` } // HostedClusterSpecApplyConfiguration constructs an declarative configuration of the HostedClusterSpec type for use with @@ -318,3 +319,11 @@ func (b *HostedClusterSpecApplyConfiguration) WithLabels(entries map[string]stri } return b } + +// WithCapabilities sets the Capabilities field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Capabilities field is set to the value of the last call. +func (b *HostedClusterSpecApplyConfiguration) WithCapabilities(value *CapabilitiesApplyConfiguration) *HostedClusterSpecApplyConfiguration { + b.Capabilities = value + return b +} diff --git a/client/applyconfiguration/hypershift/v1beta1/hostedcontrolplanespec.go b/client/applyconfiguration/hypershift/v1beta1/hostedcontrolplanespec.go index e2a39cd2763..e0ac380d19c 100644 --- a/client/applyconfiguration/hypershift/v1beta1/hostedcontrolplanespec.go +++ b/client/applyconfiguration/hypershift/v1beta1/hostedcontrolplanespec.go @@ -56,6 +56,7 @@ type HostedControlPlaneSpecApplyConfiguration struct { NodeSelector map[string]string `json:"nodeSelector,omitempty"` Tolerations []corev1.Toleration `json:"tolerations,omitempty"` Labels map[string]string `json:"labels,omitempty"` + Capabilities *CapabilitiesApplyConfiguration `json:"capabilities,omitempty"` } // HostedControlPlaneSpecApplyConfiguration constructs an declarative configuration of the HostedControlPlaneSpec type for use with @@ -327,3 +328,11 @@ func (b *HostedControlPlaneSpecApplyConfiguration) WithLabels(entries map[string } return b } + +// WithCapabilities sets the Capabilities field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Capabilities field is set to the value of the last call. +func (b *HostedControlPlaneSpecApplyConfiguration) WithCapabilities(value *CapabilitiesApplyConfiguration) *HostedControlPlaneSpecApplyConfiguration { + b.Capabilities = value + return b +} diff --git a/client/applyconfiguration/utils.go b/client/applyconfiguration/utils.go index 4b03c497484..1564c74672e 100644 --- a/client/applyconfiguration/utils.go +++ b/client/applyconfiguration/utils.go @@ -98,6 +98,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &hypershiftv1beta1.AzureResourceManagedIdentitiesApplyConfiguration{} case v1beta1.SchemeGroupVersion.WithKind("AzureVMImage"): return &hypershiftv1beta1.AzureVMImageApplyConfiguration{} + case v1beta1.SchemeGroupVersion.WithKind("Capabilities"): + return &hypershiftv1beta1.CapabilitiesApplyConfiguration{} case v1beta1.SchemeGroupVersion.WithKind("CertificateSigningRequestApproval"): return &hypershiftv1beta1.CertificateSigningRequestApprovalApplyConfiguration{} case v1beta1.SchemeGroupVersion.WithKind("ClusterAutoscaling"): diff --git a/cmd/cluster/azure/create_test.go b/cmd/cluster/azure/create_test.go index f62848918fe..6d69e23cb40 100644 --- a/cmd/cluster/azure/create_test.go +++ b/cmd/cluster/azure/create_test.go @@ -123,6 +123,16 @@ func TestCreateCluster(t *testing.T) { "--availability-zones=1,2", }, }, + { + name: "with disabled capabilities", + args: []string{ + "--azure-creds=" + credentialsFile, + "--infra-json=" + infraFile, + "--rhcos-image=whatever", + "--render-sensitive", + "--disable-cluster-capabilities=ImageRegistry", + }, + }, } { t.Run(testCase.name, func(t *testing.T) { fakeClient := fake.NewClientBuilder().WithScheme(api.Scheme).Build() diff --git a/cmd/cluster/azure/testdata/zz_fixture_TestCreateCluster_with_disabled_capabilities.yaml b/cmd/cluster/azure/testdata/zz_fixture_TestCreateCluster_with_disabled_capabilities.yaml new file mode 100644 index 00000000000..a1456583661 --- /dev/null +++ b/cmd/cluster/azure/testdata/zz_fixture_TestCreateCluster_with_disabled_capabilities.yaml @@ -0,0 +1,184 @@ +apiVersion: v1 +kind: Namespace +metadata: + creationTimestamp: null + name: clusters +spec: {} +status: {} +--- +apiVersion: v1 +data: + .dockerconfigjson: null +kind: Secret +metadata: + creationTimestamp: null + labels: + hypershift.openshift.io/safe-to-delete-with-cluster: "true" + name: example-pull-secret + namespace: clusters +--- +apiVersion: v1 +data: + AZURE_SUBSCRIPTION_ID: ZmFrZVN1YnNjcmlwdGlvbklE + AZURE_TENANT_ID: ZmFrZVRlbmFudElE +kind: Secret +metadata: + creationTimestamp: null + name: example-cloud-credentials + namespace: clusters +--- +apiVersion: v1 +data: + key: nfAcEULXG/r6wMZie5Ui0bWnhrmx73FKO3yWK/4H80A= +kind: Secret +metadata: + creationTimestamp: null + labels: + hypershift.openshift.io/safe-to-delete-with-cluster: "true" + name: example-etcd-encryption-key + namespace: clusters +type: Opaque +--- +apiVersion: hypershift.openshift.io/v1beta1 +kind: HostedCluster +metadata: + creationTimestamp: null + name: example + namespace: clusters +spec: + autoscaling: {} + capabilities: + disabled: + - ImageRegistry + configuration: {} + controllerAvailabilityPolicy: SingleReplica + dns: + baseDomain: fakeBaseDomain + privateZoneID: fakePrivateZoneID + publicZoneID: fakePublicZoneID + etcd: + managed: + storage: + persistentVolume: + size: 8Gi + type: PersistentVolume + managementType: Managed + fips: false + infraID: fakeInfraID + networking: + clusterNetwork: + - cidr: 10.132.0.0/14 + networkType: OVNKubernetes + serviceNetwork: + - cidr: 172.31.0.0/16 + olmCatalogPlacement: management + platform: + azure: + location: fakeLocation + managedIdentities: + controlPlane: + cloudProvider: + certificateName: "" + clientID: "" + objectEncoding: "" + controlPlaneOperator: + certificateName: "" + clientID: "" + objectEncoding: "" + disk: + certificateName: "" + clientID: "" + objectEncoding: "" + file: + certificateName: "" + clientID: "" + objectEncoding: "" + imageRegistry: + certificateName: "" + clientID: "" + objectEncoding: "" + ingress: + certificateName: "" + clientID: "" + objectEncoding: "" + managedIdentitiesKeyVault: + name: "" + tenantID: "" + network: + certificateName: "" + clientID: "" + objectEncoding: "" + nodePoolManagement: + certificateName: "" + clientID: "" + objectEncoding: "" + dataPlane: + diskMSIClientID: "" + fileMSIClientID: "" + imageRegistryMSIClientID: "" + resourceGroup: fakeResourceGroupName + securityGroupID: fakeSecurityGroupID + subnetID: fakeSubnetID + subscriptionID: fakeSubscriptionID + tenantID: fakeTenantID + vnetID: fakeVNetID + type: Azure + pullSecret: + name: example-pull-secret + release: + image: "" + secretEncryption: + aescbc: + activeKey: + name: example-etcd-encryption-key + type: aescbc + services: + - service: APIServer + servicePublishingStrategy: + type: LoadBalancer + - service: Ignition + servicePublishingStrategy: + type: Route + - service: Konnectivity + servicePublishingStrategy: + type: Route + - service: OAuthServer + servicePublishingStrategy: + type: Route + sshKey: {} +status: + controlPlaneEndpoint: + host: "" + port: 0 +--- +apiVersion: hypershift.openshift.io/v1beta1 +kind: NodePool +metadata: + creationTimestamp: null + name: example + namespace: clusters +spec: + arch: amd64 + clusterName: example + management: + autoRepair: false + upgradeType: Replace + nodeDrainTimeout: 0s + nodeVolumeDetachTimeout: 0s + platform: + azure: + image: + imageID: fakeBootImageID + type: ImageID + machineIdentityID: fakeMachineIdentityID + osDisk: + sizeGiB: 120 + subnetID: fakeSubnetID + vmSize: Standard_D4s_v3 + type: Azure + release: + image: "" + replicas: 0 +status: + replicas: 0 +--- diff --git a/cmd/cluster/core/create.go b/cmd/cluster/core/create.go index 74fe99c55f6..0751f852ce7 100644 --- a/cmd/cluster/core/create.go +++ b/cmd/cluster/core/create.go @@ -9,6 +9,7 @@ import ( "fmt" "io" "os" + "reflect" "sort" "strconv" "strings" @@ -107,7 +108,7 @@ func bindCoreOptions(opts *RawCreateOptions, flags *pflag.FlagSet) { flags.StringVar(&opts.PausedUntil, "pausedUntil", opts.PausedUntil, "If a date is provided in RFC3339 format, HostedCluster creation is paused until that date. If the boolean true is provided, HostedCluster creation is paused until the field is removed.") flags.StringVar(&opts.ReleaseStream, "release-stream", opts.ReleaseStream, "The OCP release stream for the cluster (e.g. 4-stable-multi), this flag is ignored if release-image is set") flags.StringVar(&opts.FeatureSet, "feature-set", opts.FeatureSet, "The predefined feature set to use for the cluster (TechPreviewNoUpgrade or DevPreviewNoUpgrade)") - + flags.StringSliceVar(&opts.DisableClusterCapabilities, "disable-cluster-capabilities", nil, "Optional cluster capabilities to disabled. The only currently supported value is ImageRegistry.") } // BindDeveloperOptions binds options that should only be exposed to developers in the `hypershift` CLI @@ -166,6 +167,7 @@ type RawCreateOptions struct { OLMCatalogPlacement hyperv1.OLMCatalogPlacement OLMDisableDefaultSources bool FeatureSet string + DisableClusterCapabilities []string // BeforeApply is called immediately before resources are applied to the // server, giving the user an opportunity to inspect or mutate the resources. @@ -329,6 +331,16 @@ func prototypeResources(opts *CreateOptions) (*resources, error) { }, } + if len(opts.DisableClusterCapabilities) > 0 { + caps := make([]hyperv1.OptionalCapability, len(opts.DisableClusterCapabilities)) + for i, c := range opts.DisableClusterCapabilities { + caps[i] = hyperv1.OptionalCapability(c) + } + prototype.Cluster.Spec.Capabilities = &hyperv1.Capabilities{ + Disabled: caps, + } + } + if opts.EtcdStorageClass != "" { prototype.Cluster.Spec.Etcd.Managed.Storage.PersistentVolume.StorageClassName = ptr.To(opts.EtcdStorageClass) } @@ -678,6 +690,13 @@ func (opts *RawCreateOptions) Validate(ctx context.Context) (*ValidatedCreateOpt return nil, fmt.Errorf("specified feature set %q is not supported", opts.FeatureSet) } + if len(opts.DisableClusterCapabilities) > 0 { + acceptedValues := []string{"ImageRegistry"} + if !reflect.DeepEqual(opts.DisableClusterCapabilities, acceptedValues) { + return nil, fmt.Errorf("unknown capability, accepted values are: %v", acceptedValues) + } + } + return &ValidatedCreateOptions{ validatedCreateOptions: &validatedCreateOptions{ RawCreateOptions: opts, diff --git a/cmd/cluster/core/create_test.go b/cmd/cluster/core/create_test.go index 548c1664acd..fdfb4695070 100644 --- a/cmd/cluster/core/create_test.go +++ b/cmd/cluster/core/create_test.go @@ -153,3 +153,66 @@ func TestAsObjects(t *testing.T) { }) } } + +func TestPrototypeResources(t *testing.T) { + g := NewWithT(t) + opts := &CreateOptions{ + completedCreateOptions: &completedCreateOptions{ + ValidatedCreateOptions: &ValidatedCreateOptions{ + validatedCreateOptions: &validatedCreateOptions{ + RawCreateOptions: &RawCreateOptions{ + DisableClusterCapabilities: []string{string(hyperv1.ImageRegistryCapability)}, + }, + }, + }, + }, + } + resources, err := prototypeResources(opts) + g.Expect(err).To(BeNil()) + g.Expect(resources.Cluster.Spec.Capabilities.Disabled). + To(Equal([]hyperv1.OptionalCapability{hyperv1.ImageRegistryCapability})) +} + +func TestValidate(t *testing.T) { + g := NewWithT(t) + ctx := context.Background() + tests := []struct { + name string + rawOpts *RawCreateOptions + expectedErr string + }{ + { + name: "fails with unsupported capability", + rawOpts: &RawCreateOptions{ + Name: "test-hc", + Namespace: "test-hc", + Arch: "amd64", + DisableClusterCapabilities: []string{"UnsupportedCapability"}, + }, + expectedErr: "unknown capability, accepted values are:", + }, + { + name: "passes with ImageRegistry capability", + rawOpts: &RawCreateOptions{ + Name: "test-hc", + Namespace: "test-hc", + Arch: "amd64", + DisableClusterCapabilities: []string{"ImageRegistry"}, + }, + expectedErr: "", + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + // avoid actual client calls in Validate + test.rawOpts.Render = true + _, err := test.rawOpts.Validate(ctx) + if test.expectedErr == "" { + g.Expect(err).To(BeNil()) + } else { + g.Expect(err).To(HaveOccurred()) + g.Expect(err.Error()).To(ContainSubstring(test.expectedErr)) + } + }) + } +} diff --git a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-CustomNoUpgrade.crd.yaml b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-CustomNoUpgrade.crd.yaml index 59d78129f2b..7a8915c17b6 100644 --- a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-CustomNoUpgrade.crd.yaml +++ b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-CustomNoUpgrade.crd.yaml @@ -152,6 +152,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Default.crd.yaml b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Default.crd.yaml index 19dae774b41..e75a296ff5d 100644 --- a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Default.crd.yaml +++ b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-Default.crd.yaml @@ -152,6 +152,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-TechPreviewNoUpgrade.crd.yaml b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-TechPreviewNoUpgrade.crd.yaml index aedc36f6c26..c2aea22b2ce 100644 --- a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-TechPreviewNoUpgrade.crd.yaml +++ b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedclusters-TechPreviewNoUpgrade.crd.yaml @@ -152,6 +152,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. diff --git a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-CustomNoUpgrade.crd.yaml b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-CustomNoUpgrade.crd.yaml index 844802568a3..0c5b0730103 100644 --- a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-CustomNoUpgrade.crd.yaml +++ b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-CustomNoUpgrade.crd.yaml @@ -120,6 +120,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Default.crd.yaml b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Default.crd.yaml index 7089a54a115..0d665dcc531 100644 --- a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Default.crd.yaml +++ b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-Default.crd.yaml @@ -120,6 +120,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-TechPreviewNoUpgrade.crd.yaml b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-TechPreviewNoUpgrade.crd.yaml index 2599e386b91..52fab9a99fd 100644 --- a/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-TechPreviewNoUpgrade.crd.yaml +++ b/cmd/install/assets/hypershift-operator/zz_generated.crd-manifests/hostedcontrolplanes-TechPreviewNoUpgrade.crd.yaml @@ -120,6 +120,37 @@ spec: format: int32 type: integer type: object + capabilities: + default: {} + description: |- + capabilities allows for disabling optional components at cluster install time. + This field is optional and once set cannot be changed. + properties: + disabled: + description: |- + disabled when specified, sets the cluster version baselineCapabilitySet to None + and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + This effectively disables that capability on the hosted cluster. + + When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + OpenShift version. + + Once set, this field cannot be changed. + items: + enum: + - ImageRegistry + type: string + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - message: Disabled is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf + type: object + x-kubernetes-validations: + - message: Capabilities is immutable. Changes might result in unpredictable + and disruptive behavior. + rule: self == oldSelf channel: description: |- channel is an identifier for explicitly requesting that a non-default diff --git a/control-plane-operator/controllers/hostedcontrolplane/cvo/params.go b/control-plane-operator/controllers/hostedcontrolplane/cvo/params.go index e6e8703dbc0..e7aa2bc91f9 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/cvo/params.go +++ b/control-plane-operator/controllers/hostedcontrolplane/cvo/params.go @@ -5,6 +5,7 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "k8s.io/utils/ptr" + configv1 "github.com/openshift/api/config/v1" hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/imageprovider" @@ -21,6 +22,7 @@ type CVOParams struct { OwnerRef config.OwnerRef DeploymentConfig config.DeploymentConfig PlatformType hyperv1.PlatformType + FeatureSet configv1.FeatureSet } func NewCVOParams(hcp *hyperv1.HostedControlPlane, releaseImageProvider imageprovider.ReleaseImageProvider, setDefaultSecurityContext, enableCVOManagementClusterMetricsAccess bool) *CVOParams { @@ -38,6 +40,9 @@ func NewCVOParams(hcp *hyperv1.HostedControlPlane, releaseImageProvider imagepro if p.ReleaseImage == "" { p.ReleaseImage = hcp.Spec.ReleaseImage } + if hcp.Spec.Configuration != nil && hcp.Spec.Configuration.FeatureGate != nil { + p.FeatureSet = hcp.Spec.Configuration.FeatureGate.FeatureSet + } if enableCVOManagementClusterMetricsAccess { p.DeploymentConfig.AdditionalLabels = map[string]string{ diff --git a/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go b/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go index 130ed8f7a03..76ce42051a0 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go +++ b/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go @@ -1,13 +1,14 @@ package cvo import ( + "encoding/json" "fmt" "path" "strings" hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" - "github.com/openshift/hypershift/support/api" prometheusoperatorv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -23,6 +24,8 @@ import ( "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/kas" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/manifests" "github.com/openshift/hypershift/hypershift-operator/controllers/manifests/controlplaneoperator" + "github.com/openshift/hypershift/support/api" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/certs" "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/metrics" @@ -115,7 +118,7 @@ func cvoLabels() map[string]string { var port int32 = 8443 -func ReconcileDeployment(deployment *appsv1.Deployment, ownerRef config.OwnerRef, deploymentConfig config.DeploymentConfig, controlPlaneReleaseImage, dataPlaneReleaseImage, cliImage, availabilityProberImage, clusterID string, updateService configv1.URL, platformType hyperv1.PlatformType, oauthEnabled, enableCVOManagementClusterMetricsAccess bool) error { +func ReconcileDeployment(deployment *appsv1.Deployment, ownerRef config.OwnerRef, deploymentConfig config.DeploymentConfig, controlPlaneReleaseImage, dataPlaneReleaseImage, cliImage, availabilityProberImage, clusterID string, updateService configv1.URL, platformType hyperv1.PlatformType, oauthEnabled, enableCVOManagementClusterMetricsAccess bool, featureSet configv1.FeatureSet, caps *hyperv1.Capabilities) error { ownerRef.ApplyTo(deployment) // preserve existing resource requirements for main CVO container @@ -129,6 +132,35 @@ func ReconcileDeployment(deployment *appsv1.Deployment, ownerRef config.OwnerRef MatchLabels: cvoLabels(), } } + + // the ClusterVersion resource is created by the CVO bootstrap container. + // we marshal it to json as a means to validate its formatting, which protects + // us against easily preventable mistakes, such as typos. + cv := &configv1.ClusterVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterVersion", + APIVersion: "config.openshift.io/v1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "version", + }, + Spec: configv1.ClusterVersionSpec{ + ClusterID: configv1.ClusterID(clusterID), + }, + } + + if !capabilities.IsImageRegistryCapabilityEnabled(caps) { + cv.Spec.Capabilities = &configv1.ClusterVersionCapabilitiesSpec{ + BaselineCapabilitySet: configv1.ClusterVersionCapabilitySetNone, + AdditionalEnabledCapabilities: capabilities.CalculateEnabledCapabilities(caps), + } + } + + clusterVersionJSON, err := json.Marshal(cv) + if err != nil { + return err + } + deployment.Spec = appsv1.DeploymentSpec{ Selector: selector, Template: corev1.PodTemplateSpec{ @@ -138,8 +170,8 @@ func ReconcileDeployment(deployment *appsv1.Deployment, ownerRef config.OwnerRef Spec: corev1.PodSpec{ AutomountServiceAccountToken: ptr.To(false), InitContainers: []corev1.Container{ - util.BuildContainer(cvoContainerPrepPayload(), buildCVOContainerPrepPayload(dataPlaneReleaseImage, platformType, oauthEnabled)), - util.BuildContainer(cvoContainerBootstrap(), buildCVOContainerBootstrap(cliImage, clusterID)), + util.BuildContainer(cvoContainerPrepPayload(), buildCVOContainerPrepPayload(dataPlaneReleaseImage, platformType, oauthEnabled, featureSet)), + util.BuildContainer(cvoContainerBootstrap(), buildCVOContainerBootstrap(cliImage, clusterVersionJSON)), }, Containers: []corev1.Container{ util.BuildContainer(cvoContainerMain(), buildCVOContainerMain(controlPlaneReleaseImage, dataPlaneReleaseImage, deployment.Namespace, updateService, enableCVOManagementClusterMetricsAccess)), @@ -188,25 +220,25 @@ func cvoContainerMain() *corev1.Container { } } -func buildCVOContainerPrepPayload(image string, platformType hyperv1.PlatformType, oauthEnabled bool) func(c *corev1.Container) { +func buildCVOContainerPrepPayload(image string, platformType hyperv1.PlatformType, oauthEnabled bool, featureSet configv1.FeatureSet) func(c *corev1.Container) { return func(c *corev1.Container) { c.Image = image c.Command = []string{"/bin/bash"} c.Args = []string{ "-c", - preparePayloadScript(platformType, oauthEnabled), + preparePayloadScript(platformType, oauthEnabled, featureSet), } c.VolumeMounts = volumeMounts.ContainerMounts(c.Name) } } -func buildCVOContainerBootstrap(image, clusterID string) func(*corev1.Container) { +func buildCVOContainerBootstrap(image string, clusterVersionJSON []byte) func(*corev1.Container) { return func(c *corev1.Container) { c.Image = image c.Command = []string{"/bin/bash"} c.Args = []string{ "-c", - cvoBootrapScript(clusterID), + cvoBootstrapScript(clusterVersionJSON), } c.Resources.Requests = corev1.ResourceList{ corev1.ResourceCPU: resource.MustParse("10m"), @@ -249,7 +281,7 @@ func ResourcesToRemove(platformType hyperv1.PlatformType) []client.Object { } } -func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool) string { +func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, featureSet configv1.FeatureSet) string { payloadDir := volumeMounts.Path(cvoContainerPrepPayload().Name, cvoVolumePayload().Name) var stmts []string @@ -259,6 +291,37 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool) fmt.Sprintf("rm %s/manifests/*_servicemonitor.yaml", payloadDir), fmt.Sprintf("cp -R /release-manifests %s/", payloadDir), ) + + // NOTE: We would need part of the manifest.Include logic (https://github.com/openshift/library-go/blob/0064ad7bd060b9fd52f7840972c1d3e72186d0f0/pkg/manifest/manifest.go#L190-L196) + // to properly evaluate which CVO manifests to select based on featureset. In the absence of that logic, use simple filename filtering, which is not ideal + // but better than nothing. Ideally, we filter based on the feature-set annotation in the manifests. + switch featureSet { + case configv1.Default, "": + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-CustomNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-DevPreviewNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-TechPreviewNoUpgrade*.yaml", payloadDir), + ) + case configv1.CustomNoUpgrade: + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-Default*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-DevPreviewNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-TechPreviewNoUpgrade*.yaml", payloadDir), + ) + case configv1.DevPreviewNoUpgrade: + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-Default*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-CustomNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-TechPreviewNoUpgrade*.yaml", payloadDir), + ) + case configv1.TechPreviewNoUpgrade: + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-Default*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-CustomNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-DevPreviewNoUpgrade*.yaml", payloadDir), + ) + } + for _, manifest := range manifestsToOmit { if platformType == hyperv1.IBMCloudPlatform || platformType == hyperv1.PowerVSPlatform { if manifest == "0000_50_cluster-storage-operator_10_deployment-ibm-cloud-managed.yaml" || manifest == "0000_50_cluster-csi-snapshot-controller-operator_07_deployment-ibm-cloud-managed.yaml" { @@ -304,31 +367,28 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool) return strings.Join(stmts, "\n") } -func cvoBootrapScript(clusterID string) string { +func cvoBootstrapScript(clusterVersionJSON []byte) string { payloadDir := volumeMounts.Path(cvoContainerBootstrap().Name, cvoVolumePayload().Name) - var scriptTemplate = `#!/bin/bash + scriptTemplate := `#!/bin/bash set -euo pipefail -cat > /tmp/clusterversion.yaml < /tmp/clusterversion.json < /dev/null || oc create ns openshift-config oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed +oc apply -f ${MANIFEST_DIR}/0000_00_cluster-version-operator_01_clusterversions* +oc apply -f /tmp/clusterversion.json while true; do - echo "Applying CVO bootstrap manifests" - if oc apply -f %s/manifests; then + echo "Applying CVO bootstrap manifests..." + if oc apply -f ${MANIFEST_DIR}; then echo "Bootstrap manifests applied successfully." break fi sleep 1 done -oc get clusterversion/version &> /dev/null || oc create -f /tmp/clusterversion.yaml ` - return fmt.Sprintf(scriptTemplate, clusterID, payloadDir) + return fmt.Sprintf(scriptTemplate, payloadDir, string(clusterVersionJSON)) } func buildCVOContainerMain(controlPlaneReleaseImage, dataPlaneReleaseImage, namespace string, updateService configv1.URL, enableCVOManagementClusterMetricsAccess bool) func(c *corev1.Container) { diff --git a/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go b/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go index 7dea2435722..65497cfc848 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go +++ b/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go @@ -1278,9 +1278,11 @@ func (r *HostedControlPlaneReconciler) reconcile(ctx context.Context, hostedCont } // Reconcile image registry operator - r.Log.Info("Reconciling Image Registry Operator") - if err := r.reconcileImageRegistryOperator(ctx, hostedControlPlane, releaseImageProvider, userReleaseImageProvider, createOrUpdate); err != nil { - return fmt.Errorf("failed to reconcile image registry operator: %w", err) + if capabilities.IsImageRegistryCapabilityEnabled(hostedControlPlane.Spec.Capabilities) { + r.Log.Info("Reconciling Image Registry Operator") + if err := r.reconcileImageRegistryOperator(ctx, hostedControlPlane, releaseImageProvider, userReleaseImageProvider, createOrUpdate); err != nil { + return fmt.Errorf("failed to reconcile image registry operator: %w", err) + } } if IsStorageAndCSIManaged(hostedControlPlane) { @@ -2501,12 +2503,14 @@ func (r *HostedControlPlaneReconciler) reconcilePKI(ctx context.Context, hcp *hy return fmt.Errorf("failed to reconcile olm operator serving cert: %w", err) } - // Image Registry Operator Serving Cert - imageRegistryOperatorServingCert := manifests.ImageRegistryOperatorServingCert(hcp.Namespace) - if _, err := createOrUpdate(ctx, r, imageRegistryOperatorServingCert, func() error { - return pki.ReconcileRegistryOperatorServingCert(imageRegistryOperatorServingCert, rootCASecret, p.OwnerRef) - }); err != nil { - return fmt.Errorf("failed to reconcile image registry operator serving cert: %w", err) + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + // Image Registry Operator Serving Cert + imageRegistryOperatorServingCert := manifests.ImageRegistryOperatorServingCert(hcp.Namespace) + if _, err := createOrUpdate(ctx, r, imageRegistryOperatorServingCert, func() error { + return pki.ReconcileRegistryOperatorServingCert(imageRegistryOperatorServingCert, rootCASecret, p.OwnerRef) + }); err != nil { + return fmt.Errorf("failed to reconcile image registry operator serving cert: %w", err) + } } kcmServerSecret := manifests.KCMServerCertSecret(hcp.Namespace) @@ -2970,7 +2974,7 @@ func (r *HostedControlPlaneReconciler) reconcileKubeAPIServer(ctx context.Contex kubeAPIServerConfig := manifests.KASConfig(hcp.Namespace) if _, err := createOrUpdate(ctx, r, kubeAPIServerConfig, func() error { - return kas.ReconcileConfig(kubeAPIServerConfig, p.OwnerRef, p.ConfigParams()) + return kas.ReconcileConfig(kubeAPIServerConfig, p.OwnerRef, p.ConfigParams(), hcp.Spec.Capabilities) }); err != nil { return fmt.Errorf("failed to reconcile api server config: %w", err) } @@ -3306,7 +3310,7 @@ func (r *HostedControlPlaneReconciler) reconcileOpenShiftAPIServer(ctx context.C p := oapi.NewOpenShiftAPIServerParams(hcp, observedConfig, releaseImageProvider, r.SetDefaultSecurityContext) oapicfg := manifests.OpenShiftAPIServerConfig(hcp.Namespace) if _, err := createOrUpdate(ctx, r, oapicfg, func() error { - return oapi.ReconcileConfig(oapicfg, p.AuditWebhookRef, p.OwnerRef, p.EtcdURL, p.IngressDomain(), p.MinTLSVersion(), p.CipherSuites(), p.Image, p.Project) + return oapi.ReconcileConfig(oapicfg, p.AuditWebhookRef, p.OwnerRef, p.EtcdURL, p.IngressDomain(), p.MinTLSVersion(), p.CipherSuites(), p.Image, p.Project, hcp.Spec.Capabilities) }); err != nil { return fmt.Errorf("failed to reconcile openshift apiserver config: %w", err) } @@ -3494,7 +3498,10 @@ func (r *HostedControlPlaneReconciler) reconcileOpenShiftControllerManager(ctx c p := ocm.NewOpenShiftControllerManagerParams(hcp, observedConfig, releaseImageProvider, r.SetDefaultSecurityContext) config := manifests.OpenShiftControllerManagerConfig(hcp.Namespace) if _, err := createOrUpdate(ctx, r, config, func() error { - return ocm.ReconcileOpenShiftControllerManagerConfig(config, p.OwnerRef, p.DeployerImage, p.DockerBuilderImage, p.MinTLSVersion(), p.CipherSuites(), p.Image, p.Build, p.Network) + return ocm.ReconcileOpenShiftControllerManagerConfig(config, + p.OwnerRef, p.DeployerImage, p.DockerBuilderImage, + p.MinTLSVersion(), p.CipherSuites(), p.Image, p.Build, + p.Network, hcp.Spec.Capabilities) }); err != nil { return fmt.Errorf("failed to reconcile openshift controller manager config: %w", err) } @@ -3651,7 +3658,7 @@ func (r *HostedControlPlaneReconciler) reconcileClusterVersionOperator(ctx conte deployment := manifests.ClusterVersionOperatorDeployment(hcp.Namespace) if _, err := createOrUpdate(ctx, r, deployment, func() error { - return cvo.ReconcileDeployment(deployment, p.OwnerRef, p.DeploymentConfig, controlPlaneReleaseImage, dataPlaneReleaseImage, p.CLIImage, p.AvailabilityProberImage, p.ClusterID, hcp.Spec.UpdateService, p.PlatformType, util.HCPOAuthEnabled(hcp), r.EnableCVOManagementClusterMetricsAccess) + return cvo.ReconcileDeployment(deployment, p.OwnerRef, p.DeploymentConfig, controlPlaneReleaseImage, dataPlaneReleaseImage, p.CLIImage, p.AvailabilityProberImage, p.ClusterID, hcp.Spec.UpdateService, p.PlatformType, util.HCPOAuthEnabled(hcp), r.EnableCVOManagementClusterMetricsAccess, p.FeatureSet, hcp.Spec.Capabilities) }); err != nil { return fmt.Errorf("failed to reconcile cluster version operator deployment: %w", err) } diff --git a/control-plane-operator/controllers/hostedcontrolplane/kas/config.go b/control-plane-operator/controllers/hostedcontrolplane/kas/config.go index 0ded313bb6d..cde50251843 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/kas/config.go +++ b/control-plane-operator/controllers/hostedcontrolplane/kas/config.go @@ -22,6 +22,7 @@ import ( "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/cloud/openstack" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/common" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/pki" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/certs" hcpconfig "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/globalconfig" @@ -37,12 +38,17 @@ const ( DefaultEtcdPort = 2379 ) -func ReconcileConfig(config *corev1.ConfigMap, ownerRef hcpconfig.OwnerRef, p KubeAPIServerConfigParams) error { +func ReconcileConfig(config *corev1.ConfigMap, ownerRef hcpconfig.OwnerRef, p KubeAPIServerConfigParams, caps *hyperv1.Capabilities) error { ownerRef.ApplyTo(config) if config.Data == nil { config.Data = map[string]string{} } kasConfig := generateConfig(p) + + if !capabilities.IsImageRegistryCapabilityEnabled(caps) { + kasConfig.ImagePolicyConfig.InternalRegistryHostname = "" + } + serializedConfig, err := json.Marshal(kasConfig) if err != nil { return fmt.Errorf("failed to serialize kube apiserver config: %w", err) diff --git a/control-plane-operator/controllers/hostedcontrolplane/oapi/config.go b/control-plane-operator/controllers/hostedcontrolplane/oapi/config.go index 160a5f1ce70..c450bff1efe 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/oapi/config.go +++ b/control-plane-operator/controllers/hostedcontrolplane/oapi/config.go @@ -15,6 +15,7 @@ import ( "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/kas" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/pki" "github.com/openshift/hypershift/support/api" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/certs" "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/util" @@ -26,7 +27,7 @@ const ( defaultInternalRegistryHostname = "image-registry.openshift-image-registry.svc:5000" ) -func ReconcileConfig(cm *corev1.ConfigMap, auditWebhookRef *corev1.LocalObjectReference, ownerRef config.OwnerRef, etcdURL, ingressDomain, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, projectConfig *configv1.Project) error { +func ReconcileConfig(cm *corev1.ConfigMap, auditWebhookRef *corev1.LocalObjectReference, ownerRef config.OwnerRef, etcdURL, ingressDomain, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, projectConfig *configv1.Project, caps *hyperv1.Capabilities) error { ownerRef.ApplyTo(cm) if cm.Data == nil { cm.Data = map[string]string{} @@ -37,7 +38,7 @@ func ReconcileConfig(cm *corev1.ConfigMap, auditWebhookRef *corev1.LocalObjectRe return fmt.Errorf("failed to read existing config: %w", err) } } - reconcileConfigObject(openshiftAPIServerConfig, auditWebhookRef, etcdURL, ingressDomain, minTLSVersion, cipherSuites, imageConfig, projectConfig) + reconcileConfigObject(openshiftAPIServerConfig, auditWebhookRef, etcdURL, ingressDomain, minTLSVersion, cipherSuites, imageConfig, projectConfig, caps) serializedConfig, err := util.SerializeResource(openshiftAPIServerConfig, api.Scheme) if err != nil { return fmt.Errorf("failed to serialize openshift apiserver config: %w", err) @@ -46,7 +47,7 @@ func ReconcileConfig(cm *corev1.ConfigMap, auditWebhookRef *corev1.LocalObjectRe return nil } -func reconcileConfigObject(cfg *openshiftcpv1.OpenShiftAPIServerConfig, auditWebhookRef *corev1.LocalObjectReference, etcdURL, ingressDomain, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, projectConfig *configv1.Project) { +func reconcileConfigObject(cfg *openshiftcpv1.OpenShiftAPIServerConfig, auditWebhookRef *corev1.LocalObjectReference, etcdURL, ingressDomain, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, projectConfig *configv1.Project, caps *hyperv1.Capabilities) { cfg.TypeMeta = metav1.TypeMeta{ Kind: "OpenShiftAPIServerConfig", APIVersion: openshiftcpv1.GroupVersion.String(), @@ -83,7 +84,9 @@ func reconcileConfigObject(cfg *openshiftcpv1.OpenShiftAPIServerConfig, auditWeb } // Image policy config - cfg.ImagePolicyConfig.InternalRegistryHostname = defaultInternalRegistryHostname + if capabilities.IsImageRegistryCapabilityEnabled(caps) { + cfg.ImagePolicyConfig.InternalRegistryHostname = defaultInternalRegistryHostname + } if imageConfig != nil { cfg.ImagePolicyConfig.ExternalRegistryHostnames = imageConfig.ExternalRegistryHostnames var allowedRegistries openshiftcpv1.AllowedRegistries diff --git a/control-plane-operator/controllers/hostedcontrolplane/ocm/config.go b/control-plane-operator/controllers/hostedcontrolplane/ocm/config.go index 093934661ef..477c9021b8c 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/ocm/config.go +++ b/control-plane-operator/controllers/hostedcontrolplane/ocm/config.go @@ -10,9 +10,11 @@ import ( buildv1 "github.com/openshift/api/build/v1" configv1 "github.com/openshift/api/config/v1" openshiftcpv1 "github.com/openshift/api/openshiftcontrolplane/v1" + hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/common" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/kas" "github.com/openshift/hypershift/support/api" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/certs" "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/util" @@ -22,7 +24,7 @@ const ( ConfigKey = "config.yaml" ) -func ReconcileOpenShiftControllerManagerConfig(cm *corev1.ConfigMap, ownerRef config.OwnerRef, deployerImage, dockerBuilderImage, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, buildConfig *configv1.Build, networkConfig *configv1.NetworkSpec) error { +func ReconcileOpenShiftControllerManagerConfig(cm *corev1.ConfigMap, ownerRef config.OwnerRef, deployerImage, dockerBuilderImage, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, buildConfig *configv1.Build, networkConfig *configv1.NetworkSpec, caps *hyperv1.Capabilities) error { ownerRef.ApplyTo(cm) if cm.Data == nil { @@ -35,7 +37,8 @@ func ReconcileOpenShiftControllerManagerConfig(cm *corev1.ConfigMap, ownerRef co return fmt.Errorf("unable to decode existing openshift controller manager configuration: %w", err) } } - if err := reconcileConfig(config, deployerImage, dockerBuilderImage, minTLSVersion, cipherSuites, imageConfig, buildConfig, networkConfig); err != nil { + if err := reconcileConfig(config, deployerImage, dockerBuilderImage, minTLSVersion, + cipherSuites, imageConfig, buildConfig, networkConfig, caps); err != nil { return err } configStr, err := util.SerializeResource(config, api.Scheme) @@ -46,7 +49,7 @@ func ReconcileOpenShiftControllerManagerConfig(cm *corev1.ConfigMap, ownerRef co return nil } -func reconcileConfig(cfg *openshiftcpv1.OpenShiftControllerManagerConfig, deployerImage, dockerBuilderImage, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, buildConfig *configv1.Build, networkConfig *configv1.NetworkSpec) error { +func reconcileConfig(cfg *openshiftcpv1.OpenShiftControllerManagerConfig, deployerImage, dockerBuilderImage, minTLSVersion string, cipherSuites []string, imageConfig *configv1.ImageSpec, buildConfig *configv1.Build, networkConfig *configv1.NetworkSpec, caps *hyperv1.Capabilities) error { cpath := func(volume, file string) string { dir := volumeMounts.Path(ocmContainerMain().Name, volume) return path.Join(dir, file) @@ -56,16 +59,18 @@ func reconcileConfig(cfg *openshiftcpv1.OpenShiftControllerManagerConfig, deploy APIVersion: openshiftcpv1.GroupVersion.String(), } - // Do not modify cfg.Controllers! - // This field is currently owned by the HCCO. - // When we add Capabilities support, we will set Controllers here - // but we have to remove setting it in the HCCO at the same time. + if !capabilities.IsImageRegistryCapabilityEnabled(caps) { + cfg.Controllers = []string{"*", fmt.Sprintf("-%s", openshiftcpv1.OpenShiftServiceAccountPullSecretsController)} + } cfg.Build.ImageTemplateFormat.Format = dockerBuilderImage cfg.Deployer.ImageTemplateFormat.Format = deployerImage // registry config - cfg.DockerPullSecret.InternalRegistryHostname = config.DefaultImageRegistryHostname + if capabilities.IsImageRegistryCapabilityEnabled(caps) { + cfg.DockerPullSecret.InternalRegistryHostname = config.DefaultImageRegistryHostname + } + if imageConfig != nil { cfg.DockerPullSecret.RegistryURLs = imageConfig.ExternalRegistryHostnames } diff --git a/control-plane-operator/controllers/hostedcontrolplane/ocm/config_test.go b/control-plane-operator/controllers/hostedcontrolplane/ocm/config_test.go index d8eecc75f2d..dfb7717fe86 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/ocm/config_test.go +++ b/control-plane-operator/controllers/hostedcontrolplane/ocm/config_test.go @@ -66,7 +66,7 @@ func TestReconcileOpenShiftControllerManagerConfig(t *testing.T) { params := NewOpenShiftControllerManagerParams(hcp, observedConfig, imageProvider, true) configMap := manifests.OpenShiftControllerManagerConfig(hcp.Namespace) - if err := ReconcileOpenShiftControllerManagerConfig(configMap, config2.OwnerRefFrom(hcp), params.DeployerImage, params.DockerBuilderImage, params.MinTLSVersion(), params.CipherSuites(), imageConfig, buildConfig, networkConfig); err != nil { + if err := ReconcileOpenShiftControllerManagerConfig(configMap, config2.OwnerRefFrom(hcp), params.DeployerImage, params.DockerBuilderImage, params.MinTLSVersion(), params.CipherSuites(), imageConfig, buildConfig, networkConfig, nil); err != nil { t.Fatalf("unexpected error: %v", err) } configMapYaml, err := util.SerializeResource(configMap, api.Scheme) diff --git a/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents.yaml b/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents.yaml index 88f9862d9b0..c67a9e5af6c 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents.yaml +++ b/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents.yaml @@ -132,6 +132,9 @@ spec: rm /var/payload/manifests/*_deployment.yaml rm /var/payload/manifests/*_servicemonitor.yaml cp -R /release-manifests /var/payload/ + rm -f /var/payload/manifests/*-CustomNoUpgrade*.yaml + rm -f /var/payload/manifests/*-DevPreviewNoUpgrade*.yaml + rm -f /var/payload/manifests/*-TechPreviewNoUpgrade*.yaml rm /var/payload/release-manifests/0000_50_olm_00-pprof-config.yaml rm /var/payload/release-manifests/0000_50_olm_00-pprof-rbac.yaml rm /var/payload/release-manifests/0000_50_olm_00-pprof-secret.yaml @@ -300,31 +303,28 @@ spec: - | #!