diff --git a/go.mod b/go.mod index 070ad36b8b..94098b747b 100644 --- a/go.mod +++ b/go.mod @@ -27,8 +27,8 @@ require ( github.com/google/renameio v0.1.0 github.com/imdario/mergo v0.3.13 github.com/opencontainers/go-digest v1.0.0 - github.com/openshift/api v0.0.0-20240326194138-93d19f9f5581 - github.com/openshift/client-go v0.0.0-20240325151210-66398bfc44e1 + github.com/openshift/api v0.0.0-20240311132450-dcd6ab38a0f7 + github.com/openshift/client-go v0.0.0-20240312121557-60dd5f9fbf8d github.com/openshift/cluster-config-operator v0.0.0-alpha.0.0.20231213185242-e4dc676febfe github.com/openshift/library-go v0.0.0-20240312152318-4109a9e7a437 github.com/openshift/runtime-utils v0.0.0-20230921210328-7bdb5b9c177b diff --git a/go.sum b/go.sum index 9f3255b7b6..8ad91e1dfa 100644 --- a/go.sum +++ b/go.sum @@ -689,10 +689,10 @@ github.com/opencontainers/runc v1.1.10 h1:EaL5WeO9lv9wmS6SASjszOeQdSctvpbu0DdBQB github.com/opencontainers/runc v1.1.10/go.mod h1:+/R6+KmDlh+hOO8NkjmgkG9Qzvypzk0yXxAPYYR65+M= github.com/opencontainers/runtime-spec v1.1.0 h1:HHUyrt9mwHUjtasSbXSMvs4cyFxh+Bll4AjJ9odEGpg= github.com/opencontainers/runtime-spec v1.1.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/openshift/api v0.0.0-20240326194138-93d19f9f5581 h1:h2VkEG7vNJAxJk1XutS8i2gCT8yWEQVjXByW87d8c28= -github.com/openshift/api v0.0.0-20240326194138-93d19f9f5581/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= -github.com/openshift/client-go v0.0.0-20240325151210-66398bfc44e1 h1:Mrx78fHltx+xINrw6HnJ4GZs9Q/q2VC2gXhqNAOOqRU= -github.com/openshift/client-go v0.0.0-20240325151210-66398bfc44e1/go.mod h1:HPS//zXegc1np0OWtNwtCTRMfeLtXZ0hHlaBe+WBW9s= +github.com/openshift/api v0.0.0-20240311132450-dcd6ab38a0f7 h1:1kHXNv0RGzIF/xaKFK0ZzIdXG6JMsH0YtgCCvP4XykA= +github.com/openshift/api v0.0.0-20240311132450-dcd6ab38a0f7/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= +github.com/openshift/client-go v0.0.0-20240312121557-60dd5f9fbf8d h1:vdrC3QYkFcs6a1Cz2/p5RcV7dMQ22tbgIonx+8HIJc0= +github.com/openshift/client-go v0.0.0-20240312121557-60dd5f9fbf8d/go.mod h1:Y5Hp789dTrF6Fq8cA5YQlpwffmlLy8mc2un/CY0cg7Q= github.com/openshift/cluster-config-operator v0.0.0-alpha.0.0.20231213185242-e4dc676febfe h1:wDQtyIbJJIoif2Ux0S+9MJWIWEGV0oG+iLm8WtqwdSw= github.com/openshift/cluster-config-operator v0.0.0-alpha.0.0.20231213185242-e4dc676febfe/go.mod h1:SGUtv1pKZSzSVr2YCxXFvhE+LbGfI+vcetEhNicKayw= github.com/openshift/kube-openapi v0.0.0-20230816122517-ffc8f001abb0 h1:GPlAy197Jkr+D0T2FNWanamraTdzS/r9ZkT29lxvHaA= diff --git a/hack/crds-sync.sh b/hack/crds-sync.sh index f3693a2647..aee6e844e6 100755 --- a/hack/crds-sync.sh +++ b/hack/crds-sync.sh @@ -3,15 +3,12 @@ set -euo pipefail # map names of CRD files between the vendored openshift/api repository and the ./install directory -CRDS_MAPPING=( - "v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml:0000_80_machine-config_01_containerruntimeconfig.crd.yaml" - "v1/zz_generated.crd-manifests/0000_80_machine-config_01_kubeletconfigs.crd.yaml:0000_80_machine-config_01_kubeletconfig.crd.yaml" - "v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigs.crd.yaml:0000_80_machine-config_01_machineconfig.crd.yaml" - "v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml:0000_80_machine-config_01_machineconfigpool.crd.yaml" - "v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml:0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml" - "v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml:0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml" -) - #TODO(jkyros): 0000_80_machine-config_01_machine-config-operator_02_containerruntimeconfig.crd.yaml) +CRDS_MAPPING=( "v1/0000_80_containerruntimeconfig.crd.yaml:0000_80_machine-config-operator_01_containerruntimeconfig.crd.yaml" + "v1/0000_80_kubeletconfig.crd.yaml:0000_80_machine-config-operator_01_kubeletconfig.crd.yaml" + "v1/0000_80_machineconfig.crd.yaml:0000_80_machine-config-operator_01_machineconfig.crd.yaml" + "v1/0000_80_machineconfigpool.crd.yaml:0000_80_machine-config-operator_01_machineconfigpool.crd.yaml" + "v1alpha1/0000_80_machineconfignode-TechPreviewNoUpgrade.crd.yaml:0000_80_machine-config-operator_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml" ) + #TODO(jkyros): 0000_80_machine-config-operator_02_containerruntimeconfig.crd.yaml) for crd in "${CRDS_MAPPING[@]}" ; do SRC="${crd%%:*}" @@ -20,10 +17,7 @@ for crd in "${CRDS_MAPPING[@]}" ; do done #this one goes in manifests rather than install, but should it? -cp "vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml" "manifests/controllerconfig.crd.yaml" -cp "vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml" "manifests/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml" -#cp "vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_config.crd.yaml" "install/0000_80_machine-config_01_config.crd.yaml" -cp "vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml" "manifests/controllerconfig.crd.yaml" -cp "vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml" "manifests/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml" -cp "vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml" "manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml" +cp "vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml" "manifests/controllerconfig.crd.yaml" +cp "vendor/github.com/openshift/api/machineconfiguration/v1alpha1/0000_80_machineconfignode-TechPreviewNoUpgrade.crd.yaml" "manifests/0000_80_machine-config-operator_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml" +cp "vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config.crd.yaml" "install/0000_80_machine-config-operator_01_config.crd.yaml" diff --git a/install/0000_80_machine-config_01_machineconfigpool.crd.yaml b/install/0000_80_machine-config_01_machineconfigpool.crd.yaml deleted file mode 100644 index 39434c3d49..0000000000 --- a/install/0000_80_machine-config_01_machineconfigpool.crd.yaml +++ /dev/null @@ -1,515 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: Default - labels: - openshift.io/operator-managed: "" - name: machineconfigpools.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfigPool - listKind: MachineConfigPoolList - plural: machineconfigpools - shortNames: - - mcp - singular: machineconfigpool - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.configuration.name - name: Config - type: string - - description: When all the machines in the pool are updated to the correct machine - config. - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - description: When at least one of machine is not either not updated or is in - the process of updating to the desired machine config. - jsonPath: .status.conditions[?(@.type=="Updating")].status - name: Updating - type: string - - description: When progress is blocked on updating one or more nodes or the pool - configuration is failing. - jsonPath: .status.conditions[?(@.type=="Degraded")].status - name: Degraded - type: string - - description: Total number of machines in the machine config pool - jsonPath: .status.machineCount - name: MachineCount - type: number - - description: Total number of ready machines targeted by the pool - jsonPath: .status.readyMachineCount - name: ReadyMachineCount - type: number - - description: Total number of machines targeted by the pool that have the CurrentMachineConfig - as their config - jsonPath: .status.updatedMachineCount - name: UpdatedMachineCount - type: number - - description: Total number of machines marked degraded (or unreconcilable) - jsonPath: .status.degradedMachineCount - name: DegradedMachineCount - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: "MachineConfigPool describes a pool of MachineConfigs. \n Compatibility - level 1: Stable within a major release for a minimum of 12 months or 3 minor - releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineConfigPoolSpec is the spec for MachineConfigPool resource. - properties: - configuration: - description: The targeted MachineConfig object for the machine config - pool. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - source: - description: source is the list of MachineConfig objects that - were used to generate the single MachineConfig object specified - in `content`. - items: - description: "ObjectReference contains enough information to - let you inspect or modify the referred object. --- New uses - of this type are discouraged because of difficulty describing - its usage when embedded in APIs. 1. Ignored fields. It includes - many fields which are not generally honored. For instance, - ResourceVersion and FieldPath are both very rarely valid in - actual usage. 2. Invalid usage help. It is impossible to - add specific help for individual usage. In most embedded - usages, there are particular restrictions like, \"must refer - only to types A and B\" or \"UID not honored\" or \"name must - be restricted\". Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, - the validation rules are different by usage, which makes it - hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency - is on the group,resource tuple and the version of the actual - struct is irrelevant. 5. We cannot easily change it. Because - this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an - underspecified API type they do not control. \n Instead of - using this type, create a locally provided and used type that - is well-focused on your reference. For example, ServiceReferences - for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - machineConfigSelector: - description: machineConfigSelector specifies a label selector for - MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - on how label and selectors work. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - maxUnavailable: - anyOf: - - type: integer - - type: string - description: "maxUnavailable defines either an integer number or percentage - of nodes in the pool that can go Unavailable during an update. This - includes nodes Unavailable for any reason, including user initiated - cordons, failing nodes, etc. The default value is 1. \n A value - larger than 1 will mean multiple nodes going unavailable during - the update, which may affect your workload stress on the remaining - nodes. You cannot set this value to 0 to stop updates (it will default - back to 1); to stop updates, use the 'paused' property instead. - Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum - guards, even if maxUnavailable is greater than one." - x-kubernetes-int-or-string: true - nodeSelector: - description: nodeSelector specifies a label selector for Machines - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - paused: - description: paused specifies whether or not changes to this machine - config pool should be stopped. This includes generating new desiredMachineConfig - and update of machines. - type: boolean - type: object - status: - description: MachineConfigPoolStatus is the status for MachineConfigPool - resource. - properties: - certExpirys: - description: certExpirys keeps track of important certificate expiration - data - items: - description: ceryExpiry contains the bundle name and the expiry - date - properties: - bundle: - description: bundle is the name of the bundle in which the subject - certificate resides - type: string - expiry: - description: expiry is the date after which the certificate - will no longer be valid - format: date-time - type: string - subject: - description: subject is the subject of the certificate - type: string - required: - - bundle - - subject - type: object - type: array - x-kubernetes-list-type: atomic - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: MachineConfigPoolCondition contains condition information - for an MachineConfigPool. - properties: - lastTransitionTime: - description: lastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - nullable: true - type: string - message: - description: message is a human readable description of the - details of the last transition, complementing reason. - type: string - reason: - description: reason is a brief machine readable explanation - for the condition's last transition. - type: string - status: - description: status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - type: - description: type of the condition, currently ('Done', 'Updating', - 'Failed'). - type: string - type: object - type: array - x-kubernetes-list-type: atomic - configuration: - description: configuration represents the current MachineConfig object - for the machine config pool. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - source: - description: source is the list of MachineConfig objects that - were used to generate the single MachineConfig object specified - in `content`. - items: - description: "ObjectReference contains enough information to - let you inspect or modify the referred object. --- New uses - of this type are discouraged because of difficulty describing - its usage when embedded in APIs. 1. Ignored fields. It includes - many fields which are not generally honored. For instance, - ResourceVersion and FieldPath are both very rarely valid in - actual usage. 2. Invalid usage help. It is impossible to - add specific help for individual usage. In most embedded - usages, there are particular restrictions like, \"must refer - only to types A and B\" or \"UID not honored\" or \"name must - be restricted\". Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, - the validation rules are different by usage, which makes it - hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency - is on the group,resource tuple and the version of the actual - struct is irrelevant. 5. We cannot easily change it. Because - this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an - underspecified API type they do not control. \n Instead of - using this type, create a locally provided and used type that - is well-focused on your reference. For example, ServiceReferences - for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - degradedMachineCount: - description: degradedMachineCount represents the total number of machines - marked degraded (or unreconcilable). A node is marked degraded if - applying a configuration failed.. - format: int32 - type: integer - machineCount: - description: machineCount represents the total number of machines - in the machine config pool. - format: int32 - type: integer - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - readyMachineCount: - description: readyMachineCount represents the total number of ready - machines targeted by the pool. - format: int32 - type: integer - unavailableMachineCount: - description: unavailableMachineCount represents the total number of - unavailable (non-ready) machines targeted by the pool. A node is - marked unavailable if it is in updating state or NodeReady condition - is false. - format: int32 - type: integer - updatedMachineCount: - description: updatedMachineCount represents the total number of machines - targeted by the pool that have the CurrentMachineConfig as their - config. - format: int32 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/manifests/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml b/manifests/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml deleted file mode 100644 index 356d0fc686..0000000000 --- a/manifests/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml +++ /dev/null @@ -1,282 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1596 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - labels: - openshift.io/operator-managed: "" - name: machineconfignodes.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfigNode - listKind: MachineConfigNodeList - plural: machineconfignodes - singular: machineconfignode - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status - name: UpdatePrepared - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status - name: UpdateExecuted - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status - name: UpdatePostActionComplete - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status - name: UpdateComplete - type: string - - jsonPath: .status.conditions[?(@.type=="Resumed")].status - name: Resumed - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateCompatible")].status - name: UpdateCompatible - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="AppliedFilesAndOS")].status - name: UpdatedFilesAndOS - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Cordoned")].status - name: CordonedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Drained")].status - name: DrainedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="RebootedNode")].status - name: RebootedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="ReloadedCRIO")].status - name: ReloadedCRIO - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Uncordoned")].status - name: UncordonedNode - priority: 1 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'MachineConfigNode describes the health of the Machines on the - system Compatibility level 4: No compatibility is provided, the API can - change at any point for any reason. These capabilities should not be used - by applications needing long term support.' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec describes the configuration of the machine config node. - properties: - configVersion: - description: configVersion holds the desired config version for the - node targeted by this machine config node resource. The desired - version represents the machine config the node will attempt to update - to. This gets set before the machine config operator validates the - new machine config against the current machine config. - properties: - desired: - description: desired is the name of the machine config that the - the node should be upgraded to. This value is set when the machine - config pool generates a new version of its rendered configuration. - When this value is changed, the machine config daemon starts - the node upgrade process. This value gets set in the machine - config node spec once the machine config has been targeted for - upgrade and before it is validated. Must be a lowercase RFC-1123 - hostname (https://tools.ietf.org/html/rfc1123) It may consist - of only alphanumeric characters, hyphens (-) and periods (.) - and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - desired - type: object - node: - description: node contains a reference to the node for this machine - config node. - properties: - name: - description: name is the object name. Must be a lowercase RFC-1123 - hostname (https://tools.ietf.org/html/rfc1123) It may consist - of only alphanumeric characters, hyphens (-) and periods (.) - and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - name - type: object - pool: - description: pool contains a reference to the machine config pool - that this machine config node's referenced node belongs to. - properties: - name: - description: name is the object name. Must be a lowercase RFC-1123 - hostname (https://tools.ietf.org/html/rfc1123) It may consist - of only alphanumeric characters, hyphens (-) and periods (.) - and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - name - type: object - required: - - configVersion - - node - - pool - type: object - status: - description: status describes the last observed state of this machine - config node. - properties: - conditions: - description: conditions represent the observations of a machine config - node's current state. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - configVersion: - description: configVersion describes the current and desired machine - config for this node. The current version represents the current - machine config for the node and is updated after a successful update. - The desired version represents the machine config the node will - attempt to update to. This desired machine config has been compared - to the current machine config and has been validated by the machine - config operator as one that is valid and that exists. - properties: - current: - description: current is the name of the machine config currently - in use on the node. This value is updated once the machine config - daemon has completed the update of the configuration for the - node. This value should match the desired version unless an - upgrade is in progress. Must be a lowercase RFC-1123 hostname - (https://tools.ietf.org/html/rfc1123) It may consist of only - alphanumeric characters, hyphens (-) and periods (.) and must - be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - desired: - description: desired is the MachineConfig the node wants to upgrade - to. This value gets set in the machine config node status once - the machine config has been validated against the current machine - config. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) - It may consist of only alphanumeric characters, hyphens (-) - and periods (.) and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - desired - type: object - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. This field is updated when the controller observes - a change to the desiredConfig in the configVersion of the machine - config node spec. - format: int64 - type: integer - required: - - configVersion - type: object - required: - - spec - type: object - x-kubernetes-validations: - - message: spec.node.name should match metadata.name - rule: self.metadata.name == self.spec.node.name - served: true - storage: true - subresources: - status: {} diff --git a/manifests/controllerconfig.crd.yaml b/manifests/controllerconfig.crd.yaml index d4f05b8394..1a1b605a73 100644 --- a/manifests/controllerconfig.crd.yaml +++ b/manifests/controllerconfig.crd.yaml @@ -1,806 +1,815 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + # name must match the spec fields below, and be in the form: . + name: controllerconfigs.machineconfiguration.openshift.io + labels: + "openshift.io/operator-managed": "" annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: Default - labels: - openshift.io/operator-managed: "" - name: controllerconfigs.machineconfiguration.openshift.io + release.openshift.io/feature-set: TechPreviewNoUpgrade spec: + # group name to use for REST API: /apis// group: machineconfiguration.openshift.io + # either Namespaced or Cluster + scope: Cluster names: - kind: ControllerConfig - listKind: ControllerConfigList + # plural name to be used in the URL: /apis/// plural: controllerconfigs + # singular name to be used as an alias on the CLI and for display singular: controllerconfig - scope: Cluster + # kind is normally the PascalCased singular type. Your resource manifests use this. + kind: ControllerConfig + # list of versions supported by this CustomResourceDefinition versions: - - name: v1 - schema: - openAPIV3Schema: - description: "ControllerConfig describes configuration for MachineConfigController. - This is currently only used to drive the MachineConfig objects generated - by the TemplateController. \n Compatibility level 1: Stable within a major - release for a minimum of 12 months or 3 minor releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ControllerConfigSpec is the spec for ControllerConfig resource. - properties: - additionalTrustBundle: - description: additionalTrustBundle is a certificate bundle that will - be added to the nodes trusted certificate store. - format: byte - nullable: true - type: string - baseOSContainerImage: - description: BaseOSContainerImage is the new-format container image - for operating system updates. - type: string - baseOSExtensionsContainerImage: - description: BaseOSExtensionsContainerImage is the matching extensions - container for the new-format container - type: string - cloudProviderCAData: - description: cloudProvider specifies the cloud provider CA data - format: byte - nullable: true - type: string - cloudProviderConfig: - description: cloudProviderConfig is the configuration for the given - cloud provider - type: string - clusterDNSIP: - description: clusterDNSIP is the cluster DNS IP address - type: string - dns: - description: dns holds the cluster dns details - nullable: true - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - description: 'metadata is the standard object''s metadata. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - type: object - spec: - description: spec holds user settable values for configuration - properties: - baseDomain: - description: "baseDomain is the base domain of the cluster. - All managed DNS records will be sub-domains of this base. - \n For example, given the base domain `openshift.example.com`, - an API server DNS record may be created for `cluster-api.openshift.example.com`. - \n Once set, this field cannot be changed." - type: string - platform: - description: platform holds configuration specific to the - underlying infrastructure provider for DNS. When omitted, - this means the user has no opinion and the platform is left - to choose reasonable defaults. These defaults are subject - to change over time. - properties: - aws: - description: aws contains DNS configuration specific to - the Amazon Web Services cloud provider. - properties: - privateZoneIAMRole: - description: privateZoneIAMRole contains the ARN of - an IAM role that should be assumed when performing - operations on the cluster's private hosted zone - specified in the cluster DNS config. When left empty, - no role should be assumed. - pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$ - type: string - type: object - type: - description: "type is the underlying infrastructure provider - for the cluster. Allowed values: \"\", \"AWS\". \n Individual - components may not support all platforms, and must handle - unrecognized platforms with best-effort defaults." - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - x-kubernetes-validations: - - message: allowed values are '' and 'AWS' - rule: self in ['','AWS'] - required: - - type - type: object - x-kubernetes-validations: - - message: aws configuration is required when platform is - AWS, and forbidden otherwise - rule: 'has(self.type) && self.type == ''AWS'' ? has(self.aws) - : !has(self.aws)' - privateZone: - description: "privateZone is the location where all the DNS - records that are only available internally to the cluster - exist. \n If this field is nil, no private records should - be created. \n Once set, this field cannot be changed." - properties: - id: - description: "id is the identifier that can be used to - find the DNS hosted zone. \n on AWS zone can be fetched - using `ID` as id in [1] on Azure zone can be fetched - using `ID` as a pre-determined name in [2], on GCP zone - can be fetched using `ID` as a pre-determined name in - [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options - [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show - [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" - type: string - tags: - additionalProperties: + - name: v1 + # Each version can be enabled/disabled by Served flag. + served: true + # One and only one version must be marked as the storage version. + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: "ControllerConfig describes configuration for MachineConfigController. This is currently only used to drive the MachineConfig objects generated by the TemplateController. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ControllerConfigSpec is the spec for ControllerConfig resource. + type: object + required: + - additionalTrustBundle + - baseOSContainerImage + - cloudProviderCAData + - cloudProviderConfig + - clusterDNSIP + - dns + - images + - infra + - ipFamilies + - kubeAPIServerServingCAData + - network + - proxy + - releaseImage + - rootCAData + properties: + additionalTrustBundle: + description: additionalTrustBundle is a certificate bundle that will be added to the nodes trusted certificate store. + type: string + format: byte + nullable: true + baseOSContainerImage: + description: BaseOSContainerImage is the new-format container image for operating system updates. + type: string + baseOSExtensionsContainerImage: + description: BaseOSExtensionsContainerImage is the matching extensions container for the new-format container + type: string + cloudProviderCAData: + description: cloudProvider specifies the cloud provider CA data + type: string + format: byte + nullable: true + cloudProviderConfig: + description: cloudProviderConfig is the configuration for the given cloud provider + type: string + clusterDNSIP: + description: clusterDNSIP is the cluster DNS IP address + type: string + dns: + description: dns holds the cluster dns details + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'metadata is the standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + baseDomain: + description: "baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base. \n For example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`. \n Once set, this field cannot be changed." + type: string + platform: + description: platform holds configuration specific to the underlying infrastructure provider for DNS. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. + type: object + required: + - type + properties: + aws: + description: aws contains DNS configuration specific to the Amazon Web Services cloud provider. + type: object + properties: + privateZoneIAMRole: + description: privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed. + type: string + pattern: ^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$ + type: + description: "type is the underlying infrastructure provider for the cluster. Allowed values: \"\", \"AWS\". \n Individual components may not support all platforms, and must handle unrecognized platforms with best-effort defaults." type: string - description: "tags can be used to query the DNS hosted - zone. \n on AWS, resourcegroupstaggingapi [1] can be - used to fetch a zone using `Tags` as tag-filters, \n - [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" - type: object - type: object - publicZone: - description: "publicZone is the location where all the DNS - records that are publicly accessible to the internet exist. - \n If this field is nil, no public records should be created. - \n Once set, this field cannot be changed." - properties: - id: - description: "id is the identifier that can be used to - find the DNS hosted zone. \n on AWS zone can be fetched - using `ID` as id in [1] on Azure zone can be fetched - using `ID` as a pre-determined name in [2], on GCP zone - can be fetched using `ID` as a pre-determined name in - [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options - [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show - [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" - type: string - tags: - additionalProperties: + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + x-kubernetes-validations: + - rule: self in ['','AWS'] + message: allowed values are '' and 'AWS' + x-kubernetes-validations: + - rule: 'has(self.type) && self.type == ''AWS'' ? has(self.aws) : !has(self.aws)' + message: aws configuration is required when platform is AWS, and forbidden otherwise + privateZone: + description: "privateZone is the location where all the DNS records that are only available internally to the cluster exist. \n If this field is nil, no private records should be created. \n Once set, this field cannot be changed." + type: object + properties: + id: + description: "id is the identifier that can be used to find the DNS hosted zone. \n on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + description: "tags can be used to query the DNS hosted zone. \n on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + additionalProperties: + type: string + publicZone: + description: "publicZone is the location where all the DNS records that are publicly accessible to the internet exist. \n If this field is nil, no public records should be created. \n Once set, this field cannot be changed." + type: object + properties: + id: + description: "id is the identifier that can be used to find the DNS hosted zone. \n on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" type: string - description: "tags can be used to query the DNS hosted - zone. \n on AWS, resourcegroupstaggingapi [1] can be - used to fetch a zone using `Tags` as tag-filters, \n - [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" - type: object - type: object + tags: + description: "tags can be used to query the DNS hosted zone. \n on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + additionalProperties: + type: string + status: + description: status holds observed values from the cluster. They may not be overridden. + type: object + nullable: true + x-kubernetes-embedded-resource: true + etcdDiscoveryDomain: + description: etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain instead + type: string + imageRegistryBundleData: + description: imageRegistryBundleData is the ImageRegistryData + type: array + items: + description: ImageRegistryBundle contains information for writing image registry certificates type: object - status: - description: status holds observed values from the cluster. They - may not be overridden. + required: + - data + - file + properties: + data: + description: data holds the contents of the bundle that will be written to the file location + type: string + format: byte + file: + description: file holds the name of the file where the bundle will be written to disk + type: string + x-kubernetes-list-type: atomic + imageRegistryBundleUserData: + description: imageRegistryBundleUserData is Image Registry Data provided by the user + type: array + items: + description: ImageRegistryBundle contains information for writing image registry certificates type: object - required: - - spec - type: object - x-kubernetes-embedded-resource: true - etcdDiscoveryDomain: - description: etcdDiscoveryDomain is deprecated, use Infra.Status.EtcdDiscoveryDomain - instead - type: string - imageRegistryBundleData: - description: imageRegistryBundleData is the ImageRegistryData - items: - description: ImageRegistryBundle contains information for writing - image registry certificates - properties: - data: - description: data holds the contents of the bundle that will - be written to the file location - format: byte - type: string - file: - description: file holds the name of the file where the bundle - will be written to disk - type: string - required: - - data - - file + required: + - data + - file + properties: + data: + description: data holds the contents of the bundle that will be written to the file location + type: string + format: byte + file: + description: file holds the name of the file where the bundle will be written to disk + type: string + x-kubernetes-list-type: atomic + images: + description: images is map of images that are used by the controller to render templates under ./templates/ + type: object + additionalProperties: + type: string + infra: + description: infra holds the infrastructure details type: object - type: array - x-kubernetes-list-type: atomic - imageRegistryBundleUserData: - description: imageRegistryBundleUserData is Image Registry Data provided - by the user - items: - description: ImageRegistryBundle contains information for writing - image registry certificates + required: + - spec properties: - data: - description: data holds the contents of the bundle that will - be written to the file location - format: byte + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - file: - description: file holds the name of the file where the bundle - will be written to disk + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - required: - - data - - file - type: object - type: array - x-kubernetes-list-type: atomic - images: - additionalProperties: - type: string - description: images is map of images that are used by the controller - to render templates under ./templates/ - type: object - infra: - description: infra holds the infrastructure details - nullable: true - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - description: 'metadata is the standard object''s metadata. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - type: object - spec: - description: spec holds user settable values for configuration - properties: - cloudConfig: - description: "cloudConfig is a reference to a ConfigMap containing - the cloud provider configuration file. This configuration - file is used to configure the Kubernetes cloud provider - integration when using the built-in cloud provider integration - or the external cloud controller manager. The namespace - for this config map is openshift-config. \n cloudConfig - should only be consumed by the kube_cloud_config controller. - The controller is responsible for using the user configuration - in the spec for various platforms and combining that with - the user provided ConfigMap in this field to create a stitched - kube cloud config. The controller generates a ConfigMap - `kube-cloud-config` in `openshift-config-managed` namespace - with the kube cloud config is stored in `cloud.conf` key. - All the clients are expected to use the generated ConfigMap - only." - properties: - key: - description: Key allows pointing to a specific key/value - inside of the configmap. This is useful for logical - file references. - type: string - name: - type: string - type: object - platformSpec: - description: platformSpec holds desired information specific - to the underlying infrastructure provider. - properties: - alibabaCloud: - description: AlibabaCloud contains settings specific to - the Alibaba Cloud infrastructure provider. - type: object - aws: - description: AWS contains settings specific to the Amazon - Web Services infrastructure provider. - properties: - serviceEndpoints: - description: serviceEndpoints list contains custom - endpoints which will override default service endpoint - of AWS Services. There must be only one ServiceEndpoint - for a service. - items: - description: AWSServiceEndpoint store the configuration - of a custom url to override existing defaults - of AWS Services. - properties: - name: - description: name is the name of the AWS service. - The list of all the service names can be found - at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html - This must be provided and cannot be empty. - pattern: ^[a-z0-9-]+$ - type: string - url: - description: url is fully qualified URI with - scheme https, that overrides the default generated - endpoint for a client. This must be provided - and cannot be empty. - pattern: ^https:// - type: string - type: object - type: array - x-kubernetes-list-type: atomic - type: object - azure: - description: Azure contains settings specific to the Azure - infrastructure provider. - type: object - baremetal: - description: BareMetal contains settings specific to the - BareMetal platform. - properties: - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IP addresses, - one from IPv4 family and one from IPv6. In single - stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs - will be used. Once set, the list cannot be completely - removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) - : true' - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IP addresses, one - from IPv4 family and one from IPv6. In single stack - clusters a single IP address is expected. When omitted, - values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed - (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) - : true' - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. Each - network is provided in the CIDR format and should - be IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + metadata: + description: 'metadata is the standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + cloudConfig: + description: "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. \n cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only." + type: object + properties: + key: + description: Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + type: string + name: + type: string + platformSpec: + description: platformSpec holds desired information specific to the underlying infrastructure provider. + type: object + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + type: object + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + type: object + properties: + serviceEndpoints: + description: serviceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + type: array + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + type: object + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + pattern: ^https:// + x-kubernetes-list-type: atomic + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + type: object + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + type: object + properties: + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.apiServerInternalIPs will be used. Once set, the list cannot be completely removed (but its second entry can). + type: array + maxItems: 2 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) : true' + message: apiServerInternalIPs must contain at most one IPv4 address and at most one IPv6 address + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.ingressIPs will be used. Once set, the list cannot be completely removed (but its second entry can). + type: array + maxItems: 2 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) : true' + message: ingressIPs must contain at most one IPv4 address and at most one IPv6 address + machineNetworks: + description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8". + type: array + maxItems: 32 + items: + description: CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' + message: apiServerInternalIPs list is required once set + - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' + message: ingressIPs list is required once set + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + type: object + external: + description: ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. + type: object + properties: + platformName: + description: PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. This field is solely for informational and reporting purposes and is not expected to be used for decision-making. type: string - maxItems: 32 - type: array - x-kubernetes-list-type: set - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once - set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - equinixMetal: - description: EquinixMetal contains settings specific to - the Equinix Metal infrastructure provider. - type: object - external: - description: ExternalPlatformType represents generic infrastructure - provider. Platform-specific components should be supplemented - separately. - properties: - platformName: - default: Unknown - description: PlatformName holds the arbitrary string - representing the infrastructure provider name, expected - to be set at the installation time. This field is - solely for informational and reporting purposes - and is not expected to be used for decision-making. - type: string - x-kubernetes-validations: - - message: platform name cannot be changed once set - rule: oldSelf == 'Unknown' || self == oldSelf - type: object - gcp: - description: GCP contains settings specific to the Google - Cloud Platform infrastructure provider. - type: object - ibmcloud: - description: IBMCloud contains settings specific to the - IBMCloud infrastructure provider. - type: object - kubevirt: - description: Kubevirt contains settings specific to the - kubevirt infrastructure provider. - type: object - nutanix: - description: Nutanix contains settings specific to the - Nutanix infrastructure provider. - properties: - failureDomains: - description: failureDomains configures failure domains - information for the Nutanix platform. When set, - the failure domains defined here may be used to - spread Machines across prism element clusters to - improve fault tolerance of the cluster. - items: - description: NutanixFailureDomain configures failure - domain information for the Nutanix platform. - properties: - cluster: - description: cluster is to identify the cluster - (the Prism Element under management of the - Prism Central), in which the Machine's VM - will be created. The cluster identifier (uuid - or name) can be obtained from the Prism Central - console or using the prism_central API. - properties: - name: - description: name is the resource name in - the PC. It cannot be empty if the type - is Name. - type: string - type: - description: type is the identifier type - to use for this resource. - enum: - - UUID - - Name - type: string - uuid: - description: uuid is the UUID of the resource - in the PC. It cannot be empty if the type - is UUID. - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: uuid configuration is required when - type is UUID, and forbidden otherwise - rule: 'has(self.type) && self.type == ''UUID'' - ? has(self.uuid) : !has(self.uuid)' - - message: name configuration is required when - type is Name, and forbidden otherwise - rule: 'has(self.type) && self.type == ''Name'' - ? has(self.name) : !has(self.name)' - name: - description: name defines the unique name of - a failure domain. Name is required and must - be at most 64 characters in length. It must - consist of only lower case alphanumeric characters - and hyphens (-). It must start and end with - an alphanumeric character. This value is arbitrary - and is used to identify the failure domain - within the platform. - maxLength: 64 - minLength: 1 - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' - type: string - subnets: - description: subnets holds a list of identifiers - (one or more) of the cluster's network subnets - for the Machine's VM to connect to. The subnet - identifiers (uuid or name) can be obtained - from the Prism Central console or using the - prism_central API. - items: - description: NutanixResourceIdentifier holds - the identity of a Nutanix PC resource (cluster, - image, subnet, etc.) + default: Unknown + x-kubernetes-validations: + - rule: oldSelf == 'Unknown' || self == oldSelf + message: platform name cannot be changed once set + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + type: object + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + type: object + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + type: object + required: + - prismCentral + - prismElements + properties: + failureDomains: + description: failureDomains configures failure domains information for the Nutanix platform. When set, the failure domains defined here may be used to spread Machines across prism element clusters to improve fault tolerance of the cluster. + type: array + items: + description: NutanixFailureDomain configures failure domain information for the Nutanix platform. + type: object + required: + - cluster + - name + - subnets + properties: + cluster: + description: cluster is to identify the cluster (the Prism Element under management of the Prism Central), in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the prism_central API. + type: object + required: + - type properties: name: - description: name is the resource name - in the PC. It cannot be empty if the - type is Name. + description: name is the resource name in the PC. It cannot be empty if the type is Name. type: string type: - description: type is the identifier type - to use for this resource. - enum: - - UUID - - Name + description: type is the identifier type to use for this resource. type: string + enum: + - UUID + - Name uuid: - description: uuid is the UUID of the resource - in the PC. It cannot be empty if the - type is UUID. + description: uuid is the UUID of the resource in the PC. It cannot be empty if the type is UUID. type: string - required: - - type - type: object x-kubernetes-validations: - - message: uuid configuration is required - when type is UUID, and forbidden otherwise - rule: 'has(self.type) && self.type == ''UUID'' - ? has(self.uuid) : !has(self.uuid)' - - message: name configuration is required - when type is Name, and forbidden otherwise - rule: 'has(self.type) && self.type == ''Name'' - ? has(self.name) : !has(self.name)' - maxItems: 1 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - required: - - cluster - - name - - subnets + - rule: 'has(self.type) && self.type == ''UUID'' ? has(self.uuid) : !has(self.uuid)' + message: uuid configuration is required when type is UUID, and forbidden otherwise + - rule: 'has(self.type) && self.type == ''Name'' ? has(self.name) : !has(self.name)' + message: name configuration is required when type is Name, and forbidden otherwise + name: + description: name defines the unique name of a failure domain. Name is required and must be at most 64 characters in length. It must consist of only lower case alphanumeric characters and hyphens (-). It must start and end with an alphanumeric character. This value is arbitrary and is used to identify the failure domain within the platform. + type: string + maxLength: 64 + minLength: 1 + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' + subnets: + description: subnets holds a list of identifiers (one or more) of the cluster's network subnets for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be obtained from the Prism Central console or using the prism_central API. + type: array + maxItems: 1 + minItems: 1 + items: + description: NutanixResourceIdentifier holds the identity of a Nutanix PC resource (cluster, image, subnet, etc.) + type: object + required: + - type + properties: + name: + description: name is the resource name in the PC. It cannot be empty if the type is Name. + type: string + type: + description: type is the identifier type to use for this resource. + type: string + enum: + - UUID + - Name + uuid: + description: uuid is the UUID of the resource in the PC. It cannot be empty if the type is UUID. + type: string + x-kubernetes-validations: + - rule: 'has(self.type) && self.type == ''UUID'' ? has(self.uuid) : !has(self.uuid)' + message: uuid configuration is required when type is UUID, and forbidden otherwise + - rule: 'has(self.type) && self.type == ''Name'' ? has(self.name) : !has(self.name)' + message: name configuration is required when type is Name, and forbidden otherwise + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + prismCentral: + description: prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - prismCentral: - description: prismCentral holds the endpoint address - and port to access the Nutanix Prism Central. When - a cluster-wide proxy is installed, by default, this - endpoint will be accessed via the proxy. Should - you wish for communication with this endpoint not - to be proxied, please add the endpoint to the proxy - spec.noProxy list. - properties: - address: - description: address is the endpoint address (DNS - name or IP address) of the Nutanix Prism Central - or Element (cluster) - maxLength: 256 + required: + - address + - port + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + type: string + maxLength: 256 + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + type: integer + format: int32 + maximum: 65535 + minimum: 1 + prismElements: + description: prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. + type: array + items: + description: NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) + type: object + required: + - endpoint + - name + properties: + endpoint: + description: endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + type: object + required: + - address + - port + properties: + address: + description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + type: string + maxLength: 256 + port: + description: port is the port number to access the Nutanix Prism Central or Element (cluster) + type: integer + format: int32 + maximum: 65535 + minimum: 1 + name: + description: name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). + type: string + maxLength: 256 + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + type: object + properties: + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.apiServerInternalIPs will be used. Once set, the list cannot be completely removed (but its second entry can). + type: array + maxItems: 2 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) : true' + message: apiServerInternalIPs must contain at most one IPv4 address and at most one IPv6 address + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.ingressIPs will be used. Once set, the list cannot be completely removed (but its second entry can). + type: array + maxItems: 2 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). type: string - port: - description: port is the port number to access - the Nutanix Prism Central or Element (cluster) - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - address - - port - type: object - prismElements: - description: prismElements holds one or more endpoint - address and port data to access the Nutanix Prism - Elements (clusters) of the Nutanix Prism Central. - Currently we only support one Prism Element (cluster) - for an OpenShift cluster, where all the Nutanix - resources (VMs, subnets, volumes, etc.) used in - the OpenShift cluster are located. In the future, - we may support Nutanix resources (VMs, etc.) spread - over multiple Prism Elements (clusters) of the Prism - Central. - items: - description: NutanixPrismElementEndpoint holds the - name and endpoint data for a Prism Element (cluster) + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) : true' + message: ingressIPs must contain at most one IPv4 address and at most one IPv6 address + machineNetworks: + description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8". + type: array + maxItems: 32 + items: + description: CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' + message: apiServerInternalIPs list is required once set + - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' + message: ingressIPs list is required once set + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + type: object + powervs: + description: PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. + type: object + properties: + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + type: array + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + type: object + required: + - name + - url + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + format: uri + pattern: ^https:// + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: + description: type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + type: string + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + type: object + properties: + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.apiServerInternalIPs will be used. Once set, the list cannot be completely removed (but its second entry can). + type: array + maxItems: 2 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) : true' + message: apiServerInternalIPs must contain at most one IPv4 address and at most one IPv6 address + failureDomains: + description: failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used. + type: array + items: + description: VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. + type: object + required: + - name + - region + - server + - topology + - zone + properties: + name: + description: name defines the arbitrary but unique name of a failure domain. + type: string + maxLength: 256 + minLength: 1 + region: + description: region defines the name of a region tag that will be attached to a vCenter datacenter. The tag category in vCenter must be named openshift-region. + type: string + maxLength: 80 + minLength: 1 + server: + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + type: string + maxLength: 255 + minLength: 1 + topology: + description: Topology describes a given failure domain using vSphere constructs + type: object + required: + - computeCluster + - datacenter + - datastore + - networks + properties: + computeCluster: + description: computeCluster the absolute path of the vCenter cluster in which virtual machine will be located. The absolute path is of the form //host/. The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/host/.*? + datacenter: + description: datacenter is the name of vCenter datacenter in which virtual machines will be located. The maximum length of the datacenter name is 80 characters. + type: string + maxLength: 80 + datastore: + description: datastore is the absolute path of the datastore in which the virtual machine is located. The absolute path is of the form //datastore/ The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/datastore/.*? + folder: + description: folder is the absolute path of the folder where virtual machines are located. The absolute path is of the form //vm/. The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/vm/.*? + networks: + description: networks is the list of port group network names within this failure domain. Currently, we only support a single interface per RHCOS virtual machine. The available networks (port groups) can be listed using `govc ls 'network/*'` The single interface should be the absolute path of the form //network/. + type: array + maxItems: 1 + minItems: 1 + items: + type: string + x-kubernetes-list-type: atomic + resourcePool: + description: resourcePool is the absolute path of the resource pool where virtual machines will be created. The absolute path is of the form //host//Resources/. The maximum length of the path is 2048 characters. + type: string + maxLength: 2048 + pattern: ^/.*?/host/.*?/Resources.* + template: + description: "template is the full inventory path of the virtual machine or template that will be cloned when creating new machines in this failure domain. The maximum length of the path is 2048 characters. \n When omitted, the template will be calculated by the control plane machineset operator based on the region and zone defined in VSpherePlatformFailureDomainSpec. For example, for zone=zonea, region=region1, and infrastructure name=test, the template path would be calculated as //vm/test-rhcos-region1-zonea." + type: string + maxLength: 2048 + minLength: 1 + pattern: ^/.*?/vm/.*? + zone: + description: zone defines the name of a zone tag that will be attached to a vCenter cluster. The tag category in vCenter must be named openshift-zone. + type: string + maxLength: 80 + minLength: 1 + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.ingressIPs will be used. Once set, the list cannot be completely removed (but its second entry can). + type: array + maxItems: 2 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + x-kubernetes-validations: + - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) : true' + message: ingressIPs must contain at most one IPv4 address and at most one IPv6 address + machineNetworks: + description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. Each network is provided in the CIDR format and should be IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8". + type: array + maxItems: 32 + items: + description: CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + nodeNetworking: + description: nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. + type: object properties: - endpoint: - description: endpoint holds the endpoint address - and port data of the Prism Element (cluster). - When a cluster-wide proxy is installed, by - default, this endpoint will be accessed via - the proxy. Should you wish for communication - with this endpoint not to be proxied, please - add the endpoint to the proxy spec.noProxy - list. + external: + description: external represents the network configuration of the node that is externally routable. + type: object properties: - address: - description: address is the endpoint address - (DNS name or IP address) of the Nutanix - Prism Central or Element (cluster) - maxLength: 256 + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + type: array + items: + type: string + x-kubernetes-list-type: atomic + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` type: string - port: - description: port is the port number to - access the Nutanix Prism Central or Element - (cluster) - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - address - - port + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + type: array + items: + type: string + x-kubernetes-list-type: set + internal: + description: internal represents the network configuration of the node that is routable only within the cluster. type: object - name: - description: name is the name of the Prism Element - (cluster). This value will correspond with - the cluster field configured on other resources - (eg Machines, PVCs, etc). - maxLength: 256 - type: string - required: - - endpoint - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - prismCentral - - prismElements - type: object - openstack: - description: OpenStack contains settings specific to the - OpenStack infrastructure provider. - properties: - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IP addresses, - one from IPv4 family and one from IPv6. In single - stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs - will be used. Once set, the list cannot be completely - removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) - : true' - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IP addresses, one - from IPv4 family and one from IPv6. In single stack - clusters a single IP address is expected. When omitted, - values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed - (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) - : true' - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. Each - network is provided in the CIDR format and should - be IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) - type: string - maxItems: 32 - type: array - x-kubernetes-list-type: set - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once - set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - ovirt: - description: Ovirt contains settings specific to the oVirt - infrastructure provider. - type: object - powervs: - description: PowerVS contains settings specific to the - IBM Power Systems Virtual Servers infrastructure provider. - properties: - serviceEndpoints: - description: serviceEndpoints is a list of custom - endpoints which will override the default service - endpoints of a Power VS service. - items: - description: PowervsServiceEndpoint stores the configuration - of a custom url to override existing defaults - of PowerVS Services. - properties: - name: - description: name is the name of the Power VS - service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api - ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller - Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - pattern: ^[a-z0-9-]+$ - type: string - url: - description: url is fully qualified URI with - scheme https, that overrides the default generated - endpoint for a client. This must be provided - and cannot be empty. - format: uri - pattern: ^https:// - type: string - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: type is the underlying infrastructure provider - for the cluster. This value controls whether infrastructure - automation such as service load balancers, dynamic volume - provisioning, machine creation and deletion, and other - integrations are enabled. If None, no infrastructure - automation is enabled. Allowed values are "AWS", "Azure", - "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", - "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", - "Nutanix" and "None". Individual components may not - support all platforms, and must handle unrecognized - platforms as None if they do not support that platform. - enum: + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + type: array + items: + type: string + x-kubernetes-list-type: atomic + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + type: array + items: + type: string + x-kubernetes-list-type: set + vcenters: + description: vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported. --- + type: array + maxItems: 1 + minItems: 0 + items: + description: VSpherePlatformVCenterSpec stores the vCenter connection fields. This is used by the vSphere CCM. + type: object + required: + - datacenters + - server + properties: + datacenters: + description: The vCenter Datacenters in which the RHCOS vm guests are located. This field will be used by the Cloud Controller Manager. Each datacenter listed here should be used within a topology. + type: array + minItems: 1 + items: + type: string + x-kubernetes-list-type: set + port: + description: port is the TCP port that will be used to communicate to the vCenter endpoint. When omitted, this means the user has no opinion and it is up to the platform to choose a sensible default, which is subject to change over time. + type: integer + format: int32 + maximum: 32767 + minimum: 1 + server: + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + type: string + maxLength: 255 + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' + message: apiServerInternalIPs list is required once set + - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' + message: ingressIPs list is required once set + status: + description: status holds observed values from the cluster. They may not be overridden. + type: object + properties: + apiServerInternalURI: + description: apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. + type: string + apiServerURL: + description: apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. + type: string + controlPlaneTopology: + description: controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + type: string + default: HighlyAvailable + enum: + - HighlyAvailable + - SingleReplica + - External + cpuPartitioning: + description: cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are "None" and "AllNodes". When omitted, the default value is "None". The default value of "None" indicates that no nodes will be setup with CPU partitioning. The "AllNodes" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API. + type: string + default: None + enum: + - None + - AllNodes + etcdDiscoveryDomain: + description: 'etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.' + type: string + infrastructureName: + description: infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. + type: string + infrastructureTopology: + description: 'infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is ''HighlyAvailable'', which represents the behavior operators have in a "normal" cluster. The ''SingleReplica'' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.' + type: string + default: HighlyAvailable + enum: + - HighlyAvailable + - SingleReplica + platform: + description: "platform is the underlying infrastructure provider for the cluster. \n Deprecated: Use platformStatus.type instead." + type: string + enum: - "" - AWS - Azure @@ -818,1641 +827,877 @@ spec: - AlibabaCloud - Nutanix - External - type: string - vsphere: - description: VSphere contains settings specific to the - VSphere infrastructure provider. - properties: - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IP addresses, - one from IPv4 family and one from IPv6. In single - stack clusters a single IP address is expected. - When omitted, values from the status.apiServerInternalIPs - will be used. Once set, the list cannot be completely - removed (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + platformStatus: + description: platformStatus holds status information specific to the underlying infrastructure provider. + type: object + properties: + alibabaCloud: + description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. + type: object + required: + - region + properties: + region: + description: region specifies the region for Alibaba Cloud resources created for the cluster. + type: string + pattern: ^[0-9A-Za-z-]+$ + resourceGroupID: + description: resourceGroupID is the ID of the resource group for the cluster. + type: string + pattern: ^(rg-[0-9A-Za-z]+)?$ + resourceTags: + description: resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. + type: array + maxItems: 20 + items: + description: AlibabaCloudResourceTag is the set of tags to add to apply to resources. + type: object + required: + - key + - value + properties: + key: + description: key is the key of the tag. + type: string + maxLength: 128 + minLength: 1 + value: + description: value is the value of the tag. + type: string + maxLength: 128 + minLength: 1 + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + aws: + description: AWS contains settings specific to the Amazon Web Services infrastructure provider. + type: object + properties: + region: + description: region holds the default AWS region for new AWS resources created by the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user. + type: array + maxItems: 25 + items: + description: AWSResourceTag is a tag to apply to AWS resources created for the cluster. + type: object + required: + - key + - value + properties: + key: + description: key is the key of the tag + type: string + maxLength: 128 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + value: + description: value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services. + type: string + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + x-kubernetes-list-type: atomic + serviceEndpoints: + description: ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. + type: array + items: + description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. + type: object + properties: + name: + description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + pattern: ^https:// + x-kubernetes-list-type: atomic + azure: + description: Azure contains settings specific to the Azure infrastructure provider. + type: object + properties: + armEndpoint: + description: armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. + type: string + cloudName: + description: cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to `AzurePublicCloud`. + type: string + enum: + - "" + - AzurePublicCloud + - AzureUSGovernmentCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureStackCloud + networkResourceGroupName: + description: networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. + type: string + resourceGroupName: + description: resourceGroupName is the Resource Group for new Azure resources created for the cluster. + type: string + resourceTags: + description: resourceTags is a list of additional tags to apply to Azure resources created for the cluster. See https://docs.microsoft.com/en-us/rest/api/resources/tags for information on tagging Azure resources. Due to limitations on Automation, Content Delivery Network, DNS Azure resources, a maximum of 15 tags may be applied. OpenShift reserves 5 tags for internal use, allowing 10 tags for user configuration. + type: array + maxItems: 10 + items: + description: AzureResourceTag is a tag to apply to Azure resources created for the cluster. + type: object + required: + - key + - value + properties: + key: + description: key is the key part of the tag. A tag key can have a maximum of 128 characters and cannot be empty. Key must begin with a letter, end with a letter, number or underscore, and must contain only alphanumeric characters and the following special characters `_ . -`. + type: string + maxLength: 128 + minLength: 1 + pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ + value: + description: 'value is the value part of the tag. A tag value can have a maximum of 256 characters and cannot be empty. Value must contain only alphanumeric characters and the following special characters `_ + , - . / : ; < = > ? @`.' + type: string + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.=+-@]+$ + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) + message: resourceTags are immutable and may only be configured during installation + x-kubernetes-validations: + - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)' + message: resourceTags may only be configured during installation + baremetal: + description: BareMetal contains settings specific to the BareMetal platform. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: apiServerInternalIPs must contain at most - one IPv4 address and at most one IPv6 address - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) - : true' - failureDomains: - description: failureDomains contains the definition - of region, zone and the vCenter topology. If this - is omitted failure domains (regions and zones) will - not be used. - items: - description: VSpherePlatformFailureDomainSpec holds - the region and zone failure domain and the vCenter - topology of that failure domain. + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + loadBalancer: + description: loadBalancer defines how the load balancer used by the cluster is configured. + type: object + default: + type: OpenShiftManagedDefault properties: - name: - description: name defines the arbitrary but - unique name of a failure domain. - maxLength: 256 - minLength: 1 - type: string - region: - description: region defines the name of a region - tag that will be attached to a vCenter datacenter. - The tag category in vCenter must be named - openshift-region. - maxLength: 80 - minLength: 1 + type: + description: type defines the type of load balancer used by the cluster on BareMetal platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. type: string - server: - description: server is the fully-qualified domain - name or the IP address of the vCenter server. - --- - maxLength: 255 - minLength: 1 + default: OpenShiftManagedDefault + enum: + - OpenShiftManagedDefault + - UserManaged + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: type is immutable once set + machineNetworks: + description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. + type: array + maxItems: 32 + items: + description: CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + type: string + equinixMetal: + description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + external: + description: External contains settings specific to the generic External infrastructure provider. + type: object + properties: + cloudControllerManager: + description: cloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI). When omitted, new nodes will be not tainted and no extra initialization from the cloud controller manager is expected. + type: object + properties: + state: + description: "state determines whether or not an external Cloud Controller Manager is expected to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager \n Valid values are \"External\", \"None\" and omitted. When set to \"External\", new nodes will be tainted as uninitialized when created, preventing them from running workloads until they are initialized by the cloud controller manager. When omitted or set to \"None\", new nodes will be not tainted and no extra initialization from the cloud controller manager is expected." type: string - topology: - description: Topology describes a given failure - domain using vSphere constructs + enum: + - "" + - External + - None + x-kubernetes-validations: + - rule: self == oldSelf + message: state is immutable once set + x-kubernetes-validations: + - rule: (has(self.state) == has(oldSelf.state)) || (!has(oldSelf.state) && self.state != "External") + message: state may not be added or removed once set + x-kubernetes-validations: + - rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) + message: cloudControllerManager may not be added or removed once set + gcp: + description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. + type: object + properties: + cloudLoadBalancerConfig: + description: cloudLoadBalancerConfig is a union that contains the IP addresses of API, API-Int and Ingress Load Balancers created on the cloud platform. These values would not be populated on on-prem platforms. These Load Balancer IPs are used to configure the in-cluster DNS instances for API, API-Int and Ingress services. `dnsType` is expected to be set to `ClusterHosted` when these Load Balancer IP addresses are populated and used. + type: object + default: + dnsType: PlatformDefault + properties: + clusterHosted: + description: clusterHosted holds the IP addresses of API, API-Int and Ingress Load Balancers on Cloud Platforms. The DNS solution hosted within the cluster use these IP addresses to provide resolution for API, API-Int and Ingress services. + type: object properties: - computeCluster: - description: computeCluster the absolute - path of the vCenter cluster in which virtual - machine will be located. The absolute - path is of the form //host/. - The maximum length of the path is 2048 - characters. - maxLength: 2048 - pattern: ^/.