/bin/bash set -euo pipefail - cat > /tmp/clusterversion.yaml < /tmp/clusterversion.json < /dev/null || oc create ns openshift-config oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed + oc apply -f /var/payload/manifests/0000_00_cluster-version-operator_01_clusterversions* + oc apply -f /tmp/clusterversion.json while true; do - echo "Applying CVO bootstrap manifests" + echo "Applying CVO bootstrap manifests..." if oc apply -f /var/payload/manifests; then echo "Bootstrap manifests applied successfully." break fi sleep 1 done - oc get clusterversion/version &> /dev/null || oc create -f /tmp/clusterversion.yaml command: - /bin/bash env: - name: KUBECONFIG value: /etc/kubernetes/kubeconfig - - name: CLUSTER_ID + - name: CLUSTER_VERSION_JSON + value: '{"kind":"ClusterVersion","apiVersion":"config.openshift.io/v1","metadata":{"name":"version","creationTimestamp":null},"spec":{"clusterID":"","signatureStores":null},"status":{"desired":{"version":"","image":""},"observedGeneration":0,"versionHash":"","capabilities":{},"availableUpdates":null}}' image: cli imagePullPolicy: IfNotPresent name: bootstrap diff --git a/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents_TechPreviewNoUpgrade.yaml b/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents_TechPreviewNoUpgrade.yaml new file mode 100644 index 00000000000..482b7265ba5 --- /dev/null +++ b/control-plane-operator/controllers/hostedcontrolplane/testdata/cluster-version-operator/zz_fixture_TestControlPlaneComponents_TechPreviewNoUpgrade.yaml @@ -0,0 +1,363 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + hypershift.openshift.io/managed-by: control-plane-operator + name: cluster-version-operator + namespace: hcp-namespace + ownerReferences: + - apiVersion: hypershift.openshift.io/v1beta1 + blockOwnerDeletion: true + controller: true + kind: HostedControlPlane + name: hcp + uid: "" + resourceVersion: "1" +spec: + replicas: 1 + revisionHistoryLimit: 2 + selector: + matchLabels: + app: cluster-version-operator + k8s-app: cluster-version-operator + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + cluster-autoscaler.kubernetes.io/safe-to-evict-local-volumes: payload,update-payloads + hypershift.openshift.io/release-image: quay.io/openshift-release-dev/ocp-release:4.16.10-x86_64 + creationTimestamp: null + labels: + app: cluster-version-operator + hypershift.openshift.io/control-plane-component: cluster-version-operator + hypershift.openshift.io/hosted-control-plane: hcp-namespace + k8s-app: cluster-version-operator + spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: hypershift.openshift.io/control-plane + operator: In + values: + - "true" + weight: 50 + - preference: + matchExpressions: + - key: hypershift.openshift.io/cluster + operator: In + values: + - hcp-namespace + weight: 100 + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + hypershift.openshift.io/hosted-control-plane: hcp-namespace + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: false + containers: + - args: + - start + - --release-image + - $(RELEASE_IMAGE) + - --enable-auto-update=false + - --kubeconfig + - /etc/openshift/kubeconfig/kubeconfig + - --listen=0.0.0.0:8443 + - --serving-cert-file=/etc/kubernetes/certs/server/tls.crt + - --serving-key-file=/etc/kubernetes/certs/server/tls.key + - --hypershift=true + - --v=4 + command: + - cluster-version-operator + env: + - name: PAYLOAD_OVERRIDE + value: /var/payload + - name: CLUSTER_PROFILE + value: ibm-cloud-managed + - name: RELEASE_IMAGE + value: quay.io/openshift-release-dev/ocp-release:4.16.10-x86_64 + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: cluster-version-operator + imagePullPolicy: IfNotPresent + name: cluster-version-operator + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + requests: + cpu: 20m + memory: 70Mi + volumeMounts: + - mountPath: /etc/openshift/kubeconfig + name: kubeconfig + - mountPath: /var/payload + name: payload + - mountPath: /etc/kubernetes/certs/server + name: server-crt + - mountPath: /etc/cvo/updatepayloads + name: update-payloads + initContainers: + - command: + - /usr/bin/control-plane-operator + - availability-prober + - --target + - https://kube-apiserver:6443/readyz + - --kubeconfig=/var/kubeconfig/kubeconfig + image: availability-prober + imagePullPolicy: IfNotPresent + name: availability-prober + resources: {} + volumeMounts: + - mountPath: /var/kubeconfig + name: kubeconfig + - args: + - -c + - |- + cp -R /manifests /var/payload/ + rm -f /var/payload/manifests/*_deployment.yaml + rm -f /var/payload/manifests/*_servicemonitor.yaml + cp -R /release-manifests /var/payload/ + rm -f /var/payload/manifests/*-Default*.yaml + rm -f /var/payload/manifests/*-CustomNoUpgrade*.yaml + rm -f /var/payload/manifests/*-DevPreviewNoUpgrade*.yaml + rm -f /var/payload/release-manifests/0000_50_olm_00-pprof-config.yaml + rm -f /var/payload/release-manifests/0000_50_olm_00-pprof-rbac.yaml + rm -f /var/payload/release-manifests/0000_50_olm_00-pprof-secret.yaml + rm -f /var/payload/release-manifests/0000_50_olm_01-olm-operator.serviceaccount.yaml + rm -f /var/payload/release-manifests/0000_50_olm_02-services.yaml + rm -f /var/payload/release-manifests/0000_50_olm_06-psm-operator.deployment.yaml + rm -f /var/payload/release-manifests/0000_50_olm_06-psm-operator.deployment.ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_olm_06-psm-operator.service.yaml + rm -f /var/payload/release-manifests/0000_50_olm_06-psm-operator.servicemonitor.yaml + rm -f /var/payload/release-manifests/0000_50_olm_07-olm-operator.deployment.ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_olm_07-olm-operator.deployment.yaml + rm -f /var/payload/release-manifests/0000_50_olm_07-collect-profiles.cronjob.yaml + rm -f /var/payload/release-manifests/0000_50_olm_08-catalog-operator.deployment.ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_olm_08-catalog-operator.deployment.yaml + rm -f /var/payload/release-manifests/0000_50_olm_15-packageserver.clusterserviceversion.yaml + rm -f /var/payload/release-manifests/0000_50_olm_99-operatorstatus.yaml + rm -f /var/payload/release-manifests/0000_90_olm_00-service-monitor.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_04_service_account.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_05_role.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_06_role_binding.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_07_configmap.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_08_service.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_09_operator-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_09_operator.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_10_clusteroperator.yaml + rm -f /var/payload/release-manifests/0000_50_operator-marketplace_11_service_monitor.yaml + rm -f /var/payload/release-manifests/0000_70_dns-operator_02-deployment-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-ingress-operator_02-deployment-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_70_cluster-network-operator_03_deployment-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml + rm -f /var/payload/release-manifests/0000_80_machine-config_01_kubeletconfigs.crd.yaml + rm -f /var/payload/release-manifests/0000_80_machine-config_01_machineconfigs.crd.yaml + rm -f /var/payload/release-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-node-tuning-operator_20-performance-profile.crd.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-node-tuning-operator_50-operator-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-image-registry-operator_07-operator-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-image-registry-operator_07-operator-service.yaml + rm -f /var/payload/release-manifests/0000_90_cluster-image-registry-operator_02_operator-servicemonitor.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-storage-operator_10_deployment-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_50_cloud-credential-operator_01-operator-config.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-authentication-operator_02_config.cr.yaml + rm -f /var/payload/release-manifests/0000_90_etcd-operator_03_prometheusrule.yaml + rm -f /var/payload/release-manifests/0000_50_cluster-csi-snapshot-controller-operator_07_deployment-ibm-cloud-managed.yaml + rm -f /var/payload/release-manifests/0000_03_marketplace-operator_02_operatorhub.cr.yaml + cat > /var/payload/release-manifests/0000_01_cleanup.yaml < /tmp/clusterversion.json < /dev/null || oc create ns openshift-config + oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed + oc apply -f /var/payload/manifests/0000_00_cluster-version-operator_01_clusterversions* + oc apply -f /tmp/clusterversion.json + while true; do + echo "Applying CVO bootstrap manifests..." + if oc apply -f /var/payload/manifests; then + echo "Bootstrap manifests applied successfully." + break + fi + sleep 1 + done + command: + - /bin/bash + env: + - name: KUBECONFIG + value: /etc/kubernetes/kubeconfig + - name: CLUSTER_VERSION_JSON + value: '{"kind":"ClusterVersion","apiVersion":"config.openshift.io/v1","metadata":{"name":"version","creationTimestamp":null},"spec":{"clusterID":"","signatureStores":null},"status":{"desired":{"version":"","image":""},"observedGeneration":0,"versionHash":"","capabilities":{},"availableUpdates":null}}' + image: cli + imagePullPolicy: IfNotPresent + name: bootstrap + resources: + requests: + cpu: 10m + memory: 10Mi + volumeMounts: + - mountPath: /etc/kubernetes + name: kubeconfig + - mountPath: /var/payload + name: payload + priorityClassName: hypershift-control-plane + tolerations: + - effect: NoSchedule + key: hypershift.openshift.io/control-plane + operator: Equal + value: "true" + - effect: NoSchedule + key: hypershift.openshift.io/cluster + operator: Equal + value: hcp-namespace + volumes: + - emptyDir: {} + name: payload + - name: kubeconfig + secret: + defaultMode: 416 + secretName: service-network-admin-kubeconfig + - emptyDir: {} + name: update-payloads + - name: server-crt + secret: + defaultMode: 416 + secretName: cvo-server +status: {} diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml b/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml index 9be66607e18..f43b002ccda 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml @@ -88,25 +88,21 @@ spec: - | #!/bin/bash set -euo pipefail - cat > /tmp/clusterversion.yaml < /tmp/clusterversion.json < /dev/null || oc create ns openshift-config oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed + oc apply -f /var/payload/manifests/0000_00_cluster-version-operator_01_clusterversions* + oc apply -f /tmp/clusterversion.json while true; do - echo "Applying CVO bootstrap manifests" + echo "Applying CVO bootstrap manifests..." if oc apply -f /var/payload/manifests; then echo "Bootstrap manifests applied successfully." break fi sleep 1 done - oc get clusterversion/version &> /dev/null || oc create -f /tmp/clusterversion.yaml command: - /bin/bash env: diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go b/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go index b71ea5aa84a..875655f679e 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go @@ -1,6 +1,7 @@ package cvo import ( + "encoding/json" "fmt" "path" "strings" @@ -8,10 +9,13 @@ import ( hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/common" hyperapi "github.com/openshift/hypershift/support/api" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/config" component "github.com/openshift/hypershift/support/controlplane-component" "github.com/openshift/hypershift/support/util" + configv1 "github.com/openshift/api/config/v1" + appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -37,17 +41,48 @@ func (cvo *clusterVersionOperator) adaptDeployment(cpContext component.ControlPl return fmt.Errorf("failed to discover CVO release images: %w", err) } + featureSet := configv1.Default + if cpContext.HCP.Spec.Configuration != nil && cpContext.HCP.Spec.Configuration.FeatureGate != nil { + featureSet = cpContext.HCP.Spec.Configuration.FeatureGate.FeatureSet + } + util.UpdateContainer("prepare-payload", deployment.Spec.Template.Spec.InitContainers, func(c *corev1.Container) { c.Args = []string{ "-c", - preparePayloadScript(cpContext.HCP.Spec.Platform.Type, util.HCPOAuthEnabled(cpContext.HCP)), + preparePayloadScript(cpContext.HCP.Spec.Platform.Type, util.HCPOAuthEnabled(cpContext.HCP), featureSet), } c.Image = controlPlaneReleaseImage }) + + // the ClusterVersion resource is created by the CVO bootstrap container. + // we marshal it to json as a means to validate its formatting, which protects + // us against easily preventable mistakes, such as typos. + cv := &configv1.ClusterVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterVersion", + APIVersion: "config.openshift.io/v1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "version", + }, + Spec: configv1.ClusterVersionSpec{ + ClusterID: configv1.ClusterID(cpContext.HCP.Spec.ClusterID), + }, + } + if !capabilities.IsImageRegistryCapabilityEnabled(cpContext.HCP.Spec.Capabilities) { + cv.Spec.Capabilities = &configv1.ClusterVersionCapabilitiesSpec{ + BaselineCapabilitySet: configv1.ClusterVersionCapabilitySetNone, + AdditionalEnabledCapabilities: capabilities.CalculateEnabledCapabilities(cpContext.HCP.Spec.Capabilities), + } + } + clusterVersionJSON, err := json.Marshal(cv) + if err != nil { + return err + } util.UpdateContainer("bootstrap", deployment.Spec.Template.Spec.InitContainers, func(c *corev1.Container) { c.Env = append(c.Env, corev1.EnvVar{ - Name: "CLUSTER_ID", - Value: cpContext.HCP.Spec.ClusterID, + Name: "CLUSTER_VERSION_JSON", + Value: string(clusterVersionJSON), }) }) @@ -129,7 +164,7 @@ var ( } ) -func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool) string { +func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, featureSet configv1.FeatureSet) string { payloadDir := "/var/payload" var stmts []string @@ -139,6 +174,37 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool) fmt.Sprintf("rm %s/manifests/*_servicemonitor.yaml", payloadDir), fmt.Sprintf("cp -R /release-manifests %s/", payloadDir), ) + + // NOTE: We would need part of the manifest.Include logic (https://github.com/openshift/library-go/blob/0064ad7bd060b9fd52f7840972c1d3e72186d0f0/pkg/manifest/manifest.go#L190-L196) + // to properly evaluate which CVO manifests to select based on featureset. In the absence of that logic, use simple filename filtering, which is not ideal + // but better than nothing. Ideally, we filter based on the feature-set annotation in the manifests. + switch featureSet { + case configv1.Default, "": + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-CustomNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-DevPreviewNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-TechPreviewNoUpgrade*.yaml", payloadDir), + ) + case configv1.CustomNoUpgrade: + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-Default*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-DevPreviewNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-TechPreviewNoUpgrade*.yaml", payloadDir), + ) + case configv1.DevPreviewNoUpgrade: + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-Default*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-CustomNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-TechPreviewNoUpgrade*.yaml", payloadDir), + ) + case configv1.TechPreviewNoUpgrade: + stmts = append(stmts, + fmt.Sprintf("rm -f %s/manifests/*-Default*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-CustomNoUpgrade*.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*-DevPreviewNoUpgrade*.yaml", payloadDir), + ) + } + for _, manifest := range manifestsToOmit { if platformType == hyperv1.IBMCloudPlatform || platformType == hyperv1.PowerVSPlatform { if manifest == "0000_50_cluster-storage-operator_10_deployment-ibm-cloud-managed.yaml" || manifest == "0000_50_cluster-csi-snapshot-controller-operator_07_deployment-ibm-cloud-managed.yaml" { diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/kas/params.go b/control-plane-operator/controllers/hostedcontrolplane/v2/kas/params.go index e8d455f6653..f52a22edc98 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/kas/params.go +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/kas/params.go @@ -7,6 +7,7 @@ import ( "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/cloud/aws" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/cloud/azure" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/manifests" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/globalconfig" "github.com/openshift/hypershift/support/util" @@ -64,7 +65,6 @@ func NewConfigParams(hcp *hyperv1.HostedControlPlane) KubeAPIServerConfigParams KASPodPort: util.KASPodPort(hcp), TLSSecurityProfile: tlsSecurityProfile(hcp.Spec.Configuration), AdditionalCORSAllowedOrigins: additionalCORSAllowedOrigins(hcp.Spec.Configuration), - InternalRegistryHostName: config.DefaultImageRegistryHostname, ExternalRegistryHostNames: externalRegistryHostNames(hcp.Spec.Configuration), DefaultNodeSelector: defaultNodeSelector(hcp.Spec.Configuration), AdvertiseAddress: util.GetAdvertiseAddress(hcp, config.DefaultAdvertiseIPv4Address, config.DefaultAdvertiseIPv6Address), @@ -118,6 +118,10 @@ func NewConfigParams(hcp *hyperv1.HostedControlPlane) KubeAPIServerConfigParams kasConfig.MaxMutatingRequestsInflight = mutatingReqInflight } + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + kasConfig.InternalRegistryHostName = config.DefaultImageRegistryHostname + } + return kasConfig } diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/oapi/config.go b/control-plane-operator/controllers/hostedcontrolplane/v2/oapi/config.go index 8755cd05eab..420d1dc23fd 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/oapi/config.go +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/oapi/config.go @@ -11,6 +11,7 @@ import ( hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/support/api" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/config" component "github.com/openshift/hypershift/support/controlplane-component" "github.com/openshift/hypershift/support/globalconfig" @@ -68,6 +69,10 @@ func adaptConfig(cfg *openshiftcpv1.OpenShiftAPIServerConfig, hcp *hyperv1.Hoste cfg.ImagePolicyConfig.AllowedRegistriesForImport = allowedRegistries } + if !capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + cfg.ImagePolicyConfig.InternalRegistryHostname = "" + } + // Routing config cfg.RoutingConfig.Subdomain = globalconfig.IngressDomain(hcp) diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config.go b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config.go index 843f02e19b6..2f1029c9515 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config.go +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config.go @@ -6,6 +6,7 @@ import ( hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/imageprovider" "github.com/openshift/hypershift/support/api" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/config" component "github.com/openshift/hypershift/support/controlplane-component" "github.com/openshift/hypershift/support/globalconfig" @@ -38,7 +39,7 @@ func adaptConfigMap(cpContext component.ControlPlaneContext, cm *corev1.ConfigMa return fmt.Errorf("failed to read observed global config: %w", err) } - adaptConfig(config, cpContext.HCP.Spec.Configuration, cpContext.ReleaseImageProvider, observedConfig.Build) + adaptConfig(config, cpContext.HCP.Spec.Configuration, cpContext.ReleaseImageProvider, observedConfig.Build, cpContext.HCP.Spec.Capabilities) configStr, err := util.SerializeResource(config, api.Scheme) if err != nil { return fmt.Errorf("failed to serialize openshift controller manager configuration: %w", err) @@ -47,15 +48,15 @@ func adaptConfigMap(cpContext component.ControlPlaneContext, cm *corev1.ConfigMa return nil } -func adaptConfig(cfg *openshiftcpv1.OpenShiftControllerManagerConfig, configuration *hyperv1.ClusterConfiguration, releaseImageProvider imageprovider.ReleaseImageProvider, buildConfig *configv1.Build) { - // Do not modify cfg.Controllers! - // This field is currently owned by the HCCO. - // When we add Capabilities support, we will set Controllers here - // but we have to remove setting it in the HCCO at the same time. - +func adaptConfig(cfg *openshiftcpv1.OpenShiftControllerManagerConfig, configuration *hyperv1.ClusterConfiguration, releaseImageProvider imageprovider.ReleaseImageProvider, buildConfig *configv1.Build, caps *hyperv1.Capabilities) { cfg.Build.ImageTemplateFormat.Format = releaseImageProvider.GetImage("docker-builder") cfg.Deployer.ImageTemplateFormat.Format = releaseImageProvider.GetImage("deployer") + if !capabilities.IsImageRegistryCapabilityEnabled(caps) { + cfg.Controllers = []string{"*", fmt.Sprintf("-%s", openshiftcpv1.OpenShiftServiceAccountPullSecretsController)} + cfg.DockerPullSecret.InternalRegistryHostname = "" + } + if configuration != nil && configuration.Image != nil { cfg.DockerPullSecret.RegistryURLs = configuration.Image.ExternalRegistryHostnames } diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config_test.go b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config_test.go index 9a24b98d70a..c0299feff77 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config_test.go +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/config_test.go @@ -17,66 +17,78 @@ import ( ) func TestReconcileOpenShiftControllerManagerConfig(t *testing.T) { - hcp := &hyperv1.HostedControlPlane{ - ObjectMeta: metav1.ObjectMeta{ - Name: "test", - Namespace: "test-namespace", - }, - Spec: hyperv1.HostedControlPlaneSpec{ - ReleaseImage: "quay.io/ocp-dev/test-release-image:latest", - Platform: hyperv1.PlatformSpec{ - Type: hyperv1.AWSPlatform, - }, - IssuerURL: "https://www.example.com", - Configuration: &hyperv1.ClusterConfiguration{ - Image: &v1.ImageSpec{}, - Network: &v1.NetworkSpec{ - ExternalIP: &v1.ExternalIPConfig{ - AutoAssignCIDRs: []string{"99.1.0.0/24"}, + testFunc := func(capabilities *hyperv1.Capabilities) func(*testing.T) { + return func(t *testing.T) { + hcp := &hyperv1.HostedControlPlane{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "test-namespace", + }, + Spec: hyperv1.HostedControlPlaneSpec{ + ReleaseImage: "quay.io/ocp-dev/test-release-image:latest", + Platform: hyperv1.PlatformSpec{ + Type: hyperv1.AWSPlatform, + }, + IssuerURL: "https://www.example.com", + Configuration: &hyperv1.ClusterConfiguration{ + Image: &v1.ImageSpec{}, + Network: &v1.NetworkSpec{ + ExternalIP: &v1.ExternalIPConfig{ + AutoAssignCIDRs: []string{"99.1.0.0/24"}, + }, + }, }, + Capabilities: capabilities, }, - }, - }, - } - images := map[string]string{ - "openshift-controller-manager": "quay.io/test/openshift-controller-manager", - "docker-builder": "quay.io/test/docker-builder", - "deployer": "quay.io/test/deployer", - } - imageProvider := imageprovider.NewFromImages(images) + } + images := map[string]string{ + "openshift-controller-manager": "quay.io/test/openshift-controller-manager", + "docker-builder": "quay.io/test/docker-builder", + "deployer": "quay.io/test/deployer", + } + imageProvider := imageprovider.NewFromImages(images) - buildConfig := &v1.Build{ - Spec: v1.BuildSpec{ - BuildDefaults: v1.BuildDefaults{ - Env: []corev1.EnvVar{ - { - Name: "TEST_VAR", - Value: "TEST_VALUE", + buildConfig := &v1.Build{ + Spec: v1.BuildSpec{ + BuildDefaults: v1.BuildDefaults{ + Env: []corev1.EnvVar{ + { + Name: "TEST_VAR", + Value: "TEST_VALUE", + }, + }, }, }, - }, - }, - } + } - configMap := &corev1.ConfigMap{} - controlplanecomponent.LoadManifestInto(ComponentName, "config.yaml", configMap) + configMap := &corev1.ConfigMap{} + controlplanecomponent.LoadManifestInto(ComponentName, "config.yaml", configMap) - config := &openshiftcpv1.OpenShiftControllerManagerConfig{} - err := util.DeserializeResource(configMap.Data[configKey], config, api.Scheme) - if err != nil { - t.Fatalf("unable to decode existing openshift controller manager configuration: %v", err) - } + config := &openshiftcpv1.OpenShiftControllerManagerConfig{} + err := util.DeserializeResource(configMap.Data[configKey], config, api.Scheme) + if err != nil { + t.Fatalf("unable to decode existing openshift controller manager configuration: %v", err) + } - adaptConfig(config, hcp.Spec.Configuration, imageProvider, buildConfig) - configStr, err := util.SerializeResource(config, api.Scheme) - if err != nil { - t.Fatalf("failed to serialize openshift controller manager configuration: %v", err) + adaptConfig(config, hcp.Spec.Configuration, imageProvider, buildConfig, hcp.Spec.Capabilities) + configStr, err := util.SerializeResource(config, api.Scheme) + if err != nil { + t.Fatalf("failed to serialize openshift controller manager configuration: %v", err) + } + configMap.Data[configKey] = configStr + + configMapYaml, err := util.SerializeResource(configMap, api.Scheme) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + testutil.CompareWithFixture(t, configMapYaml) + } } - configMap.Data[configKey] = configStr - configMapYaml, err := util.SerializeResource(configMap, api.Scheme) - if err != nil { - t.Fatalf("unexpected error: %v", err) + caps := &hyperv1.Capabilities{ + Disabled: []hyperv1.OptionalCapability{hyperv1.ImageRegistryCapability}, } - testutil.CompareWithFixture(t, configMapYaml) + + t.Run("WithAllCapabilitiesEnabled", testFunc(nil)) + t.Run("WithImageRegistryCapabilityDisabled", testFunc(caps)) } diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig.yaml b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig_WithAllCapabilitiesEnabled.yaml similarity index 100% rename from control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig.yaml rename to control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig_WithAllCapabilitiesEnabled.yaml diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig_WithImageRegistryCapabilityDisabled.yaml b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig_WithImageRegistryCapabilityDisabled.yaml new file mode 100644 index 00000000000..43edc6387db --- /dev/null +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/ocm/testdata/zz_fixture_TestReconcileOpenShiftControllerManagerConfig_WithImageRegistryCapabilityDisabled.yaml @@ -0,0 +1,81 @@ +apiVersion: v1 +data: + config.yaml: | + apiVersion: openshiftcontrolplane.config.openshift.io/v1 + build: + additionalTrustedCA: "" + buildDefaults: + env: + - name: TEST_VAR + value: TEST_VALUE + resources: {} + buildOverrides: null + imageTemplateFormat: + format: quay.io/test/docker-builder + latest: false + controllers: + - '*' + - -openshift.io/serviceaccount-pull-secrets + deployer: + imageTemplateFormat: + format: quay.io/test/deployer + latest: false + dockerPullSecret: + internalRegistryHostname: "" + registryURLs: null + featureGates: null + imageImport: + disableScheduledImport: false + maxScheduledImageImportsPerMinute: 0 + scheduledImageImportMinimumIntervalSeconds: 0 + ingress: + ingressIPNetworkCIDR: 99.1.0.0/24 + kind: OpenShiftControllerManagerConfig + kubeClientConfig: + connectionOverrides: + acceptContentTypes: "" + burst: 0 + contentType: "" + qps: 0 + kubeConfig: /etc/kubernetes/secrets/svc-kubeconfig/kubeconfig + leaderElection: + leaseDuration: 0s + renewDeadline: 0s + retryPeriod: 0s + network: + clusterNetworks: null + networkPluginName: "" + serviceNetworkCIDR: "" + vxlanPort: 0 + resourceQuota: + concurrentSyncs: 0 + minResyncPeriod: 0s + syncPeriod: 0s + securityAllocator: + mcsAllocatorRange: "" + mcsLabelsPerProject: 0 + uidAllocatorRange: "" + serviceAccount: + managedNames: null + serviceServingCert: + signer: null + servingInfo: + bindAddress: 0.0.0.0:8443 + bindNetwork: "" + certFile: /etc/kubernetes/certs/tls.crt + cipherSuites: + - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + clientCA: /etc/kubernetes/client-ca/ca.crt + keyFile: /etc/kubernetes/certs/tls.key + maxRequestsInFlight: 0 + minTLSVersion: VersionTLS12 + requestTimeoutSeconds: 0 +kind: ConfigMap +metadata: + creationTimestamp: null + name: openshift-controller-manager-config diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go index 4b0fb0698eb..3a12cbc0722 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go @@ -76,6 +76,7 @@ import ( "github.com/openshift/hypershift/control-plane-operator/hostedclusterconfigoperator/operator" "github.com/openshift/hypershift/hypershift-operator/controllers/nodepool" "github.com/openshift/hypershift/support/azureutil" + "github.com/openshift/hypershift/support/capabilities" "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/globalconfig" "github.com/openshift/hypershift/support/releaseinfo" @@ -375,41 +376,44 @@ func (r *reconciler) Reconcile(ctx context.Context, _ ctrl.Request) (ctrl.Result // in CIRO before the registry config is created. For now, this is the case for the OpenStack platform. // If the object exist, we reconcile the registry config for other fields as it should be fine since the PVC would // exist at this point. - if imageRegistryPlatformWithPVC(hcp.Spec.Platform.Type) && (!registryConfigExists || registryConfig == nil) { - log.Info("skipping registry config to let CIRO bootstrap") - } else { - log.Info("reconciling registry config") - if _, err := r.CreateOrUpdate(ctx, r.client, registryConfig, func() error { - registry.ReconcileRegistryConfig(registryConfig, r.platformType, hcp.Spec.InfrastructureAvailabilityPolicy) - return nil - }); err != nil { - errs = append(errs, fmt.Errorf("failed to reconcile imageregistry config: %w", err)) - } - if registryConfig.Spec.ManagementState == operatorv1.Removed && r.platformType != hyperv1.IBMCloudPlatform { - log.Info("imageregistry operator managementstate is removed, disabling openshift-controller-manager controllers and cleaning up resources") - ocmConfigMap := cpomanifests.OpenShiftControllerManagerConfig(r.hcpNamespace) - if _, err := r.CreateOrUpdate(ctx, r.cpClient, ocmConfigMap, func() error { - if ocmConfigMap.Data == nil { - // CPO has not created the configmap yet, wait for create - // This should not happen as we are started by the CPO after the configmap should be created - return nil - } - config := &openshiftcpv1.OpenShiftControllerManagerConfig{} - if configStr, exists := ocmConfigMap.Data[ocm.ConfigKey]; exists && len(configStr) > 0 { - err := util.DeserializeResource(configStr, config, api.Scheme) + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + if imageRegistryPlatformWithPVC(hcp.Spec.Platform.Type) && (!registryConfigExists || registryConfig == nil) { + log.Info("skipping registry config to let CIRO bootstrap") + } else { + log.Info("reconciling registry config") + if _, err := r.CreateOrUpdate(ctx, r.client, registryConfig, func() error { + registry.ReconcileRegistryConfig(registryConfig, r.platformType, hcp.Spec.InfrastructureAvailabilityPolicy) + return nil + }); err != nil { + errs = append(errs, fmt.Errorf("failed to reconcile imageregistry config: %w", err)) + } + // TODO(fmissi): remove this when Hypershift Capabilities becomes GA + if registryConfig.Spec.ManagementState == operatorv1.Removed && r.platformType != hyperv1.IBMCloudPlatform { + log.Info("imageregistry operator managementstate is removed, disabling openshift-controller-manager controllers and cleaning up resources") + ocmConfigMap := cpomanifests.OpenShiftControllerManagerConfig(r.hcpNamespace) + if _, err := r.CreateOrUpdate(ctx, r.cpClient, ocmConfigMap, func() error { + if ocmConfigMap.Data == nil { + // CPO has not created the configmap yet, wait for create + // This should not happen as we are started by the CPO after the configmap should be created + return nil + } + config := &openshiftcpv1.OpenShiftControllerManagerConfig{} + if configStr, exists := ocmConfigMap.Data[ocm.ConfigKey]; exists && len(configStr) > 0 { + err := util.DeserializeResource(configStr, config, api.Scheme) + if err != nil { + return fmt.Errorf("unable to decode existing openshift controller manager configuration: %w", err) + } + } + config.Controllers = []string{"*", fmt.Sprintf("-%s", openshiftcpv1.OpenShiftServiceAccountPullSecretsController)} + configStr, err := util.SerializeResource(config, api.Scheme) if err != nil { - return fmt.Errorf("unable to decode existing openshift controller manager configuration: %w", err) + return fmt.Errorf("failed to serialize openshift controller manager configuration: %w", err) } + ocmConfigMap.Data[ocm.ConfigKey] = configStr + return nil + }); err != nil { + errs = append(errs, fmt.Errorf("failed to reconcile openshift-controller-manager config: %w", err)) } - config.Controllers = []string{"*", fmt.Sprintf("-%s", openshiftcpv1.OpenShiftServiceAccountPullSecretsController)} - configStr, err := util.SerializeResource(config, api.Scheme) - if err != nil { - return fmt.Errorf("failed to serialize openshift controller manager configuration: %w", err) - } - ocmConfigMap.Data[ocm.ConfigKey] = configStr - return nil - }); err != nil { - errs = append(errs, fmt.Errorf("failed to reconcile openshift-controller-manager config: %w", err)) } } } @@ -1237,6 +1241,12 @@ func (r *reconciler) reconcileClusterVersion(ctx context.Context, hcp *hyperv1.H if _, err := r.CreateOrUpdate(ctx, r.client, clusterVersion, func() error { clusterVersion.Spec.ClusterID = configv1.ClusterID(hcp.Spec.ClusterID) clusterVersion.Spec.Capabilities = nil + if !capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + clusterVersion.Spec.Capabilities = &configv1.ClusterVersionCapabilitiesSpec{ + BaselineCapabilitySet: configv1.ClusterVersionCapabilitySetNone, + AdditionalEnabledCapabilities: capabilities.CalculateEnabledCapabilities(hcp.Spec.Capabilities), + } + } clusterVersion.Spec.Upstream = hcp.Spec.UpdateService clusterVersion.Spec.Channel = hcp.Spec.Channel clusterVersion.Spec.DesiredUpdate = nil @@ -1500,15 +1510,23 @@ func (r *reconciler) reconcileCloudCredentialSecrets(ctx context.Context, hcp *h return nil } for arn, secret := range map[string]*corev1.Secret{ - hcp.Spec.Platform.AWS.RolesRef.IngressARN: manifests.AWSIngressCloudCredsSecret(), - hcp.Spec.Platform.AWS.RolesRef.StorageARN: manifests.AWSStorageCloudCredsSecret(), - hcp.Spec.Platform.AWS.RolesRef.ImageRegistryARN: manifests.AWSImageRegistryCloudCredsSecret(), + hcp.Spec.Platform.AWS.RolesRef.IngressARN: manifests.AWSIngressCloudCredsSecret(), + hcp.Spec.Platform.AWS.RolesRef.StorageARN: manifests.AWSStorageCloudCredsSecret(), } { err := syncSecret(secret, arn) if err != nil { errs = append(errs, err) } } + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + err := syncSecret( + manifests.AWSImageRegistryCloudCredsSecret(), + hcp.Spec.Platform.AWS.RolesRef.ImageRegistryARN, + ) + if err != nil { + errs = append(errs, err) + } + } case hyperv1.AzurePlatform: secretData := map[string][]byte{ "azure_federated_token_file": []byte("/var/run/secrets/openshift/serviceaccount/token"), @@ -1541,13 +1559,15 @@ func (r *reconciler) reconcileCloudCredentialSecrets(ctx context.Context, hcp *h errs = append(errs, fmt.Errorf("failed to reconcile guest cluster CSI secret: %w", err)) } - imageRegistrySecret := &corev1.Secret{ObjectMeta: metav1.ObjectMeta{Namespace: "openshift-image-registry", Name: "installer-cloud-credentials"}} - if _, err := r.CreateOrUpdate(ctx, r.client, imageRegistrySecret, func() error { - secretData["azure_client_id"] = []byte(hcp.Spec.Platform.Azure.ManagedIdentities.DataPlane.ImageRegistryMSIClientID) - imageRegistrySecret.Data = secretData - return nil - }); err != nil { - errs = append(errs, fmt.Errorf("failed to reconcile guest cluster image-registry secret: %w", err)) + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + imageRegistrySecret := &corev1.Secret{ObjectMeta: metav1.ObjectMeta{Namespace: "openshift-image-registry", Name: "installer-cloud-credentials"}} + if _, err := r.CreateOrUpdate(ctx, r.client, imageRegistrySecret, func() error { + secretData["azure_client_id"] = []byte(hcp.Spec.Platform.Azure.ManagedIdentities.DataPlane.ImageRegistryMSIClientID) + imageRegistrySecret.Data = secretData + return nil + }); err != nil { + errs = append(errs, fmt.Errorf("failed to reconcile guest cluster image-registry secret: %w", err)) + } } azureFileCSISecret := &corev1.Secret{ObjectMeta: metav1.ObjectMeta{Namespace: "openshift-cluster-csi-drivers", Name: "azure-file-credentials"}} @@ -1623,22 +1643,24 @@ func (r *reconciler) reconcileCloudCredentialSecrets(ctx context.Context, hcp *h errs = append(errs, fmt.Errorf("failed to reconcile powervs storage cloud credentials secret %w", err)) } - var imageRegistryCredentials corev1.Secret - err = r.cpClient.Get(ctx, client.ObjectKey{Namespace: hcp.Namespace, Name: hcp.Spec.Platform.PowerVS.ImageRegistryOperatorCloudCreds.Name}, &imageRegistryCredentials) - if err != nil { - errs = append(errs, fmt.Errorf("failed to get image registry operator cloud credentials secret %s from hcp namespace : %w", hcp.Spec.Platform.PowerVS.ImageRegistryOperatorCloudCreds.Name, err)) - return errs - } + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + var imageRegistryCredentials corev1.Secret + err = r.cpClient.Get(ctx, client.ObjectKey{Namespace: hcp.Namespace, Name: hcp.Spec.Platform.PowerVS.ImageRegistryOperatorCloudCreds.Name}, &imageRegistryCredentials) + if err != nil { + errs = append(errs, fmt.Errorf("failed to get image registry operator cloud credentials secret %s from hcp namespace : %w", hcp.Spec.Platform.PowerVS.ImageRegistryOperatorCloudCreds.Name, err)) + return errs + } - imageRegistryInstallerCloudCredentials := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "openshift-image-registry", - Name: "installer-cloud-credentials", - }, - } - err = createPowerVSSecret(&imageRegistryCredentials, imageRegistryInstallerCloudCredentials) - if err != nil { - errs = append(errs, fmt.Errorf("failed to reconcile powervs image registry cloud credentials secret %w", err)) + imageRegistryInstallerCloudCredentials := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "openshift-image-registry", + Name: "installer-cloud-credentials", + }, + } + err = createPowerVSSecret(&imageRegistryCredentials, imageRegistryInstallerCloudCredentials) + if err != nil { + errs = append(errs, fmt.Errorf("failed to reconcile powervs image registry cloud credentials secret %w", err)) + } } } return errs @@ -2040,18 +2062,20 @@ func (r *reconciler) ensureCloudResourcesDestroyed(ctx context.Context, hcp *hyp return remaining, err } var errs []error - log.Info("Ensuring image registry storage is removed") - removed, err := r.ensureImageRegistryStorageRemoved(ctx) - if err != nil { - errs = append(errs, err) - } - if !removed { - remaining.Insert("image-registry") - } else { - log.Info("Image registry is removed") + if capabilities.IsImageRegistryCapabilityEnabled(hcp.Spec.Capabilities) { + log.Info("Ensuring image registry storage is removed") + removed, err := r.ensureImageRegistryStorageRemoved(ctx) + if err != nil { + errs = append(errs, err) + } + if !removed { + remaining.Insert("image-registry") + } else { + log.Info("Image registry is removed") + } } log.Info("Ensuring ingress controllers are removed") - removed, err = r.ensureIngressControllersRemoved(ctx, hcp) + removed, err := r.ensureIngressControllersRemoved(ctx, hcp) if err != nil { errs = append(errs, err) } diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go index 69a1e0e47a8..25a17c6d411 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go @@ -985,6 +985,83 @@ func TestReconcileClusterVersion(t *testing.T) { g.Expect(clusterVersion.Spec.Channel).To(BeEmpty()) } +func TestReconcileClusterVersionWithDisabledCapabilities(t *testing.T) { + hcp := &hyperv1.HostedControlPlane{ + Spec: hyperv1.HostedControlPlaneSpec{ + ClusterID: "test-cluster-id", + Capabilities: &hyperv1.Capabilities{ + Disabled: []hyperv1.OptionalCapability{ + hyperv1.ImageRegistryCapability, + }, + }, + }, + } + testOverrides := []configv1.ComponentOverride{ + { + Kind: "Pod", + Group: "", + Name: "test", + Namespace: "default", + Unmanaged: true, + }, + } + clusterVersion := &configv1.ClusterVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "version", + }, + Spec: configv1.ClusterVersionSpec{ + ClusterID: "some-other-id", + Capabilities: &configv1.ClusterVersionCapabilitiesSpec{ + AdditionalEnabledCapabilities: []configv1.ClusterVersionCapability{ + "foo", + "bar", + }, + }, + Channel: "fast", + DesiredUpdate: &configv1.Update{ + Version: "4.12.5", + Image: "example.com/imagens/image:latest", + Force: true, + }, + Upstream: configv1.URL("https://upstream.example.com"), + Overrides: testOverrides, + }, + } + fakeClient := fake.NewClientBuilder().WithScheme(api.Scheme).WithObjects(clusterVersion).Build() + g := NewWithT(t) + r := &reconciler{ + client: fakeClient, + CreateOrUpdateProvider: &simpleCreateOrUpdater{}, + } + err := r.reconcileClusterVersion(context.Background(), hcp) + g.Expect(err).ToNot(HaveOccurred()) + err = fakeClient.Get(context.Background(), client.ObjectKeyFromObject(clusterVersion), clusterVersion) + g.Expect(err).ToNot(HaveOccurred()) + + expectedCapabilities := &configv1.ClusterVersionCapabilitiesSpec{ + BaselineCapabilitySet: configv1.ClusterVersionCapabilitySetNone, + AdditionalEnabledCapabilities: []configv1.ClusterVersionCapability{ + configv1.ClusterVersionCapabilityBuild, + configv1.ClusterVersionCapabilityCSISnapshot, + configv1.ClusterVersionCapabilityCloudControllerManager, + configv1.ClusterVersionCapabilityCloudCredential, + configv1.ClusterVersionCapabilityConsole, + configv1.ClusterVersionCapabilityDeploymentConfig, + // configv1.ClusterVersionCapabilityImageRegistry, + configv1.ClusterVersionCapabilityIngress, + configv1.ClusterVersionCapabilityInsights, + configv1.ClusterVersionCapabilityMachineAPI, + configv1.ClusterVersionCapabilityNodeTuning, + configv1.ClusterVersionCapabilityOperatorLifecycleManager, + configv1.ClusterVersionCapabilityStorage, + configv1.ClusterVersionCapabilityBaremetal, + configv1.ClusterVersionCapabilityMarketplace, + configv1.ClusterVersionCapabilityOpenShiftSamples, + }, + } + g.Expect(clusterVersion.Spec.Capabilities).To(Equal(expectedCapabilities)) +} + func TestReconcileImageContentPolicyType(t *testing.T) { testCases := []struct { name string diff --git a/docs/content/reference/api.md b/docs/content/reference/api.md index 634ccb75ecf..5c96fa71daa 100644 --- a/docs/content/reference/api.md +++ b/docs/content/reference/api.md @@ -640,6 +640,21 @@ Valid values are those in +Capabilities + + + + +(Optional) +