*?/host/.*? - type: string - datacenter: - description: datacenter is the name of vCenter - datacenter in which virtual machines will - be located. The maximum length of the - datacenter name is 80 characters. - maxLength: 80 - type: string - datastore: - description: datastore is the absolute path - of the datastore in which the virtual - machine is located. The absolute path - is of the form //datastore/ - The maximum length of the path is 2048 - characters. - maxLength: 2048 - pattern: ^/.*?/datastore/.*? - type: string - folder: - description: folder is the absolute path - of the folder where virtual machines are - located. The absolute path is of the form - //vm/. The maximum - length of the path is 2048 characters. - maxLength: 2048 - pattern: ^/.*?/vm/.*? - type: string - networks: - description: networks is the list of port - group network names within this failure - domain. Currently, we only support a single - interface per RHCOS virtual machine. The - available networks (port groups) can be - listed using `govc ls 'network/*'` The - single interface should be the absolute - path of the form //network/. + apiIntLoadBalancerIPs: + description: apiIntLoadBalancerIPs holds Load Balancer IPs for the internal API service. These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. Entries in the apiIntLoadBalancerIPs must be unique. A maximum of 16 IP addresses are permitted. + type: array + format: ip + maxItems: 16 items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). type: string - maxItems: 1 - minItems: 1 + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + apiLoadBalancerIPs: + description: apiLoadBalancerIPs holds Load Balancer IPs for the API service. These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. Could be empty for private clusters. Entries in the apiLoadBalancerIPs must be unique. A maximum of 16 IP addresses are permitted. type: array - x-kubernetes-list-type: atomic - resourcePool: - description: resourcePool is the absolute - path of the resource pool where virtual - machines will be created. The absolute - path is of the form //host//Resources/. - The maximum length of the path is 2048 - characters. - maxLength: 2048 - pattern: ^/.*?/host/.*?/Resources.* - type: string - template: - description: "template is the full inventory - path of the virtual machine or template - that will be cloned when creating new - machines in this failure domain. The maximum - length of the path is 2048 characters. - \n When omitted, the template will be - calculated by the control plane machineset - operator based on the region and zone - defined in VSpherePlatformFailureDomainSpec. - For example, for zone=zonea, region=region1, - and infrastructure name=test, the template - path would be calculated as //vm/test-rhcos-region1-zonea." - maxLength: 2048 - minLength: 1 - pattern: ^/.*?/vm/.*? - type: string - required: - - computeCluster - - datacenter - - datastore - - networks - type: object - zone: - description: zone defines the name of a zone - tag that will be attached to a vCenter cluster. - The tag category in vCenter must be named - openshift-zone. - maxLength: 80 - minLength: 1 + format: ip + maxItems: 16 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + ingressLoadBalancerIPs: + description: ingressLoadBalancerIPs holds IPs for Ingress Load Balancers. These Load Balancer IP addresses can be IPv4 and/or IPv6 addresses. Entries in the ingressLoadBalancerIPs must be unique. A maximum of 16 IP addresses are permitted. + type: array + format: ip + maxItems: 16 + items: + description: IP is an IP address (for example, "10.0.0.0" or "fd00::"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + x-kubernetes-list-type: set + dnsType: + description: dnsType indicates the type of DNS solution in use within the cluster. Its default value of `PlatformDefault` indicates that the cluster's DNS is the default provided by the cloud platform. It can be set to `ClusterHosted` to bypass the configuration of the cloud default DNS. In this mode, the cluster needs to provide a self-hosted DNS solution for the cluster's installation to succeed. The cluster's use of the cloud's Load Balancers is unaffected by this setting. The value is immutable after it has been set at install time. Currently, there is no way for the customer to add additional DNS entries into the cluster hosted DNS. Enabling this functionality allows the user to start their own DNS solution outside the cluster after installation is complete. The customer would be responsible for configuring this custom DNS solution, and it can be run in addition to the in-cluster DNS solution. type: string - required: - - name - - region - - server - - topology - - zone - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IP addresses, one - from IPv4 family and one from IPv6. In single stack - clusters a single IP address is expected. When omitted, - values from the status.ingressIPs will be used. - Once set, the list cannot be completely removed - (but its second entry can). - items: - description: IP is an IP address (for example, "10.0.0.0" - or "fd00::"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*) + default: PlatformDefault + enum: + - ClusterHosted + - PlatformDefault + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: dnsType is immutable + nullable: true + x-kubernetes-validations: + - rule: 'has(self.dnsType) && self.dnsType != ''ClusterHosted'' ? !has(self.clusterHosted) : true' + message: clusterHosted is permitted only when dnsType is ClusterHosted + projectID: + description: resourceGroupName is the Project ID for new GCP resources created for the cluster. type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - x-kubernetes-validations: - - message: ingressIPs must contain at most one IPv4 - address and at most one IPv6 address - rule: 'size(self) == 2 ? self.exists_one(x, x.contains('':'')) - : true' - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. Each - network is provided in the CIDR format and should - be IPv4 or IPv6, for example "10.0.0.0/8" or "fd00::/8". - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + region: + description: region holds the region for new GCP resources created for the cluster. type: string - maxItems: 32 - type: array - x-kubernetes-list-type: set - nodeNetworking: - description: nodeNetworking contains the definition - of internal and external network constraints for - assigning the node's networking. If this field is - omitted, networking defaults to the legacy address - selection behavior which is to only support a single - address and return the first one found. - properties: - external: - description: external represents the network configuration - of the node that is externally routable. + resourceLabels: + description: resourceLabels is a list of additional labels to apply to GCP resources created for the cluster. See https://cloud.google.com/compute/docs/labeling-resources for information on labeling GCP resources. GCP supports a maximum of 64 labels per resource. OpenShift reserves 32 labels for internal use, allowing 32 labels for user configuration. + type: array + maxItems: 32 + items: + description: GCPResourceLabel is a label to apply to GCP resources created for the cluster. + type: object + required: + - key + - value properties: - excludeNetworkSubnetCidr: - description: excludeNetworkSubnetCidr IP addresses - in subnet ranges will be excluded when selecting - the IP address from the VirtualMachine's - VM for use in the status.addresses fields. - --- - items: - type: string - type: array - x-kubernetes-list-type: atomic - network: - description: network VirtualMachine's VM Network - names that will be used to when searching - for status.addresses fields. Note that if - internal.networkSubnetCIDR and external.networkSubnetCIDR - are not set, then the vNIC associated to - this network must only have a single IP - address assigned to it. The available networks - (port groups) can be listed using `govc - ls 'network/*'` + key: + description: key is the key part of the label. A label key can have a maximum of 63 characters and cannot be empty. Label key must begin with a lowercase letter, and must contain only lowercase letters, numeric characters, and the following special characters `_-`. Label key must not have the reserved prefixes `kubernetes-io` and `openshift-io`. type: string - networkSubnetCidr: - description: networkSubnetCidr IP address - on VirtualMachine's network interfaces included - in the fields' CIDRs that will be used in - respective status.addresses fields. --- - items: - type: string - type: array - x-kubernetes-list-type: set + maxLength: 63 + minLength: 1 + pattern: ^[a-z][0-9a-z_-]{0,62}$ + x-kubernetes-validations: + - rule: '!self.startsWith(''openshift-io'') && !self.startsWith(''kubernetes-io'')' + message: label keys must not start with either `openshift-io` or `kubernetes-io` + value: + description: value is the value part of the label. A label value can have a maximum of 63 characters and cannot be empty. Value must contain only lowercase letters, numeric characters, and the following special characters `_-`. + type: string + maxLength: 63 + minLength: 1 + pattern: ^[0-9a-z_-]{1,63}$ + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + x-kubernetes-validations: + - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) + message: resourceLabels are immutable and may only be configured during installation + resourceTags: + description: resourceTags is a list of additional tags to apply to GCP resources created for the cluster. See https://cloud.google.com/resource-manager/docs/tags/tags-overview for information on tagging GCP resources. GCP supports a maximum of 50 tags per resource. + type: array + maxItems: 50 + items: + description: GCPResourceTag is a tag to apply to GCP resources created for the cluster. type: object - internal: - description: internal represents the network configuration - of the node that is routable only within the - cluster. + required: + - key + - parentID + - value properties: - excludeNetworkSubnetCidr: - description: excludeNetworkSubnetCidr IP addresses - in subnet ranges will be excluded when selecting - the IP address from the VirtualMachine's - VM for use in the status.addresses fields. - --- - items: - type: string - type: array - x-kubernetes-list-type: atomic - network: - description: network VirtualMachine's VM Network - names that will be used to when searching - for status.addresses fields. Note that if - internal.networkSubnetCIDR and external.networkSubnetCIDR - are not set, then the vNIC associated to - this network must only have a single IP - address assigned to it. The available networks - (port groups) can be listed using `govc - ls 'network/*'` + key: + description: key is the key part of the tag. A tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`. type: string - networkSubnetCidr: - description: networkSubnetCidr IP address - on VirtualMachine's network interfaces included - in the fields' CIDRs that will be used in - respective status.addresses fields. --- - items: - type: string - type: array - x-kubernetes-list-type: set + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]([0-9A-Za-z_.-]{0,61}[a-zA-Z0-9])?$ + parentID: + description: 'parentID is the ID of the hierarchical resource where the tags are defined, e.g. at the Organization or the Project level. To find the Organization or Project ID refer to the following pages: https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id, https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects. An OrganizationID must consist of decimal numbers, and cannot have leading zeroes. A ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen.' + type: string + maxLength: 32 + minLength: 1 + pattern: (^[1-9][0-9]{0,31}$)|(^[a-z][a-z0-9-]{4,28}[a-z0-9]$) + value: + description: value is the value part of the tag. A tag value can have a maximum of 63 characters and cannot be empty. Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces. + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z0-9]([0-9A-Za-z_.@%=+:,*#&()\[\]{}\-\s]{0,61}[a-zA-Z0-9])?$ + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + x-kubernetes-validations: + - rule: self.all(x, x in oldSelf) && oldSelf.all(x, x in self) + message: resourceTags are immutable and may only be configured during installation + x-kubernetes-validations: + - rule: '!has(oldSelf.resourceLabels) && !has(self.resourceLabels) || has(oldSelf.resourceLabels) && has(self.resourceLabels)' + message: resourceLabels may only be configured during installation + - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) || has(oldSelf.resourceTags) && has(self.resourceTags)' + message: resourceTags may only be configured during installation + ibmcloud: + description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. + type: object + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain + type: string + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain + type: string + location: + description: Location is where the cluster has been deployed + type: string + providerType: + description: ProviderType indicates the type of cluster that was created + type: string + resourceGroupName: + description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. + type: string + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of an IBM Cloud service. These endpoints are consumed by components within the cluster to reach the respective IBM Cloud Services. + type: array + items: + description: IBMCloudServiceEndpoint stores the configuration of a custom url to override existing defaults of IBM Cloud Services. type: object - type: object - vcenters: - description: vcenters holds the connection details - for services to communicate with vCenter. Currently, - only a single vCenter is supported. --- - items: - description: VSpherePlatformVCenterSpec stores the - vCenter connection fields. This is used by the - vSphere CCM. - properties: - datacenters: - description: The vCenter Datacenters in which - the RHCOS vm guests are located. This field - will be used by the Cloud Controller Manager. - Each datacenter listed here should be used - within a topology. - items: + required: + - name + - url + properties: + name: + description: 'name is the name of the IBM Cloud service. Possible values are: CIS, COS, DNSServices, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. For example, the IBM Cloud Private IAM service could be configured with the service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com`' type: string - minItems: 1 - type: array - x-kubernetes-list-type: set - port: - description: port is the TCP port that will - be used to communicate to the vCenter endpoint. - When omitted, this means the user has no opinion - and it is up to the platform to choose a sensible - default, which is subject to change over time. - format: int32 - maximum: 32767 - minimum: 1 - type: integer - server: - description: server is the fully-qualified domain - name or the IP address of the vCenter server. - --- - maxLength: 255 - type: string - required: - - datacenters - - server - type: object - maxItems: 1 - minItems: 0 - type: array - x-kubernetes-list-type: atomic - type: object - x-kubernetes-validations: - - message: apiServerInternalIPs list is required once - set - rule: '!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)' - - message: ingressIPs list is required once set - rule: '!has(oldSelf.ingressIPs) || has(self.ingressIPs)' - type: object - type: object - status: - description: status holds observed values from the cluster. They - may not be overridden. - properties: - apiServerInternalURI: - description: apiServerInternalURL is a valid URI with scheme - 'https', address and optionally a port (defaulting to 443). apiServerInternalURL - can be used by components like kubelets, to contact the - Kubernetes API server using the infrastructure provider - rather than Kubernetes networking. - type: string - apiServerURL: - description: apiServerURL is a valid URI with scheme 'https', - address and optionally a port (defaulting to 443). apiServerURL - can be used by components like the web console to tell users - where to find the Kubernetes API. - type: string - controlPlaneTopology: - default: HighlyAvailable - description: controlPlaneTopology expresses the expectations - for operands that normally run on control nodes. The default - is 'HighlyAvailable', which represents the behavior operators - have in a "normal" cluster. The 'SingleReplica' mode will - be used in single-node deployments and the operators should - not configure the operand for highly-available operation - The 'External' mode indicates that the control plane is - hosted externally to the cluster and that its components - are not visible within the cluster. - enum: - - HighlyAvailable - - SingleReplica - - External - type: string - cpuPartitioning: - default: None - description: cpuPartitioning expresses if CPU partitioning - is a currently enabled feature in the cluster. CPU Partitioning - means that this cluster can support partitioning workloads - to specific CPU Sets. Valid values are "None" and "AllNodes". - When omitted, the default value is "None". The default value - of "None" indicates that no nodes will be setup with CPU - partitioning. The "AllNodes" value indicates that all nodes - have been setup with CPU partitioning, and can then be further - configured via the PerformanceProfile API. - enum: - - None - - AllNodes - type: string - etcdDiscoveryDomain: - description: 'etcdDiscoveryDomain is the domain used to fetch - the SRV records for discovering etcd servers and clients. - For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery - deprecated: as of 4.7, this field is no longer set or honored. It - will be removed in a future release.' - type: string - infrastructureName: - description: infrastructureName uniquely identifies a cluster - with a human friendly name. Once set it should not be changed. - Must be of max length 27 and must have only alphanumeric - or hyphen characters. - type: string - infrastructureTopology: - default: HighlyAvailable - description: 'infrastructureTopology expresses the expectations - for infrastructure services that do not run on control plane - nodes, usually indicated by a node selector for a `role` - value other than `master`. The default is ''HighlyAvailable'', - which represents the behavior operators have in a "normal" - cluster. The ''SingleReplica'' mode will be used in single-node - deployments and the operators should not configure the operand - for highly-available operation NOTE: External topology mode - is not applicable for this field.' - enum: - - HighlyAvailable - - SingleReplica - type: string - platform: - description: "platform is the underlying infrastructure provider - for the cluster. \n Deprecated: Use platformStatus.type - instead." - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - platformStatus: - description: platformStatus holds status information specific - to the underlying infrastructure provider. - properties: - alibabaCloud: - description: AlibabaCloud contains settings specific to - the Alibaba Cloud infrastructure provider. - properties: - region: - description: region specifies the region for Alibaba - Cloud resources created for the cluster. - pattern: ^[0-9A-Za-z-]+$ - type: string - resourceGroupID: - description: resourceGroupID is the ID of the resource - group for the cluster. - pattern: ^(rg-[0-9A-Za-z]+)?$ - type: string - resourceTags: - description: resourceTags is a list of additional - tags to apply to Alibaba Cloud resources created - for the cluster. - items: - description: AlibabaCloudResourceTag is the set - of tags to add to apply to resources. - properties: - key: - description: key is the key of the tag. - maxLength: 128 - minLength: 1 - type: string - value: - description: value is the value of the tag. - maxLength: 128 - minLength: 1 - type: string - required: - - key - - value - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - required: - - region - type: object - aws: - description: AWS contains settings specific to the Amazon - Web Services infrastructure provider. - properties: - region: - description: region holds the default AWS region for - new AWS resources created by the cluster. - type: string - resourceTags: - description: resourceTags is a list of additional - tags to apply to AWS resources created for the cluster. - See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html - for information on tagging AWS resources. AWS supports - a maximum of 50 tags per resource. OpenShift reserves - 25 tags for its use, leaving 25 tags available for - the user. - items: - description: AWSResourceTag is a tag to apply to - AWS resources created for the cluster. - properties: - key: - description: key is the key of the tag - maxLength: 128 - minLength: 1 - pattern: ^[0-9A-Za-z_.:/=+-@]+$ - type: string - value: - description: value is the value of the tag. - Some AWS service do not support empty values. - Since tags are added to resources in many - services, the length of the tag value must - meet the requirements of all services. - maxLength: 256 - minLength: 1 - pattern: ^[0-9A-Za-z_.:/=+-@]+$ - type: string - required: - - key - - value + enum: + - CIS + - COS + - DNSServices + - GlobalSearch + - GlobalTagging + - HyperProtect + - IAM + - KeyProtect + - ResourceController + - ResourceManager + - VPC + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + x-kubernetes-validations: + - rule: isURL(self) + message: url must be a valid absolute URL + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + kubevirt: + description: Kubevirt contains settings specific to the kubevirt infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + type: string + nutanix: + description: Nutanix contains settings specific to the Nutanix infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + loadBalancer: + description: loadBalancer defines how the load balancer used by the cluster is configured. type: object - maxItems: 25 - type: array - x-kubernetes-list-type: atomic - serviceEndpoints: - description: ServiceEndpoints list contains custom - endpoints which will override default service endpoint - of AWS Services. There must be only one ServiceEndpoint - for a service. - items: - description: AWSServiceEndpoint store the configuration - of a custom url to override existing defaults - of AWS Services. + default: + type: OpenShiftManagedDefault properties: - name: - description: name is the name of the AWS service. - The list of all the service names can be found - at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html - This must be provided and cannot be empty. - pattern: ^[a-z0-9-]+$ - type: string - url: - description: url is fully qualified URI with - scheme https, that overrides the default generated - endpoint for a client. This must be provided - and cannot be empty. - pattern: ^https:// + type: + description: type defines the type of load balancer used by the cluster on Nutanix platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. type: string + default: OpenShiftManagedDefault + enum: + - OpenShiftManagedDefault + - UserManaged + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: type is immutable once set + openstack: + description: OpenStack contains settings specific to the OpenStack infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." + type: string + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + cloudName: + description: cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). + type: string + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + loadBalancer: + description: loadBalancer defines how the load balancer used by the cluster is configured. type: object - type: array - x-kubernetes-list-type: atomic - type: object - azure: - description: Azure contains settings specific to the Azure - infrastructure provider. - properties: - armEndpoint: - description: armEndpoint specifies a URL to use for - resource management in non-soverign clouds such - as Azure Stack. - type: string - cloudName: - description: cloudName is the name of the Azure cloud - environment which can be used to configure the Azure - SDK with the appropriate Azure API endpoints. If - empty, the value is equal to `AzurePublicCloud`. - enum: - - "" - - AzurePublicCloud - - AzureUSGovernmentCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureStackCloud - type: string - networkResourceGroupName: - description: networkResourceGroupName is the Resource - Group for network resources like the Virtual Network - and Subnets used by the cluster. If empty, the value - is same as ResourceGroupName. - type: string - resourceGroupName: - description: resourceGroupName is the Resource Group - for new Azure resources created for the cluster. - type: string - resourceTags: - description: resourceTags is a list of additional - tags to apply to Azure resources created for the - cluster. See https://docs.microsoft.com/en-us/rest/api/resources/tags - for information on tagging Azure resources. Due - to limitations on Automation, Content Delivery Network, - DNS Azure resources, a maximum of 15 tags may be - applied. OpenShift reserves 5 tags for internal - use, allowing 10 tags for user configuration. - items: - description: AzureResourceTag is a tag to apply - to Azure resources created for the cluster. + default: + type: OpenShiftManagedDefault properties: - key: - description: key is the key part of the tag. - A tag key can have a maximum of 128 characters - and cannot be empty. Key must begin with a - letter, end with a letter, number or underscore, - and must contain only alphanumeric characters - and the following special characters `_ . - -`. - maxLength: 128 - minLength: 1 - pattern: ^[a-zA-Z]([0-9A-Za-z_.-]*[0-9A-Za-z_])?$ - type: string - value: - description: 'value is the value part of the - tag. A tag value can have a maximum of 256 - characters and cannot be empty. Value must - contain only alphanumeric characters and the - following special characters `_ + , - . / - : ; < = > ? @`.' - maxLength: 256 - minLength: 1 - pattern: ^[0-9A-Za-z_.=+-@]+$ + type: + description: type defines the type of load balancer used by the cluster on OpenStack platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. type: string - required: - - key - - value - type: object - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: resourceTags are immutable and may only - be configured during installation - rule: self.all(x, x in oldSelf) && oldSelf.all(x, - x in self) - type: object - x-kubernetes-validations: - - message: resourceTags may only be configured during - installation - rule: '!has(oldSelf.resourceTags) && !has(self.resourceTags) - || has(oldSelf.resourceTags) && has(self.resourceTags)' - baremetal: - description: BareMetal contains settings specific to the - BareMetal platform. - properties: - apiServerInternalIP: - description: "apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. \n Deprecated: Use - APIServerInternalIPs instead." - type: string - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise - only one. - format: ip - items: + default: OpenShiftManagedDefault + enum: + - OpenShiftManagedDefault + - UserManaged + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: type is immutable once set + machineNetworks: + description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. + type: array + maxItems: 32 + items: + description: CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). + type: string + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - ingressIP: - description: "ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. \n Deprecated: Use IngressIPs - instead." - type: string - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IPs otherwise only - one. - format: ip - items: + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on BareMetal platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." type: string - maxItems: 32 - type: array - x-kubernetes-list-type: set - nodeDNSIP: - description: nodeDNSIP is the IP address for the internal - DNS used by the nodes. Unlike the one managed by - the DNS operator, `NodeDNSIP` provides name resolution - for the nodes themselves. There is no DNS-as-a-service - for BareMetal deployments. In order to minimize - necessary changes to the datacenter DNS, a DNS service - is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - equinixMetal: - description: EquinixMetal contains settings specific to - the Equinix Metal infrastructure provider. - properties: - apiServerInternalIP: - description: apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. - type: string - ingressIP: - description: ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. - type: string - type: object - external: - description: External contains settings specific to the - generic External infrastructure provider. - properties: - cloudControllerManager: - description: cloudControllerManager contains settings - specific to the external Cloud Controller Manager - (a.k.a. CCM or CPI). When omitted, new nodes will - be not tainted and no extra initialization from - the cloud controller manager is expected. - properties: - state: - description: "state determines whether or not - an external Cloud Controller Manager is expected - to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager - \n Valid values are \"External\", \"None\" and - omitted. When set to \"External\", new nodes - will be tainted as uninitialized when created, - preventing them from running workloads until - they are initialized by the cloud controller - manager. When omitted or set to \"None\", new - nodes will be not tainted and no extra initialization - from the cloud controller manager is expected." - enum: - - "" - - External - - None + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: type: string - x-kubernetes-validations: - - message: state is immutable once set - rule: self == oldSelf - type: object - x-kubernetes-validations: - - message: state may not be added or removed once - set - rule: (has(self.state) == has(oldSelf.state)) || - (!has(oldSelf.state) && self.state != "External") - type: object - x-kubernetes-validations: - - message: cloudControllerManager may not be added or - removed once set - rule: has(self.cloudControllerManager) == has(oldSelf.cloudControllerManager) - gcp: - description: GCP contains settings specific to the Google - Cloud Platform infrastructure provider. - properties: - projectID: - description: resourceGroupName is the Project ID for - new GCP resources created for the cluster. - type: string - region: - description: region holds the region for new GCP resources - created for the cluster. - type: string - type: object - ibmcloud: - description: IBMCloud contains settings specific to the - IBMCloud infrastructure provider. - properties: - cisInstanceCRN: - description: CISInstanceCRN is the CRN of the Cloud - Internet Services instance managing the DNS zone - for the cluster's base domain - type: string - dnsInstanceCRN: - description: DNSInstanceCRN is the CRN of the DNS - Services instance managing the DNS zone for the - cluster's base domain - type: string - location: - description: Location is where the cluster has been - deployed - type: string - providerType: - description: ProviderType indicates the type of cluster - that was created - type: string - resourceGroupName: - description: ResourceGroupName is the Resource Group - for new IBMCloud resources created for the cluster. - type: string - serviceEndpoints: - description: serviceEndpoints is a list of custom - endpoints which will override the default service - endpoints of an IBM Cloud service. These endpoints - are consumed by components within the cluster to - reach the respective IBM Cloud Services. - items: - description: IBMCloudServiceEndpoint stores the - configuration of a custom url to override existing - defaults of IBM Cloud Services. + x-kubernetes-list-type: set + loadBalancer: + description: loadBalancer defines how the load balancer used by the cluster is configured. + type: object + default: + type: OpenShiftManagedDefault properties: - name: - description: 'name is the name of the IBM Cloud - service. Possible values are: CIS, COS, DNSServices, - GlobalSearch, GlobalTagging, HyperProtect, - IAM, KeyProtect, ResourceController, ResourceManager, - or VPC. For example, the IBM Cloud Private - IAM service could be configured with the service - `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` - Whereas the IBM Cloud Private VPC service - for US South (Dallas) could be configured - with the service `name` of `VPC` and `url` - of `https://us.south.private.iaas.cloud.ibm.com`' - enum: - - CIS - - COS - - DNSServices - - GlobalSearch - - GlobalTagging - - HyperProtect - - IAM - - KeyProtect - - ResourceController - - ResourceManager - - VPC - type: string - url: - description: url is fully qualified URI with - scheme https, that overrides the default generated - endpoint for a client. This must be provided - and cannot be empty. + type: + description: type defines the type of load balancer used by the cluster on Ovirt platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. type: string + default: OpenShiftManagedDefault + enum: + - OpenShiftManagedDefault + - UserManaged x-kubernetes-validations: - - message: url must be a valid absolute URL - rule: isURL(self) - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - kubevirt: - description: Kubevirt contains settings specific to the - kubevirt infrastructure provider. - properties: - apiServerInternalIP: - description: apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. - type: string - ingressIP: - description: ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. - type: string - type: object - nutanix: - description: Nutanix contains settings specific to the - Nutanix infrastructure provider. - properties: - apiServerInternalIP: - description: "apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. \n Deprecated: Use - APIServerInternalIPs instead." - type: string - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise - only one. - format: ip - items: + - rule: oldSelf == '' || self == oldSelf + message: type is immutable once set + nodeDNSIP: + description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release.' type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - ingressIP: - description: "ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. \n Deprecated: Use IngressIPs - instead." - type: string - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IPs otherwise only - one. - format: ip - items: + powervs: + description: PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. + type: object + properties: + cisInstanceCRN: + description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on Nutanix platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - type: object - openstack: - description: OpenStack contains settings specific to the - OpenStack infrastructure provider. - properties: - apiServerInternalIP: - description: "apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. \n Deprecated: Use - APIServerInternalIPs instead." - type: string - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise - only one. - format: ip - items: + dnsInstanceCRN: + description: DNSInstanceCRN is the CRN of the DNS Services instance managing the DNS zone for the cluster's base domain type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - cloudName: - description: cloudName is the name of the desired - OpenStack cloud in the client configuration file - (`clouds.yaml`). - type: string - ingressIP: - description: "ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. \n Deprecated: Use IngressIPs - instead." - type: string - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IPs