capabilities allows for disabling optional components at cluster install time. +This field is optional and once set cannot be changed.

+ + @@ -3390,6 +3405,45 @@ Valid values are ImageID and AzureMarketplace.

+###Capabilities { #hypershift.openshift.io/v1beta1.Capabilities } +

+(Appears on: +HostedClusterSpec, +HostedControlPlaneSpec) +

+

+

capabilities allows disabling optional components at install time. +Once set, it cannot be changed.

+

+ + + + + + + + + + + + + +
FieldDescription
+disabled
+ + +[]OptionalCapability + + +		 +(Optional) +

disabled when specified, sets the cluster version baselineCapabilitySet to None +and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. +This effectively disables that capability on the hosted cluster.

+

When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective +OpenShift version.

+

Once set, this field cannot be changed.

+
###CertificateSigningRequestApprovalSpec { #hypershift.openshift.io/v1beta1.CertificateSigningRequestApprovalSpec }

(Appears on: @@ -5380,6 +5434,21 @@ Valid values are those in +Capabilities + + + + +(Optional) +

capabilities allows for disabling optional components at cluster install time. +This field is optional and once set cannot be changed.

+ + ###HostedClusterStatus { #hypershift.openshift.io/v1beta1.HostedClusterStatus } @@ -5967,6 +6036,21 @@ Valid values are those in +Capabilities + + + + +(Optional) +

capabilities allows for disabling optional components at cluster install time. +This field is optional and once set cannot be changed.

+ + ###HostedControlPlaneStatus { #hypershift.openshift.io/v1beta1.HostedControlPlaneStatus } @@ -9132,6 +9216,24 @@ This value must be a valid IPv4 or IPv6 address.

+###OptionalCapability { #hypershift.openshift.io/v1beta1.OptionalCapability } +

+(Appears on: +Capabilities) +

+

+

+ + + + + + + + + + +
ValueDescription

"ImageRegistry"