otherwise only - one. - format: ip - items: + region: + description: region holds the default Power VS region for new Power VS resources created by the cluster. type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on OpenStack platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + resourceGroup: + description: 'resourceGroup is the resource group name for new IBMCloud resources created for a cluster. The resource group specified here will be used by cluster-image-registry-operator to set up a COS Instance in IBMCloud for the cluster registry. More about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. When omitted, the image registry operator won''t be able to configure storage, which results in the image registry cluster operator not being in an available state.' type: string - maxItems: 32 - type: array - x-kubernetes-list-type: set - nodeDNSIP: - description: nodeDNSIP is the IP address for the internal - DNS used by the nodes. Unlike the one managed by - the DNS operator, `NodeDNSIP` provides name resolution - for the nodes themselves. There is no DNS-as-a-service - for OpenStack deployments. In order to minimize - necessary changes to the datacenter DNS, a DNS service - is hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - ovirt: - description: Ovirt contains settings specific to the oVirt - infrastructure provider. - properties: - apiServerInternalIP: - description: "apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. \n Deprecated: Use - APIServerInternalIPs instead." - type: string - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise - only one. - format: ip - items: + maxLength: 40 + pattern: ^[a-zA-Z0-9-_ ]+$ + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: resourceGroup is immutable once set + serviceEndpoints: + description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + type: array + items: + description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + type: object + required: + - name + - url + properties: + name: + description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + type: string + pattern: ^[a-z0-9-]+$ + url: + description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + type: string + format: uri + pattern: ^https:// + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + zone: + description: 'zone holds the default zone for the new Power VS resources created by the cluster. Note: Currently only single-zone OCP clusters are supported' type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - ingressIP: - description: "ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. \n Deprecated: Use IngressIPs - instead." - type: string - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IPs otherwise only - one. - format: ip - items: + x-kubernetes-validations: + - rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' + message: cannot unset resourceGroup once set + type: + description: "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"EquinixMetal\", \"PowerVS\", \"AlibabaCloud\", \"Nutanix\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. \n This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set." + type: string + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + vsphere: + description: VSphere contains settings specific to the VSphere infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on Ovirt platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged + apiServerInternalIPs: + description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - nodeDNSIP: - description: 'deprecated: as of 4.6, this field is - no longer set or honored. It will be removed in - a future release.' - type: string - type: object - powervs: - description: PowerVS contains settings specific to the - Power Systems Virtual Servers infrastructure provider. - properties: - cisInstanceCRN: - description: CISInstanceCRN is the CRN of the Cloud - Internet Services instance managing the DNS zone - for the cluster's base domain - type: string - dnsInstanceCRN: - description: DNSInstanceCRN is the CRN of the DNS - Services instance managing the DNS zone for the - cluster's base domain - type: string - region: - description: region holds the default Power VS region - for new Power VS resources created by the cluster. - type: string - resourceGroup: - description: 'resourceGroup is the resource group - name for new IBMCloud resources created for a cluster. - The resource group specified here will be used by - cluster-image-registry-operator to set up a COS - Instance in IBMCloud for the cluster registry. More - about resource groups can be found here: https://cloud.ibm.com/docs/account?topic=account-rgs. - When omitted, the image registry operator won''t - be able to configure storage, which results in the - image registry cluster operator not being in an - available state.' - maxLength: 40 - pattern: ^[a-zA-Z0-9-_ ]+$ - type: string - x-kubernetes-validations: - - message: resourceGroup is immutable once set - rule: oldSelf == '' || self == oldSelf - serviceEndpoints: - description: serviceEndpoints is a list of custom - endpoints which will override the default service - endpoints of a Power VS service. - items: - description: PowervsServiceEndpoint stores the configuration - of a custom url to override existing defaults - of PowerVS Services. + x-kubernetes-list-type: set + ingressIP: + description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." + type: string + ingressIPs: + description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. + type: array + format: ip + maxItems: 2 + items: + type: string + x-kubernetes-list-type: set + loadBalancer: + description: loadBalancer defines how the load balancer used by the cluster is configured. + type: object + default: + type: OpenShiftManagedDefault properties: - name: - description: name is the name of the Power VS - service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api - ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller - Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - pattern: ^[a-z0-9-]+$ + type: + description: type defines the type of load balancer used by the cluster on VSphere platform which can be a user-managed or openshift-managed load balancer that is to be used for the OpenShift API and Ingress endpoints. When set to OpenShiftManagedDefault the static pods in charge of API and Ingress traffic load-balancing defined in the machine config operator will be deployed. When set to UserManaged these static pods will not be deployed and it is expected that the load balancer is configured out of band by the deployer. When omitted, this means no opinion and the platform is left to choose a reasonable default. The default value is OpenShiftManagedDefault. type: string - url: - description: url is fully qualified URI with - scheme https, that overrides the default generated - endpoint for a client. This must be provided - and cannot be empty. - format: uri - pattern: ^https:// - type: string - required: - - name - - url - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - zone: - description: 'zone holds the default zone for the - new Power VS resources created by the cluster. Note: - Currently only single-zone OCP clusters are supported' - type: string - type: object - x-kubernetes-validations: - - message: cannot unset resourceGroup once set - rule: '!has(oldSelf.resourceGroup) || has(self.resourceGroup)' - type: - description: "type is the underlying infrastructure provider - for the cluster. This value controls whether infrastructure - automation such as service load balancers, dynamic volume - provisioning, machine creation and deletion, and other - integrations are enabled. If None, no infrastructure - automation is enabled. Allowed values are \"AWS\", \"Azure\", - \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", - \"VSphere\", \"oVirt\", \"EquinixMetal\", \"PowerVS\", - \"AlibabaCloud\", \"Nutanix\" and \"None\". Individual - components may not support all platforms, and must handle - unrecognized platforms as None if they do not support - that platform. \n This value will be synced with to - the `status.platform` and `status.platformStatus.type`. - Currently this value cannot be changed once set." - enum: - - "" - - AWS - - Azure - - BareMetal - - GCP - - Libvirt - - OpenStack - - None - - VSphere - - oVirt - - IBMCloud - - KubeVirt - - EquinixMetal - - PowerVS - - AlibabaCloud - - Nutanix - - External - type: string - vsphere: - description: VSphere contains settings specific to the - VSphere infrastructure provider. - properties: - apiServerInternalIP: - description: "apiServerInternalIP is an IP address - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. It is the IP that the Infrastructure.status.apiServerInternalURI - points to. It is the IP for a self-hosted load balancer - in front of the API servers. \n Deprecated: Use - APIServerInternalIPs instead." - type: string - apiServerInternalIPs: - description: apiServerInternalIPs are the IP addresses - to contact the Kubernetes API server that can be - used by components inside the cluster, like kubelets - using the infrastructure rather than Kubernetes - networking. These are the IPs for a self-hosted - load balancer in front of the API servers. In dual - stack clusters this list contains two IPs otherwise - only one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - ingressIP: - description: "ingressIP is an external IP which routes - to the default ingress controller. The IP is a suitable - target of a wildcard DNS record used to resolve - default route host names. \n Deprecated: Use IngressIPs - instead." - type: string - ingressIPs: - description: ingressIPs are the external IPs which - route to the default ingress controller. The IPs - are suitable targets of a wildcard DNS record used - to resolve default route host names. In dual stack - clusters this list contains two IPs otherwise only - one. - format: ip - items: - type: string - maxItems: 2 - type: array - x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on VSphere platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged + default: OpenShiftManagedDefault + enum: + - OpenShiftManagedDefault + - UserManaged + x-kubernetes-validations: + - rule: oldSelf == '' || self == oldSelf + message: type is immutable once set + machineNetworks: + description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. + type: array + maxItems: 32 + items: + description: CIDR is an IP address range in CIDR notation (for example, "10.0.0.0/8" or "fd00::/8"). type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object - machineNetworks: - description: machineNetworks are IP networks used - to connect all the OpenShift cluster nodes. - items: - description: CIDR is an IP address range in CIDR - notation (for example, "10.0.0.0/8" or "fd00::/8"). - pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + pattern: (^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))$) + x-kubernetes-list-type: set + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for vSphere deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. type: string - maxItems: 32 - type: array - x-kubernetes-list-type: set - nodeDNSIP: - description: nodeDNSIP is the IP address for the internal - DNS used by the nodes. Unlike the one managed by - the DNS operator, `NodeDNSIP` provides name resolution - for the nodes themselves. There is no DNS-as-a-service - for vSphere deployments. In order to minimize necessary - changes to the datacenter DNS, a DNS service is - hosted as a static pod to serve those hostnames - to the nodes in the cluster. - type: string - type: object - type: object - type: object - required: - - spec - type: object - x-kubernetes-embedded-resource: true - internalRegistryPullSecret: - description: internalRegistryPullSecret is the pull secret for the - internal registry, used by rpm-ostree to pull images from the internal - registry if present - format: byte - nullable: true - type: string - ipFamilies: - description: ipFamilies indicates the IP families in use by the cluster - network - type: string - kubeAPIServerServingCAData: - description: kubeAPIServerServingCAData managed Kubelet to API Server - Cert... Rotated automatically - format: byte - type: string - network: - description: Network contains additional network related information - nullable: true - properties: - mtuMigration: - description: MTUMigration contains the MTU migration configuration. - nullable: true - properties: - machine: - description: Machine contains MTU migration configuration - for the machine's uplink. - properties: - from: - description: From is the MTU to migrate from. - format: int32 - minimum: 0 - type: integer - to: - description: To is the MTU to migrate to. - format: int32 - minimum: 0 - type: integer - type: object - network: - description: Network contains MTU migration configuration - for the default network. - properties: - from: - description: From is the MTU to migrate from. - format: int32 - minimum: 0 - type: integer - to: - description: To is the MTU to migrate to. - format: int32 - minimum: 0 - type: integer - type: object - type: object - required: - - mtuMigration - type: object - networkType: - description: 'networkType holds the type of network the cluster is - using XXX: this is temporary and will be dropped as soon as possible - in favor of a better support to start network related services the - proper way. Nobody is also changing this once the cluster is up - and running the first time, so, disallow regeneration if this changes.' - type: string - osImageURL: - description: OSImageURL is the old-format container image that contains - the OS update payload. - type: string - platform: - description: platform is deprecated, use Infra.Status.PlatformStatus.Type - instead - type: string - proxy: - description: proxy holds the current proxy configuration for the nodes - nullable: true - properties: - httpProxy: - description: httpProxy is the URL of the proxy for HTTP requests. - type: string - httpsProxy: - description: httpsProxy is the URL of the proxy for HTTPS requests. - type: string - noProxy: - description: noProxy is a comma-separated list of hostnames and/or - CIDRs for which the proxy should not be used. - type: string - type: object - pullSecret: - description: pullSecret is the default pull secret that needs to be - installed on all machines. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - releaseImage: - description: releaseImage is the image used when installing the cluster - type: string - rootCAData: - description: rootCAData specifies the root CA data - format: byte - type: string - required: - - additionalTrustBundle - - baseOSContainerImage - - cloudProviderCAData - - cloudProviderConfig - - clusterDNSIP - - dns - - images - - infra - - ipFamilies - - kubeAPIServerServingCAData - - network - - proxy - - releaseImage - - rootCAData - type: object - status: - description: ControllerConfigStatus is the status for ControllerConfig - properties: - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: ControllerConfigStatusCondition contains condition - information for ControllerConfigStatus + nullable: true + x-kubernetes-embedded-resource: true + internalRegistryPullSecret: + description: internalRegistryPullSecret is the pull secret for the internal registry, used by rpm-ostree to pull images from the internal registry if present + type: string + format: byte + nullable: true + ipFamilies: + description: ipFamilies indicates the IP families in use by the cluster network + type: string + kubeAPIServerServingCAData: + description: kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically + type: string + format: byte + network: + description: Network contains additional network related information + type: object + required: + - mtuMigration properties: - lastTransitionTime: - description: lastTransitionTime is the time of the last update - to the current status object. - format: date-time + mtuMigration: + description: MTUMigration contains the MTU migration configuration. + type: object + properties: + machine: + description: Machine contains MTU migration configuration for the machine's uplink. + type: object + properties: + from: + description: From is the MTU to migrate from. + type: integer + format: int32 + minimum: 0 + to: + description: To is the MTU to migrate to. + type: integer + format: int32 + minimum: 0 + network: + description: Network contains MTU migration configuration for the default network. + type: object + properties: + from: + description: From is the MTU to migrate from. + type: integer + format: int32 + minimum: 0 + to: + description: To is the MTU to migrate to. + type: integer + format: int32 + minimum: 0 nullable: true + nullable: true + networkType: + description: 'networkType holds the type of network the cluster is using XXX: this is temporary and will be dropped as soon as possible in favor of a better support to start network related services the proper way. Nobody is also changing this once the cluster is up and running the first time, so, disallow regeneration if this changes.' + type: string + osImageURL: + description: OSImageURL is the old-format container image that contains the OS update payload. + type: string + platform: + description: platform is deprecated, use Infra.Status.PlatformStatus.Type instead + type: string + proxy: + description: proxy holds the current proxy configuration for the nodes + type: object + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. type: string - message: - description: message provides additional information about the - current condition. This is only to be consumed by humans. - type: string - reason: - description: reason is the reason for the condition's last transition. Reasons - are PascalCase - type: string - status: - description: status of the condition, one of True, False, Unknown. + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. type: string - type: - description: type specifies the state of the operator's reconciliation - functionality. + noProxy: + description: noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. type: string - required: - - lastTransitionTime - - status - - type + nullable: true + pullSecret: + description: pullSecret is the default pull secret that needs to be installed on all machines. type: object - type: array - x-kubernetes-list-type: atomic - controllerCertificates: - description: controllerCertificates represents the latest available - observations of the automatically rotating certificates in the MCO. - items: - description: ControllerCertificate contains info about a specific - cert. properties: - bundleFile: - description: bundleFile is the larger bundle a cert comes from + apiVersion: + description: API version of the referent. type: string - notAfter: - description: notAfter is the upper boundary for validity - format: date-time + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - notBefore: - description: notBefore is the lower boundary for validity - format: date-time + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - signer: - description: signer is the cert Issuer + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - subject: - description: subject is the cert subject + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - required: - - bundleFile - - signer - - subject - type: object - type: array - x-kubernetes-list-type: atomic - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + x-kubernetes-map-type: atomic + releaseImage: + description: releaseImage is the image used when installing the cluster + type: string + rootCAData: + description: rootCAData specifies the root CA data + type: string + format: byte + status: + description: ControllerConfigStatus is the status for ControllerConfig + type: object + properties: + conditions: + description: conditions represents the latest available observations of current state. + type: array + items: + description: ControllerConfigStatusCondition contains condition information for ControllerConfigStatus + type: object + required: + - lastTransitionTime + - status + - type + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update to the current status object. + type: string + format: date-time + nullable: true + message: + description: message provides additional information about the current condition. This is only to be consumed by humans. + type: string + reason: + description: reason is the reason for the condition's last transition. Reasons are PascalCase + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the state of the operator's reconciliation functionality. + type: string + x-kubernetes-list-type: atomic + controllerCertificates: + description: controllerCertificates represents the latest available observations of the automatically rotating certificates in the MCO. + type: array + items: + description: ControllerCertificate contains info about a specific cert. + type: object + required: + - bundleFile + - signer + - subject + properties: + bundleFile: + description: bundleFile is the larger bundle a cert comes from + type: string + notAfter: + description: notAfter is the upper boundary for validity + type: string + format: date-time + notBefore: + description: notBefore is the lower boundary for validity + type: string + format: date-time + signer: + description: signer is the cert Issuer + type: string + subject: + description: subject is the cert subject + type: string + x-kubernetes-list-type: atomic + observedGeneration: + description: observedGeneration represents the generation observed by the controller. + type: integer + format: int64 diff --git a/pkg/controller/kubelet-config/helpers.go b/pkg/controller/kubelet-config/helpers.go index d8ee337ef5..0d734b5ccc 100644 --- a/pkg/controller/kubelet-config/helpers.go +++ b/pkg/controller/kubelet-config/helpers.go @@ -11,6 +11,7 @@ import ( ign3types "github.com/coreos/ignition/v2/config/v3_4/types" "github.com/imdario/mergo" osev1 "github.com/openshift/api/config/v1" + "github.com/openshift/library-go/pkg/operator/configobserver/featuregates" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -18,6 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/runtime/serializer" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/yaml" "k8s.io/klog/v2" kubeletconfigv1beta1 "k8s.io/kubelet/config/v1beta1" @@ -101,6 +103,22 @@ func createNewDefaultFeatureGate() *osev1.FeatureGate { } } +func createNewDefaultFeatureGateAccess() featuregates.FeatureGateAccess { + defaultFeatures := osev1.FeatureSets[osev1.Default] + + enabled, disabled := sets.New[osev1.FeatureGateName](), sets.New[osev1.FeatureGateName]() + + for _, feature := range defaultFeatures.Enabled { + enabled.Insert(feature.FeatureGateAttributes.Name) + } + + for _, feature := range defaultFeatures.Disabled { + disabled.Insert(feature.FeatureGateAttributes.Name) + } + + return featuregates.NewHardcodedFeatureGateAccess(sets.List(enabled), sets.List(disabled)) +} + func createNewDefaultNodeconfig() *osev1.Node { return &osev1.Node{ ObjectMeta: metav1.ObjectMeta{ diff --git a/pkg/controller/kubelet-config/kubelet_config_bootstrap_test.go b/pkg/controller/kubelet-config/kubelet_config_bootstrap_test.go index 083a37405e..065c4eed16 100644 --- a/pkg/controller/kubelet-config/kubelet_config_bootstrap_test.go +++ b/pkg/controller/kubelet-config/kubelet_config_bootstrap_test.go @@ -5,9 +5,7 @@ import ( "testing" configv1 "github.com/openshift/api/config/v1" - osev1 "github.com/openshift/api/config/v1" mcfgv1 "github.com/openshift/api/machineconfiguration/v1" - "github.com/openshift/library-go/pkg/operator/configobserver/featuregates" ctrlcommon "github.com/openshift/machine-config-operator/pkg/controller/common" "github.com/openshift/machine-config-operator/test/helpers" "github.com/stretchr/testify/require" @@ -76,7 +74,7 @@ func TestRunKubeletBootstrap(t *testing.T) { }, } - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() mcs, err := RunKubeletBootstrap("../../../templates", cfgs, cc, fgAccess, nil, pools) require.NoError(t, err) require.Len(t, mcs, len(cfgs)) @@ -201,7 +199,8 @@ func TestAddKubeletCfgAfterBootstrapKubeletCfg(t *testing.T) { for _, platform := range []configv1.PlatformType{configv1.AWSPlatformType, configv1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) diff --git a/pkg/controller/kubelet-config/kubelet_config_controller_test.go b/pkg/controller/kubelet-config/kubelet_config_controller_test.go index 9e644f2c64..674641fa92 100644 --- a/pkg/controller/kubelet-config/kubelet_config_controller_test.go +++ b/pkg/controller/kubelet-config/kubelet_config_controller_test.go @@ -420,7 +420,7 @@ func TestKubeletConfigCreate(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -455,7 +455,7 @@ func TestKubeletConfigMultiCreate(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -505,7 +505,7 @@ func TestKubeletConfigAutoSizingReserved(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -549,7 +549,7 @@ func TestKubeletConfiglogFile(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -592,7 +592,7 @@ func TestKubeletConfigUpdates(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -749,7 +749,7 @@ func TestKubeletFeatureExists(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "Unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -893,7 +893,7 @@ func TestKubeletConfigResync(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -958,7 +958,7 @@ func TestAddAnnotationExistingKubeletConfig(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -1025,7 +1025,7 @@ func TestCleanUpDuplicatedMC(t *testing.T) { for _, platform := range []osev1.PlatformType{osev1.AWSPlatformType, osev1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) mcp := helpers.NewMachineConfigPool("master", nil, helpers.MasterSelector, "v0") diff --git a/pkg/controller/kubelet-config/kubelet_config_features.go b/pkg/controller/kubelet-config/kubelet_config_features.go index 0a12939314..38fbe862e6 100644 --- a/pkg/controller/kubelet-config/kubelet_config_features.go +++ b/pkg/controller/kubelet-config/kubelet_config_features.go @@ -203,6 +203,17 @@ func generateKubeConfigIgnFromFeatures(cc *mcfgv1.ControllerConfig, templatesDir updateOriginalKubeConfigwithNodeConfig(nodeConfig, originalKubeConfig) } + defaultFeatures, err := generateFeatureMap(createNewDefaultFeatureGateAccess(), openshiftOnlyFeatureGates...) + if err != nil { + return nil, err + } + + // Check to see if configured FeatureGates are equivalent to the Default FeatureSet. + if reflect.DeepEqual(originalKubeConfig.FeatureGates, *defaultFeatures) { + // When there is no difference, this isn't an error, but no machine config should be created + return nil, nil + } + // Encode the new config into raw JSON cfgIgn, err := kubeletConfigToIgnFile(originalKubeConfig) if err != nil { diff --git a/pkg/controller/kubelet-config/kubelet_config_features_test.go b/pkg/controller/kubelet-config/kubelet_config_features_test.go index ee37eb36b3..8ad0281203 100644 --- a/pkg/controller/kubelet-config/kubelet_config_features_test.go +++ b/pkg/controller/kubelet-config/kubelet_config_features_test.go @@ -25,36 +25,42 @@ func TestFeatureGateDrift(t *testing.T) { cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) f.ccLister = append(f.ccLister, cc) - features := &osev1.FeatureGate{ - ObjectMeta: metav1.ObjectMeta{ - Name: ctrlcommon.ClusterFeatureInstanceName, - }, - Spec: osev1.FeatureGateSpec{ - FeatureGateSelection: osev1.FeatureGateSelection{ - FeatureSet: osev1.CustomNoUpgrade, - CustomNoUpgrade: &osev1.CustomFeatureGates{ - Enabled: []osev1.FeatureGateName{"CSIMigration"}, - Disabled: []osev1.FeatureGateName{"DisableKubeletCloudCredentialProviders"}, - }, - }, - }, - } - fgAccess := featuregates.NewHardcodedFeatureGateAccess(features.Spec.FeatureGateSelection.CustomNoUpgrade.Enabled, features.Spec.FeatureGateSelection.CustomNoUpgrade.Disabled) + fgAccess := createNewDefaultFeatureGateAccess() ctrl := f.newController(fgAccess) - // Generate kubelet config with feature gates applied - kubeletConfig, err := generateOriginalKubeletConfigWithFeatureGates(cc, ctrl.templatesDir, "master", fgAccess) + kubeletConfig, err := generateOriginalKubeletConfigIgn(cc, ctrl.templatesDir, "master") + if err != nil { + t.Errorf("could not generate kubelet config from templates %v", err) + } + contents, err := ctrlcommon.DecodeIgnitionFileContents(kubeletConfig.Contents.Source, kubeletConfig.Contents.Compression) require.NoError(t, err) - - t.Logf("Generated Kubelet Config Feature Gates: %v", kubeletConfig.FeatureGates) - - defaultFeatureGates, err := generateFeatureMap(fgAccess) + originalKubeConfig, err := decodeKubeletConfig(contents) require.NoError(t, err) - t.Logf("Expected Feature Gates: %v", *defaultFeatureGates) - - if !reflect.DeepEqual(kubeletConfig.FeatureGates, *defaultFeatureGates) { - t.Errorf("Generated kubelet configuration feature gates do not match expected feature gates: generated=%v, expected=%v", kubeletConfig.FeatureGates, *defaultFeatureGates) + defaultFeatureGates, err := generateFeatureMap(fgAccess) + if err != nil { + t.Errorf("could not generate defaultFeatureGates: %v", err) + } + if !reflect.DeepEqual(originalKubeConfig.FeatureGates, *defaultFeatureGates) { + var found = map[string]bool{} + for featureGate := range originalKubeConfig.FeatureGates { + for apiGate := range *defaultFeatureGates { + if featureGate == apiGate { + found[apiGate] = true + } + } + } + for featureGate := range originalKubeConfig.FeatureGates { + if _, ok := found[featureGate]; !ok { + t.Logf("%s is not present in api", featureGate) + } + } + for featureGate := range *defaultFeatureGates { + if _, ok := found[featureGate]; !ok { + t.Logf("%s is not present in template", featureGate) + } + } + t.Errorf("template FeatureGates do not match openshift/api FeatureGates: (tmpl=[%v], api=[%v]", originalKubeConfig.FeatureGates, defaultFeatureGates) } }) } @@ -64,7 +70,7 @@ func TestFeaturesDefault(t *testing.T) { for _, platform := range []configv1.PlatformType{configv1.AWSPlatformType, configv1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"CSIMigration"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -93,11 +99,9 @@ func TestFeaturesDefault(t *testing.T) { f.expectGetMachineConfigAction(mcs) f.expectGetMachineConfigAction(mcsDeprecated) f.expectGetMachineConfigAction(mcs) - f.expectCreateMachineConfigAction(mcs) f.expectGetMachineConfigAction(mcs2) f.expectGetMachineConfigAction(mcs2Deprecated) f.expectGetMachineConfigAction(mcs2) - f.expectCreateMachineConfigAction(mcs2) f.runFeature(getKeyFromFeatureGate(features, t), fgAccess) }) @@ -120,6 +124,8 @@ func TestFeaturesCustomNoUpgrade(t *testing.T) { }, }, } + + // Ensure the FG Access matches the feature gate. fgAccess := featuregates.NewHardcodedFeatureGateAccess(features.Spec.FeatureGateSelection.CustomNoUpgrade.Enabled, features.Spec.FeatureGateSelection.CustomNoUpgrade.Disabled) f := newFixture(t) @@ -162,18 +168,19 @@ func TestFeaturesCustomNoUpgrade(t *testing.T) { func TestBootstrapFeaturesDefault(t *testing.T) { for _, platform := range []configv1.PlatformType{configv1.AWSPlatformType, configv1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { + cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) mcp := helpers.NewMachineConfigPool("master", nil, helpers.MasterSelector, "v0") mcp2 := helpers.NewMachineConfigPool("worker", nil, helpers.WorkerSelector, "v0") mcps := []*mcfgv1.MachineConfigPool{mcp, mcp2} - fgAccess := featuregates.NewHardcodedFeatureGateAccess(nil, nil) + fgAccess := createNewDefaultFeatureGateAccess() mcs, err := RunFeatureGateBootstrap("../../../templates", fgAccess, nil, cc, mcps) if err != nil { t.Errorf("could not run feature gate bootstrap: %v", err) } - if len(mcs) == 0 { + if len(mcs) > 0 { t.Errorf("expected no machine config generated with the default feature gate, got %d configs", len(mcs)) } }) @@ -208,21 +215,7 @@ func TestBootstrapFeaturesCustomNoUpgrade(t *testing.T) { originalKubeConfig, err := decodeKubeletConfig(conf) require.NoError(t, err) - features := &osev1.FeatureGate{ - ObjectMeta: metav1.ObjectMeta{ - Name: ctrlcommon.ClusterFeatureInstanceName, - }, - Spec: osev1.FeatureGateSpec{ - FeatureGateSelection: osev1.FeatureGateSelection{ - FeatureSet: osev1.CustomNoUpgrade, - CustomNoUpgrade: &osev1.CustomFeatureGates{ - Enabled: []osev1.FeatureGateName{"AlibabaPlatform"}, - }, - }, - }, - } - - fgAccess := featuregates.NewHardcodedFeatureGateAccess(features.Spec.FeatureGateSelection.CustomNoUpgrade.Enabled, features.Spec.FeatureGateSelection.CustomNoUpgrade.Disabled) + fgAccess := createNewDefaultFeatureGateAccess() defaultFeatureGates, err := generateFeatureMap(fgAccess) if err != nil { t.Errorf("could not generate defaultFeatureGates: %v", err) @@ -255,6 +248,7 @@ func TestFeaturesCustomNoUpgradeRemoveUnmanagedMC(t *testing.T) { }, } + // Ensure the FG Access matches the feature gate. fgAccess := featuregates.NewHardcodedFeatureGateAccess(features.Spec.FeatureGateSelection.CustomNoUpgrade.Enabled, features.Spec.FeatureGateSelection.CustomNoUpgrade.Disabled) f := newFixture(t) @@ -288,6 +282,7 @@ func TestFeaturesCustomNoUpgradeRemoveUnmanagedMC(t *testing.T) { f.featLister = append(f.featLister, features) c := f.newController(fgAccess) + // Ensure the FG Access matches the feature gate. c.featureGateAccess = featuregates.NewHardcodedFeatureGateAccess(features.Spec.FeatureGateSelection.CustomNoUpgrade.Enabled, features.Spec.FeatureGateSelection.CustomNoUpgrade.Disabled) mcCustom, err := c.client.MachineconfigurationV1().MachineConfigs().Create(context.TODO(), mcs3, metav1.CreateOptions{}) diff --git a/pkg/controller/kubelet-config/kubelet_config_nodes_test.go b/pkg/controller/kubelet-config/kubelet_config_nodes_test.go index 93e3bc02cc..1a2a2a7353 100644 --- a/pkg/controller/kubelet-config/kubelet_config_nodes_test.go +++ b/pkg/controller/kubelet-config/kubelet_config_nodes_test.go @@ -10,7 +10,6 @@ import ( configv1 "github.com/openshift/api/config/v1" osev1 "github.com/openshift/api/config/v1" mcfgv1 "github.com/openshift/api/machineconfiguration/v1" - "github.com/openshift/library-go/pkg/operator/configobserver/featuregates" ctrlcommon "github.com/openshift/machine-config-operator/pkg/controller/common" "github.com/openshift/machine-config-operator/test/helpers" "github.com/stretchr/testify/require" @@ -25,7 +24,7 @@ func TestOriginalKubeletConfigDefaultNodeConfig(t *testing.T) { cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) f.ccLister = append(f.ccLister, cc) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() ctrl := f.newController(fgAccess) kubeletConfig, err := generateOriginalKubeletConfigIgn(cc, ctrl.templatesDir, "master") @@ -48,7 +47,7 @@ func TestNodeConfigDefault(t *testing.T) { for _, platform := range []configv1.PlatformType{configv1.AWSPlatformType, configv1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) @@ -112,7 +111,7 @@ func TestBootstrapNodeConfigDefault(t *testing.T) { mcp1 := helpers.NewMachineConfigPool("worker", nil, helpers.WorkerSelector, "v0") mcps := []*mcfgv1.MachineConfigPool{mcp} mcps = append(mcps, mcp1) - fgAccess := featuregates.NewHardcodedFeatureGateAccess([]osev1.FeatureGateName{"AlibabaPlatform"}, nil) + fgAccess := createNewDefaultFeatureGateAccess() for _, configNode := range []*osev1.Node{configNodeCgroupDefault, configNodeCgroupV1, configNodeCgroupV2} { expect := expected[configNode] @@ -154,20 +153,7 @@ func TestNodeConfigCustom(t *testing.T) { for _, platform := range []configv1.PlatformType{configv1.AWSPlatformType, configv1.NonePlatformType, "unrecognized"} { t.Run(string(platform), func(t *testing.T) { f := newFixture(t) - features := &osev1.FeatureGate{ - ObjectMeta: metav1.ObjectMeta{ - Name: ctrlcommon.ClusterFeatureInstanceName, - }, - Spec: osev1.FeatureGateSpec{ - FeatureGateSelection: osev1.FeatureGateSelection{ - FeatureSet: osev1.CustomNoUpgrade, - CustomNoUpgrade: &osev1.CustomFeatureGates{ - Enabled: []osev1.FeatureGateName{"CSIMigration"}, - }, - }, - }, - } - fgAccess := featuregates.NewHardcodedFeatureGateAccess(features.Spec.FeatureGateSelection.CustomNoUpgrade.Enabled, features.Spec.FeatureGateSelection.CustomNoUpgrade.Disabled) + fgAccess := createNewDefaultFeatureGateAccess() f.newController(fgAccess) cc := newControllerConfig(ctrlcommon.ControllerConfigName, platform) diff --git a/templates/master/01-master-kubelet/_base/files/kubelet.yaml b/templates/master/01-master-kubelet/_base/files/kubelet.yaml index 8861324b22..5a3d7c3391 100644 --- a/templates/master/01-master-kubelet/_base/files/kubelet.yaml +++ b/templates/master/01-master-kubelet/_base/files/kubelet.yaml @@ -27,6 +27,21 @@ contents: systemCgroups: /system.slice nodeStatusUpdateFrequency: 10s nodeStatusReportFrequency: 5m + featureGates: + AlibabaPlatform: true + AzureWorkloadIdentity: true + BuildCSIVolumes: true + CloudDualStackNodeIPs: true + DisableKubeletCloudCredentialProviders: false + ExternalCloudProvider: true + ExternalCloudProviderAzure: true + ExternalCloudProviderGCP: true + ExternalCloudProviderExternal: true + KMSv1: true + NetworkLiveMigration: true + OpenShiftPodSecurityAdmission: true + PrivateHostedZoneAWS: true + VSphereControlPlaneMachineSet: true serverTLSBootstrap: true tlsMinVersion: VersionTLS12 tlsCipherSuites: diff --git a/templates/worker/01-worker-kubelet/_base/files/kubelet.yaml b/templates/worker/01-worker-kubelet/_base/files/kubelet.yaml index 8861324b22..5a3d7c3391 100644 --- a/templates/worker/01-worker-kubelet/_base/files/kubelet.yaml +++ b/templates/worker/01-worker-kubelet/_base/files/kubelet.yaml @@ -27,6 +27,21 @@ contents: systemCgroups: /system.slice nodeStatusUpdateFrequency: 10s nodeStatusReportFrequency: 5m + featureGates: + AlibabaPlatform: true + AzureWorkloadIdentity: true + BuildCSIVolumes: true + CloudDualStackNodeIPs: true + DisableKubeletCloudCredentialProviders: false + ExternalCloudProvider: true + ExternalCloudProviderAzure: true + ExternalCloudProviderGCP: true + ExternalCloudProviderExternal: true + KMSv1: true + NetworkLiveMigration: true + OpenShiftPodSecurityAdmission: true + PrivateHostedZoneAWS: true + VSphereControlPlaneMachineSet: true serverTLSBootstrap: true tlsMinVersion: VersionTLS12 tlsCipherSuites: diff --git a/test/e2e-bootstrap/bootstrap_test.go b/test/e2e-bootstrap/bootstrap_test.go index c00c76f90c..93c21ef7ff 100644 --- a/test/e2e-bootstrap/bootstrap_test.go +++ b/test/e2e-bootstrap/bootstrap_test.go @@ -12,11 +12,12 @@ import ( ign3types "github.com/coreos/ignition/v2/config/v3_2/types" "github.com/ghodss/yaml" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + configv1 "github.com/openshift/api/config/v1" - _ "github.com/openshift/api/config/v1/zz_generated.crd-manifests" mcfgv1 "github.com/openshift/api/machineconfiguration/v1" apioperatorsv1alpha1 "github.com/openshift/api/operator/v1alpha1" - _ "github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests" featuregatescontroller "github.com/openshift/cluster-config-operator/pkg/operator/featuregates" "github.com/openshift/machine-config-operator/internal/clients" "github.com/openshift/machine-config-operator/pkg/controller/bootstrap" @@ -29,8 +30,6 @@ import ( "github.com/openshift/machine-config-operator/pkg/version" "github.com/openshift/machine-config-operator/test/framework" "github.com/openshift/machine-config-operator/test/helpers" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -61,7 +60,6 @@ type fixture struct { } func TestE2EBootstrap(t *testing.T) { - ctx := context.Background() testEnv := framework.NewTestEnv(t) @@ -552,7 +550,6 @@ func createClusterVersion(t *testing.T, clientSet *framework.ClientSet, objs ... // correct status to allow the controllers to proceed. func ensureFeatureGate(t *testing.T, clientSet *framework.ClientSet, objs ...runtime.Object) { ctx := context.Background() - var controllerConfig *mcfgv1.ControllerConfig for _, obj := range objs { if cc, ok := obj.(*mcfgv1.ControllerConfig); ok { @@ -569,19 +566,8 @@ func ensureFeatureGate(t *testing.T, clientSet *framework.ClientSet, objs ...run t.Fatal("FeatureGate cluster not found, bootstrap data should contain at least 1 FeatureGate") } - currentFeatureSet := currentFg.Spec.FeatureSet - - SelfManaged := configv1.ClusterProfileName("include.release.openshift.io/self-managed-high-availability") - if err != nil { - t.Fatalf("Error retrieving current feature gates: %v", err) - } - featureGateEnabledDisabled, err := configv1.FeatureSets(configv1.ClusterProfileName(SelfManaged), currentFeatureSet) - require.NoError(t, err) - - featureSetMap := map[configv1.FeatureSet]*configv1.FeatureGateEnabledDisabled{ - currentFeatureSet: featureGateEnabledDisabled, - } - currentDetails, err := featuregatescontroller.FeaturesGateDetailsFromFeatureSets(featureSetMap, currentFg, controllerConfig.Spec.ReleaseImage) + // Set up the current controllerconfig image with the current feature gate selection. + currentDetails, err := featuregatescontroller.FeaturesGateDetailsFromFeatureSets(configv1.FeatureSets, currentFg, controllerConfig.Spec.ReleaseImage) require.NoError(t, err) rawDetails := *currentDetails diff --git a/test/framework/envtest.go b/test/framework/envtest.go index 1fc548cc29..39dec7dad6 100644 --- a/test/framework/envtest.go +++ b/test/framework/envtest.go @@ -112,8 +112,6 @@ func NewTestEnv(t *testing.T) *envtest.Environment { filepath.Join("..", "..", "manifests", "controllerconfig.crd.yaml"), filepath.Join("..", "..", "vendor", "github.com", "openshift", "api", "config", "v1"), filepath.Join("..", "..", "vendor", "github.com", "openshift", "api", "operator", "v1alpha1"), - filepath.Join("..", "..", "vendor", "github.com", "openshift", "api", "config", "v1", "zz_generated.crd-manifests"), - filepath.Join("..", "..", "vendor", "github.com", "openshift", "api", "operator", "v1alpha1", "zz_generated.crd-manifests"), }, CleanUpAfterUse: true, }, diff --git a/tools.go b/tools.go index d3ca20b061..bab77e85d0 100644 --- a/tools.go +++ b/tools.go @@ -7,9 +7,6 @@ package tools import ( _ "github.com/golangci/golangci-lint/cmd/golangci-lint" // Code generators built at runtime. - _ "github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests" - _ "github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests" - _ "github.com/openshift/api/operator/v1/zz_generated.crd-manifests" _ "k8s.io/code-generator" // TODO: Investigate why scripts in this directory are removed and not vendored by go mod. _ "k8s.io/code-generator/cmd/client-gen" _ "k8s.io/code-generator/cmd/conversion-gen" diff --git a/vendor/github.com/openshift/api/README.md b/vendor/github.com/openshift/api/README.md index ce497ea6ed..3d13b8c985 100644 --- a/vendor/github.com/openshift/api/README.md +++ b/vendor/github.com/openshift/api/README.md @@ -3,55 +3,6 @@ The canonical location of the OpenShift API definition. This repo holds the API type definitions and serialization code used by [openshift/client-go](https://github.com/openshift/client-go) APIs in this repo ship inside OCP payloads. -## Adding new FeatureGates -Add your FeatureGate to feature_gates.go. -The threshold for merging a fully disabled or TechPreview FeatureGate is an open enhancement. -To promote to Default on any ClusterProfile, the threshold is 99% passing tests on all platforms or QE sign off. - -### Adding new TechPreview FeatureGate to all ClusterProfiles (Hypershift and SelfManaged) -```go -FeatureGateMyFeatureName = newFeatureGate("MyFeatureName"). - reportProblemsToJiraComponent("my-jira-component"). - contactPerson("my-team-lead"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() -``` - -### Adding new TechPreview FeatureGate to all only Hypershift -This will be enabled in TechPreview on Hypershift, but never enabled on SelfManaged -```go -FeatureGateMyFeatureName = newFeatureGate("MyFeatureName"). - reportProblemsToJiraComponent("my-jira-component"). - contactPerson("my-team-lead"). - productScope(ocpSpecific). - enableForClusterProfile(Hypershift, TechPreviewNoUpgrade). - mustRegister() -``` - -### Promoting to Default, but only on Hypershift -This will be enabled in TechPreview on all ClusterProfiles and also by Default on Hypershift. -It will be disabled in Default on SelfManaged. -```go -FeatureGateMyFeatureName = newFeatureGate("MyFeatureName"). - reportProblemsToJiraComponent("my-jira-component"). - contactPerson("my-team-lead"). - productScope([ocpSpecific|kubernetes]). - enableIn(TechPreviewNoUpgrade). - enableForClusterProfile(Hypershift, Default). - mustRegister() -``` - -### Promoting to Default on all ClusterProfiles -```go -FeatureGateMyFeatureName = newFeatureGate("MyFeatureName"). - reportProblemsToJiraComponent("my-jira-component"). - contactPerson("my-team-lead"). - productScope([ocpSpecific|kubernetes]). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() -``` - ## defining new APIs When defining a new API, please follow [the OpenShift API @@ -59,90 +10,6 @@ conventions](https://github.com/openshift/enhancements/blob/master/CONVENTIONS.m and then follow the instructions below to regenerate CRDs (if necessary) and submit a pull request with your new API definitions and generated files. -### Adding a new stable API (v1) -When copying, it matters which `// +foo` markers are two comments blocks up and which are one comment block up. - -```go -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// the next line of whitespace matters - -// MyAPI is amazing, let me describe it! -// -// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +openshift:compatibility-gen:level=1 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=my-operator,operatorOrdering=01 -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=myapis,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/ -// +openshift:capability=IfYouHaveOne -// +kubebuilder:printcolumn:name=Column Name,JSONPath=.status.something,type=string,description=how users should interpret this. -// +kubebuilder:metadata:annotations=key=value -// +kubebuilder:metadata:labels=key=value -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true -// +kubebuilder:validation:XValidation:rule= -type MyAPI struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec is the desired state of the cluster version - the operator will work - // to ensure that the desired version is applied to the cluster. - // +kubebuilder:validation:Required - Spec MyAPISpec `json:"spec"` - // status contains information about the available updates and any in-progress - // updates. - // +optional - Status MyAPIStatus `json:"status"` -} - -``` - -### Adding a new unstable API (v1alpha) -First, add a FeatureGate as described above. - -Like above, but there's an additional - -```go -// +kubebuilder:validation:XValidation:rule= -// +openshift:enable:FeatureGate=MyFeatureGate -type MyAPI struct { - ... -} -``` - -### Adding new fields -Here are few other use-cases for convenience, but have a look in `./example` for other possibilities. - - -```go -// +openshift:validation:FeatureGateAwareXValidation:featureGate=MyFeatureGate,rule="has(oldSelf.coolNewField) ? has(self.coolNewField) : true",message="coolNewField may not be removed once set" -type MyAPI struct { - // +openshift:enable:FeatureGate=MyFeatureGate - // +optional - CoolNewField string `json:"coolNewField"` -} - -// EvolvingDiscriminator defines the audit policy profile type. -// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum="";StableValue -// +openshift:validation:FeatureGateAwareEnum:featureGate=MyFeatureGate,enum="";StableValue;TechPreviewOnlyValue -type EvolvingDiscriminator string - -const ( - // "StableValue" is always present. - StableValue EvolvingDiscriminator = "StableValue" - - // "TechPreviewOnlyValue" should only be allowed when TechPreviewNoUpgrade is set in the cluster - TechPreviewOnlyValue EvolvingDiscriminator = "TechPreviewOnlyValue" -) - -``` - - ### required labels In addition to the standard `lgtm` and `approved` labels this repository requires either: @@ -211,60 +78,13 @@ After this, calling `make update-codegen-crds` should generate a new structural For more information on the API markers to add to your Go types, see the [Kubebuilder book](https://book.kubebuilder.io/reference/markers.html) -### Order of generation -`make update-codegen-crds` does roughly this: - -1. Run the `empty-partial-schema` tool. This creates empty CRD manifests in `zz_generated.featuregated-crd-manifests` for each FeatureGate. -2. Run the `schemapatch` tool. This fills in the schema for each per-FeatureGate CRD manifest. -3. Run the `manifest-merge` tool. This combines all the per-FeatureGate CRD manifests and `manual-overrides` - -#### empty-partial-schema -This tool is gengo based and scans all types for a `// +kubebuilder:object:root=true` marker. -For each type match, the type is navigated and all tags that include a `featureGate` -(`// +openshift:enable:FeatureGate`, `// +openshift:validation:FeatureGateAwareEnum`, and `// +openshift:validation:FeatureGateAwareXValidation`) -are tracked. -For each type, for each FeatureGate, a file CRD manifest is created in `zz_generated.featuregated-crd-manifests`. -The most common kube-builder tags are re-implemented in this stage to fill in the non-schema portion of the CRD manifests. -This includes things like metadata, resource, and some custom openshift tags as well. - -The generator ignores the schema when doing verify, so it doesn't fail on needing to run `schemapatch`. -The generator should clean up old FeatureGated manifests when the gate is removed. -Ungated files are created for resources that are sometimes ungated. -Annotations are injected to indicate which FeatureGate a manifest is for: this is later read by `schemapatch` and `manifest-merge`. - -#### schemapatch -This tool is kubebuilder based with patches to handle FeatureGated types, members, and validation. -It reads the injected annotation from `empty-partial-schema` to decide which FeatureGate should be considered enabled when -creating the schema that needs to be injected. -It has no knowledge of whether the FeatureGate is enabled or disabled in particular ClusterProfile,FeatureSet tuples. -It only needs a single pass over all the FeatureGated partial manifests. - -If the schema generation isn't doing what you want, `manual-override-crd-manifests` allows partially overlaying bits of the CRD manifest. -`yamlpatch` is no longer supported. -The format is just "write the CRD you want and delete the stuff the generator sets properly". -More specifically, it is the partial manifest that server-side-apply (structured merge diff) would properly merge on top of -the CRD that is generated otherwise. -Caveat, you cannot test this with a kube-apiserver because the CRD schema uses atomic lists and we had to patch that -schema to indicate map lists keyed by version. - -#### manifest-merge -This tool is gengo based and it combines the files in `zz_generated.featuregated-crd-manifests` and `manual-override-crd-manifests` -on a per ClusterProfile,FeatureSet tuple. -This tool takes as input all possible ClusterProfiles and all possible FeatureSets. -It then maps from ClusterProfile,FeatureSet tuple to the set of enabled and disabled FeatureGates. -Then for each CRD,ClusterProfile,Feature tuple, it merges the pertinent input using structured-merge-diff (SSA) logic -based on the CRD schema plus a patch to make atomic fields map-lists. -Pertinence is determined based on -1. does this manifest have preferred ClusterProfile annotations: if so, honor them; if not, include everywhere. -2. does this manifest have FeatureGate annotations: if so, match against the enabled set for the ClusterProfile,FeatureSet tuple. - Note that CustomNoUpgrade selects everything +### Post-schema-generation Patches -Once we have CRD for each ClusterProfile,FeatureSet tuple we choose what to serialize. -This roughly follows: -1. if all the CRDs are the same, write a single file and annotate with no FeatureSet and every ClusterProfile. Done. -2. if all the CRDs are the same across all ClusterProfiles for each FeatureSet, create one file per FeatureSet and - annotate with one FeatureSet and all ClusterProfiles. Done. -3. if all the CRDs are the same across all FeatureSets for one ClusterProfile, create one file and annotate - with no FeatureSet and one ClusterProfile. Continue to 4. -4. for all remaining ClusterProfile,FeatureSet tuples, serialize a file with one FeatureSet and one ClusterProfile. +Schema generation features might be limited or fall behind what CRD schemas supports in the latest Kubernetes version. +To work around this, there are two patch mechanisms implemented by the `add-crd-gen` target. Basic idea is that you +place a patch file next to the CRD yaml manifest with either `yaml-merge-patch` or `yaml-patch` as extension, +but with the same base name. The `update-codegen-crds` Makefile target will apply these **after** calling +kubebuilder's controller-gen: +- `yaml-merge-patch`: these are applied via `yq m -x ` compare https://mikefarah.gitbook.io/yq/commands/merge#overwrite-values. +- `yaml-patch`: these are applied via `yaml-patch -o < ` using https://github.com/krishicks/yaml-patch. diff --git a/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_apirequestcount.yaml b/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_apirequestcount.yaml new file mode 100644 index 0000000000..c5a96ac0c3 --- /dev/null +++ b/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_apirequestcount.yaml @@ -0,0 +1,328 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/897 + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: apirequestcounts.apiserver.openshift.io +spec: + group: apiserver.openshift.io + names: + kind: APIRequestCount + listKind: APIRequestCountList + plural: apirequestcounts + singular: apirequestcount + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Release in which an API will be removed. + jsonPath: .status.removedInRelease + name: RemovedInRelease + type: string + - description: Number of requests in the current hour. + jsonPath: .status.currentHour.requestCount + name: RequestsInCurrentHour + type: integer + - description: Number of requests in the last 24h. + jsonPath: .status.requestCount + name: RequestsInLast24h + type: integer + name: v1 + schema: + openAPIV3Schema: + description: "APIRequestCount tracks requests made to an API. The instance + name must be of the form `resource.version.group`, matching the resource. + \n Compatibility level 1: Stable within a major release for a minimum of + 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec defines the characteristics of the resource. + properties: + numberOfUsersToReport: + default: 10 + description: numberOfUsersToReport is the number of users to include + in the report. If unspecified or zero, the default is ten. This + is default is subject to change. + format: int64 + maximum: 100 + minimum: 0 + type: integer + type: object + status: + description: status contains the observed state of the resource. + properties: + conditions: + description: conditions contains details of the current status of + this API Resource. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + currentHour: + description: currentHour contains request history for the current + hour. This is porcelain to make the API easier to read by humans + seeing if they addressed a problem. This field is reset on the hour. + properties: + byNode: + description: byNode contains logs of requests per node. + items: + description: PerNodeAPIRequestLog contains logs of requests + to a certain node. + properties: + byUser: + description: byUser contains request details by top .spec.numberOfUsersToReport + users. Note that because in the case of an apiserver, + restart the list of top users is determined on a best-effort + basis, the list might be imprecise. In addition, some + system users may be explicitly included in the list. + items: + description: PerUserAPIRequestCount contains logs of a + user's requests. + properties: + byVerb: + description: byVerb details by verb. + items: + description: PerVerbAPIRequestCount requestCounts + requests by API request verb. + properties: + requestCount: + description: requestCount of requests for verb. + format: int64 + minimum: 0 + type: integer + verb: + description: verb of API request (get, list, + create, etc...) + maxLength: 20 + type: string + type: object + maxItems: 10 + type: array + requestCount: + description: requestCount of requests by the user + across all verbs. + format: int64 + minimum: 0 + type: integer + userAgent: + description: userAgent that made the request. The + same user often has multiple binaries which connect + (pods with many containers). The different binaries + will have different userAgents, but the same user. In + addition, we have userAgents with version information + embedded and the userName isn't likely to change. + maxLength: 1024 + type: string + username: + description: userName that made the request. + maxLength: 512 + type: string + type: object + maxItems: 500 + type: array + nodeName: + description: nodeName where the request are being handled. + maxLength: 512 + minLength: 1 + type: string + requestCount: + description: requestCount is a sum of all requestCounts + across all users, even those outside of the top 10 users. + format: int64 + minimum: 0 + type: integer + type: object + maxItems: 512 + type: array + requestCount: + description: requestCount is a sum of all requestCounts across + nodes. + format: int64 + minimum: 0 + type: integer + type: object + last24h: + description: last24h contains request history for the last 24 hours, + indexed by the hour, so 12:00AM-12:59 is in index 0, 6am-6:59am + is index 6, etc. The index of the current hour is updated live and + then duplicated into the requestsLastHour field. + items: + description: PerResourceAPIRequestLog logs request for various nodes. + properties: + byNode: + description: byNode contains logs of requests per node. + items: + description: PerNodeAPIRequestLog contains logs of requests + to a certain node. + properties: + byUser: + description: byUser contains request details by top .spec.numberOfUsersToReport + users. Note that because in the case of an apiserver, + restart the list of top users is determined on a best-effort + basis, the list might be imprecise. In addition, some + system users may be explicitly included in the list. + items: + description: PerUserAPIRequestCount contains logs of + a user's requests. + properties: + byVerb: + description: byVerb details by verb. + items: + description: PerVerbAPIRequestCount requestCounts + requests by API request verb. + properties: + requestCount: + description: requestCount of requests for + verb. + format: int64 + minimum: 0 + type: integer + verb: + description: verb of API request (get, list, + create, etc...) + maxLength: 20 + type: string + type: object + maxItems: 10 + type: array + requestCount: + description: requestCount of requests by the user + across all verbs. + format: int64 + minimum: 0 + type: integer + userAgent: + description: userAgent that made the request. The + same user often has multiple binaries which connect + (pods with many containers). The different binaries + will have different userAgents, but the same user. In + addition, we have userAgents with version information + embedded and the userName isn't likely to change. + maxLength: 1024 + type: string + username: + description: userName that made the request. + maxLength: 512 + type: string + type: object + maxItems: 500 + type: array + nodeName: + description: nodeName where the request are being handled. + maxLength: 512 + minLength: 1 + type: string + requestCount: + description: requestCount is a sum of all requestCounts + across all users, even those outside of the top 10 users. + format: int64 + minimum: 0 + type: integer + type: object + maxItems: 512 + type: array + requestCount: + description: requestCount is a sum of all requestCounts across + nodes. + format: int64 + minimum: 0 + type: integer + type: object + maxItems: 24 + type: array + removedInRelease: + description: removedInRelease is when the API will be removed. + maxLength: 64 + minLength: 0 + pattern: ^[0-9][0-9]*\.[0-9][0-9]*$ + type: string + requestCount: + description: requestCount is a sum of all requestCounts across all + current hours, nodes, and users. + format: int64 + minimum: 0 + type: integer + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/apiserver/v1/stable.apirequestcount.testsuite.yaml b/vendor/github.com/openshift/api/apiserver/v1/stable.apirequestcount.testsuite.yaml index db9bf53e85..f1e61eaff2 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/stable.apirequestcount.testsuite.yaml +++ b/vendor/github.com/openshift/api/apiserver/v1/stable.apirequestcount.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] API Server" -crd: kube-apiserver_apirequestcounts.crd.yaml +crd: apiserver.openshift.io_apirequestcount.yaml tests: onCreate: - name: Should be able to create a minimal RoleBindingRestriction diff --git a/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go b/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go index 1503571d11..492c48b88d 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go +++ b/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go @@ -11,6 +11,8 @@ const ( // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:scope="Cluster" +// +kubebuilder:subresource:status // +genclient:nonNamespaced // +openshift:compatibility-gen:level=1 @@ -18,16 +20,6 @@ const ( // be of the form `resource.version.group`, matching the resource. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=apirequestcounts,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/897 -// +openshift:file-pattern=operatorName=kube-apiserver -// +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true -// +kubebuilder:printcolumn:name=RemovedInRelease,JSONPath=.status.removedInRelease,type=string,description=Release in which an API will be removed. -// +kubebuilder:printcolumn:name=RequestsInCurrentHour,JSONPath=.status.currentHour.requestCount,type=integer,description=Number of requests in the current hour. -// +kubebuilder:printcolumn:name=RequestsInLast24h,JSONPath=.status.requestCount,type=integer,description=Number of requests in the last 24h. type APIRequestCount struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 9a0fd8fd56..0000000000 --- a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apirequestcounts.apiserver.openshift.io: - Annotations: - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/897 - CRDName: apirequestcounts.apiserver.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: kube-apiserver - FilenameOperatorOrdering: "" - FilenameRunLevel: "" - GroupName: apiserver.openshift.io - HasStatus: true - KindName: APIRequestCount - Labels: {} - PluralName: apirequestcounts - PrinterColumns: - - description: Release in which an API will be removed. - jsonPath: .status.removedInRelease - name: RemovedInRelease - type: string - - description: Number of requests in the current hour. - jsonPath: .status.currentHour.requestCount - name: RequestsInCurrentHour - type: integer - - description: Number of requests in the last 24h. - jsonPath: .status.requestCount - name: RequestsInLast24h - type: integer - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml b/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml new file mode 100644 index 0000000000..597a9771ed --- /dev/null +++ b/vendor/github.com/openshift/api/authorization/v1/0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml @@ -0,0 +1,215 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/470 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: rolebindingrestrictions.authorization.openshift.io +spec: + group: authorization.openshift.io + names: + kind: RoleBindingRestriction + listKind: RoleBindingRestrictionList + plural: rolebindingrestrictions + singular: rolebindingrestriction + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "RoleBindingRestriction is an object that can be matched against + a subject (user, group, or service account) to determine whether rolebindings + on that subject are allowed in the namespace to which the RoleBindingRestriction + belongs. If any one of those RoleBindingRestriction objects matches a subject, + rolebindings on that subject in the namespace are allowed. \n Compatibility + level 1: Stable within a major release for a minimum of 12 months or 3 minor + releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the matcher. + properties: + grouprestriction: + description: GroupRestriction matches against group subjects. + nullable: true + properties: + groups: + description: Groups is a list of groups used to match against + an individual user's groups. If the user is a member of one + of the whitelisted groups, the user is allowed to be bound to + a role. + items: + type: string + nullable: true + type: array + labels: + description: Selectors specifies a list of label selectors over + group labels. + items: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nullable: true + type: array + type: object + serviceaccountrestriction: + description: ServiceAccountRestriction matches against service-account + subjects. + nullable: true + properties: + namespaces: + description: Namespaces specifies a list of literal namespace + names. + items: + type: string + type: array + serviceaccounts: + description: ServiceAccounts specifies a list of literal service-account + names. + items: + description: ServiceAccountReference specifies a service account + and namespace by their names. + properties: + name: + description: Name is the name of the service account. + type: string + namespace: + description: Namespace is the namespace of the service account. Service + accounts from inside the whitelisted namespaces are allowed + to be bound to roles. If Namespace is empty, then the + namespace of the RoleBindingRestriction in which the ServiceAccountReference + is embedded is used. + type: string + type: object + type: array + type: object + userrestriction: + description: UserRestriction matches against user subjects. + nullable: true + properties: + groups: + description: Groups specifies a list of literal group names. + items: + type: string + nullable: true + type: array + labels: + description: Selectors specifies a list of label selectors over + user labels. + items: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + nullable: true + type: array + users: + description: Users specifies a list of literal user names. + items: + type: string + type: array + type: object + type: object + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/authorization/v1/generated.proto b/vendor/github.com/openshift/api/authorization/v1/generated.proto index 4be3f6c762..7d0abe95cf 100644 --- a/vendor/github.com/openshift/api/authorization/v1/generated.proto +++ b/vendor/github.com/openshift/api/authorization/v1/generated.proto @@ -367,10 +367,6 @@ message RoleBindingList { // a subject, rolebindings on that subject in the namespace are allowed. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=rolebindingrestrictions,scope=Namespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 // +openshift:compatibility-gen:level=1 message RoleBindingRestriction { // metadata is the standard object's metadata. diff --git a/vendor/github.com/openshift/api/authorization/v1/stable.rolebindingrestriction.testsuite.yaml b/vendor/github.com/openshift/api/authorization/v1/stable.rolebindingrestriction.testsuite.yaml index bfdb8a0e37..2b82115745 100644 --- a/vendor/github.com/openshift/api/authorization/v1/stable.rolebindingrestriction.testsuite.yaml +++ b/vendor/github.com/openshift/api/authorization/v1/stable.rolebindingrestriction.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Authorization" -crd: 0000_03_config-operator_01_rolebindingrestrictions.crd.yaml +crd: 0000_03_authorization-openshift_01_rolebindingrestriction.crd.yaml tests: onCreate: - name: Should be able to create a minimal RoleBindingRestriction diff --git a/vendor/github.com/openshift/api/authorization/v1/types.go b/vendor/github.com/openshift/api/authorization/v1/types.go index 11a71e65dd..da229b3a88 100644 --- a/vendor/github.com/openshift/api/authorization/v1/types.go +++ b/vendor/github.com/openshift/api/authorization/v1/types.go @@ -532,10 +532,6 @@ type ClusterRoleList struct { // a subject, rolebindings on that subject in the namespace are allowed. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=rolebindingrestrictions,scope=Namespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 // +openshift:compatibility-gen:level=1 type RoleBindingRestriction struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/authorization/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/authorization/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 4756252b9c..0000000000 --- a/vendor/github.com/openshift/api/authorization/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,21 +0,0 @@ -rolebindingrestrictions.authorization.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/470 - CRDName: rolebindingrestrictions.authorization.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" - GroupName: authorization.openshift.io - HasStatus: false - KindName: RoleBindingRestriction - Labels: {} - PluralName: rolebindingrestrictions - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/build/OWNERS b/vendor/github.com/openshift/api/build/OWNERS index e6d19c798d..c1ece8b213 100644 --- a/vendor/github.com/openshift/api/build/OWNERS +++ b/vendor/github.com/openshift/api/build/OWNERS @@ -1,7 +1,4 @@ reviewers: - - adambkaplan - bparees - - sayan-biswas -emeritus_reviewers: - - jim-minter - gabemontero + - jim-minter diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml b/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml new file mode 100644 index 0000000000..7b6b34d17e --- /dev/null +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml @@ -0,0 +1,146 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/859 + api.openshift.io/merged-by-featuregates: "true" + name: cloudprivateipconfigs.cloud.network.openshift.io +spec: + group: cloud.network.openshift.io + names: + kind: CloudPrivateIPConfig + listKind: CloudPrivateIPConfigList + plural: cloudprivateipconfigs + singular: cloudprivateipconfig + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "CloudPrivateIPConfig performs an assignment of a private IP + address to the primary NIC associated with cloud VMs. This is done by specifying + the IP and Kubernetes node which the IP should be assigned to. This CRD + is intended to be used by the network plugin which manages the cluster network. + The spec side represents the desired state requested by the network plugin, + and the status side represents the current state that this CRD's controller + has executed. No users will have permission to modify it, and if a cluster-admin + decides to edit it for some reason, their changes will be overwritten the + next time the network plugin reconciles the object. Note: the CR's name + must specify the requested private IP address (can be IPv4 or IPv6). \n + Compatibility level 1: Stable within a major release for a minimum of 12 + months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + properties: + name: + anyOf: + - format: ipv4 + - pattern: ^[0-9a-f]{4}(\.[0-9a-f]{4}){7}$ + type: string + type: object + spec: + description: spec is the definition of the desired private IP request. + properties: + node: + description: 'node is the node name, as specified by the Kubernetes + field: node.metadata.name' + type: string + type: object + status: + description: status is the observed status of the desired private IP request. + Read-only. + properties: + conditions: + description: condition is the assignment condition of the private + IP and its status + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + node: + description: 'node is the node name, as specified by the Kubernetes + field: node.metadata.name' + type: string + required: + - conditions + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto b/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto index dc4557883f..2888a9f941 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto @@ -32,7 +32,7 @@ option go_package = "github.com/openshift/api/cloudnetwork/v1"; // +kubebuilder:subresource:status // +kubebuilder:resource:path=cloudprivateipconfigs,scope=Cluster // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/859 -// +openshift:file-pattern=operatorOrdering=001 +// +openshift:file-pattern=001-cloudprivateipconfigMARKERS.crd.yaml // +openshift:compatibility-gen:level=1 message CloudPrivateIPConfig { // metadata is the standard object's metadata. diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/stable.cloudprivateipconfig.testsuite.yaml b/vendor/github.com/openshift/api/cloudnetwork/v1/stable.cloudprivateipconfig.testsuite.yaml index 6e71ea4234..9a65ba885f 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/stable.cloudprivateipconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/stable.cloudprivateipconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Cloud Network" -crd: 001_cloudprivateipconfigs.crd.yaml +crd: 001-cloudprivateipconfig.crd.yaml tests: onCreate: - name: Should be able to create a minimal CloudPrivateIPConfig diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/types.go b/vendor/github.com/openshift/api/cloudnetwork/v1/types.go index 4c19e44c3f..33261b791a 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/types.go +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/types.go @@ -24,7 +24,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=cloudprivateipconfigs,scope=Cluster // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/859 -// +openshift:file-pattern=operatorOrdering=001 +// +openshift:file-pattern=001-cloudprivateipconfigMARKERS.crd.yaml // +openshift:compatibility-gen:level=1 type CloudPrivateIPConfig struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.featuregated-crd-manifests.yaml index 18b16994d9..cdcc33db16 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,9 +5,6 @@ cloudprivateipconfigs.cloud.network.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "001" - FilenameRunLevel: "" GroupName: cloud.network.openshift.io HasStatus: true KindName: CloudPrivateIPConfig @@ -15,7 +12,8 @@ cloudprivateipconfigs.cloud.network.openshift.io: PluralName: cloudprivateipconfigs PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 001-cloudprivateipconfigMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/config/.codegen.yaml b/vendor/github.com/openshift/api/config/.codegen.yaml index ffa2c8d9b2..c7c3be9aea 100644 --- a/vendor/github.com/openshift/api/config/.codegen.yaml +++ b/vendor/github.com/openshift/api/config/.codegen.yaml @@ -1,2 +1,10 @@ +schemapatch: swaggerdocs: commentPolicy: Warn +manifestMerge: + tupleOverrides: + - crdName: authentications.config.openshift.io + featureSet: Default + clusterProfilesToInject: + - include.release.openshift.io/self-managed-high-availability + - include.release.openshift.io/single-node-developer diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusteroperators.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusteroperators.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion-CustomNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion-CustomNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion-Default.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion-Default.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion-TechPreviewNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion-TechPreviewNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_03_config-operator_01_proxies.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_03_config-operator_01_proxies.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_03_marketplace_01_operatorhubs.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_03_marketplace-operator_01_operatorhub.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_03_marketplace_01_operatorhubs.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_03_marketplace-operator_01_operatorhub.crd.yaml index 40bd993e46..cc42ea2906 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_03_marketplace_01_operatorhubs.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_03_marketplace-operator_01_operatorhub.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" capability.openshift.io/name: marketplace include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-CustomNoUpgrade.yaml similarity index 99% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-CustomNoUpgrade.yaml index 796371ee56..60b4c25930 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-CustomNoUpgrade.yaml @@ -4,7 +4,9 @@ metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/470 api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: CustomNoUpgrade name: authentications.config.openshift.io spec: diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Hypershift.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-Default-Hypershift.yaml similarity index 99% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Hypershift.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-Default-Hypershift.yaml index b602c498b3..2cabddacf3 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Hypershift.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-Default-Hypershift.yaml @@ -3,8 +3,8 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" + release.openshift.io/feature-set: Default name: authentications.config.openshift.io spec: group: config.openshift.io diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-Default.yaml similarity index 99% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-Default.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-Default.yaml index 8439a5120a..227fac6bc3 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-Default.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-Default.yaml @@ -5,6 +5,7 @@ metadata: api-approved.openshift.io: https://github.com/openshift/api/pull/470 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: Default name: authentications.config.openshift.io spec: diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-TechPreviewNoUpgrade.yaml similarity index 99% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-TechPreviewNoUpgrade.yaml index 7911fefb76..f5de3451f9 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd-TechPreviewNoUpgrade.yaml @@ -4,7 +4,9 @@ metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/470 api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade name: authentications.config.openshift.io spec: diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_consoles.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_console.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_consoles.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_console.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_dns.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_dnses.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_dns.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_featuregates.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_featuregate.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_featuregates.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_featuregate.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagecontentpolicies.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_imagecontentpolicy.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagecontentpolicies.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_imagecontentpolicy.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagedigestmirrorsets.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_imagedigestmirrorset.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagedigestmirrorsets.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_imagedigestmirrorset.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagetagmirrorsets.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_imagetagmirrorset.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_imagetagmirrorsets.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_imagetagmirrorset.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-CustomNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-CustomNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml similarity index 94% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml index 06ee2f7121..723c94155b 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml @@ -1197,34 +1197,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer used - by the cluster on BareMetal platform which can be a - user-managed or openshift-managed load balancer that - is to be used for the OpenShift API and Ingress endpoints. - When set to OpenShiftManagedDefault the static pods - in charge of API and Ingress traffic load-balancing - defined in the machine config operator will be deployed. - When set to UserManaged these static pods will not be - deployed and it is expected that the load balancer is - configured out of band by the deployer. When omitted, - this means no opinion and the platform is left to choose - a reasonable default. The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object machineNetworks: description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. @@ -1459,34 +1431,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer used - by the cluster on Nutanix platform which can be a user-managed - or openshift-managed load balancer that is to be used - for the OpenShift API and Ingress endpoints. When set - to OpenShiftManagedDefault the static pods in charge - of API and Ingress traffic load-balancing defined in - the machine config operator will be deployed. When set - to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means - no opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object type: object openstack: description: OpenStack contains settings specific to the OpenStack @@ -1631,34 +1575,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer used - by the cluster on Ovirt platform which can be a user-managed - or openshift-managed load balancer that is to be used - for the OpenShift API and Ingress endpoints. When set - to OpenShiftManagedDefault the static pods in charge - of API and Ingress traffic load-balancing defined in - the machine config operator will be deployed. When set - to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means - no opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object nodeDNSIP: description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release.' @@ -1814,34 +1730,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer used - by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer used - by the cluster on VSphere platform which can be a user-managed - or openshift-managed load balancer that is to be used - for the OpenShift API and Ingress endpoints. When set - to OpenShiftManagedDefault the static pods in charge - of API and Ingress traffic load-balancing defined in - the machine config operator will be deployed. When set - to UserManaged these static pods will not be deployed - and it is expected that the load balancer is configured - out of band by the deployer. When omitted, this means - no opinion and the platform is left to choose a reasonable - default. The default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object machineNetworks: description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-TechPreviewNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-TechPreviewNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_ingresses.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_ingresses.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..5392f14c6e --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-CustomNoUpgrade.crd.yaml @@ -0,0 +1,284 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/470 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: networks.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + preserveUnknownFields: false + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "Network holds cluster-wide information about Network. The canonical + name is `cluster`. It is used to configure the desired network configuration, + such as: IP address pools for services/pod IPs, network plugin, etc. Please + view network.spec for an explanation on what applies when configuring this + resource. \n Compatibility level 1: Stable within a major release for a + minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration. As a general + rule, this SHOULD NOT be read directly. Instead, you should consume + the NetworkStatus, as it indicates the currently deployed configuration. + Currently, most spec fields are immutable after installation. Please + view the individual ones for further details on each. + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. This field is immutable + after installation. + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. If this field is not used by the plugin, it can be left + unset. + format: int32 + minimum: 0 + type: integer + type: object + type: array + externalIP: + description: externalIP defines configuration for controllers that + affect Service.ExternalIP. If nil, then ExternalIP is not allowed + to be set. + properties: + autoAssignCIDRs: + description: autoAssignCIDRs is a list of CIDRs from which to + automatically assign Service.ExternalIP. These are assigned + when the service is of type LoadBalancer. In general, this is + only useful for bare-metal clusters. In Openshift 3.x, this + was misleadingly called "IngressIPs". Automatically assigned + External IPs are not affected by any ExternalIPPolicy rules. + Currently, only one entry may be provided. + items: + type: string + type: array + policy: + description: policy is a set of restrictions applied to the ExternalIP + field. If nil or empty, then ExternalIP is not allowed to be + set. + properties: + allowedCIDRs: + description: allowedCIDRs is the list of allowed CIDRs. + items: + type: string + type: array + rejectedCIDRs: + description: rejectedCIDRs is the list of disallowed CIDRs. + These take precedence over allowedCIDRs. + items: + type: string + type: array + type: object + type: object + networkType: + description: 'NetworkType is the plugin that is to be deployed (e.g. + OpenShiftSDN). This should match a value that the cluster-network-operator + understands, or else no networking will be installed. Currently + supported values are: - OpenShiftSDN This field is immutable after + installation.' + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. This field is immutable after installation. + items: + type: string + type: array + serviceNodePortRange: + description: The port range allowed for Services of type NodePort. + If not specified, the default of 30000-32767 will be used. Such + Services without a NodePort specified will have one automatically + allocated from this range. This parameter can be updated after the + cluster is installed. + pattern: ^([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])-([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. If this field is not used by the plugin, it can be left + unset. + format: int32 + minimum: 0 + type: integer + type: object + type: array + clusterNetworkMTU: + description: ClusterNetworkMTU is the MTU for inter-pod networking. + type: integer + conditions: + description: 'conditions represents the observations of a network.config + current state. Known .status.conditions.type are: "NetworkTypeMigrationInProgress", + "NetworkTypeMigrationMTUReady", "NetworkTypeMigrationTargetCNIAvailable", + "NetworkTypeMigrationTargetCNIInUse" and "NetworkTypeMigrationOriginalCNIPurged"' + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + migration: + description: Migration contains the cluster network migration configuration. + properties: + mtu: + description: MTU contains the MTU migration configuration. + properties: + machine: + description: Machine contains MTU migration configuration + for the machine's uplink. + properties: + from: + description: From is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: To is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + network: + description: Network contains MTU migration configuration + for the default network. + properties: + from: + description: From is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: To is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + type: object + networkType: + description: 'NetworkType is the target plugin that is to be deployed. + Currently supported values are: OpenShiftSDN, OVNKubernetes' + enum: + - OpenShiftSDN + - OVNKubernetes + type: string + type: object + networkType: + description: NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. + items: + type: string + type: array + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_networks.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-Default.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_networks.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-Default.crd.yaml index 490bd2a7fa..d71799f595 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_networks.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-Default.crd.yaml @@ -3,10 +3,10 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: Default name: networks.config.openshift.io spec: group: config.openshift.io @@ -15,6 +15,7 @@ spec: listKind: NetworkList plural: networks singular: network + preserveUnknownFields: false scope: Cluster versions: - name: v1 diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..8ec000b89e --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,284 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/470 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: networks.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + preserveUnknownFields: false + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "Network holds cluster-wide information about Network. The canonical + name is `cluster`. It is used to configure the desired network configuration, + such as: IP address pools for services/pod IPs, network plugin, etc. Please + view network.spec for an explanation on what applies when configuring this + resource. \n Compatibility level 1: Stable within a major release for a + minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration. As a general + rule, this SHOULD NOT be read directly. Instead, you should consume + the NetworkStatus, as it indicates the currently deployed configuration. + Currently, most spec fields are immutable after installation. Please + view the individual ones for further details on each. + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. This field is immutable + after installation. + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. If this field is not used by the plugin, it can be left + unset. + format: int32 + minimum: 0 + type: integer + type: object + type: array + externalIP: + description: externalIP defines configuration for controllers that + affect Service.ExternalIP. If nil, then ExternalIP is not allowed + to be set. + properties: + autoAssignCIDRs: + description: autoAssignCIDRs is a list of CIDRs from which to + automatically assign Service.ExternalIP. These are assigned + when the service is of type LoadBalancer. In general, this is + only useful for bare-metal clusters. In Openshift 3.x, this + was misleadingly called "IngressIPs". Automatically assigned + External IPs are not affected by any ExternalIPPolicy rules. + Currently, only one entry may be provided. + items: + type: string + type: array + policy: + description: policy is a set of restrictions applied to the ExternalIP + field. If nil or empty, then ExternalIP is not allowed to be + set. + properties: + allowedCIDRs: + description: allowedCIDRs is the list of allowed CIDRs. + items: + type: string + type: array + rejectedCIDRs: + description: rejectedCIDRs is the list of disallowed CIDRs. + These take precedence over allowedCIDRs. + items: + type: string + type: array + type: object + type: object + networkType: + description: 'NetworkType is the plugin that is to be deployed (e.g. + OpenShiftSDN). This should match a value that the cluster-network-operator + understands, or else no networking will be installed. Currently + supported values are: - OpenShiftSDN This field is immutable after + installation.' + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. This field is immutable after installation. + items: + type: string + type: array + serviceNodePortRange: + description: The port range allowed for Services of type NodePort. + If not specified, the default of 30000-32767 will be used. Such + Services without a NodePort specified will have one automatically + allocated from this range. This parameter can be updated after the + cluster is installed. + pattern: ^([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])-([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. If this field is not used by the plugin, it can be left + unset. + format: int32 + minimum: 0 + type: integer + type: object + type: array + clusterNetworkMTU: + description: ClusterNetworkMTU is the MTU for inter-pod networking. + type: integer + conditions: + description: 'conditions represents the observations of a network.config + current state. Known .status.conditions.type are: "NetworkTypeMigrationInProgress", + "NetworkTypeMigrationMTUReady", "NetworkTypeMigrationTargetCNIAvailable", + "NetworkTypeMigrationTargetCNIInUse" and "NetworkTypeMigrationOriginalCNIPurged"' + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + migration: + description: Migration contains the cluster network migration configuration. + properties: + mtu: + description: MTU contains the MTU migration configuration. + properties: + machine: + description: Machine contains MTU migration configuration + for the machine's uplink. + properties: + from: + description: From is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: To is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + network: + description: Network contains MTU migration configuration + for the default network. + properties: + from: + description: From is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: To is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + type: object + networkType: + description: 'NetworkType is the target plugin that is to be deployed. + Currently supported values are: OpenShiftSDN, OVNKubernetes' + enum: + - OpenShiftSDN + - OVNKubernetes + type: string + type: object + networkType: + description: NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. + items: + type: string + type: array + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_nodes.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_node.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_nodes.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_node.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_oauths.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_oauths.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_projects.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_project.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_projects.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_project.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_schedulers-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler-CustomNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_schedulers-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler-CustomNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_schedulers-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler-Default.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_schedulers-Default.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler-Default.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_schedulers-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler-TechPreviewNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_schedulers-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_scheduler-TechPreviewNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_openshift-controller-manager_01_builds.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_openshift-controller-manager-operator_01_build.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_openshift-controller-manager_01_builds.crd.yaml rename to vendor/github.com/openshift/api/config/v1/0000_10_openshift-controller-manager-operator_01_build.crd.yaml diff --git a/vendor/github.com/openshift/api/config/v1/custom.authentication.single.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/custom.authentication.single.testsuite.yaml deleted file mode 100644 index 7a55d4297f..0000000000 --- a/vendor/github.com/openshift/api/config/v1/custom.authentication.single.testsuite.yaml +++ /dev/null @@ -1,284 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[CustomNoUpgrade] Authentication SingleNode" -crd: 0000_10_config-operator_01_authentications-SingleNode-CustomNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal Authentication - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: {} # No spec is required for a Authentication - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: {} - - name: Should be able to use the OIDC type - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - - name: Cannot set username claim prefix with policy NoPrefix - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: NoPrefix - prefix: - prefixString: "myoidc:" - expectedError: "prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise" - - name: Can set username claim prefix with policy Prefix - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: Prefix - prefix: - prefixString: "myoidc:" - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: Prefix - prefix: - prefixString: "myoidc:" - - name: Cannot leave username claim prefix blank with policy Prefix - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: Prefix - expectedError: "prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise" - - name: Can set OIDC providers with no username prefixing - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: NoPrefix - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: NoPrefix - onUpdate: - - name: Updating OIDC provider with a client that's not in the status - initial: &initConfig | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: someclient - - componentNamespace: namespace - componentName: name - clientID: legitclient - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - updated: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: someclient - - componentNamespace: namespace - componentName: name - clientID: legitclient - - componentNamespace: dif-namespace # new client here - componentName: tehName - clientID: cool-client - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expectedError: "all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" - - name: Updating OIDC provider with a client that's different from the previous one - initial: *initConfig - updated: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: dif-namespace - componentName: tehName - clientID: cool-client - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expectedError: "all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" - - name: Updating previously existing client - initial: *initConfig - updated: &prevExistingUpdated | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: different-client - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *prevExistingUpdated - - name: Removing a configured client from the status (== component unregister) - initial: *initConfig - updated: &removeFromStatus | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: different-client - - componentNamespace: namespace - componentName: name - clientID: legitclient - status: - oidcClients: - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *removeFromStatus - - name: Simply add a valid client - initial: *initConfig - updated: &addClient | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: different-client - - componentNamespace: namespace - componentName: name - clientID: legitclient - - componentNamespace: namespace2 - componentName: name3 - clientID: justavalidclient - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *addClient diff --git a/vendor/github.com/openshift/api/config/v1/custom.authentication.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/custom.authentication.testsuite.yaml index 1d8896c7c4..92e7d72e62 100644 --- a/vendor/github.com/openshift/api/config/v1/custom.authentication.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/custom.authentication.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[CustomNoUpgrade] Authentication" -crd: 0000_10_config-operator_01_authentications-SelfManagedHA-CustomNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_authentication.crd-CustomNoUpgrade.yaml tests: onCreate: - name: Should be able to create a minimal Authentication diff --git a/vendor/github.com/openshift/api/config/v1/custom.clusterversion.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/custom.clusterversion.testsuite.yaml index 83898be035..f3090558b9 100644 --- a/vendor/github.com/openshift/api/config/v1/custom.clusterversion.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/custom.clusterversion.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[CustomNoUpgrade] ClusterVersion" -crd: 0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml +crd: 0000_00_cluster-version-operator_01_clusterversion-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterVersion diff --git a/vendor/github.com/openshift/api/config/v1/custom.infrastructure.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/custom.infrastructure.testsuite.yaml index 48a262707d..24433f4f75 100644 --- a/vendor/github.com/openshift/api/config/v1/custom.infrastructure.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/custom.infrastructure.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Custom] Infrastructure" -crd: 0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_infrastructure-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal Infrastructure diff --git a/vendor/github.com/openshift/api/config/v1/custom.network.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/custom.network.testsuite.yaml new file mode 100644 index 0000000000..59e9fbdfff --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/custom.network.testsuite.yaml @@ -0,0 +1,28 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[CustomNoUpgrade] Network" +crd: 0000_10_config-operator_01_network-CustomNoUpgrade.crd.yaml +tests: + onCreate: + - name: Should be able to set status conditions + initial: | + apiVersion: config.openshift.io/v1 + kind: Network + spec: {} # No spec is required for a Network + status: + conditions: + - type: NetworkTypeMigrationInProgress + status: "False" + reason: "Reason" + message: "Message" + lastTransitionTime: "2023-10-25T12:00:00Z" + expected: | + apiVersion: config.openshift.io/v1 + kind: Network + spec: {} + status: + conditions: + - type: NetworkTypeMigrationInProgress + status: "False" + reason: "Reason" + message: "Message" + lastTransitionTime: "2023-10-25T12:00:00Z" diff --git a/vendor/github.com/openshift/api/config/v1/custom.scheduler.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/custom.scheduler.testsuite.yaml index 2685668592..57b546b636 100644 --- a/vendor/github.com/openshift/api/config/v1/custom.scheduler.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/custom.scheduler.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Scheduler" -crd: 0000_10_config-operator_01_schedulers-CustomNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_scheduler-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal Scheduler diff --git a/vendor/github.com/openshift/api/config/v1/feature_gates.go b/vendor/github.com/openshift/api/config/v1/feature_gates.go index d7f0b65939..18ffe44966 100644 --- a/vendor/github.com/openshift/api/config/v1/feature_gates.go +++ b/vendor/github.com/openshift/api/config/v1/feature_gates.go @@ -1,7 +1,5 @@ package v1 -import "fmt" - // FeatureGateDescription is a golang-only interface used to contains details for a feature gate. type FeatureGateDescription struct { // FeatureGateAttributes is the information that appears in the API @@ -17,15 +15,6 @@ type FeatureGateDescription struct { OwningProduct OwningProduct } -type ClusterProfileName string - -var ( - Hypershift = ClusterProfileName("include.release.openshift.io/ibm-cloud-managed") - SelfManaged = ClusterProfileName("include.release.openshift.io/self-managed-high-availability") - SingleNode = ClusterProfileName("include.release.openshift.io/single-node-developer") - AllClusterProfiles = []ClusterProfileName{Hypershift, SelfManaged, SingleNode} -) - type OwningProduct string var ( @@ -33,531 +22,523 @@ var ( kubernetes = OwningProduct("Kubernetes") ) -type featureGateBuilder struct { - name string - owningJiraComponent string - responsiblePerson string - owningProduct OwningProduct +var ( + FeatureGateValidatingAdmissionPolicy = FeatureGateName("ValidatingAdmissionPolicy") + validatingAdmissionPolicy = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateValidatingAdmissionPolicy, + }, + OwningJiraComponent: "kube-apiserver", + ResponsiblePerson: "benluddy", + OwningProduct: kubernetes, + } - statusByClusterProfileByFeatureSet map[ClusterProfileName]map[FeatureSet]bool -} + FeatureGateGatewayAPI = FeatureGateName("GatewayAPI") + gateGatewayAPI = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateGatewayAPI, + }, + OwningJiraComponent: "Routing", + ResponsiblePerson: "miciah", + OwningProduct: ocpSpecific, + } -// newFeatureGate featuregate are disabled in every FeatureSet and selectively enabled -func newFeatureGate(name string) *featureGateBuilder { - b := &featureGateBuilder{ - name: name, - statusByClusterProfileByFeatureSet: map[ClusterProfileName]map[FeatureSet]bool{}, + FeatureGateOpenShiftPodSecurityAdmission = FeatureGateName("OpenShiftPodSecurityAdmission") + openShiftPodSecurityAdmission = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateOpenShiftPodSecurityAdmission, + }, + OwningJiraComponent: "auth", + ResponsiblePerson: "stlaz", + OwningProduct: ocpSpecific, } - for _, clusterProfile := range AllClusterProfiles { - byFeatureSet := map[FeatureSet]bool{} - for _, featureSet := range AllFixedFeatureSets { - byFeatureSet[featureSet] = false - } - b.statusByClusterProfileByFeatureSet[clusterProfile] = byFeatureSet + + FeatureGateExternalCloudProvider = FeatureGateName("ExternalCloudProvider") + externalCloudProvider = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExternalCloudProvider, + }, + OwningJiraComponent: "cloud-provider", + ResponsiblePerson: "jspeed", + OwningProduct: ocpSpecific, } - return b -} -func (b *featureGateBuilder) reportProblemsToJiraComponent(owningJiraComponent string) *featureGateBuilder { - b.owningJiraComponent = owningJiraComponent - return b -} + FeatureGateExternalCloudProviderAzure = FeatureGateName("ExternalCloudProviderAzure") + externalCloudProviderAzure = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExternalCloudProviderAzure, + }, + OwningJiraComponent: "cloud-provider", + ResponsiblePerson: "jspeed", + OwningProduct: ocpSpecific, + } -func (b *featureGateBuilder) contactPerson(responsiblePerson string) *featureGateBuilder { - b.responsiblePerson = responsiblePerson - return b -} + FeatureGateExternalCloudProviderGCP = FeatureGateName("ExternalCloudProviderGCP") + externalCloudProviderGCP = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExternalCloudProviderGCP, + }, + OwningJiraComponent: "cloud-provider", + ResponsiblePerson: "jspeed", + OwningProduct: ocpSpecific, + } -func (b *featureGateBuilder) productScope(owningProduct OwningProduct) *featureGateBuilder { - b.owningProduct = owningProduct - return b -} + FeatureGateExternalCloudProviderExternal = FeatureGateName("ExternalCloudProviderExternal") + externalCloudProviderExternal = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExternalCloudProviderExternal, + }, + OwningJiraComponent: "cloud-provider", + ResponsiblePerson: "elmiko", + OwningProduct: ocpSpecific, + } -func (b *featureGateBuilder) enableIn(featureSets ...FeatureSet) *featureGateBuilder { - for clusterProfile := range b.statusByClusterProfileByFeatureSet { - for _, featureSet := range featureSets { - b.statusByClusterProfileByFeatureSet[clusterProfile][featureSet] = true - } + FeatureGateCSIDriverSharedResource = FeatureGateName("CSIDriverSharedResource") + csiDriverSharedResource = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateCSIDriverSharedResource, + }, + OwningJiraComponent: "builds", + ResponsiblePerson: "adkaplan", + OwningProduct: ocpSpecific, } - return b -} -func (b *featureGateBuilder) enableForClusterProfile(clusterProfile ClusterProfileName, featureSets ...FeatureSet) *featureGateBuilder { - for _, featureSet := range featureSets { - b.statusByClusterProfileByFeatureSet[clusterProfile][featureSet] = true + FeatureGateBuildCSIVolumes = FeatureGateName("BuildCSIVolumes") + buildCSIVolumes = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateBuildCSIVolumes, + }, + OwningJiraComponent: "builds", + ResponsiblePerson: "adkaplan", + OwningProduct: ocpSpecific, } - return b -} -func (b *featureGateBuilder) register() (FeatureGateName, error) { - if len(b.name) == 0 { - return "", fmt.Errorf("missing name") + FeatureGateNodeSwap = FeatureGateName("NodeSwap") + nodeSwap = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateNodeSwap, + }, + OwningJiraComponent: "node", + ResponsiblePerson: "ehashman", + OwningProduct: kubernetes, } - if len(b.owningJiraComponent) == 0 { - return "", fmt.Errorf("missing owningJiraComponent") + + FeatureGateMachineAPIProviderOpenStack = FeatureGateName("MachineAPIProviderOpenStack") + machineAPIProviderOpenStack = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateMachineAPIProviderOpenStack, + }, + OwningJiraComponent: "openstack", + ResponsiblePerson: "egarcia", + OwningProduct: ocpSpecific, } - if len(b.responsiblePerson) == 0 { - return "", fmt.Errorf("missing responsiblePerson") + + FeatureGateInsightsConfigAPI = FeatureGateName("InsightsConfigAPI") + insightsConfigAPI = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateInsightsConfigAPI, + }, + OwningJiraComponent: "insights", + ResponsiblePerson: "tremes", + OwningProduct: ocpSpecific, } - if len(b.owningProduct) == 0 { - return "", fmt.Errorf("missing owningProduct") + + FeatureGateDynamicResourceAllocation = FeatureGateName("DynamicResourceAllocation") + dynamicResourceAllocation = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateDynamicResourceAllocation, + }, + OwningJiraComponent: "scheduling", + ResponsiblePerson: "jchaloup", + OwningProduct: kubernetes, } - featureGateName := FeatureGateName(b.name) - description := FeatureGateDescription{ + FeatureGateAzureWorkloadIdentity = FeatureGateName("AzureWorkloadIdentity") + azureWorkloadIdentity = FeatureGateDescription{ FeatureGateAttributes: FeatureGateAttributes{ - Name: featureGateName, + Name: FeatureGateAzureWorkloadIdentity, }, - OwningJiraComponent: b.owningJiraComponent, - ResponsiblePerson: b.responsiblePerson, - OwningProduct: b.owningProduct, + OwningJiraComponent: "cloud-credential-operator", + ResponsiblePerson: "abutcher", + OwningProduct: ocpSpecific, } - // statusByClusterProfileByFeatureSet is initialized by constructor to be false for every combination - for clusterProfile, byFeatureSet := range b.statusByClusterProfileByFeatureSet { - for featureSet, enabled := range byFeatureSet { - if _, ok := allFeatureGates[clusterProfile]; !ok { - allFeatureGates[clusterProfile] = map[FeatureSet]*FeatureGateEnabledDisabled{} - } - if _, ok := allFeatureGates[clusterProfile][featureSet]; !ok { - allFeatureGates[clusterProfile][featureSet] = &FeatureGateEnabledDisabled{} - } + FeatureGateMaxUnavailableStatefulSet = FeatureGateName("MaxUnavailableStatefulSet") + maxUnavailableStatefulSet = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateMaxUnavailableStatefulSet, + }, + OwningJiraComponent: "apps", + ResponsiblePerson: "atiratree", + OwningProduct: kubernetes, + } - if enabled { - allFeatureGates[clusterProfile][featureSet].Enabled = append(allFeatureGates[clusterProfile][featureSet].Enabled, description) - } else { - allFeatureGates[clusterProfile][featureSet].Disabled = append(allFeatureGates[clusterProfile][featureSet].Disabled, description) - } - } + FeatureGateEventedPLEG = FeatureGateName("EventedPLEG") + eventedPleg = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateEventedPLEG, + }, + OwningJiraComponent: "node", + ResponsiblePerson: "sairameshv", + OwningProduct: kubernetes, } - return featureGateName, nil -} + FeatureGatePrivateHostedZoneAWS = FeatureGateName("PrivateHostedZoneAWS") + privateHostedZoneAWS = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGatePrivateHostedZoneAWS, + }, + OwningJiraComponent: "Routing", + ResponsiblePerson: "miciah", + OwningProduct: ocpSpecific, + } -func (b *featureGateBuilder) mustRegister() FeatureGateName { - ret, err := b.register() - if err != nil { - panic(err) + FeatureGateSigstoreImageVerification = FeatureGateName("SigstoreImageVerification") + sigstoreImageVerification = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateSigstoreImageVerification, + }, + OwningJiraComponent: "node", + ResponsiblePerson: "sgrunert", + OwningProduct: ocpSpecific, } - return ret -} -func FeatureSets(clusterProfile ClusterProfileName, featureSet FeatureSet) (*FeatureGateEnabledDisabled, error) { - byFeatureSet, ok := allFeatureGates[clusterProfile] - if !ok { - return nil, fmt.Errorf("no information found for ClusterProfile=%q", clusterProfile) + FeatureGateGCPLabelsTags = FeatureGateName("GCPLabelsTags") + gcpLabelsTags = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateGCPLabelsTags, + }, + OwningJiraComponent: "Installer", + ResponsiblePerson: "bhb", + OwningProduct: ocpSpecific, } - featureGates, ok := byFeatureSet[featureSet] - if !ok { - return nil, fmt.Errorf("no information found for FeatureSet=%q under ClusterProfile=%q", featureSet, clusterProfile) + + FeatureGateAlibabaPlatform = FeatureGateName("AlibabaPlatform") + alibabaPlatform = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateAlibabaPlatform, + }, + OwningJiraComponent: "cloud-provider", + ResponsiblePerson: "jspeed", + OwningProduct: ocpSpecific, } - return featureGates.DeepCopy(), nil -} -func AllFeatureSets() map[ClusterProfileName]map[FeatureSet]*FeatureGateEnabledDisabled { - ret := map[ClusterProfileName]map[FeatureSet]*FeatureGateEnabledDisabled{} + FeatureGateCloudDualStackNodeIPs = FeatureGateName("CloudDualStackNodeIPs") + cloudDualStackNodeIPs = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateCloudDualStackNodeIPs, + }, + OwningJiraComponent: "machine-config-operator/platform-baremetal", + ResponsiblePerson: "mkowalsk", + OwningProduct: kubernetes, + } + FeatureGateVSphereStaticIPs = FeatureGateName("VSphereStaticIPs") + vSphereStaticIPs = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateVSphereStaticIPs, + }, + OwningJiraComponent: "splat", + ResponsiblePerson: "rvanderp3", + OwningProduct: ocpSpecific, + } - for clusterProfile, byFeatureSet := range allFeatureGates { - newByFeatureSet := map[FeatureSet]*FeatureGateEnabledDisabled{} + FeatureGateRouteExternalCertificate = FeatureGateName("RouteExternalCertificate") + routeExternalCertificate = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateRouteExternalCertificate, + }, + OwningJiraComponent: "router", + ResponsiblePerson: "thejasn", + OwningProduct: ocpSpecific, + } - for featureSet, enabledDisabled := range byFeatureSet { - newByFeatureSet[featureSet] = enabledDisabled.DeepCopy() - } - ret[clusterProfile] = newByFeatureSet + FeatureGateAdminNetworkPolicy = FeatureGateName("AdminNetworkPolicy") + adminNetworkPolicy = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateAdminNetworkPolicy, + }, + OwningJiraComponent: "Networking/ovn-kubernetes", + ResponsiblePerson: "tssurya", + OwningProduct: ocpSpecific, } - return ret -} + FeatureGateNetworkLiveMigration = FeatureGateName("NetworkLiveMigration") + sdnLiveMigration = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateNetworkLiveMigration, + }, + OwningJiraComponent: "Networking/ovn-kubernetes", + ResponsiblePerson: "pliu", + OwningProduct: ocpSpecific, + } -var ( - allFeatureGates = map[ClusterProfileName]map[FeatureSet]*FeatureGateEnabledDisabled{} - - FeatureGateValidatingAdmissionPolicy = newFeatureGate("ValidatingAdmissionPolicy"). - reportProblemsToJiraComponent("kube-apiserver"). - contactPerson("benluddy"). - productScope(kubernetes). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateGatewayAPI = newFeatureGate("GatewayAPI"). - reportProblemsToJiraComponent("Routing"). - contactPerson("miciah"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission"). - reportProblemsToJiraComponent("auth"). - contactPerson("stlaz"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProvider = newFeatureGate("ExternalCloudProvider"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProviderAzure = newFeatureGate("ExternalCloudProviderAzure"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProviderGCP = newFeatureGate("ExternalCloudProviderGCP"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProviderExternal = newFeatureGate("ExternalCloudProviderExternal"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("elmiko"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateCSIDriverSharedResource = newFeatureGate("CSIDriverSharedResource"). - reportProblemsToJiraComponent("builds"). - contactPerson("adkaplan"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateBuildCSIVolumes = newFeatureGate("BuildCSIVolumes"). - reportProblemsToJiraComponent("builds"). - contactPerson("adkaplan"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateNodeSwap = newFeatureGate("NodeSwap"). - reportProblemsToJiraComponent("node"). - contactPerson("ehashman"). - productScope(kubernetes). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateMachineAPIProviderOpenStack = newFeatureGate("MachineAPIProviderOpenStack"). - reportProblemsToJiraComponent("openstack"). - contactPerson("egarcia"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateInsightsConfigAPI = newFeatureGate("InsightsConfigAPI"). - reportProblemsToJiraComponent("insights"). - contactPerson("tremes"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateDynamicResourceAllocation = newFeatureGate("DynamicResourceAllocation"). - reportProblemsToJiraComponent("scheduling"). - contactPerson("jchaloup"). - productScope(kubernetes). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateAzureWorkloadIdentity = newFeatureGate("AzureWorkloadIdentity"). - reportProblemsToJiraComponent("cloud-credential-operator"). - contactPerson("abutcher"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateMaxUnavailableStatefulSet = newFeatureGate("MaxUnavailableStatefulSet"). - reportProblemsToJiraComponent("apps"). - contactPerson("atiratree"). - productScope(kubernetes). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateEventedPLEG = newFeatureGate("EventedPLEG"). - reportProblemsToJiraComponent("node"). - contactPerson("sairameshv"). - productScope(kubernetes). - mustRegister() - - FeatureGatePrivateHostedZoneAWS = newFeatureGate("PrivateHostedZoneAWS"). - reportProblemsToJiraComponent("Routing"). - contactPerson("miciah"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateSigstoreImageVerification = newFeatureGate("SigstoreImageVerification"). - reportProblemsToJiraComponent("node"). - contactPerson("sgrunert"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateGCPLabelsTags = newFeatureGate("GCPLabelsTags"). - reportProblemsToJiraComponent("Installer"). - contactPerson("bhb"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateAlibabaPlatform = newFeatureGate("AlibabaPlatform"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateCloudDualStackNodeIPs = newFeatureGate("CloudDualStackNodeIPs"). - reportProblemsToJiraComponent("machine-config-operator/platform-baremetal"). - contactPerson("mkowalsk"). - productScope(kubernetes). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateVSphereStaticIPs = newFeatureGate("VSphereStaticIPs"). - reportProblemsToJiraComponent("splat"). - contactPerson("rvanderp3"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateRouteExternalCertificate = newFeatureGate("RouteExternalCertificate"). - reportProblemsToJiraComponent("router"). - contactPerson("thejasn"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateAdminNetworkPolicy = newFeatureGate("AdminNetworkPolicy"). - reportProblemsToJiraComponent("Networking/ovn-kubernetes"). - contactPerson("tssurya"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateNetworkLiveMigration = newFeatureGate("NetworkLiveMigration"). - reportProblemsToJiraComponent("Networking/ovn-kubernetes"). - contactPerson("pliu"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateHardwareSpeed = newFeatureGate("HardwareSpeed"). - reportProblemsToJiraComponent("etcd"). - contactPerson("hasbro17"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateAutomatedEtcdBackup = newFeatureGate("AutomatedEtcdBackup"). - reportProblemsToJiraComponent("etcd"). - contactPerson("hasbro17"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateMachineAPIOperatorDisableMachineHealthCheckController = newFeatureGate("MachineAPIOperatorDisableMachineHealthCheckController"). - reportProblemsToJiraComponent("ecoproject"). - contactPerson("msluiter"). - productScope(ocpSpecific). - mustRegister() - - FeatureGateDNSNameResolver = newFeatureGate("DNSNameResolver"). - reportProblemsToJiraComponent("dns"). - contactPerson("miciah"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateVSphereControlPlaneMachineset = newFeatureGate("VSphereControlPlaneMachineSet"). - reportProblemsToJiraComponent("splat"). - contactPerson("rvanderp3"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateMachineConfigNodes = newFeatureGate("MachineConfigNodes"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("cdoern"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateClusterAPIInstall = newFeatureGate("ClusterAPIInstall"). - reportProblemsToJiraComponent("Installer"). - contactPerson("vincepri"). - productScope(ocpSpecific). - mustRegister() - - FeatureGateMetricsServer = newFeatureGate("MetricsServer"). - reportProblemsToJiraComponent("Monitoring"). - contactPerson("slashpai"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateInstallAlternateInfrastructureAWS = newFeatureGate("InstallAlternateInfrastructureAWS"). - reportProblemsToJiraComponent("Installer"). - contactPerson("padillon"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateGCPClusterHostedDNS = newFeatureGate("GCPClusterHostedDNS"). - reportProblemsToJiraComponent("Installer"). - contactPerson("barbacbd"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateMixedCPUsAllocation = newFeatureGate("MixedCPUsAllocation"). - reportProblemsToJiraComponent("NodeTuningOperator"). - contactPerson("titzhak"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateManagedBootImages = newFeatureGate("ManagedBootImages"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("djoshy"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateDisableKubeletCloudCredentialProviders = newFeatureGate("DisableKubeletCloudCredentialProviders"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(kubernetes). - mustRegister() - - FeatureGateOnClusterBuild = newFeatureGate("OnClusterBuild"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("dkhater"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateSignatureStores = newFeatureGate("SignatureStores"). - reportProblemsToJiraComponent("Cluster Version Operator"). - contactPerson("lmohanty"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateKMSv1 = newFeatureGate("KMSv1"). - reportProblemsToJiraComponent("kube-apiserver"). - contactPerson("dgrisonnet"). - productScope(kubernetes). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGatePinnedImages = newFeatureGate("PinnedImages"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("jhernand"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateUpgradeStatus = newFeatureGate("UpgradeStatus"). - reportProblemsToJiraComponent("Cluster Version Operator"). - contactPerson("pmuller"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateTranslateStreamCloseWebsocketRequests = newFeatureGate("TranslateStreamCloseWebsocketRequests"). - reportProblemsToJiraComponent("kube-apiserver"). - contactPerson("akashem"). - productScope(kubernetes). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateVolumeGroupSnapshot = newFeatureGate("VolumeGroupSnapshot"). - reportProblemsToJiraComponent("Storage / Kubernetes External Components"). - contactPerson("fbertina"). - productScope(kubernetes). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalOIDC = newFeatureGate("ExternalOIDC"). - reportProblemsToJiraComponent("authentication"). - contactPerson("stlaz"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - enableForClusterProfile(Hypershift, Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExample = newFeatureGate("Example"). - reportProblemsToJiraComponent("cluster-config"). - contactPerson("deads"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGatePlatformOperators = newFeatureGate("PlatformOperators"). - reportProblemsToJiraComponent("olm"). - contactPerson("joe"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateNewOLM = newFeatureGate("NewOLM"). - reportProblemsToJiraComponent("olm"). - contactPerson("joe"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalRouteCertificate = newFeatureGate("ExternalRouteCertificate"). - reportProblemsToJiraComponent("network-edge"). - contactPerson("miciah"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateInsightsOnDemandDataGather = newFeatureGate("InsightsOnDemandDataGather"). - reportProblemsToJiraComponent("insights"). - contactPerson("tremes"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateAlertingRules = newFeatureGate("AlertingRules"). - reportProblemsToJiraComponent("Monitoring"). - contactPerson("simon"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateBareMetalLoadBalancer = newFeatureGate("BareMetalLoadBalancer"). - reportProblemsToJiraComponent("metal"). - contactPerson("EmilienM"). - productScope(ocpSpecific). - enableIn(Default, TechPreviewNoUpgrade). - mustRegister() - - FeatureGateInsightsConfig = newFeatureGate("InsightsConfig"). - reportProblemsToJiraComponent("insights"). - contactPerson("tremes"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateImagePolicy = newFeatureGate("ImagePolicy"). - reportProblemsToJiraComponent("node"). - contactPerson("rphillips"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() - - FeatureGateNodeDisruptionPolicy = newFeatureGate("NodeDisruptionPolicy"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("jerzhang"). - productScope(ocpSpecific). - enableIn(TechPreviewNoUpgrade). - mustRegister() + FeatureGateAutomatedEtcdBackup = FeatureGateName("AutomatedEtcdBackup") + automatedEtcdBackup = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateAutomatedEtcdBackup, + }, + OwningJiraComponent: "etcd", + ResponsiblePerson: "hasbro17", + OwningProduct: ocpSpecific, + } + + FeatureGateHardwareSpeed = FeatureGateName("HardwareSpeed") + hardwareSpeed = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateHardwareSpeed, + }, + OwningJiraComponent: "etcd", + ResponsiblePerson: "hasbro17", + OwningProduct: ocpSpecific, + } + + FeatureGateMachineAPIOperatorDisableMachineHealthCheckController = FeatureGateName("MachineAPIOperatorDisableMachineHealthCheckController") + machineAPIOperatorDisableMachineHealthCheckController = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateMachineAPIOperatorDisableMachineHealthCheckController, + }, + OwningJiraComponent: "ecoproject", + ResponsiblePerson: "msluiter", + OwningProduct: ocpSpecific, + } + + FeatureGateDNSNameResolver = FeatureGateName("DNSNameResolver") + dnsNameResolver = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateDNSNameResolver, + }, + OwningJiraComponent: "dns", + ResponsiblePerson: "miciah", + OwningProduct: ocpSpecific, + } + + FeatureGateVSphereControlPlaneMachineset = FeatureGateName("VSphereControlPlaneMachineSet") + vSphereControlPlaneMachineset = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateVSphereControlPlaneMachineset, + }, + OwningJiraComponent: "splat", + ResponsiblePerson: "rvanderp3", + OwningProduct: ocpSpecific, + } + + FeatureGateMachineConfigNodes = FeatureGateName("MachineConfigNodes") + machineConfigNodes = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateMachineConfigNodes, + }, + OwningJiraComponent: "MachineConfigOperator", + ResponsiblePerson: "cdoern", + OwningProduct: ocpSpecific, + } + + FeatureGateClusterAPIInstall = FeatureGateName("ClusterAPIInstall") + clusterAPIInstall = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateClusterAPIInstall, + }, + OwningJiraComponent: "Installer", + ResponsiblePerson: "vincepri", + OwningProduct: ocpSpecific, + } + + FeatureGateMetricsServer = FeatureGateName("MetricsServer") + metricsServer = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateMetricsServer, + }, + OwningJiraComponent: "Monitoring", + ResponsiblePerson: "slashpai", + OwningProduct: ocpSpecific, + } + + FeatureGateInstallAlternateInfrastructureAWS = FeatureGateName("InstallAlternateInfrastructureAWS") + installAlternateInfrastructureAWS = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateInstallAlternateInfrastructureAWS, + }, + OwningJiraComponent: "Installer", + ResponsiblePerson: "padillon", + OwningProduct: ocpSpecific, + } + + FeatureGateGCPClusterHostedDNS = FeatureGateName("GCPClusterHostedDNS") + gcpClusterHostedDNS = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateGCPClusterHostedDNS, + }, + OwningJiraComponent: "Installer", + ResponsiblePerson: "barbacbd", + OwningProduct: ocpSpecific, + } + + FeatureGateMixedCPUsAllocation = FeatureGateName("MixedCPUsAllocation") + mixedCPUsAllocation = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateMixedCPUsAllocation, + }, + OwningJiraComponent: "NodeTuningOperator", + ResponsiblePerson: "titzhak", + OwningProduct: ocpSpecific, + } + + FeatureGateManagedBootImages = FeatureGateName("ManagedBootImages") + managedBootImages = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateManagedBootImages, + }, + OwningJiraComponent: "MachineConfigOperator", + ResponsiblePerson: "djoshy", + OwningProduct: ocpSpecific, + } + + FeatureGateDisableKubeletCloudCredentialProviders = FeatureGateName("DisableKubeletCloudCredentialProviders") + disableKubeletCloudCredentialProviders = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateDisableKubeletCloudCredentialProviders, + }, + OwningJiraComponent: "cloud-provider", + ResponsiblePerson: "jspeed", + OwningProduct: kubernetes, + } + + FeatureGateOnClusterBuild = FeatureGateName("OnClusterBuild") + onClusterBuild = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateOnClusterBuild, + }, + OwningJiraComponent: "MachineConfigOperator", + ResponsiblePerson: "dkhater", + OwningProduct: ocpSpecific, + } + + FeatureGateSignatureStores = FeatureGateName("SignatureStores") + signatureStores = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateSignatureStores, + }, + OwningJiraComponent: "Cluster Version Operator", + ResponsiblePerson: "lmohanty", + OwningProduct: ocpSpecific, + } + + FeatureGateKMSv1 = FeatureGateName("KMSv1") + kmsv1 = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateKMSv1, + }, + OwningJiraComponent: "kube-apiserver", + ResponsiblePerson: "dgrisonnet", + OwningProduct: kubernetes, + } + + FeatureGatePinnedImages = FeatureGateName("PinnedImages") + pinnedImages = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGatePinnedImages, + }, + OwningJiraComponent: "MachineConfigOperator", + ResponsiblePerson: "jhernand", + OwningProduct: ocpSpecific, + } + + FeatureGateUpgradeStatus = FeatureGateName("UpgradeStatus") + upgradeStatus = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateUpgradeStatus, + }, + OwningJiraComponent: "Cluster Version Operator", + ResponsiblePerson: "pmuller", + OwningProduct: ocpSpecific, + } + + FeatureGateTranslateStreamCloseWebsocketRequests = FeatureGateName("TranslateStreamCloseWebsocketRequests") + translateStreamCloseWebsocketRequests = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateTranslateStreamCloseWebsocketRequests, + }, + OwningJiraComponent: "kube-apiserver", + ResponsiblePerson: "akashem", + OwningProduct: kubernetes, + } + + FeatureGateVolumeGroupSnapshot = FeatureGateName("VolumeGroupSnapshot") + volumeGroupSnapshot = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateVolumeGroupSnapshot, + }, + OwningJiraComponent: "Storage / Kubernetes External Components", + ResponsiblePerson: "fbertina", + OwningProduct: kubernetes, + } + + FeatureGateExternalOIDC = FeatureGateName("ExternalOIDC") + externalOIDC = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExternalOIDC, + }, + OwningJiraComponent: "authentication", + ResponsiblePerson: "stlaz", + OwningProduct: ocpSpecific, + } + + FeatureGateExample = FeatureGateName("Example") + example = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExample, + }, + OwningJiraComponent: "cluster-config", + ResponsiblePerson: "deads", + OwningProduct: ocpSpecific, + } + + FeatureGatePlatformOperators = FeatureGateName("PlatformOperators") + platformOperators = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGatePlatformOperators, + }, + OwningJiraComponent: "olm", + ResponsiblePerson: "joe", + OwningProduct: ocpSpecific, + } + + FeatureGateExternalRouteCertificate = FeatureGateName("ExternalRouteCertificate") + externalRouteCertificate = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateExternalRouteCertificate, + }, + OwningJiraComponent: "network-edge", + ResponsiblePerson: "miciah", + OwningProduct: ocpSpecific, + } + + FeatureGateInsightsOnDemandDataGather = FeatureGateName("InsightsOnDemandDataGather") + insightsOnDemandDataGather = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateInsightsOnDemandDataGather, + }, + OwningJiraComponent: "insights", + ResponsiblePerson: "tremes", + OwningProduct: ocpSpecific, + } + + FeatureGateAlertingRules = FeatureGateName("AlertingRules") + alertingRules = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateAlertingRules, + }, + OwningJiraComponent: "Monitoring", + ResponsiblePerson: "simon", + OwningProduct: ocpSpecific, + } + + FeatureGateBareMetalLoadBalancer = FeatureGateName("BareMetalLoadBalancer") + bareMetalLoadBalancer = FeatureGateDescription{ + FeatureGateAttributes: FeatureGateAttributes{ + Name: FeatureGateBareMetalLoadBalancer, + }, + OwningJiraComponent: "metal", + ResponsiblePerson: "EmilienM", + OwningProduct: ocpSpecific, + } ) diff --git a/vendor/github.com/openshift/api/config/v1/stable.apiserver.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.apiserver.testsuite.yaml index 0b32b75c6d..7536479c99 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.apiserver.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.apiserver.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] APIServer" -crd: 0000_10_config-operator_01_apiservers.crd.yaml +crd: 0000_10_config-operator_01_apiserver.crd.yaml tests: onCreate: - name: Should be able to create encrypt with aescbc diff --git a/vendor/github.com/openshift/api/config/v1/stable.authentication.single.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.authentication.single.testsuite.yaml deleted file mode 100644 index 0bfacdb459..0000000000 --- a/vendor/github.com/openshift/api/config/v1/stable.authentication.single.testsuite.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Stable] Authentication SingleNode" -crd: 0000_10_config-operator_01_authentications-SingleNode-Default.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal Authentication - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: {} # No spec is required for a Authentication - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: {} - - name: Shouldn't be able to use the OIDC type in a stable version of the resource - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - expectedError: "spec.type: Unsupported value: \"OIDC\": supported values: \"\", \"None\", \"IntegratedOAuth\"" \ No newline at end of file diff --git a/vendor/github.com/openshift/api/config/v1/stable.authentication.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.authentication.testsuite.yaml index 680e0bc30c..6e966c15b4 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.authentication.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.authentication.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Authentication" -crd: 0000_10_config-operator_01_authentications-SelfManagedHA-Default.crd.yaml +crd: 0000_10_config-operator_01_authentication.crd-Default.yaml tests: onCreate: - name: Should be able to create a minimal Authentication diff --git a/vendor/github.com/openshift/api/config/v1/stable.build.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.build.testsuite.yaml index d954f142b9..b422ebd206 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.build.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.build.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Build" -crd: 0000_10_openshift-controller-manager_01_builds.crd.yaml +crd: 0000_10_openshift-controller-manager-operator_01_build.crd.yaml tests: onCreate: - name: Should be able to create a minimal Build diff --git a/vendor/github.com/openshift/api/config/v1/stable.clusteroperator.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.clusteroperator.testsuite.yaml index cd4363feb5..177e8f6917 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.clusteroperator.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.clusteroperator.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ClusterOperator" -crd: 0000_00_cluster-version-operator_01_clusteroperators.crd.yaml +crd: 0000_00_cluster-version-operator_01_clusteroperator.crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterOperator diff --git a/vendor/github.com/openshift/api/config/v1/stable.clusterversion.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.clusterversion.testsuite.yaml index ee108929f5..4c3fed149d 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.clusterversion.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.clusterversion.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ClusterVersion" -crd: 0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml +crd: 0000_00_cluster-version-operator_01_clusterversion-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterVersion diff --git a/vendor/github.com/openshift/api/config/v1/stable.console.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.console.testsuite.yaml index d2fb2b596b..0081816fc9 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.console.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.console.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Console" -crd: 0000_10_config-operator_01_consoles.crd.yaml +crd: 0000_10_config-operator_01_console.crd.yaml tests: onCreate: - name: Should be able to create a minimal Console diff --git a/vendor/github.com/openshift/api/config/v1/stable.dns.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.dns.testsuite.yaml index 0f052307f3..b8535da799 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.dns.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.dns.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] DNS" -crd: 0000_10_config-operator_01_dnses.crd.yaml +crd: 0000_10_config-operator_01_dns.crd.yaml tests: onCreate: - name: Should be able to create a minimal DNS diff --git a/vendor/github.com/openshift/api/config/v1/stable.featuregate.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.featuregate.testsuite.yaml index ca29248ef7..6b6a4327a6 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.featuregate.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.featuregate.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] FeatureGate" -crd: 0000_10_config-operator_01_featuregates.crd.yaml +crd: 0000_10_config-operator_01_featuregate.crd.yaml tests: onCreate: - name: Should be able to create a minimal FeatureGate diff --git a/vendor/github.com/openshift/api/config/v1/stable.hypershift.authentication.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.hypershift.authentication.testsuite.yaml index cfd006e3a3..406bf38617 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.hypershift.authentication.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.hypershift.authentication.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable][Hypershift] Authentication" -crd: 0000_10_config-operator_01_authentications-Hypershift.crd.yaml +crd: 0000_10_config-operator_01_authentication.crd-Default-Hypershift.yaml tests: onCreate: - name: Should be able to create a minimal Authentication diff --git a/vendor/github.com/openshift/api/config/v1/stable.image.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.image.testsuite.yaml index 34a4d23dfd..6bfbb820ff 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.image.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.image.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Image" -crd: 0000_10_config-operator_01_images.crd.yaml +crd: 0000_10_config-operator_01_image.crd.yaml tests: onCreate: - name: Should be able to create a minimal Image diff --git a/vendor/github.com/openshift/api/config/v1/stable.imagecontentpolicy.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.imagecontentpolicy.testsuite.yaml index d9181eb27a..bffdb6bcda 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.imagecontentpolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.imagecontentpolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ImageContentPolicy" -crd: 0000_10_config-operator_01_imagecontentpolicies.crd.yaml +crd: 0000_10_config-operator_01_imagecontentpolicy.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImageContentPolicy diff --git a/vendor/github.com/openshift/api/config/v1/stable.imagedigestmirrorset.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.imagedigestmirrorset.testsuite.yaml index 3250800be7..c25b1696bc 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.imagedigestmirrorset.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.imagedigestmirrorset.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ImageDigestMirrorSet" -crd: 0000_10_config-operator_01_imagedigestmirrorsets.crd.yaml +crd: 0000_10_config-operator_01_imagedigestmirrorset.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImageDigestMirrorSet diff --git a/vendor/github.com/openshift/api/config/v1/stable.imagetagmirrorset.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.imagetagmirrorset.testsuite.yaml index 6b8d12d9e9..de91eb2c59 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.imagetagmirrorset.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.imagetagmirrorset.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ImageTagMirrorSet" -crd: 0000_10_config-operator_01_imagetagmirrorsets.crd.yaml +crd: 0000_10_config-operator_01_imagetagmirrorset.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImageTagMirrorSet diff --git a/vendor/github.com/openshift/api/config/v1/stable.infrastructure.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.infrastructure.testsuite.yaml index aa564b17ef..9d0861b68b 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.infrastructure.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.infrastructure.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Infrastructure" -crd: 0000_10_config-operator_01_infrastructures-Default.crd.yaml +crd: 0000_10_config-operator_01_infrastructure-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal Infrastructure @@ -408,7 +408,7 @@ tests: platformStatus: powervs: resourceGroup: resource-group-should-not-accept-the-string-that-exceeds-max-length-set - expectedStatusError: "platformStatus.powervs.resourceGroup: Too long: may not be longer than 40" + expectedStatusError: "status.platformStatus.powervs.resourceGroup: Too long: may not be longer than 40" - name: PowerVS platform status's resourceGroup should match the regex configured initial: | apiVersion: config.openshift.io/v1 @@ -432,7 +432,7 @@ tests: platformStatus: powervs: resourceGroup: re$ource-group - expectedStatusError: "platformStatus.powervs.resourceGroup in body should match '^[a-zA-Z0-9-_ ]+$'" + expectedStatusError: "status.platformStatus.powervs.resourceGroup in body should match '^[a-zA-Z0-9-_ ]+$'" - name: Should not be able to change PowerVS platform status's resourceGroup once it was set initial: | apiVersion: config.openshift.io/v1 @@ -519,46 +519,7 @@ tests: loadBalancer: type: OpenShiftManagedDefault type: OpenStack - - name: Should be able to override the default BareMetal load balancer with a valid value - initial: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - baremetal: {} - type: BareMetal - updated: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - baremetal: {} - type: BareMetal - status: - platform: BareMetal - platformStatus: - baremetal: - loadBalancer: - type: UserManaged - type: BareMetal - expected: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - baremetal: {} - type: BareMetal - status: - controlPlaneTopology: HighlyAvailable - cpuPartitioning: None - infrastructureTopology: HighlyAvailable - platform: BareMetal - platformStatus: - baremetal: - loadBalancer: - type: UserManaged - type: BareMetal - - name: Should be able to override the default OpenStack load balancer with a valid value + - name: Should be able to override the default load balancer with a valid value initial: | apiVersion: config.openshift.io/v1 kind: Infrastructure @@ -597,41 +558,7 @@ tests: loadBalancer: type: UserManaged type: OpenStack - - name: Should not allow changing the immutable BareMetal load balancer type field - initial: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - baremetal: {} - type: BareMetal - status: - controlPlaneTopology: HighlyAvailable - infrastructureTopology: HighlyAvailable - platform: BareMetal - platformStatus: - baremetal: - loadBalancer: - type: OpenShiftManagedDefault - type: BareMetal - updated: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - type: BareMetal - baremetal: {} - status: - controlPlaneTopology: HighlyAvailable - infrastructureTopology: HighlyAvailable - platform: BareMetal - platformStatus: - baremetal: - loadBalancer: - type: UserManaged - type: BareMetal - expectedStatusError: "status.platformStatus.baremetal.loadBalancer.type: Invalid value: \"string\": type is immutable once set" - - name: Should not allow changing the immutable OpenStack load balancer type field + - name: Should not allow changing the immutable load balancer type field initial: | apiVersion: config.openshift.io/v1 kind: Infrastructure @@ -665,7 +592,7 @@ tests: type: UserManaged type: OpenStack expectedStatusError: "status.platformStatus.openstack.loadBalancer.type: Invalid value: \"string\": type is immutable once set" - - name: Should not allow removing the immutable OpenStack load balancer type field that was initially set + - name: Should not allow removing the immutable load balancer type field that was initially set initial: | apiVersion: config.openshift.io/v1 kind: Infrastructure @@ -697,38 +624,6 @@ tests: openstack: {} type: OpenStack expectedStatusError: "status.platformStatus.openstack.loadBalancer.type: Invalid value: \"string\": type is immutable once set" - - name: Should not allow removing the immutable BareMetal load balancer type field that was initially set - initial: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - baremetal: {} - type: BareMetal - status: - controlPlaneTopology: HighlyAvailable - infrastructureTopology: HighlyAvailable - platform: BareMetal - platformStatus: - baremetal: - loadBalancer: - type: UserManaged - type: BareMetal - updated: | - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - platformSpec: - type: BareMetal - baremetal: {} - status: - controlPlaneTopology: HighlyAvailable - infrastructureTopology: HighlyAvailable - platform: BareMetal - platformStatus: - baremetal: {} - type: BareMetal - expectedStatusError: "status.platformStatus.baremetal.loadBalancer.type: Invalid value: \"string\": type is immutable once set" - name: Should not allow setting the load balancer type to a wrong value initial: | apiVersion: config.openshift.io/v1 @@ -751,7 +646,7 @@ tests: loadBalancer: type: FooBar type: OpenStack - expectedStatusError: "platformStatus.openstack.loadBalancer.type: Unsupported value: \"FooBar\": supported values: \"OpenShiftManagedDefault\", \"UserManaged\"" + expectedStatusError: "status.platformStatus.openstack.loadBalancer.type: Unsupported value: \"FooBar\": supported values: \"OpenShiftManagedDefault\", \"UserManaged\"" - name: Should not be able to update cloudControllerManager state to empty string when state is already set to None initial: | apiVersion: config.openshift.io/v1 @@ -1338,7 +1233,7 @@ tests: url: https://dummy.vpc.com - name: COS url: dummy-cos-com - expectedStatusError: "platformStatus.ibmcloud.serviceEndpoints[1].url: Invalid value: \"string\": url must be a valid absolute URL" + expectedStatusError: " status.platformStatus.ibmcloud.serviceEndpoints[1].url: Invalid value: \"string\": url must be a valid absolute URL" - name: Should not be able to add invalid (Name) ServiceEndpoints to IBMCloud PlatformStatus initial: | apiVersion: config.openshift.io/v1 @@ -1364,4 +1259,4 @@ tests: url: https://dummy.vpc.com - name: BadService url: https://bad-service.com - expectedStatusError: "platformStatus.ibmcloud.serviceEndpoints[1].name: Unsupported value: \"BadService\": supported values: \"CIS\", \"COS\", \"DNSServices\", \"GlobalSearch\", \"GlobalTagging\", \"HyperProtect\", \"IAM\", \"KeyProtect\", \"ResourceController\", \"ResourceManager\", \"VPC\"" + expectedStatusError: " status.platformStatus.ibmcloud.serviceEndpoints[1].name: Unsupported value: \"BadService\": supported values: \"CIS\", \"COS\", \"DNSServices\", \"GlobalSearch\", \"GlobalTagging\", \"HyperProtect\", \"IAM\", \"KeyProtect\", \"ResourceController\", \"ResourceManager\", \"VPC\"" diff --git a/vendor/github.com/openshift/api/config/v1/stable.ingress.