###PayloadArchType { #hypershift.openshift.io/v1beta1.PayloadArchType }

(Appears on: diff --git a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go index c9e8ac8b83b..3864b4e3f16 100644 --- a/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go +++ b/hypershift-operator/controllers/hostedcluster/hostedcluster_controller.go @@ -145,10 +145,8 @@ const ( awsEndpointDeletionGracePeriod = 10 * time.Minute ) -var ( - // NoopReconcile is just a default mutation function that does nothing. - NoopReconcile controllerutil.MutateFn = func() error { return nil } -) +// NoopReconcile is just a default mutation function that does nothing. +var NoopReconcile controllerutil.MutateFn = func() error { return nil } // HostedClusterReconciler reconciles a HostedCluster object type HostedClusterReconciler struct { @@ -281,7 +279,6 @@ func (r *HostedClusterReconciler) managedResources() []client.Object { // check status of the ignition service func serviceFirstNodePortAvailable(svc *corev1.Service) bool { return svc != nil && len(svc.Spec.Ports) > 0 && svc.Spec.Ports[0].NodePort > 0 - } // pauseHostedControlPlane will handle adding the pausedUntil field to the hostedControlPlane object if it exists. @@ -311,7 +308,6 @@ func pauseHostedControlPlane(ctx context.Context, c client.Client, hcp *hyperv1. } func (r *HostedClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - log := ctrl.LoggerFrom(ctx) log.Info("reconciling") @@ -1982,6 +1978,8 @@ func reconcileHostedControlPlane(hcp *hyperv1.HostedControlPlane, hcluster *hype hcp.Spec.Configuration = nil } + hcp.Spec.Capabilities = hcluster.Spec.Capabilities + return nil } @@ -2109,7 +2107,8 @@ func (r *HostedClusterReconciler) reconcileCAPIManager(ctx context.Context, crea // reconcileCAPIProvider orchestrates reconciliation of the CAPI provider // components for a given platform. func (r *HostedClusterReconciler) reconcileCAPIProvider(ctx context.Context, createOrUpdate upsert.CreateOrUpdateFN, hcluster *hyperv1.HostedCluster, hcp *hyperv1.HostedControlPlane, - capiProviderDeploymentSpec *appsv1.DeploymentSpec, p platform.Platform) error { + capiProviderDeploymentSpec *appsv1.DeploymentSpec, p platform.Platform, +) error { if capiProviderDeploymentSpec == nil { // If there's no capiProviderDeploymentSpec implementation return early. return nil @@ -2394,7 +2393,6 @@ func (r *HostedClusterReconciler) reconcileCLISecrets(ctx context.Context, creat util.DeleteWithClusterLabelName: "true", util.AutoInfraLabelName: hcluster.Spec.InfraID, }) - if err != nil { return fmt.Errorf("failed to retrieve cli created secrets: %v", err) } @@ -2503,8 +2501,8 @@ func reconcileControlPlaneOperatorDeployment( cpoHasUtilities bool, metricsSet metrics.MetricsSet, certRotationScale time.Duration, - enableCVOManagementClusterMetricsAccess bool) error { - + enableCVOManagementClusterMetricsAccess bool, +) error { cpoResources := corev1.ResourceRequirements{ Requests: corev1.ResourceList{ corev1.ResourceMemory: resource.MustParse("80Mi"), @@ -3261,7 +3259,7 @@ func reconcileCAPIProviderDeployment(deployment *appsv1.Deployment, capiProvider } func reconcileCAPIManagerDeployment(deployment *appsv1.Deployment, hc *hyperv1.HostedCluster, hcp *hyperv1.HostedControlPlane, sa *corev1.ServiceAccount, capiManagerImage string, setDefaultSecurityContext bool) error { - defaultMode := int32(0640) + defaultMode := int32(0o640) selectorLabels := map[string]string{ "name": "cluster-api", "app": "cluster-api", @@ -3323,7 +3321,8 @@ func reconcileCAPIManagerDeployment(deployment *appsv1.Deployment, hc *hyperv1.H }, }, }, - Args: []string{"--namespace", "$(MY_NAMESPACE)", + Args: []string{ + "--namespace", "$(MY_NAMESPACE)", "--v=4", "--leader-elect=true", fmt.Sprintf("--leader-elect-lease-duration=%s", config.RecommendedLeaseDuration), @@ -4351,7 +4350,6 @@ func (r *HostedClusterReconciler) validateKubevirtConfig(ctx context.Context, hc // and we need to maintain the ability to use unsupported versions return nil } - } var creds *hyperv1.KubevirtPlatformCredentials @@ -4562,7 +4560,6 @@ func validateNetworkStackAddresses(hc *hyperv1.HostedCluster) field.ErrorList { } return errs - } // checkAdvertiseAddressOverlapping validates that the AdvertiseAddress defined does not overlap with @@ -4840,8 +4837,8 @@ func (r *HostedClusterReconciler) reconcileAWSResourceTags(ctx context.Context, } func (r *HostedClusterReconciler) reconcileAWSSubnets(ctx context.Context, createOrUpdate upsert.CreateOrUpdateFN, - infraCR client.Object, namespace, clusterName, hcpNamespace string) error { - + infraCR client.Object, namespace, clusterName, hcpNamespace string, +) error { nodePools, err := listNodePools(ctx, r.Client, namespace, clusterName) if err != nil { return fmt.Errorf("failed to get nodePools by cluster name for cluster %q: %w", clusterName, err) @@ -4968,7 +4965,6 @@ func isUpgrading(hcluster *hyperv1.HostedCluster, releaseImage *releaseinfo.Rele // Upgradeable is false and no exception criteria were met, cluster is not upgradable return true, "", fmt.Errorf("cluster version is not upgradeable") - } func (r *HostedClusterReconciler) defaultIngressDomain(ctx context.Context) (string, error) { @@ -5017,6 +5013,7 @@ func validateClusterID(hc *hyperv1.HostedCluster) error { } return nil } + func (r *HostedClusterReconciler) reconcileServiceAccountSigningKey(ctx context.Context, hc *hyperv1.HostedCluster, targetNamespace string, createOrUpdate upsert.CreateOrUpdateFN) error { privateBytes, publicBytes, err := r.serviceAccountSigningKeyBytes(ctx, hc) if err != nil { @@ -5185,7 +5182,6 @@ func (r *HostedClusterReconciler) reconcileKubevirtPlatformDefaultSettings(ctx c ownerRef.ApplyTo(etcdEncSec) return nil }) - if err != nil { return fmt.Errorf("failed to create ETCD SecretEncryption key for KubeVirt platform HostedCluster: %w", err) } diff --git a/support/capabilities/hosted_control_plane_capabilities.go b/support/capabilities/hosted_control_plane_capabilities.go new file mode 100644 index 00000000000..1c83632fa12 --- /dev/null +++ b/support/capabilities/hosted_control_plane_capabilities.go @@ -0,0 +1,54 @@ +package capabilities + +import ( + "slices" + "strings" + + hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" + + configv1 "github.com/openshift/api/config/v1" + + "k8s.io/apimachinery/pkg/util/sets" +) + +// IsImageRegistryCapabilityEnabled returns true if the Image Registry +// capability is enabled, or false if disabled. +// +// The Image Registry capability is enabled by default. +func IsImageRegistryCapabilityEnabled(capabilities *hyperv1.Capabilities) bool { + if capabilities == nil { + return true + } + enabled := true + for _, disabledCap := range capabilities.Disabled { + if disabledCap == hyperv1.ImageRegistryCapability { + enabled = false + } + } + return enabled +} + +// CalculateEnabledCapabilities returns the difference between the default set +// of enabled capabilities (vCurrent) and the given set of capabilities to +// disable, in alphabetical order. +func CalculateEnabledCapabilities(capabilities *hyperv1.Capabilities) []configv1.ClusterVersionCapability { + vCurrent := configv1.ClusterVersionCapabilitySets[configv1.ClusterVersionCapabilitySetCurrent] + enabledCaps := sets.New[configv1.ClusterVersionCapability](vCurrent...) + + if capabilities != nil && len(capabilities.Disabled) > 0 { + disabledCaps := make([]configv1.ClusterVersionCapability, len(capabilities.Disabled)) + for i, dc := range capabilities.Disabled { + disabledCaps[i] = configv1.ClusterVersionCapability(dc) + } + enabledCaps = enabledCaps.Delete(disabledCaps...) + } + + return sortedCapabilities(enabledCaps.UnsortedList()) +} + +func sortedCapabilities(caps []configv1.ClusterVersionCapability) []configv1.ClusterVersionCapability { + slices.SortFunc(caps, func(a, b configv1.ClusterVersionCapability) int { + return strings.Compare(string(a), string(b)) + }) + return caps +} diff --git a/support/capabilities/hosted_control_plane_capabilities_test.go b/support/capabilities/hosted_control_plane_capabilities_test.go new file mode 100644 index 00000000000..18e5420d454 --- /dev/null +++ b/support/capabilities/hosted_control_plane_capabilities_test.go @@ -0,0 +1,111 @@ +package capabilities + +import ( + "reflect" + "testing" + + hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" + + configv1 "github.com/openshift/api/config/v1" +) + +func TestIsImageRegistryCapabilityEnabled(t *testing.T) { + tests := []struct { + name string + disabledCapabilities []hyperv1.OptionalCapability + expectImageRegistryEnabled bool + }{ + { + name: "returns false when image registry capability is disabled", + disabledCapabilities: []hyperv1.OptionalCapability{hyperv1.ImageRegistryCapability}, + expectImageRegistryEnabled: false, + }, + { + name: "returns true when image registry capability is enabled", + disabledCapabilities: nil, + expectImageRegistryEnabled: true, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + caps := &hyperv1.Capabilities{ + Disabled: test.disabledCapabilities, + } + enabled := IsImageRegistryCapabilityEnabled(caps) + if test.expectImageRegistryEnabled && !enabled { + t.Fatal("expected the registry to be enabled, but it wasn't") + } + if !test.expectImageRegistryEnabled && enabled { + t.Fatal("expected the registry to not be enabled, but it was") + } + }) + } +} + +func TestCalculateEnabledCapabilities(t *testing.T) { + tests := []struct { + name string + disabledCapabilities []hyperv1.OptionalCapability + expectedCapabilities []configv1.ClusterVersionCapability + }{ + { + name: "returns default capability set when disabledCapabilities is nil", + disabledCapabilities: nil, + expectedCapabilities: []configv1.ClusterVersionCapability{ + configv1.ClusterVersionCapabilityBuild, + configv1.ClusterVersionCapabilityCSISnapshot, + configv1.ClusterVersionCapabilityCloudControllerManager, + configv1.ClusterVersionCapabilityCloudCredential, + configv1.ClusterVersionCapabilityConsole, + configv1.ClusterVersionCapabilityDeploymentConfig, + configv1.ClusterVersionCapabilityImageRegistry, + configv1.ClusterVersionCapabilityIngress, + configv1.ClusterVersionCapabilityInsights, + configv1.ClusterVersionCapabilityMachineAPI, + configv1.ClusterVersionCapabilityNodeTuning, + configv1.ClusterVersionCapabilityOperatorLifecycleManager, + configv1.ClusterVersionCapabilityStorage, + configv1.ClusterVersionCapabilityBaremetal, + configv1.ClusterVersionCapabilityMarketplace, + configv1.ClusterVersionCapabilityOpenShiftSamples, + }, + }, + { + name: "returns default set minus image registry capability when ImageRegistry capability is Disabled", + disabledCapabilities: []hyperv1.OptionalCapability{hyperv1.ImageRegistryCapability}, + expectedCapabilities: []configv1.ClusterVersionCapability{ + configv1.ClusterVersionCapabilityBuild, + configv1.ClusterVersionCapabilityCSISnapshot, + configv1.ClusterVersionCapabilityCloudControllerManager, + configv1.ClusterVersionCapabilityCloudCredential, + configv1.ClusterVersionCapabilityConsole, + configv1.ClusterVersionCapabilityDeploymentConfig, + // configv1.ClusterVersionCapabilityImageRegistry, + configv1.ClusterVersionCapabilityIngress, + configv1.ClusterVersionCapabilityInsights, + configv1.ClusterVersionCapabilityMachineAPI, + configv1.ClusterVersionCapabilityNodeTuning, + configv1.ClusterVersionCapabilityOperatorLifecycleManager, + configv1.ClusterVersionCapabilityStorage, + configv1.ClusterVersionCapabilityBaremetal, + configv1.ClusterVersionCapabilityMarketplace, + configv1.ClusterVersionCapabilityOpenShiftSamples, + }, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + caps := &hyperv1.Capabilities{ + Disabled: test.disabledCapabilities, + } + enabledCapabilities := CalculateEnabledCapabilities(caps) + if !reflect.DeepEqual(test.expectedCapabilities, enabledCapabilities) { + t.Logf("expected enabled capabilities: %v", test.expectedCapabilities) + t.Logf("calculated enabled capabilities: %v", enabledCapabilities) + t.Fatalf("expected enabled capabilities differed from calculated enabled capabilities") + } + }) + } +} diff --git a/test/e2e/create_cluster_test.go b/test/e2e/create_cluster_test.go index 6c9e87b46b8..ec159939ee0 100644 --- a/test/e2e/create_cluster_test.go +++ b/test/e2e/create_cluster_test.go @@ -58,6 +58,28 @@ func TestOnCreateAPIUX(t *testing.T) { }, expectedErrorSubstring: "Unsupported value: \"OpenStack\"", }, + { + name: "when capabilities.disabled is set to ImageRegistry it should pass", + mutateInput: func(hc *hyperv1.HostedCluster) { + hc.Spec.Capabilities = &hyperv1.Capabilities{ + Disabled: []hyperv1.OptionalCapability{ + hyperv1.ImageRegistryCapability, + }, + } + }, + expectedErrorSubstring: "", + }, + { + name: "when capabilities.disabled is set to an unsupported capability it should fail", + mutateInput: func(hc *hyperv1.HostedCluster) { + hc.Spec.Capabilities = &hyperv1.Capabilities{ + Disabled: []hyperv1.OptionalCapability{ + hyperv1.OptionalCapability("AnInvalidCapability"), + }, + } + }, + expectedErrorSubstring: "Unsupported value: \"AnInvalidCapability\": supported values: \"ImageRegistry\"", + }, }, }, { @@ -1080,6 +1102,17 @@ func TestCreateClusterCustomConfig(t *testing.T) { clusterOpts := globalOpts.DefaultClusterOptions(t) + clusterOpts.BeforeApply = func(o crclient.Object) { + switch hc := o.(type) { + case *hyperv1.HostedCluster: + hc.Spec.Capabilities = &hyperv1.Capabilities{ + Disabled: []hyperv1.OptionalCapability{ + hyperv1.ImageRegistryCapability, + }, + } + } + } + // find kms key ARN using alias kmsKeyArn, err := e2eutil.GetKMSKeyArn(clusterOpts.AWSPlatform.Credentials.AWSCredentialsFile, clusterOpts.AWSPlatform.Region, globalOpts.configurableClusterOptions.AWSKmsKeyAlias) if err != nil || kmsKeyArn == nil { @@ -1097,6 +1130,8 @@ func TestCreateClusterCustomConfig(t *testing.T) { e2eutil.EnsureSecretEncryptedUsingKMSV2(t, ctx, hostedCluster, guestClient) // test oauth with identity provider e2eutil.EnsureOAuthWithIdentityProvider(t, ctx, mgtClient, hostedCluster) + // ensure image registry component is disabled + e2eutil.EnsureImageRegistryCapabilityDisabled(ctx, t, g, mgtClient, hostedCluster) }).Execute(&clusterOpts, globalOpts.Platform, globalOpts.ArtifactDir, globalOpts.ServiceAccountSigningKey) } diff --git a/test/e2e/util/util.go b/test/e2e/util/util.go index 2731f9e0ff2..40c8d1f5e6a 100644 --- a/test/e2e/util/util.go +++ b/test/e2e/util/util.go @@ -28,6 +28,8 @@ import ( suppconfig "github.com/openshift/hypershift/support/config" "github.com/openshift/hypershift/support/util" hyperutil "github.com/openshift/hypershift/support/util" + + configv1client "github.com/openshift/client-go/config/clientset/versioned" "github.com/openshift/library-go/test/library/metrics" prometheusv1 "github.com/prometheus/client_golang/api/prometheus/v1" "github.com/prometheus/common/model" @@ -990,6 +992,19 @@ func EnsureAPIUX(t *testing.T, ctx context.Context, hostClient crclient.Client, g.Expect(err).To(HaveOccurred()) g.Expect(err.Error()).To(ContainSubstring("Services is immutable")) }) + + t.Run("EnsureHostedClusterCapabilitiesImmutability", func(t *testing.T) { + AtLeast(t, Version418) + g := NewWithT(t) + + err := UpdateObject(t, ctx, hostClient, hostedCluster, func(obj *hyperv1.HostedCluster) { + obj.Spec.Capabilities = &hyperv1.Capabilities{ + Disabled: []hyperv1.OptionalCapability{hyperv1.ImageRegistryCapability}, + } + }) + g.Expect(err).To(HaveOccurred()) + g.Expect(err.Error()).To(ContainSubstring("Capabilities is immutable")) + }) } func EnsureSecretEncryptedUsingKMS(t *testing.T, ctx context.Context, hostedCluster *hyperv1.HostedCluster, guestClient crclient.Client) { @@ -1996,3 +2011,70 @@ func EnsureCustomLabels(t *testing.T, ctx context.Context, client crclient.Clien } }) } + +// EnsureImageRegistryCapabilityDisabled validates the expectations for when ImageRegistryCapability is Disabled +func EnsureImageRegistryCapabilityDisabled(ctx context.Context, t *testing.T, g Gomega, mgtClient crclient.Client, hostedCluster *hyperv1.HostedCluster) { + AtLeast(t, Version418) + guestKubeConfigSecretData := WaitForGuestKubeConfig(t, ctx, mgtClient, hostedCluster) + guestConfig, err := clientcmd.RESTConfigFromKubeConfig(guestKubeConfigSecretData) + g.Expect(err).NotTo(HaveOccurred(), "couldn't load guest kubeconfig") + // we know we're the only real clients for these test servers, so turn off client-side throttling + guestConfig.QPS = -1 + guestConfig.Burst = -1 + + cfgClient, err := configv1client.NewForConfig(guestConfig) + g.Expect(err).NotTo(HaveOccurred(), "couldn't load guest kubeconfig") + + _, err = cfgClient.ConfigV1().ClusterOperators().Get(ctx, "image-registry", metav1.GetOptions{}) + g.Expect(err).To(HaveOccurred()) + g.Expect(err.Error()).To(ContainSubstring("clusteroperators.config.openshift.io \"image-registry\" not found")) + + guestClient, err := kubernetes.NewForConfig(guestConfig) + g.Expect(err).NotTo(HaveOccurred(), "couldn't load guest kubeconfig") + + // ensure existing service accounts don't have pull-secrets. + EventuallyObject(t, ctx, "Waiting for service account default/default to be provisioned...", + func(ctx context.Context) (*corev1.ServiceAccount, error) { + defaultSA, err := guestClient.CoreV1().ServiceAccounts("default").Get(ctx, "default", metav1.GetOptions{}) + return defaultSA, err + }, + []Predicate[*corev1.ServiceAccount]{ + func(serviceAccount *corev1.ServiceAccount) (done bool, reasons string, err error) { + return serviceAccount != nil, "expected default/default service account to exist, got nil", nil + }, + }, + WithInterval(10*time.Second), WithTimeout(2*time.Minute), + ) + + defaultSA, err := guestClient.CoreV1().ServiceAccounts("default").Get(ctx, "default", metav1.GetOptions{}) + g.Expect(err).NotTo(HaveOccurred(), "couldn't get default service account") + g.Expect(defaultSA.ImagePullSecrets).To(BeNil()) + + // create a namespace and ensure no pull-secrets are provisioned to + // the newly auto-created service accounts. + ns := &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: "test-namespace"}} + ns, err = guestClient.CoreV1().Namespaces().Create(ctx, ns, metav1.CreateOptions{}) + g.Expect(err).NotTo(HaveOccurred(), "couldn't create test namespace") + + EventuallyObject(t, ctx, fmt.Sprintf("Waiting for service account default/%s to be provisioned...", ns.Name), + func(ctx context.Context) (*corev1.ServiceAccount, error) { + defaultSA, err := guestClient.CoreV1().ServiceAccounts(ns.Name).Get(ctx, "default", metav1.GetOptions{}) + return defaultSA, err + }, + []Predicate[*corev1.ServiceAccount]{ + func(serviceAccount *corev1.ServiceAccount) (done bool, reasons string, err error) { + return serviceAccount != nil, "expected default/default service account to exist, got nil", nil + }, + }, + WithInterval(10*time.Second), WithTimeout(2*time.Minute), + ) + + defaultSA, err = guestClient.CoreV1().ServiceAccounts(ns.Name).Get(ctx, "default", metav1.GetOptions{}) + g.Expect(err).NotTo(HaveOccurred(), "couldn't get default service account") + g.Expect(defaultSA.ImagePullSecrets).To(BeNil()) + + // ensure image-registry resources are not present + _, err = guestClient.CoreV1().Namespaces().Get(ctx, "openshift-image-registry", metav1.GetOptions{}) + g.Expect(err).To(HaveOccurred()) + g.Expect(err.Error()).To(ContainSubstring("namespaces \"openshift-image-registry\" not found")) +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/backup.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/backup.go new file mode 100644 index 00000000000..d06f12e509c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/backup.go @@ -0,0 +1,240 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + internal "github.com/openshift/client-go/config/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// BackupApplyConfiguration represents an declarative configuration of the Backup type for use +// with apply. +type BackupApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *BackupSpecApplyConfiguration `json:"spec,omitempty"` + Status *configv1alpha1.BackupStatus `json:"status,omitempty"` +} + +// Backup constructs an declarative configuration of the Backup type for use with +// apply. +func Backup(name string) *BackupApplyConfiguration { + b := &BackupApplyConfiguration{} + b.WithName(name) + b.WithKind("Backup") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b +} + +// ExtractBackup extracts the applied configuration owned by fieldManager from +// backup. If no managedFields are found in backup for fieldManager, a +// BackupApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// backup must be a unmodified Backup API object that was retrieved from the Kubernetes API. +// ExtractBackup provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractBackup(backup *configv1alpha1.Backup, fieldManager string) (*BackupApplyConfiguration, error) { + return extractBackup(backup, fieldManager, "") +} + +// ExtractBackupStatus is the same as ExtractBackup except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractBackupStatus(backup *configv1alpha1.Backup, fieldManager string) (*BackupApplyConfiguration, error) { + return extractBackup(backup, fieldManager, "status") +} + +func extractBackup(backup *configv1alpha1.Backup, fieldManager string, subresource string) (*BackupApplyConfiguration, error) { + b := &BackupApplyConfiguration{} + err := managedfields.ExtractInto(backup, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.Backup"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(backup.Name) + + b.WithKind("Backup") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithKind(value string) *BackupApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithAPIVersion(value string) *BackupApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithName(value string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithGenerateName(value string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithNamespace(value string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithUID(value types.UID) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithResourceVersion(value string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithGeneration(value int64) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithCreationTimestamp(value metav1.Time) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *BackupApplyConfiguration) WithLabels(entries map[string]string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *BackupApplyConfiguration) WithAnnotations(entries map[string]string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *BackupApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *BackupApplyConfiguration) WithFinalizers(values ...string) *BackupApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *BackupApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithSpec(value *BackupSpecApplyConfiguration) *BackupApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *BackupApplyConfiguration) WithStatus(value configv1alpha1.BackupStatus) *BackupApplyConfiguration { + b.Status = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/backupspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/backupspec.go new file mode 100644 index 00000000000..8ecb7e81369 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/backupspec.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// BackupSpecApplyConfiguration represents an declarative configuration of the BackupSpec type for use +// with apply. +type BackupSpecApplyConfiguration struct { + EtcdBackupSpec *EtcdBackupSpecApplyConfiguration `json:"etcd,omitempty"` +} + +// BackupSpecApplyConfiguration constructs an declarative configuration of the BackupSpec type for use with +// apply. +func BackupSpec() *BackupSpecApplyConfiguration { + return &BackupSpecApplyConfiguration{} +} + +// WithEtcdBackupSpec sets the EtcdBackupSpec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EtcdBackupSpec field is set to the value of the last call. +func (b *BackupSpecApplyConfiguration) WithEtcdBackupSpec(value *EtcdBackupSpecApplyConfiguration) *BackupSpecApplyConfiguration { + b.EtcdBackupSpec = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go new file mode 100644 index 00000000000..68089a6a72b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go @@ -0,0 +1,240 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + internal "github.com/openshift/client-go/config/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// ClusterImagePolicyApplyConfiguration represents an declarative configuration of the ClusterImagePolicy type for use +// with apply. +type ClusterImagePolicyApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *ClusterImagePolicySpecApplyConfiguration `json:"spec,omitempty"` + Status *ClusterImagePolicyStatusApplyConfiguration `json:"status,omitempty"` +} + +// ClusterImagePolicy constructs an declarative configuration of the ClusterImagePolicy type for use with +// apply. +func ClusterImagePolicy(name string) *ClusterImagePolicyApplyConfiguration { + b := &ClusterImagePolicyApplyConfiguration{} + b.WithName(name) + b.WithKind("ClusterImagePolicy") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b +} + +// ExtractClusterImagePolicy extracts the applied configuration owned by fieldManager from +// clusterImagePolicy. If no managedFields are found in clusterImagePolicy for fieldManager, a +// ClusterImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. +// ExtractClusterImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractClusterImagePolicy(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { + return extractClusterImagePolicy(clusterImagePolicy, fieldManager, "") +} + +// ExtractClusterImagePolicyStatus is the same as ExtractClusterImagePolicy except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractClusterImagePolicyStatus(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { + return extractClusterImagePolicy(clusterImagePolicy, fieldManager, "status") +} + +func extractClusterImagePolicy(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string, subresource string) (*ClusterImagePolicyApplyConfiguration, error) { + b := &ClusterImagePolicyApplyConfiguration{} + err := managedfields.ExtractInto(clusterImagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ClusterImagePolicy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(clusterImagePolicy.Name) + + b.WithKind("ClusterImagePolicy") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithKind(value string) *ClusterImagePolicyApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithAPIVersion(value string) *ClusterImagePolicyApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithName(value string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithGenerateName(value string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithNamespace(value string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithUID(value types.UID) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithResourceVersion(value string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithGeneration(value int64) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *ClusterImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *ClusterImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *ClusterImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *ClusterImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ClusterImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *ClusterImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithSpec(value *ClusterImagePolicySpecApplyConfiguration) *ClusterImagePolicyApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *ClusterImagePolicyApplyConfiguration) WithStatus(value *ClusterImagePolicyStatusApplyConfiguration) *ClusterImagePolicyApplyConfiguration { + b.Status = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go new file mode 100644 index 00000000000..64dfa92dd60 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// ClusterImagePolicySpecApplyConfiguration represents an declarative configuration of the ClusterImagePolicySpec type for use +// with apply. +type ClusterImagePolicySpecApplyConfiguration struct { + Scopes []v1alpha1.ImageScope `json:"scopes,omitempty"` + Policy *PolicyApplyConfiguration `json:"policy,omitempty"` +} + +// ClusterImagePolicySpecApplyConfiguration constructs an declarative configuration of the ClusterImagePolicySpec type for use with +// apply. +func ClusterImagePolicySpec() *ClusterImagePolicySpecApplyConfiguration { + return &ClusterImagePolicySpecApplyConfiguration{} +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *ClusterImagePolicySpecApplyConfiguration) WithScopes(values ...v1alpha1.ImageScope) *ClusterImagePolicySpecApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithPolicy sets the Policy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Policy field is set to the value of the last call. +func (b *ClusterImagePolicySpecApplyConfiguration) WithPolicy(value *PolicyApplyConfiguration) *ClusterImagePolicySpecApplyConfiguration { + b.Policy = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go new file mode 100644 index 00000000000..8f9c3a44c88 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// ClusterImagePolicyStatusApplyConfiguration represents an declarative configuration of the ClusterImagePolicyStatus type for use +// with apply. +type ClusterImagePolicyStatusApplyConfiguration struct { + Conditions []v1.Condition `json:"conditions,omitempty"` +} + +// ClusterImagePolicyStatusApplyConfiguration constructs an declarative configuration of the ClusterImagePolicyStatus type for use with +// apply. +func ClusterImagePolicyStatus() *ClusterImagePolicyStatusApplyConfiguration { + return &ClusterImagePolicyStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *ClusterImagePolicyStatusApplyConfiguration) WithConditions(values ...v1.Condition) *ClusterImagePolicyStatusApplyConfiguration { + for i := range values { + b.Conditions = append(b.Conditions, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/etcdbackupspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/etcdbackupspec.go new file mode 100644 index 00000000000..4255313b1ab --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/etcdbackupspec.go @@ -0,0 +1,50 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// EtcdBackupSpecApplyConfiguration represents an declarative configuration of the EtcdBackupSpec type for use +// with apply. +type EtcdBackupSpecApplyConfiguration struct { + Schedule *string `json:"schedule,omitempty"` + TimeZone *string `json:"timeZone,omitempty"` + RetentionPolicy *RetentionPolicyApplyConfiguration `json:"retentionPolicy,omitempty"` + PVCName *string `json:"pvcName,omitempty"` +} + +// EtcdBackupSpecApplyConfiguration constructs an declarative configuration of the EtcdBackupSpec type for use with +// apply. +func EtcdBackupSpec() *EtcdBackupSpecApplyConfiguration { + return &EtcdBackupSpecApplyConfiguration{} +} + +// WithSchedule sets the Schedule field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Schedule field is set to the value of the last call. +func (b *EtcdBackupSpecApplyConfiguration) WithSchedule(value string) *EtcdBackupSpecApplyConfiguration { + b.Schedule = &value + return b +} + +// WithTimeZone sets the TimeZone field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TimeZone field is set to the value of the last call. +func (b *EtcdBackupSpecApplyConfiguration) WithTimeZone(value string) *EtcdBackupSpecApplyConfiguration { + b.TimeZone = &value + return b +} + +// WithRetentionPolicy sets the RetentionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RetentionPolicy field is set to the value of the last call. +func (b *EtcdBackupSpecApplyConfiguration) WithRetentionPolicy(value *RetentionPolicyApplyConfiguration) *EtcdBackupSpecApplyConfiguration { + b.RetentionPolicy = value + return b +} + +// WithPVCName sets the PVCName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PVCName field is set to the value of the last call. +func (b *EtcdBackupSpecApplyConfiguration) WithPVCName(value string) *EtcdBackupSpecApplyConfiguration { + b.PVCName = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/fulciocawithrekor.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/fulciocawithrekor.go new file mode 100644 index 00000000000..681d1ce1653 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/fulciocawithrekor.go @@ -0,0 +1,45 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// FulcioCAWithRekorApplyConfiguration represents an declarative configuration of the FulcioCAWithRekor type for use +// with apply. +type FulcioCAWithRekorApplyConfiguration struct { + FulcioCAData []byte `json:"fulcioCAData,omitempty"` + RekorKeyData []byte `json:"rekorKeyData,omitempty"` + FulcioSubject *PolicyFulcioSubjectApplyConfiguration `json:"fulcioSubject,omitempty"` +} + +// FulcioCAWithRekorApplyConfiguration constructs an declarative configuration of the FulcioCAWithRekor type for use with +// apply. +func FulcioCAWithRekor() *FulcioCAWithRekorApplyConfiguration { + return &FulcioCAWithRekorApplyConfiguration{} +} + +// WithFulcioCAData adds the given value to the FulcioCAData field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the FulcioCAData field. +func (b *FulcioCAWithRekorApplyConfiguration) WithFulcioCAData(values ...byte) *FulcioCAWithRekorApplyConfiguration { + for i := range values { + b.FulcioCAData = append(b.FulcioCAData, values[i]) + } + return b +} + +// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the RekorKeyData field. +func (b *FulcioCAWithRekorApplyConfiguration) WithRekorKeyData(values ...byte) *FulcioCAWithRekorApplyConfiguration { + for i := range values { + b.RekorKeyData = append(b.RekorKeyData, values[i]) + } + return b +} + +// WithFulcioSubject sets the FulcioSubject field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the FulcioSubject field is set to the value of the last call. +func (b *FulcioCAWithRekorApplyConfiguration) WithFulcioSubject(value *PolicyFulcioSubjectApplyConfiguration) *FulcioCAWithRekorApplyConfiguration { + b.FulcioSubject = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/gatherconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/gatherconfig.go new file mode 100644 index 00000000000..2eec8ffd27e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/gatherconfig.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// GatherConfigApplyConfiguration represents an declarative configuration of the GatherConfig type for use +// with apply. +type GatherConfigApplyConfiguration struct { + DataPolicy *v1alpha1.DataPolicy `json:"dataPolicy,omitempty"` + DisabledGatherers []string `json:"disabledGatherers,omitempty"` +} + +// GatherConfigApplyConfiguration constructs an declarative configuration of the GatherConfig type for use with +// apply. +func GatherConfig() *GatherConfigApplyConfiguration { + return &GatherConfigApplyConfiguration{} +} + +// WithDataPolicy sets the DataPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DataPolicy field is set to the value of the last call. +func (b *GatherConfigApplyConfiguration) WithDataPolicy(value v1alpha1.DataPolicy) *GatherConfigApplyConfiguration { + b.DataPolicy = &value + return b +} + +// WithDisabledGatherers adds the given value to the DisabledGatherers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the DisabledGatherers field. +func (b *GatherConfigApplyConfiguration) WithDisabledGatherers(values ...string) *GatherConfigApplyConfiguration { + for i := range values { + b.DisabledGatherers = append(b.DisabledGatherers, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go new file mode 100644 index 00000000000..412a28fc71a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go @@ -0,0 +1,242 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + internal "github.com/openshift/client-go/config/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// ImagePolicyApplyConfiguration represents an declarative configuration of the ImagePolicy type for use +// with apply. +type ImagePolicyApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *ImagePolicySpecApplyConfiguration `json:"spec,omitempty"` + Status *ImagePolicyStatusApplyConfiguration `json:"status,omitempty"` +} + +// ImagePolicy constructs an declarative configuration of the ImagePolicy type for use with +// apply. +func ImagePolicy(name, namespace string) *ImagePolicyApplyConfiguration { + b := &ImagePolicyApplyConfiguration{} + b.WithName(name) + b.WithNamespace(namespace) + b.WithKind("ImagePolicy") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b +} + +// ExtractImagePolicy extracts the applied configuration owned by fieldManager from +// imagePolicy. If no managedFields are found in imagePolicy for fieldManager, a +// ImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. +// ExtractImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractImagePolicy(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { + return extractImagePolicy(imagePolicy, fieldManager, "") +} + +// ExtractImagePolicyStatus is the same as ExtractImagePolicy except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractImagePolicyStatus(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { + return extractImagePolicy(imagePolicy, fieldManager, "status") +} + +func extractImagePolicy(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string, subresource string) (*ImagePolicyApplyConfiguration, error) { + b := &ImagePolicyApplyConfiguration{} + err := managedfields.ExtractInto(imagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ImagePolicy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(imagePolicy.Name) + b.WithNamespace(imagePolicy.Namespace) + + b.WithKind("ImagePolicy") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithKind(value string) *ImagePolicyApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithAPIVersion(value string) *ImagePolicyApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithName(value string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithGenerateName(value string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithNamespace(value string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithUID(value types.UID) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithResourceVersion(value string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithGeneration(value int64) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *ImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *ImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *ImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *ImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ImagePolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *ImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithSpec(value *ImagePolicySpecApplyConfiguration) *ImagePolicyApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *ImagePolicyApplyConfiguration) WithStatus(value *ImagePolicyStatusApplyConfiguration) *ImagePolicyApplyConfiguration { + b.Status = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go new file mode 100644 index 00000000000..aecf932a701 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// ImagePolicySpecApplyConfiguration represents an declarative configuration of the ImagePolicySpec type for use +// with apply. +type ImagePolicySpecApplyConfiguration struct { + Scopes []v1alpha1.ImageScope `json:"scopes,omitempty"` + Policy *PolicyApplyConfiguration `json:"policy,omitempty"` +} + +// ImagePolicySpecApplyConfiguration constructs an declarative configuration of the ImagePolicySpec type for use with +// apply. +func ImagePolicySpec() *ImagePolicySpecApplyConfiguration { + return &ImagePolicySpecApplyConfiguration{} +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *ImagePolicySpecApplyConfiguration) WithScopes(values ...v1alpha1.ImageScope) *ImagePolicySpecApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithPolicy sets the Policy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Policy field is set to the value of the last call. +func (b *ImagePolicySpecApplyConfiguration) WithPolicy(value *PolicyApplyConfiguration) *ImagePolicySpecApplyConfiguration { + b.Policy = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go new file mode 100644 index 00000000000..d27a4d3c894 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// ImagePolicyStatusApplyConfiguration represents an declarative configuration of the ImagePolicyStatus type for use +// with apply. +type ImagePolicyStatusApplyConfiguration struct { + Conditions []v1.Condition `json:"conditions,omitempty"` +} + +// ImagePolicyStatusApplyConfiguration constructs an declarative configuration of the ImagePolicyStatus type for use with +// apply. +func ImagePolicyStatus() *ImagePolicyStatusApplyConfiguration { + return &ImagePolicyStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *ImagePolicyStatusApplyConfiguration) WithConditions(values ...v1.Condition) *ImagePolicyStatusApplyConfiguration { + for i := range values { + b.Conditions = append(b.Conditions, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/insightsdatagather.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/insightsdatagather.go new file mode 100644 index 00000000000..b86f19208ed --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/insightsdatagather.go @@ -0,0 +1,240 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + internal "github.com/openshift/client-go/config/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// InsightsDataGatherApplyConfiguration represents an declarative configuration of the InsightsDataGather type for use +// with apply. +type InsightsDataGatherApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *InsightsDataGatherSpecApplyConfiguration `json:"spec,omitempty"` + Status *configv1alpha1.InsightsDataGatherStatus `json:"status,omitempty"` +} + +// InsightsDataGather constructs an declarative configuration of the InsightsDataGather type for use with +// apply. +func InsightsDataGather(name string) *InsightsDataGatherApplyConfiguration { + b := &InsightsDataGatherApplyConfiguration{} + b.WithName(name) + b.WithKind("InsightsDataGather") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b +} + +// ExtractInsightsDataGather extracts the applied configuration owned by fieldManager from +// insightsDataGather. If no managedFields are found in insightsDataGather for fieldManager, a +// InsightsDataGatherApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// insightsDataGather must be a unmodified InsightsDataGather API object that was retrieved from the Kubernetes API. +// ExtractInsightsDataGather provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractInsightsDataGather(insightsDataGather *configv1alpha1.InsightsDataGather, fieldManager string) (*InsightsDataGatherApplyConfiguration, error) { + return extractInsightsDataGather(insightsDataGather, fieldManager, "") +} + +// ExtractInsightsDataGatherStatus is the same as ExtractInsightsDataGather except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractInsightsDataGatherStatus(insightsDataGather *configv1alpha1.InsightsDataGather, fieldManager string) (*InsightsDataGatherApplyConfiguration, error) { + return extractInsightsDataGather(insightsDataGather, fieldManager, "status") +} + +func extractInsightsDataGather(insightsDataGather *configv1alpha1.InsightsDataGather, fieldManager string, subresource string) (*InsightsDataGatherApplyConfiguration, error) { + b := &InsightsDataGatherApplyConfiguration{} + err := managedfields.ExtractInto(insightsDataGather, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.InsightsDataGather"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(insightsDataGather.Name) + + b.WithKind("InsightsDataGather") + b.WithAPIVersion("config.openshift.io/v1alpha1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithKind(value string) *InsightsDataGatherApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithAPIVersion(value string) *InsightsDataGatherApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithName(value string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithGenerateName(value string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithNamespace(value string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithUID(value types.UID) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithResourceVersion(value string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithGeneration(value int64) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithCreationTimestamp(value metav1.Time) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *InsightsDataGatherApplyConfiguration) WithLabels(entries map[string]string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *InsightsDataGatherApplyConfiguration) WithAnnotations(entries map[string]string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *InsightsDataGatherApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *InsightsDataGatherApplyConfiguration) WithFinalizers(values ...string) *InsightsDataGatherApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *InsightsDataGatherApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithSpec(value *InsightsDataGatherSpecApplyConfiguration) *InsightsDataGatherApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *InsightsDataGatherApplyConfiguration) WithStatus(value configv1alpha1.InsightsDataGatherStatus) *InsightsDataGatherApplyConfiguration { + b.Status = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/insightsdatagatherspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/insightsdatagatherspec.go new file mode 100644 index 00000000000..44416cf8581 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/insightsdatagatherspec.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// InsightsDataGatherSpecApplyConfiguration represents an declarative configuration of the InsightsDataGatherSpec type for use +// with apply. +type InsightsDataGatherSpecApplyConfiguration struct { + GatherConfig *GatherConfigApplyConfiguration `json:"gatherConfig,omitempty"` +} + +// InsightsDataGatherSpecApplyConfiguration constructs an declarative configuration of the InsightsDataGatherSpec type for use with +// apply. +func InsightsDataGatherSpec() *InsightsDataGatherSpecApplyConfiguration { + return &InsightsDataGatherSpecApplyConfiguration{} +} + +// WithGatherConfig sets the GatherConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GatherConfig field is set to the value of the last call. +func (b *InsightsDataGatherSpecApplyConfiguration) WithGatherConfig(value *GatherConfigApplyConfiguration) *InsightsDataGatherSpecApplyConfiguration { + b.GatherConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policy.go new file mode 100644 index 00000000000..f4697d2bbbe --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policy.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PolicyApplyConfiguration represents an declarative configuration of the Policy type for use +// with apply. +type PolicyApplyConfiguration struct { + RootOfTrust *PolicyRootOfTrustApplyConfiguration `json:"rootOfTrust,omitempty"` + SignedIdentity *PolicyIdentityApplyConfiguration `json:"signedIdentity,omitempty"` +} + +// PolicyApplyConfiguration constructs an declarative configuration of the Policy type for use with +// apply. +func Policy() *PolicyApplyConfiguration { + return &PolicyApplyConfiguration{} +} + +// WithRootOfTrust sets the RootOfTrust field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RootOfTrust field is set to the value of the last call. +func (b *PolicyApplyConfiguration) WithRootOfTrust(value *PolicyRootOfTrustApplyConfiguration) *PolicyApplyConfiguration { + b.RootOfTrust = value + return b +} + +// WithSignedIdentity sets the SignedIdentity field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SignedIdentity field is set to the value of the last call. +func (b *PolicyApplyConfiguration) WithSignedIdentity(value *PolicyIdentityApplyConfiguration) *PolicyApplyConfiguration { + b.SignedIdentity = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go new file mode 100644 index 00000000000..98b0db59046 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PolicyFulcioSubjectApplyConfiguration represents an declarative configuration of the PolicyFulcioSubject type for use +// with apply. +type PolicyFulcioSubjectApplyConfiguration struct { + OIDCIssuer *string `json:"oidcIssuer,omitempty"` + SignedEmail *string `json:"signedEmail,omitempty"` +} + +// PolicyFulcioSubjectApplyConfiguration constructs an declarative configuration of the PolicyFulcioSubject type for use with +// apply. +func PolicyFulcioSubject() *PolicyFulcioSubjectApplyConfiguration { + return &PolicyFulcioSubjectApplyConfiguration{} +} + +// WithOIDCIssuer sets the OIDCIssuer field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OIDCIssuer field is set to the value of the last call. +func (b *PolicyFulcioSubjectApplyConfiguration) WithOIDCIssuer(value string) *PolicyFulcioSubjectApplyConfiguration { + b.OIDCIssuer = &value + return b +} + +// WithSignedEmail sets the SignedEmail field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SignedEmail field is set to the value of the last call. +func (b *PolicyFulcioSubjectApplyConfiguration) WithSignedEmail(value string) *PolicyFulcioSubjectApplyConfiguration { + b.SignedEmail = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go new file mode 100644 index 00000000000..ef4769d02d6 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go @@ -0,0 +1,45 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// PolicyIdentityApplyConfiguration represents an declarative configuration of the PolicyIdentity type for use +// with apply. +type PolicyIdentityApplyConfiguration struct { + MatchPolicy *v1alpha1.IdentityMatchPolicy `json:"matchPolicy,omitempty"` + PolicyMatchExactRepository *PolicyMatchExactRepositoryApplyConfiguration `json:"exactRepository,omitempty"` + PolicyMatchRemapIdentity *PolicyMatchRemapIdentityApplyConfiguration `json:"remapIdentity,omitempty"` +} + +// PolicyIdentityApplyConfiguration constructs an declarative configuration of the PolicyIdentity type for use with +// apply. +func PolicyIdentity() *PolicyIdentityApplyConfiguration { + return &PolicyIdentityApplyConfiguration{} +} + +// WithMatchPolicy sets the MatchPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MatchPolicy field is set to the value of the last call. +func (b *PolicyIdentityApplyConfiguration) WithMatchPolicy(value v1alpha1.IdentityMatchPolicy) *PolicyIdentityApplyConfiguration { + b.MatchPolicy = &value + return b +} + +// WithPolicyMatchExactRepository sets the PolicyMatchExactRepository field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PolicyMatchExactRepository field is set to the value of the last call. +func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchExactRepository(value *PolicyMatchExactRepositoryApplyConfiguration) *PolicyIdentityApplyConfiguration { + b.PolicyMatchExactRepository = value + return b +} + +// WithPolicyMatchRemapIdentity sets the PolicyMatchRemapIdentity field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PolicyMatchRemapIdentity field is set to the value of the last call. +func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchRemapIdentity(value *PolicyMatchRemapIdentityApplyConfiguration) *PolicyIdentityApplyConfiguration { + b.PolicyMatchRemapIdentity = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go new file mode 100644 index 00000000000..6bf36d733ec --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go @@ -0,0 +1,27 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// PolicyMatchExactRepositoryApplyConfiguration represents an declarative configuration of the PolicyMatchExactRepository type for use +// with apply. +type PolicyMatchExactRepositoryApplyConfiguration struct { + Repository *v1alpha1.IdentityRepositoryPrefix `json:"repository,omitempty"` +} + +// PolicyMatchExactRepositoryApplyConfiguration constructs an declarative configuration of the PolicyMatchExactRepository type for use with +// apply. +func PolicyMatchExactRepository() *PolicyMatchExactRepositoryApplyConfiguration { + return &PolicyMatchExactRepositoryApplyConfiguration{} +} + +// WithRepository sets the Repository field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Repository field is set to the value of the last call. +func (b *PolicyMatchExactRepositoryApplyConfiguration) WithRepository(value v1alpha1.IdentityRepositoryPrefix) *PolicyMatchExactRepositoryApplyConfiguration { + b.Repository = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go new file mode 100644 index 00000000000..20ecf141cad --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// PolicyMatchRemapIdentityApplyConfiguration represents an declarative configuration of the PolicyMatchRemapIdentity type for use +// with apply. +type PolicyMatchRemapIdentityApplyConfiguration struct { + Prefix *v1alpha1.IdentityRepositoryPrefix `json:"prefix,omitempty"` + SignedPrefix *v1alpha1.IdentityRepositoryPrefix `json:"signedPrefix,omitempty"` +} + +// PolicyMatchRemapIdentityApplyConfiguration constructs an declarative configuration of the PolicyMatchRemapIdentity type for use with +// apply. +func PolicyMatchRemapIdentity() *PolicyMatchRemapIdentityApplyConfiguration { + return &PolicyMatchRemapIdentityApplyConfiguration{} +} + +// WithPrefix sets the Prefix field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Prefix field is set to the value of the last call. +func (b *PolicyMatchRemapIdentityApplyConfiguration) WithPrefix(value v1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { + b.Prefix = &value + return b +} + +// WithSignedPrefix sets the SignedPrefix field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SignedPrefix field is set to the value of the last call. +func (b *PolicyMatchRemapIdentityApplyConfiguration) WithSignedPrefix(value v1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { + b.SignedPrefix = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go new file mode 100644 index 00000000000..cc442ddaea2 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go @@ -0,0 +1,45 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// PolicyRootOfTrustApplyConfiguration represents an declarative configuration of the PolicyRootOfTrust type for use +// with apply. +type PolicyRootOfTrustApplyConfiguration struct { + PolicyType *v1alpha1.PolicyType `json:"policyType,omitempty"` + PublicKey *PublicKeyApplyConfiguration `json:"publicKey,omitempty"` + FulcioCAWithRekor *FulcioCAWithRekorApplyConfiguration `json:"fulcioCAWithRekor,omitempty"` +} + +// PolicyRootOfTrustApplyConfiguration constructs an declarative configuration of the PolicyRootOfTrust type for use with +// apply. +func PolicyRootOfTrust() *PolicyRootOfTrustApplyConfiguration { + return &PolicyRootOfTrustApplyConfiguration{} +} + +// WithPolicyType sets the PolicyType field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PolicyType field is set to the value of the last call. +func (b *PolicyRootOfTrustApplyConfiguration) WithPolicyType(value v1alpha1.PolicyType) *PolicyRootOfTrustApplyConfiguration { + b.PolicyType = &value + return b +} + +// WithPublicKey sets the PublicKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PublicKey field is set to the value of the last call. +func (b *PolicyRootOfTrustApplyConfiguration) WithPublicKey(value *PublicKeyApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { + b.PublicKey = value + return b +} + +// WithFulcioCAWithRekor sets the FulcioCAWithRekor field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the FulcioCAWithRekor field is set to the value of the last call. +func (b *PolicyRootOfTrustApplyConfiguration) WithFulcioCAWithRekor(value *FulcioCAWithRekorApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { + b.FulcioCAWithRekor = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/publickey.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/publickey.go new file mode 100644 index 00000000000..0636a283ef5 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/publickey.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PublicKeyApplyConfiguration represents an declarative configuration of the PublicKey type for use +// with apply. +type PublicKeyApplyConfiguration struct { + KeyData []byte `json:"keyData,omitempty"` + RekorKeyData []byte `json:"rekorKeyData,omitempty"` +} + +// PublicKeyApplyConfiguration constructs an declarative configuration of the PublicKey type for use with +// apply. +func PublicKey() *PublicKeyApplyConfiguration { + return &PublicKeyApplyConfiguration{} +} + +// WithKeyData adds the given value to the KeyData field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the KeyData field. +func (b *PublicKeyApplyConfiguration) WithKeyData(values ...byte) *PublicKeyApplyConfiguration { + for i := range values { + b.KeyData = append(b.KeyData, values[i]) + } + return b +} + +// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the RekorKeyData field. +func (b *PublicKeyApplyConfiguration) WithRekorKeyData(values ...byte) *PublicKeyApplyConfiguration { + for i := range values { + b.RekorKeyData = append(b.RekorKeyData, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionnumberconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionnumberconfig.go new file mode 100644 index 00000000000..833c540ecae --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionnumberconfig.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RetentionNumberConfigApplyConfiguration represents an declarative configuration of the RetentionNumberConfig type for use +// with apply. +type RetentionNumberConfigApplyConfiguration struct { + MaxNumberOfBackups *int `json:"maxNumberOfBackups,omitempty"` +} + +// RetentionNumberConfigApplyConfiguration constructs an declarative configuration of the RetentionNumberConfig type for use with +// apply. +func RetentionNumberConfig() *RetentionNumberConfigApplyConfiguration { + return &RetentionNumberConfigApplyConfiguration{} +} + +// WithMaxNumberOfBackups sets the MaxNumberOfBackups field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxNumberOfBackups field is set to the value of the last call. +func (b *RetentionNumberConfigApplyConfiguration) WithMaxNumberOfBackups(value int) *RetentionNumberConfigApplyConfiguration { + b.MaxNumberOfBackups = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionpolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionpolicy.go new file mode 100644 index 00000000000..7d0de95c97f --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionpolicy.go @@ -0,0 +1,45 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RetentionPolicyApplyConfiguration represents an declarative configuration of the RetentionPolicy type for use +// with apply. +type RetentionPolicyApplyConfiguration struct { + RetentionType *v1alpha1.RetentionType `json:"retentionType,omitempty"` + RetentionNumber *RetentionNumberConfigApplyConfiguration `json:"retentionNumber,omitempty"` + RetentionSize *RetentionSizeConfigApplyConfiguration `json:"retentionSize,omitempty"` +} + +// RetentionPolicyApplyConfiguration constructs an declarative configuration of the RetentionPolicy type for use with +// apply. +func RetentionPolicy() *RetentionPolicyApplyConfiguration { + return &RetentionPolicyApplyConfiguration{} +} + +// WithRetentionType sets the RetentionType field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RetentionType field is set to the value of the last call. +func (b *RetentionPolicyApplyConfiguration) WithRetentionType(value v1alpha1.RetentionType) *RetentionPolicyApplyConfiguration { + b.RetentionType = &value + return b +} + +// WithRetentionNumber sets the RetentionNumber field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RetentionNumber field is set to the value of the last call. +func (b *RetentionPolicyApplyConfiguration) WithRetentionNumber(value *RetentionNumberConfigApplyConfiguration) *RetentionPolicyApplyConfiguration { + b.RetentionNumber = value + return b +} + +// WithRetentionSize sets the RetentionSize field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RetentionSize field is set to the value of the last call. +func (b *RetentionPolicyApplyConfiguration) WithRetentionSize(value *RetentionSizeConfigApplyConfiguration) *RetentionPolicyApplyConfiguration { + b.RetentionSize = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionsizeconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionsizeconfig.go new file mode 100644 index 00000000000..50519b53a83 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retentionsizeconfig.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RetentionSizeConfigApplyConfiguration represents an declarative configuration of the RetentionSizeConfig type for use +// with apply. +type RetentionSizeConfigApplyConfiguration struct { + MaxSizeOfBackupsGb *int `json:"maxSizeOfBackupsGb,omitempty"` +} + +// RetentionSizeConfigApplyConfiguration constructs an declarative configuration of the RetentionSizeConfig type for use with +// apply. +func RetentionSizeConfig() *RetentionSizeConfigApplyConfiguration { + return &RetentionSizeConfigApplyConfiguration{} +} + +// WithMaxSizeOfBackupsGb sets the MaxSizeOfBackupsGb field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxSizeOfBackupsGb field is set to the value of the last call. +func (b *RetentionSizeConfigApplyConfiguration) WithMaxSizeOfBackupsGb(value int) *RetentionSizeConfigApplyConfiguration { + b.MaxSizeOfBackupsGb = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/clientset.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/clientset.go new file mode 100644 index 00000000000..29896542d02 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/clientset.go @@ -0,0 +1,117 @@ +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + "net/http" + + configv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + configv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + ConfigV1() configv1.ConfigV1Interface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface +} + +// Clientset contains the clients for groups. +type Clientset struct { + *discovery.DiscoveryClient + configV1 *configv1.ConfigV1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client +} + +// ConfigV1 retrieves the ConfigV1Client +func (c *Clientset) ConfigV1() configv1.ConfigV1Interface { + return c.configV1 +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + + if configShallowCopy.UserAgent == "" { + configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() + } + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + + var cs Clientset + var err error + cs.configV1, err = configv1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.configV1 = configv1.New(c) + cs.configV1alpha1 = configv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/backup.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/backup.go new file mode 100644 index 00000000000..8209afbb52d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/backup.go @@ -0,0 +1,227 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + json "encoding/json" + "fmt" + "time" + + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// BackupsGetter has a method to return a BackupInterface. +// A group's client should implement this interface. +type BackupsGetter interface { + Backups() BackupInterface +} + +// BackupInterface has methods to work with Backup resources. +type BackupInterface interface { + Create(ctx context.Context, backup *v1alpha1.Backup, opts v1.CreateOptions) (*v1alpha1.Backup, error) + Update(ctx context.Context, backup *v1alpha1.Backup, opts v1.UpdateOptions) (*v1alpha1.Backup, error) + UpdateStatus(ctx context.Context, backup *v1alpha1.Backup, opts v1.UpdateOptions) (*v1alpha1.Backup, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.Backup, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.BackupList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Backup, err error) + Apply(ctx context.Context, backup *configv1alpha1.BackupApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.Backup, err error) + ApplyStatus(ctx context.Context, backup *configv1alpha1.BackupApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.Backup, err error) + BackupExpansion +} + +// backups implements BackupInterface +type backups struct { + client rest.Interface +} + +// newBackups returns a Backups +func newBackups(c *ConfigV1alpha1Client) *backups { + return &backups{ + client: c.RESTClient(), + } +} + +// Get takes name of the backup, and returns the corresponding backup object, and an error if there is any. +func (c *backups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Backup, err error) { + result = &v1alpha1.Backup{} + err = c.client.Get(). + Resource("backups"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Backups that match those selectors. +func (c *backups) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.BackupList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.BackupList{} + err = c.client.Get(). + Resource("backups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested backups. +func (c *backups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("backups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a backup and creates it. Returns the server's representation of the backup, and an error, if there is any. +func (c *backups) Create(ctx context.Context, backup *v1alpha1.Backup, opts v1.CreateOptions) (result *v1alpha1.Backup, err error) { + result = &v1alpha1.Backup{} + err = c.client.Post(). + Resource("backups"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(backup). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a backup and updates it. Returns the server's representation of the backup, and an error, if there is any. +func (c *backups) Update(ctx context.Context, backup *v1alpha1.Backup, opts v1.UpdateOptions) (result *v1alpha1.Backup, err error) { + result = &v1alpha1.Backup{} + err = c.client.Put(). + Resource("backups"). + Name(backup.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(backup). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *backups) UpdateStatus(ctx context.Context, backup *v1alpha1.Backup, opts v1.UpdateOptions) (result *v1alpha1.Backup, err error) { + result = &v1alpha1.Backup{} + err = c.client.Put(). + Resource("backups"). + Name(backup.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(backup). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the backup and deletes it. Returns an error if one occurs. +func (c *backups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("backups"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *backups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("backups"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched backup. +func (c *backups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Backup, err error) { + result = &v1alpha1.Backup{} + err = c.client.Patch(pt). + Resource("backups"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied backup. +func (c *backups) Apply(ctx context.Context, backup *configv1alpha1.BackupApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.Backup, err error) { + if backup == nil { + return nil, fmt.Errorf("backup provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(backup) + if err != nil { + return nil, err + } + name := backup.Name + if name == nil { + return nil, fmt.Errorf("backup.Name must be provided to Apply") + } + result = &v1alpha1.Backup{} + err = c.client.Patch(types.ApplyPatchType). + Resource("backups"). + Name(*name). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *backups) ApplyStatus(ctx context.Context, backup *configv1alpha1.BackupApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.Backup, err error) { + if backup == nil { + return nil, fmt.Errorf("backup provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(backup) + if err != nil { + return nil, err + } + + name := backup.Name + if name == nil { + return nil, fmt.Errorf("backup.Name must be provided to Apply") + } + + result = &v1alpha1.Backup{} + err = c.client.Patch(types.ApplyPatchType). + Resource("backups"). + Name(*name). + SubResource("status"). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go new file mode 100644 index 00000000000..89ed7717e47 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go @@ -0,0 +1,227 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + json "encoding/json" + "fmt" + "time" + + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterImagePoliciesGetter has a method to return a ClusterImagePolicyInterface. +// A group's client should implement this interface. +type ClusterImagePoliciesGetter interface { + ClusterImagePolicies() ClusterImagePolicyInterface +} + +// ClusterImagePolicyInterface has methods to work with ClusterImagePolicy resources. +type ClusterImagePolicyInterface interface { + Create(ctx context.Context, clusterImagePolicy *v1alpha1.ClusterImagePolicy, opts v1.CreateOptions) (*v1alpha1.ClusterImagePolicy, error) + Update(ctx context.Context, clusterImagePolicy *v1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterImagePolicy, error) + UpdateStatus(ctx context.Context, clusterImagePolicy *v1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterImagePolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ClusterImagePolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ClusterImagePolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterImagePolicy, err error) + Apply(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ClusterImagePolicy, err error) + ApplyStatus(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ClusterImagePolicy, err error) + ClusterImagePolicyExpansion +} + +// clusterImagePolicies implements ClusterImagePolicyInterface +type clusterImagePolicies struct { + client rest.Interface +} + +// newClusterImagePolicies returns a ClusterImagePolicies +func newClusterImagePolicies(c *ConfigV1alpha1Client) *clusterImagePolicies { + return &clusterImagePolicies{ + client: c.RESTClient(), + } +} + +// Get takes name of the clusterImagePolicy, and returns the corresponding clusterImagePolicy object, and an error if there is any. +func (c *clusterImagePolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterImagePolicy, err error) { + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Get(). + Resource("clusterimagepolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterImagePolicies that match those selectors. +func (c *clusterImagePolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterImagePolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ClusterImagePolicyList{} + err = c.client.Get(). + Resource("clusterimagepolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterImagePolicies. +func (c *clusterImagePolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("clusterimagepolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a clusterImagePolicy and creates it. Returns the server's representation of the clusterImagePolicy, and an error, if there is any. +func (c *clusterImagePolicies) Create(ctx context.Context, clusterImagePolicy *v1alpha1.ClusterImagePolicy, opts v1.CreateOptions) (result *v1alpha1.ClusterImagePolicy, err error) { + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Post(). + Resource("clusterimagepolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterImagePolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a clusterImagePolicy and updates it. Returns the server's representation of the clusterImagePolicy, and an error, if there is any. +func (c *clusterImagePolicies) Update(ctx context.Context, clusterImagePolicy *v1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterImagePolicy, err error) { + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Put(). + Resource("clusterimagepolicies"). + Name(clusterImagePolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterImagePolicy). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *clusterImagePolicies) UpdateStatus(ctx context.Context, clusterImagePolicy *v1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterImagePolicy, err error) { + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Put(). + Resource("clusterimagepolicies"). + Name(clusterImagePolicy.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterImagePolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the clusterImagePolicy and deletes it. Returns an error if one occurs. +func (c *clusterImagePolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("clusterimagepolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterImagePolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("clusterimagepolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched clusterImagePolicy. +func (c *clusterImagePolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterImagePolicy, err error) { + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Patch(pt). + Resource("clusterimagepolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied clusterImagePolicy. +func (c *clusterImagePolicies) Apply(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ClusterImagePolicy, err error) { + if clusterImagePolicy == nil { + return nil, fmt.Errorf("clusterImagePolicy provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(clusterImagePolicy) + if err != nil { + return nil, err + } + name := clusterImagePolicy.Name + if name == nil { + return nil, fmt.Errorf("clusterImagePolicy.Name must be provided to Apply") + } + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Patch(types.ApplyPatchType). + Resource("clusterimagepolicies"). + Name(*name). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *clusterImagePolicies) ApplyStatus(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ClusterImagePolicy, err error) { + if clusterImagePolicy == nil { + return nil, fmt.Errorf("clusterImagePolicy provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(clusterImagePolicy) + if err != nil { + return nil, err + } + + name := clusterImagePolicy.Name + if name == nil { + return nil, fmt.Errorf("clusterImagePolicy.Name must be provided to Apply") + } + + result = &v1alpha1.ClusterImagePolicy{} + err = c.client.Patch(types.ApplyPatchType). + Resource("clusterimagepolicies"). + Name(*name). + SubResource("status"). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000000..cfbbd848bbf --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,106 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "github.com/openshift/api/config/v1alpha1" + "github.com/openshift/client-go/config/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + BackupsGetter + ClusterImagePoliciesGetter + ImagePoliciesGetter + InsightsDataGathersGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.openshift.io group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) Backups() BackupInterface { + return newBackups(c) +} + +func (c *ConfigV1alpha1Client) ClusterImagePolicies() ClusterImagePolicyInterface { + return newClusterImagePolicies(c) +} + +func (c *ConfigV1alpha1Client) ImagePolicies(namespace string) ImagePolicyInterface { + return newImagePolicies(c, namespace) +} + +func (c *ConfigV1alpha1Client) InsightsDataGathers() InsightsDataGatherInterface { + return newInsightsDataGathers(c) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000000..93a7ca4e0e2 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000000..3a69741b1de --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,11 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type BackupExpansion interface{} + +type ClusterImagePolicyExpansion interface{} + +type ImagePolicyExpansion interface{} + +type InsightsDataGatherExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go new file mode 100644 index 00000000000..a67969cf3bb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go @@ -0,0 +1,240 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + json "encoding/json" + "fmt" + "time" + + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ImagePoliciesGetter has a method to return a ImagePolicyInterface. +// A group's client should implement this interface. +type ImagePoliciesGetter interface { + ImagePolicies(namespace string) ImagePolicyInterface +} + +// ImagePolicyInterface has methods to work with ImagePolicy resources. +type ImagePolicyInterface interface { + Create(ctx context.Context, imagePolicy *v1alpha1.ImagePolicy, opts v1.CreateOptions) (*v1alpha1.ImagePolicy, error) + Update(ctx context.Context, imagePolicy *v1alpha1.ImagePolicy, opts v1.UpdateOptions) (*v1alpha1.ImagePolicy, error) + UpdateStatus(ctx context.Context, imagePolicy *v1alpha1.ImagePolicy, opts v1.UpdateOptions) (*v1alpha1.ImagePolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ImagePolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ImagePolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ImagePolicy, err error) + Apply(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ImagePolicy, err error) + ApplyStatus(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ImagePolicy, err error) + ImagePolicyExpansion +} + +// imagePolicies implements ImagePolicyInterface +type imagePolicies struct { + client rest.Interface + ns string +} + +// newImagePolicies returns a ImagePolicies +func newImagePolicies(c *ConfigV1alpha1Client, namespace string) *imagePolicies { + return &imagePolicies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the imagePolicy, and returns the corresponding imagePolicy object, and an error if there is any. +func (c *imagePolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ImagePolicy, err error) { + result = &v1alpha1.ImagePolicy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("imagepolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ImagePolicies that match those selectors. +func (c *imagePolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ImagePolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ImagePolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("imagepolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested imagePolicies. +func (c *imagePolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("imagepolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a imagePolicy and creates it. Returns the server's representation of the imagePolicy, and an error, if there is any. +func (c *imagePolicies) Create(ctx context.Context, imagePolicy *v1alpha1.ImagePolicy, opts v1.CreateOptions) (result *v1alpha1.ImagePolicy, err error) { + result = &v1alpha1.ImagePolicy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("imagepolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(imagePolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a imagePolicy and updates it. Returns the server's representation of the imagePolicy, and an error, if there is any. +func (c *imagePolicies) Update(ctx context.Context, imagePolicy *v1alpha1.ImagePolicy, opts v1.UpdateOptions) (result *v1alpha1.ImagePolicy, err error) { + result = &v1alpha1.ImagePolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("imagepolicies"). + Name(imagePolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(imagePolicy). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *imagePolicies) UpdateStatus(ctx context.Context, imagePolicy *v1alpha1.ImagePolicy, opts v1.UpdateOptions) (result *v1alpha1.ImagePolicy, err error) { + result = &v1alpha1.ImagePolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("imagepolicies"). + Name(imagePolicy.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(imagePolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the imagePolicy and deletes it. Returns an error if one occurs. +func (c *imagePolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("imagepolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *imagePolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("imagepolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched imagePolicy. +func (c *imagePolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ImagePolicy, err error) { + result = &v1alpha1.ImagePolicy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("imagepolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied imagePolicy. +func (c *imagePolicies) Apply(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ImagePolicy, err error) { + if imagePolicy == nil { + return nil, fmt.Errorf("imagePolicy provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(imagePolicy) + if err != nil { + return nil, err + } + name := imagePolicy.Name + if name == nil { + return nil, fmt.Errorf("imagePolicy.Name must be provided to Apply") + } + result = &v1alpha1.ImagePolicy{} + err = c.client.Patch(types.ApplyPatchType). + Namespace(c.ns). + Resource("imagepolicies"). + Name(*name). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *imagePolicies) ApplyStatus(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.ImagePolicy, err error) { + if imagePolicy == nil { + return nil, fmt.Errorf("imagePolicy provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(imagePolicy) + if err != nil { + return nil, err + } + + name := imagePolicy.Name + if name == nil { + return nil, fmt.Errorf("imagePolicy.Name must be provided to Apply") + } + + result = &v1alpha1.ImagePolicy{} + err = c.client.Patch(types.ApplyPatchType). + Namespace(c.ns). + Resource("imagepolicies"). + Name(*name). + SubResource("status"). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/insightsdatagather.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/insightsdatagather.go new file mode 100644 index 00000000000..e3e66488a80 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/insightsdatagather.go @@ -0,0 +1,227 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + json "encoding/json" + "fmt" + "time" + + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// InsightsDataGathersGetter has a method to return a InsightsDataGatherInterface. +// A group's client should implement this interface. +type InsightsDataGathersGetter interface { + InsightsDataGathers() InsightsDataGatherInterface +} + +// InsightsDataGatherInterface has methods to work with InsightsDataGather resources. +type InsightsDataGatherInterface interface { + Create(ctx context.Context, insightsDataGather *v1alpha1.InsightsDataGather, opts v1.CreateOptions) (*v1alpha1.InsightsDataGather, error) + Update(ctx context.Context, insightsDataGather *v1alpha1.InsightsDataGather, opts v1.UpdateOptions) (*v1alpha1.InsightsDataGather, error) + UpdateStatus(ctx context.Context, insightsDataGather *v1alpha1.InsightsDataGather, opts v1.UpdateOptions) (*v1alpha1.InsightsDataGather, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.InsightsDataGather, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.InsightsDataGatherList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.InsightsDataGather, err error) + Apply(ctx context.Context, insightsDataGather *configv1alpha1.InsightsDataGatherApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.InsightsDataGather, err error) + ApplyStatus(ctx context.Context, insightsDataGather *configv1alpha1.InsightsDataGatherApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.InsightsDataGather, err error) + InsightsDataGatherExpansion +} + +// insightsDataGathers implements InsightsDataGatherInterface +type insightsDataGathers struct { + client rest.Interface +} + +// newInsightsDataGathers returns a InsightsDataGathers +func newInsightsDataGathers(c *ConfigV1alpha1Client) *insightsDataGathers { + return &insightsDataGathers{ + client: c.RESTClient(), + } +} + +// Get takes name of the insightsDataGather, and returns the corresponding insightsDataGather object, and an error if there is any. +func (c *insightsDataGathers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.InsightsDataGather, err error) { + result = &v1alpha1.InsightsDataGather{} + err = c.client.Get(). + Resource("insightsdatagathers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of InsightsDataGathers that match those selectors. +func (c *insightsDataGathers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.InsightsDataGatherList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.InsightsDataGatherList{} + err = c.client.Get(). + Resource("insightsdatagathers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested insightsDataGathers. +func (c *insightsDataGathers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("insightsdatagathers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a insightsDataGather and creates it. Returns the server's representation of the insightsDataGather, and an error, if there is any. +func (c *insightsDataGathers) Create(ctx context.Context, insightsDataGather *v1alpha1.InsightsDataGather, opts v1.CreateOptions) (result *v1alpha1.InsightsDataGather, err error) { + result = &v1alpha1.InsightsDataGather{} + err = c.client.Post(). + Resource("insightsdatagathers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(insightsDataGather). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a insightsDataGather and updates it. Returns the server's representation of the insightsDataGather, and an error, if there is any. +func (c *insightsDataGathers) Update(ctx context.Context, insightsDataGather *v1alpha1.InsightsDataGather, opts v1.UpdateOptions) (result *v1alpha1.InsightsDataGather, err error) { + result = &v1alpha1.InsightsDataGather{} + err = c.client.Put(). + Resource("insightsdatagathers"). + Name(insightsDataGather.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(insightsDataGather). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *insightsDataGathers) UpdateStatus(ctx context.Context, insightsDataGather *v1alpha1.InsightsDataGather, opts v1.UpdateOptions) (result *v1alpha1.InsightsDataGather, err error) { + result = &v1alpha1.InsightsDataGather{} + err = c.client.Put(). + Resource("insightsdatagathers"). + Name(insightsDataGather.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(insightsDataGather). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the insightsDataGather and deletes it. Returns an error if one occurs. +func (c *insightsDataGathers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("insightsdatagathers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *insightsDataGathers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("insightsdatagathers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched insightsDataGather. +func (c *insightsDataGathers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.InsightsDataGather, err error) { + result = &v1alpha1.InsightsDataGather{} + err = c.client.Patch(pt). + Resource("insightsdatagathers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied insightsDataGather. +func (c *insightsDataGathers) Apply(ctx context.Context, insightsDataGather *configv1alpha1.InsightsDataGatherApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.InsightsDataGather, err error) { + if insightsDataGather == nil { + return nil, fmt.Errorf("insightsDataGather provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(insightsDataGather) + if err != nil { + return nil, err + } + name := insightsDataGather.Name + if name == nil { + return nil, fmt.Errorf("insightsDataGather.Name must be provided to Apply") + } + result = &v1alpha1.InsightsDataGather{} + err = c.client.Patch(types.ApplyPatchType). + Resource("insightsdatagathers"). + Name(*name). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *insightsDataGathers) ApplyStatus(ctx context.Context, insightsDataGather *configv1alpha1.InsightsDataGatherApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.InsightsDataGather, err error) { + if insightsDataGather == nil { + return nil, fmt.Errorf("insightsDataGather provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(insightsDataGather) + if err != nil { + return nil, err + } + + name := insightsDataGather.Name + if name == nil { + return nil, fmt.Errorf("insightsDataGather.Name must be provided to Apply") + } + + result = &v1alpha1.InsightsDataGather{} + err = c.client.Patch(types.ApplyPatchType). + Resource("insightsdatagathers"). + Name(*name). + SubResource("status"). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hosted_controlplane.go b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hosted_controlplane.go index a9aa8e81a97..ce677743356 100644 --- a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hosted_controlplane.go +++ b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hosted_controlplane.go @@ -196,6 +196,14 @@ type HostedControlPlaneSpec struct { // +kubebuilder:validation:MaxProperties=20 // +optional Labels map[string]string `json:"labels,omitempty"` + + // capabilities allows for disabling optional components at cluster install time. + // This field is optional and once set cannot be changed. + // +immutable + // +optional + // +kubebuilder:default={} + // +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Capabilities is immutable. Changes might result in unpredictable and disruptive behavior." + Capabilities *Capabilities `json:"capabilities,omitempty"` } // availabilityPolicy specifies a high level availability policy for components. diff --git a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hostedcluster_types.go b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hostedcluster_types.go index df4a768072c..d1c77a43dfe 100644 --- a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hostedcluster_types.go +++ b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/hostedcluster_types.go @@ -349,6 +349,30 @@ const ( ControlPlaneOperatorV2EnvVar = "CPO_V2" ) +// +kubebuilder:validation:Enum=ImageRegistry +type OptionalCapability string + +const ImageRegistryCapability OptionalCapability = OptionalCapability(configv1.ClusterVersionCapabilityImageRegistry) + +// capabilities allows disabling optional components at install time. +// Once set, it cannot be changed. +type Capabilities struct { + // disabled when specified, sets the cluster version baselineCapabilitySet to None + // and sets all additionalEnabledCapabilities BUT the ones supplied in disabled. + // This effectively disables that capability on the hosted cluster. + // + // When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective + // OpenShift version. + // + // Once set, this field cannot be changed. + // + // +listType=atomic + // +immutable + // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Disabled is immutable. Changes might result in unpredictable and disruptive behavior." + Disabled []OptionalCapability `json:"disabled,omitempty"` +} + // HostedClusterSpec is the desired behavior of a HostedCluster. // +kubebuilder:validation:XValidation:rule=`self.platform.type != "IBMCloud" ? self.services == oldSelf.services : true`, message="Services is immutable. Changes might result in unpredictable and disruptive behavior." @@ -626,6 +650,14 @@ type HostedClusterSpec struct { // +optional // +openshift:enable:FeatureGate=HCPPodsLabels Labels map[string]string `json:"labels,omitempty"` + + // capabilities allows for disabling optional components at cluster install time. + // This field is optional and once set cannot be changed. + // +immutable + // +optional + // +kubebuilder:default={} + // +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Capabilities is immutable. Changes might result in unpredictable and disruptive behavior." + Capabilities *Capabilities `json:"capabilities,omitempty"` } // OLMCatalogPlacement is an enum specifying the placement of OLM catalog components. diff --git a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/zz_generated.deepcopy.go index eb282b5cb86..e7f61d22565 100644 --- a/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/hypershift/api/hypershift/v1beta1/zz_generated.deepcopy.go @@ -701,6 +701,26 @@ func (in *AzureVMImage) DeepCopy() *AzureVMImage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Capabilities) DeepCopyInto(out *Capabilities) { + *out = *in + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = make([]OptionalCapability, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Capabilities. +func (in *Capabilities) DeepCopy() *Capabilities { + if in == nil { + return nil + } + out := new(Capabilities) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateSigningRequestApproval) DeepCopyInto(out *CertificateSigningRequestApproval) { *out = *in @@ -1410,6 +1430,11 @@ func (in *HostedClusterSpec) DeepCopyInto(out *HostedClusterSpec) { (*out)[key] = val } } + if in.Capabilities != nil { + in, out := &in.Capabilities, &out.Capabilities + *out = new(Capabilities) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostedClusterSpec. @@ -1609,6 +1634,11 @@ func (in *HostedControlPlaneSpec) DeepCopyInto(out *HostedControlPlaneSpec) { (*out)[key] = val } } + if in.Capabilities != nil { + in, out := &in.Capabilities, &out.Capabilities + *out = new(Capabilities) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostedControlPlaneSpec. diff --git a/vendor/modules.txt b/vendor/modules.txt index c921d7b1b87..daefb1678de 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -795,9 +795,12 @@ github.com/openshift/api/user/v1 # github.com/openshift/client-go v0.0.0-20240405120947-c67c8325cdd8 ## explicit; go 1.21 github.com/openshift/client-go/config/applyconfigurations/config/v1 +github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1 github.com/openshift/client-go/config/applyconfigurations/internal +github.com/openshift/client-go/config/clientset/versioned github.com/openshift/client-go/config/clientset/versioned/scheme github.com/openshift/client-go/config/clientset/versioned/typed/config/v1 +github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1 github.com/openshift/client-go/route/applyconfigurations/internal github.com/openshift/client-go/route/applyconfigurations/route/v1 github.com/openshift/client-go/route/clientset/versioned