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.ingress.testsuite.yaml index fd7870d718..90d48e8965 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.ingress.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.ingress.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Ingress" -crd: 0000_10_config-operator_01_ingresses.crd.yaml +crd: 0000_10_config-operator_01_ingress.crd.yaml tests: onCreate: - name: Should be able to create a minimal Ingress diff --git a/vendor/github.com/openshift/api/config/v1/stable.network.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.network.testsuite.yaml index 16178e8430..c85d122a65 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.network.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.network.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Network" -crd: 0000_10_config-operator_01_networks.crd.yaml +crd: 0000_10_config-operator_01_network-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal Network diff --git a/vendor/github.com/openshift/api/config/v1/stable.node.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.node.testsuite.yaml index 4287b66f5b..d6502600bc 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.node.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.node.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Node" -crd: 0000_10_config-operator_01_nodes.crd.yaml +crd: 0000_10_config-operator_01_node.crd.yaml tests: onCreate: - name: Should be able to create a minimal Node diff --git a/vendor/github.com/openshift/api/config/v1/stable.oauth.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.oauth.testsuite.yaml index b25ec5489a..d33d2bc1b1 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.oauth.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.oauth.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] OAuth" -crd: 0000_10_config-operator_01_oauths.crd.yaml +crd: 0000_10_config-operator_01_oauth.crd.yaml tests: onCreate: - name: Should be able to create a minimal OAuth diff --git a/vendor/github.com/openshift/api/config/v1/stable.operatorhub.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.operatorhub.testsuite.yaml index 445b2dc7c2..9dd7a4c6d6 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.operatorhub.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.operatorhub.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] OperatorHub" -crd: 0000_03_marketplace_01_operatorhubs.crd.yaml +crd: 0000_03_marketplace-operator_01_operatorhub.crd.yaml tests: onCreate: - name: Should be able to create a minimal OperatorHub diff --git a/vendor/github.com/openshift/api/config/v1/stable.project.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.project.testsuite.yaml index 4a14ccbfac..0144ad32f2 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.project.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.project.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Project" -crd: 0000_10_config-operator_01_projects.crd.yaml +crd: 0000_10_config-operator_01_project.crd.yaml tests: onCreate: - name: Should be able to create a minimal Project diff --git a/vendor/github.com/openshift/api/config/v1/stable.proxy.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.proxy.testsuite.yaml index 3886dde384..d49b83247a 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.proxy.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.proxy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Proxy" -crd: 0000_03_config-operator_01_proxies.crd.yaml +crd: 0000_03_config-operator_01_proxy.crd.yaml tests: onCreate: - name: Should be able to create a minimal Proxy diff --git a/vendor/github.com/openshift/api/config/v1/stable.scheduler.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/stable.scheduler.testsuite.yaml index 87ff173423..d659654820 100644 --- a/vendor/github.com/openshift/api/config/v1/stable.scheduler.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/stable.scheduler.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Scheduler" -crd: 0000_10_config-operator_01_schedulers-Default.crd.yaml +crd: 0000_10_config-operator_01_scheduler-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal Scheduler diff --git a/vendor/github.com/openshift/api/config/v1/techpreview.authentication.single.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/techpreview.authentication.single.testsuite.yaml deleted file mode 100644 index 924fb03f78..0000000000 --- a/vendor/github.com/openshift/api/config/v1/techpreview.authentication.single.testsuite.yaml +++ /dev/null @@ -1,298 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[TechPreviewNoUpgrade] Authentication SingleNode" -crd: 0000_10_config-operator_01_authentications-SingleNode-TechPreviewNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal Authentication - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: {} # No spec is required for a Authentication - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: {} - - name: Should be able to use the OIDC type - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - - name: Cannot set username claim prefix with policy NoPrefix - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: NoPrefix - prefix: - prefixString: "myoidc:" - expectedError: "prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise" - - name: Can set username claim prefix with policy Prefix - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: Prefix - prefix: - prefixString: "myoidc:" - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: Prefix - prefix: - prefixString: "myoidc:" - - name: Cannot leave username claim prefix blank with policy Prefix - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: Prefix - expectedError: "prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise" - - name: Can set OIDC providers with no username prefixing - initial: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: NoPrefix - expected: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - claimMappings: - username: - claim: "preferred_username" - prefixPolicy: NoPrefix - onUpdate: - - name: Updating OIDC provider with a client that's not in the status - initial: &initConfig | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: someclient - - componentNamespace: namespace - componentName: name - clientID: legitclient - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - updated: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: someclient - - componentNamespace: namespace - componentName: name - clientID: legitclient - - componentNamespace: dif-namespace # new client here - componentName: tehName - clientID: cool-client - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expectedError: "all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" - - name: Updating OIDC provider with a client that's different from the previous one - initial: *initConfig - updated: | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: dif-namespace - componentName: tehName - clientID: cool-client - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expectedError: "all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" - - name: Updating previously existing client - initial: *initConfig - updated: &prevExistingUpdated | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: different-client - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *prevExistingUpdated - - name: Removing a configured client from the status (== component unregister) - initial: *initConfig - updated: &removeFromStatus | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: different-client - - componentNamespace: namespace - componentName: name - clientID: legitclient - status: - oidcClients: - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *removeFromStatus - - name: Simply add a valid client - initial: *initConfig - updated: &addClient | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - oidcProviders: - - name: myoidc - issuer: - issuerURL: https://meh.tld - audiences: ['openshift-aud'] - oidcClients: - - componentNamespace: namespace - componentName: preexisting - clientID: different-client - - componentNamespace: namespace - componentName: name - clientID: legitclient - - componentNamespace: namespace2 - componentName: name3 - clientID: justavalidclient - status: - oidcClients: - - componentNamespace: namespace - componentName: name - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *addClient - - name: Remove all oidcProviders - initial: *initConfig - updated: &removeFromStatus | - apiVersion: config.openshift.io/v1 - kind: Authentication - spec: - type: OIDC - status: - oidcClients: - - componentNamespace: namespace2 - componentName: name2 - - componentNamespace: namespace2 - componentName: name3 - expected: *removeFromStatus diff --git a/vendor/github.com/openshift/api/config/v1/techpreview.authentication.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/techpreview.authentication.testsuite.yaml index 9c2913b067..9d978fcf5b 100644 --- a/vendor/github.com/openshift/api/config/v1/techpreview.authentication.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/techpreview.authentication.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] Authentication" -crd: 0000_10_config-operator_01_authentications-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_authentication.crd-TechPreviewNoUpgrade.yaml tests: onCreate: - name: Should be able to create a minimal Authentication diff --git a/vendor/github.com/openshift/api/config/v1/techpreview.clusterversion.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/techpreview.clusterversion.testsuite.yaml index 714e6bf873..71988108e5 100644 --- a/vendor/github.com/openshift/api/config/v1/techpreview.clusterversion.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/techpreview.clusterversion.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] ClusterVersion" -crd: 0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml +crd: 0000_00_cluster-version-operator_01_clusterversion-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterVersion diff --git a/vendor/github.com/openshift/api/config/v1/techpreview.infrastructure.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/techpreview.infrastructure.testsuite.yaml index e6fbce40f5..d4a1113f01 100644 --- a/vendor/github.com/openshift/api/config/v1/techpreview.infrastructure.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/techpreview.infrastructure.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] Infrastructure" -crd: 0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_infrastructure-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal Infrastructure @@ -45,7 +45,7 @@ tests: spec: {} status: cpuPartitioning: "Invalid" - expectedStatusError: 'cpuPartitioning: Unsupported value: "Invalid": supported values: "None", "AllNodes"' + expectedStatusError: 'status.cpuPartitioning: Unsupported value: "Invalid": supported values: "None", "AllNodes"' - name: Should set load balancer type to OpenShiftManagedDefault if not specified initial: | apiVersion: config.openshift.io/v1 @@ -83,6 +83,111 @@ tests: loadBalancer: type: OpenShiftManagedDefault type: BareMetal + - name: Should be able to override the default load balancer with a valid value + initial: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + baremetal: {} + type: BareMetal + updated: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + baremetal: {} + type: BareMetal + status: + platform: BareMetal + platformStatus: + baremetal: + loadBalancer: + type: UserManaged + type: BareMetal + expected: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + baremetal: {} + type: BareMetal + status: + controlPlaneTopology: HighlyAvailable + cpuPartitioning: None + infrastructureTopology: HighlyAvailable + platform: BareMetal + platformStatus: + baremetal: + loadBalancer: + type: UserManaged + type: BareMetal + - name: Should not allow changing the immutable load balancer type field + initial: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + baremetal: {} + type: BareMetal + status: + controlPlaneTopology: HighlyAvailable + infrastructureTopology: HighlyAvailable + platform: BareMetal + platformStatus: + baremetal: + loadBalancer: + type: OpenShiftManagedDefault + type: BareMetal + updated: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + type: BareMetal + baremetal: {} + status: + controlPlaneTopology: HighlyAvailable + infrastructureTopology: HighlyAvailable + platform: BareMetal + platformStatus: + baremetal: + loadBalancer: + type: UserManaged + type: BareMetal + expectedStatusError: "status.platformStatus.baremetal.loadBalancer.type: Invalid value: \"string\": type is immutable once set" + - name: Should not allow removing the immutable load balancer type field that was initially set + initial: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + baremetal: {} + type: BareMetal + status: + controlPlaneTopology: HighlyAvailable + infrastructureTopology: HighlyAvailable + platform: BareMetal + platformStatus: + baremetal: + loadBalancer: + type: UserManaged + type: BareMetal + updated: | + apiVersion: config.openshift.io/v1 + kind: Infrastructure + spec: + platformSpec: + type: BareMetal + baremetal: {} + status: + controlPlaneTopology: HighlyAvailable + infrastructureTopology: HighlyAvailable + platform: BareMetal + platformStatus: + baremetal: {} + type: BareMetal + expectedStatusError: "status.platformStatus.baremetal.loadBalancer.type: Invalid value: \"string\": type is immutable once set" - name: Should not allow setting the load balancer type to a wrong value initial: | apiVersion: config.openshift.io/v1 @@ -105,7 +210,7 @@ tests: loadBalancer: type: FooBar type: BareMetal - expectedStatusError: "platformStatus.baremetal.loadBalancer.type: Unsupported value: \"FooBar\": supported values: \"OpenShiftManagedDefault\", \"UserManaged\"" + expectedStatusError: "status.platformStatus.baremetal.loadBalancer.type: Unsupported value: \"FooBar\": supported values: \"OpenShiftManagedDefault\", \"UserManaged\"" - name: Should not be able to modify an existing GCP ResourceLabels Label initial: | apiVersion: config.openshift.io/v1 @@ -549,7 +654,7 @@ tests: infrastructureTopology: HighlyAvailable platform: GCP platformStatus: - gcp: + gcp: cloudLoadBalancerConfig: dnsType: ClusterHosted clusterHosted: @@ -576,7 +681,7 @@ tests: - 10.10.10.20 - not-an-ip-address type: GCP - expectedStatusError: "platformStatus.gcp.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[1]: Invalid value: \"not-an-ip-address\": platformStatus.gcp.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[1] in body should match '(^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*)'" + expectedStatusError: "status.platformStatus.gcp.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[1]: Invalid value: \"not-an-ip-address\": status.platformStatus.gcp.cloudLoadBalancerConfig.clusterHosted.apiIntLoadBalancerIPs[1] in body should match '(^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)|(^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*)'" - name: Should not accept update when `clusterHosted` is specified with DNSType `PlatformDefault` initial: | apiVersion: config.openshift.io/v1 diff --git a/vendor/github.com/openshift/api/config/v1/techpreview.network.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/techpreview.network.testsuite.yaml new file mode 100644 index 0000000000..d15fae3a90 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/techpreview.network.testsuite.yaml @@ -0,0 +1,28 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "[TechPreviewNoUpgrade] Network" +crd: 0000_10_config-operator_01_network-TechPreviewNoUpgrade.crd.yaml +tests: + onCreate: + - name: Should be able to set status conditions + initial: | + apiVersion: config.openshift.io/v1 + kind: Network + spec: {} # No spec is required for a Network + status: + conditions: + - type: NetworkTypeMigrationInProgress + status: "False" + reason: "Reason" + message: "Message" + lastTransitionTime: "2023-10-25T12:00:00Z" + expected: | + apiVersion: config.openshift.io/v1 + kind: Network + spec: {} + status: + conditions: + - type: NetworkTypeMigrationInProgress + status: "False" + reason: "Reason" + message: "Message" + lastTransitionTime: "2023-10-25T12:00:00Z" diff --git a/vendor/github.com/openshift/api/config/v1/techpreview.scheduler.testsuite.yaml b/vendor/github.com/openshift/api/config/v1/techpreview.scheduler.testsuite.yaml index a68d6a71ab..5b5eb8954d 100644 --- a/vendor/github.com/openshift/api/config/v1/techpreview.scheduler.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1/techpreview.scheduler.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Scheduler" -crd: 0000_10_config-operator_01_schedulers-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_scheduler-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal Scheduler diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go index bdae466892..85509090b4 100644 --- a/vendor/github.com/openshift/api/config/v1/types_apiserver.go +++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go @@ -15,7 +15,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_apiserverMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=apiservers,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index b3dfa61b51..1cd49f8911 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -13,7 +13,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_authentication.crdMARKERS.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=authentications,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_build.go b/vendor/github.com/openshift/api/config/v1/types_build.go index dad47666db..f4973123f1 100644 --- a/vendor/github.com/openshift/api/config/v1/types_build.go +++ b/vendor/github.com/openshift/api/config/v1/types_build.go @@ -17,7 +17,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=openshift-controller-manager,operatorOrdering=01 +// +openshift:file-pattern=0000_10_openshift-controller-manager-operator_01_buildMARKERS.crd.yaml // +openshift:capability=Build // +kubebuilder:object:root=true // +kubebuilder:resource:path=builds,scope=Cluster diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go index a5666a78da..539da62e37 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go @@ -16,7 +16,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/497 -// +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=cluster-version-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_00_cluster-version-operator_01_clusteroperatorMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=clusteroperators,scope=Cluster,shortName=co // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index d568e1dbe9..e11b1c7541 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -14,7 +14,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/495 -// +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=cluster-version-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_00_cluster-version-operator_01_clusterversionMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:subresource:status // +kubebuilder:resource:path=clusterversions,scope=Cluster diff --git a/vendor/github.com/openshift/api/config/v1/types_console.go b/vendor/github.com/openshift/api/config/v1/types_console.go index 36b1696af9..81f8ca50f6 100644 --- a/vendor/github.com/openshift/api/config/v1/types_console.go +++ b/vendor/github.com/openshift/api/config/v1/types_console.go @@ -15,7 +15,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_consoleMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=consoles,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_dns.go b/vendor/github.com/openshift/api/config/v1/types_dns.go index 1875c9cddf..37172b6a9e 100644 --- a/vendor/github.com/openshift/api/config/v1/types_dns.go +++ b/vendor/github.com/openshift/api/config/v1/types_dns.go @@ -11,7 +11,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_dnsMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=dnses,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go index 1497077a19..17f8fb56c1 100644 --- a/vendor/github.com/openshift/api/config/v1/types_feature.go +++ b/vendor/github.com/openshift/api/config/v1/types_feature.go @@ -1,6 +1,8 @@ package v1 import ( + "fmt" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -13,7 +15,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_featuregateMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=featuregates,scope=Cluster // +kubebuilder:subresource:status @@ -50,9 +52,6 @@ var ( // TopologyManager enables ToplogyManager support. Upgrades are enabled with this feature. LatencySensitive FeatureSet = "LatencySensitive" - - // AllFixedFeatureSets are the featuresets that have known featuregates. Custom doesn't for instance. LatencySensitive is dead - AllFixedFeatureSets = []FeatureSet{Default, TechPreviewNoUpgrade} ) type FeatureGateSpec struct { @@ -149,3 +148,179 @@ type FeatureGateEnabledDisabled struct { Enabled []FeatureGateDescription Disabled []FeatureGateDescription } + +// FeatureSets Contains a map of Feature names to Enabled/Disabled Feature. +// +// NOTE: The caller needs to make sure to check for the existence of the value +// using golang's existence field. A possible scenario is an upgrade where new +// FeatureSets are added and a controller has not been upgraded with a newer +// version of this file. In this upgrade scenario the map could return nil. +// +// example: +// +// if featureSet, ok := FeatureSets["SomeNewFeature"]; ok { } +// +// If you put an item in either of these lists, put your area and name on it so we can find owners. +var FeatureSets = map[FeatureSet]*FeatureGateEnabledDisabled{ + Default: defaultFeatures, + CustomNoUpgrade: { + Enabled: []FeatureGateDescription{}, + Disabled: []FeatureGateDescription{ + disableKubeletCloudCredentialProviders, // We do not currently ship the correct config to use the external credentials provider. + }, + }, + TechPreviewNoUpgrade: newDefaultFeatures(). + with(validatingAdmissionPolicy). + with(csiDriverSharedResource). + with(nodeSwap). + with(machineAPIProviderOpenStack). + with(insightsConfigAPI). + with(dynamicResourceAllocation). + with(gateGatewayAPI). + with(maxUnavailableStatefulSet). + without(eventedPleg). + with(sigstoreImageVerification). + with(gcpLabelsTags). + with(gcpClusterHostedDNS). + with(vSphereStaticIPs). + with(routeExternalCertificate). + with(automatedEtcdBackup). + without(machineAPIOperatorDisableMachineHealthCheckController). + with(adminNetworkPolicy). + with(dnsNameResolver). + with(machineConfigNodes). + with(metricsServer). + with(installAlternateInfrastructureAWS). + without(clusterAPIInstall). + with(mixedCPUsAllocation). + with(managedBootImages). + without(disableKubeletCloudCredentialProviders). + with(onClusterBuild). + with(signatureStores). + with(pinnedImages). + with(upgradeStatus). + with(translateStreamCloseWebsocketRequests). + with(volumeGroupSnapshot). + with(externalOIDC). + with(example). + with(hardwareSpeed). + with(platformOperators). + with(externalRouteCertificate). + with(bareMetalLoadBalancer). + with(insightsOnDemandDataGather). + with(alertingRules). + toFeatures(defaultFeatures), + LatencySensitive: newDefaultFeatures(). + toFeatures(defaultFeatures), +} + +var defaultFeatures = &FeatureGateEnabledDisabled{ + Enabled: []FeatureGateDescription{ + openShiftPodSecurityAdmission, + alibabaPlatform, // This is a bug, it should be TechPreviewNoUpgrade. This must be downgraded before 4.14 is shipped. + azureWorkloadIdentity, + cloudDualStackNodeIPs, + externalCloudProvider, + externalCloudProviderAzure, + externalCloudProviderGCP, + externalCloudProviderExternal, + privateHostedZoneAWS, + buildCSIVolumes, + kmsv1, + vSphereControlPlaneMachineset, + sdnLiveMigration, + }, + Disabled: []FeatureGateDescription{ + disableKubeletCloudCredentialProviders, // We do not currently ship the correct config to use the external credentials provider. + }, +} + +type featureSetBuilder struct { + forceOn []FeatureGateDescription + forceOff []FeatureGateDescription +} + +func newDefaultFeatures() *featureSetBuilder { + return &featureSetBuilder{} +} + +func (f *featureSetBuilder) with(forceOn FeatureGateDescription) *featureSetBuilder { + for _, curr := range f.forceOn { + if curr.FeatureGateAttributes.Name == forceOn.FeatureGateAttributes.Name { + panic(fmt.Errorf("coding error: %q enabled twice", forceOn.FeatureGateAttributes.Name)) + } + } + f.forceOn = append(f.forceOn, forceOn) + return f +} + +func (f *featureSetBuilder) without(forceOff FeatureGateDescription) *featureSetBuilder { + for _, curr := range f.forceOff { + if curr.FeatureGateAttributes.Name == forceOff.FeatureGateAttributes.Name { + panic(fmt.Errorf("coding error: %q disabled twice", forceOff.FeatureGateAttributes.Name)) + } + } + f.forceOff = append(f.forceOff, forceOff) + return f +} + +func (f *featureSetBuilder) isForcedOff(needle FeatureGateDescription) bool { + for _, forcedOff := range f.forceOff { + if needle.FeatureGateAttributes.Name == forcedOff.FeatureGateAttributes.Name { + return true + } + } + return false +} + +func (f *featureSetBuilder) isForcedOn(needle FeatureGateDescription) bool { + for _, forceOn := range f.forceOn { + if needle.FeatureGateAttributes.Name == forceOn.FeatureGateAttributes.Name { + return true + } + } + return false +} + +func (f *featureSetBuilder) toFeatures(defaultFeatures *FeatureGateEnabledDisabled) *FeatureGateEnabledDisabled { + finalOn := []FeatureGateDescription{} + finalOff := []FeatureGateDescription{} + + // only add the default enabled features if they haven't been explicitly set off + for _, defaultOn := range defaultFeatures.Enabled { + if !f.isForcedOff(defaultOn) { + finalOn = append(finalOn, defaultOn) + } + } + for _, currOn := range f.forceOn { + if f.isForcedOff(currOn) { + panic("coding error, you can't have features both on and off") + } + found := false + for _, alreadyOn := range finalOn { + if alreadyOn.FeatureGateAttributes.Name == currOn.FeatureGateAttributes.Name { + found = true + } + } + if found { + continue + } + + finalOn = append(finalOn, currOn) + } + + // only add the default disabled features if they haven't been explicitly set on + for _, defaultOff := range defaultFeatures.Disabled { + if !f.isForcedOn(defaultOff) { + finalOff = append(finalOff, defaultOff) + } + } + for _, currOff := range f.forceOff { + finalOff = append(finalOff, currOff) + } + + return &FeatureGateEnabledDisabled{ + Enabled: finalOn, + Disabled: finalOff, + } +} diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go index 74511f8640..2f5c5787dc 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image.go +++ b/vendor/github.com/openshift/api/config/v1/types_image.go @@ -16,7 +16,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_imageMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=images,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_image_content_policy.go b/vendor/github.com/openshift/api/config/v1/types_image_content_policy.go index f2faf1996d..83f13fde3b 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image_content_policy.go +++ b/vendor/github.com/openshift/api/config/v1/types_image_content_policy.go @@ -12,7 +12,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/874 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_imagecontentpolicyMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=imagecontentpolicies,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_image_digest_mirror_set.go b/vendor/github.com/openshift/api/config/v1/types_image_digest_mirror_set.go index 8fa38f223b..3b0577be0a 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image_digest_mirror_set.go +++ b/vendor/github.com/openshift/api/config/v1/types_image_digest_mirror_set.go @@ -12,7 +12,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1126 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_imagedigestmirrorsetMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=imagedigestmirrorsets,scope=Cluster,shortName=idms // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_image_tag_mirror_set.go b/vendor/github.com/openshift/api/config/v1/types_image_tag_mirror_set.go index d9627b78cc..f8f429eb27 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image_tag_mirror_set.go +++ b/vendor/github.com/openshift/api/config/v1/types_image_tag_mirror_set.go @@ -12,7 +12,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1126 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_imagetagmirrorsetMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=imagetagmirrorsets,scope=Cluster,shortName=itms // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 611ba928cb..14f6300bf5 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -14,7 +14,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_infrastructureMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=infrastructures,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_ingress.go b/vendor/github.com/openshift/api/config/v1/types_ingress.go index e7c547d9db..d6ff4a2f5a 100644 --- a/vendor/github.com/openshift/api/config/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/config/v1/types_ingress.go @@ -14,7 +14,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_ingressMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=ingresses,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_network.go b/vendor/github.com/openshift/api/config/v1/types_network.go index e87785e3ec..29aced9e55 100644 --- a/vendor/github.com/openshift/api/config/v1/types_network.go +++ b/vendor/github.com/openshift/api/config/v1/types_network.go @@ -10,11 +10,11 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Please view network.spec for an explanation on what applies when configuring this resource. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 // +openshift:compatibility-gen:level=1 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_networkMARKERS.crd.yaml // +kubebuilder:object:root=true -// +kubebuilder:resource:path=networks,scope=Cluster +// +kubebuilder:resource:path=projects,scope=Cluster +// +kubebuilder:subresource:status type Network struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1/types_node.go b/vendor/github.com/openshift/api/config/v1/types_node.go index 3dd31f39ad..29df22df97 100644 --- a/vendor/github.com/openshift/api/config/v1/types_node.go +++ b/vendor/github.com/openshift/api/config/v1/types_node.go @@ -15,7 +15,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1107 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_nodeMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=nodes,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_oauth.go b/vendor/github.com/openshift/api/config/v1/types_oauth.go index 6654479dc8..0ef7d6584e 100644 --- a/vendor/github.com/openshift/api/config/v1/types_oauth.go +++ b/vendor/github.com/openshift/api/config/v1/types_oauth.go @@ -15,7 +15,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_oauthMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=oauths,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_operatorhub.go b/vendor/github.com/openshift/api/config/v1/types_operatorhub.go index 1fddfa51e5..ba2c96343b 100644 --- a/vendor/github.com/openshift/api/config/v1/types_operatorhub.go +++ b/vendor/github.com/openshift/api/config/v1/types_operatorhub.go @@ -38,14 +38,9 @@ type OperatorHubStatus struct { // enabled to disabled and vice versa. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=operatorhubs,scope=Cluster // +kubebuilder:subresource:status // +genclient // +genclient:nonNamespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=marketplace,operatorOrdering=01 -// +openshift:capability=marketplace // +openshift:compatibility-gen:level=1 type OperatorHub struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1/types_project.go b/vendor/github.com/openshift/api/config/v1/types_project.go index 8d6d614b67..89caed05a6 100644 --- a/vendor/github.com/openshift/api/config/v1/types_project.go +++ b/vendor/github.com/openshift/api/config/v1/types_project.go @@ -11,7 +11,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_projectMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=projects,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_proxy.go b/vendor/github.com/openshift/api/config/v1/types_proxy.go index 851291bb05..58d824734f 100644 --- a/vendor/github.com/openshift/api/config/v1/types_proxy.go +++ b/vendor/github.com/openshift/api/config/v1/types_proxy.go @@ -13,7 +13,7 @@ import ( // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_03_config-operator_01_proxyMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=proxies,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/types_scheduling.go b/vendor/github.com/openshift/api/config/v1/types_scheduling.go index 061c4a8835..3b12a2c424 100644 --- a/vendor/github.com/openshift/api/config/v1/types_scheduling.go +++ b/vendor/github.com/openshift/api/config/v1/types_scheduling.go @@ -12,7 +12,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_schedulerMARKERS.crd.yaml // +kubebuilder:object:root=true // +kubebuilder:resource:path=schedulers,scope=Cluster // +kubebuilder:subresource:status diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-CustomNoUpgrade.crd.yaml deleted file mode 100644 index bfaf81b824..0000000000 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-CustomNoUpgrade.crd.yaml +++ /dev/null @@ -1,553 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: CustomNoUpgrade - name: authentications.config.openshift.io -spec: - group: config.openshift.io - names: - kind: Authentication - listKind: AuthenticationList - plural: authentications - singular: authentication - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "Authentication specifies cluster-wide settings for authentication - (like OAuth and webhook token authenticators). The canonical name of an - instance is `cluster`. \n Compatibility level 1: Stable within a major release - for a minimum of 12 months or 3 minor releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - properties: - oauthMetadata: - description: 'oauthMetadata contains the discovery endpoint data for - OAuth 2.0 Authorization Server Metadata for an external OAuth server. - This discovery document can be viewed from its served location: - oc get --raw ''/.well-known/oauth-authorization-server'' For further - details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - If oauthMetadata.name is non-empty, this value has precedence over - any metadata reference stored in status. The key "oauthMetadata" - is used to locate the data. If specified and the config map or expected - key is not found, no metadata is served. If the specified metadata - is not valid, no metadata is served. The namespace for this config - map is openshift-config.' - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - required: - - name - type: object - oidcProviders: - description: "OIDCProviders are OIDC identity providers that can issue - tokens for this cluster Can only be set if \"Type\" is set to \"OIDC\". - \n At most one provider can be configured." - items: - properties: - claimMappings: - description: ClaimMappings describes rules on how to transform - information from an ID token into a cluster identity - properties: - groups: - description: Groups is a name of the claim that should be - used to construct groups for the cluster identity. The - referenced claim must use array of strings values. - properties: - claim: - description: Claim is a JWT token claim to be used in - the mapping - type: string - prefix: - description: "Prefix is a string to prefix the value - from the token in the result of the claim mapping. - \n By default, no prefixing occurs. \n Example: if - `prefix` is set to \"myoidc:\"\" and the `claim` in - JWT contains an array of strings \"a\", \"b\" and - \ \"c\", the mapping will result in an array of string - \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\"." - type: string - required: - - claim - type: object - username: - description: "Username is a name of the claim that should - be used to construct usernames for the cluster identity. - \n Default value: \"sub\"" - properties: - claim: - description: Claim is a JWT token claim to be used in - the mapping - type: string - prefix: - properties: - prefixString: - minLength: 1 - type: string - required: - - prefixString - type: object - prefixPolicy: - description: "PrefixPolicy specifies how a prefix should - apply. \n By default, claims other than `email` will - be prefixed with the issuer URL to prevent naming - clashes with other plugins. \n Set to \"NoPrefix\" - to disable prefixing. \n Example: (1) `prefix` is - set to \"myoidc:\" and `claim` is set to \"username\". - If the JWT claim `username` contains value `userA`, - the resulting mapped value will be \"myoidc:userA\". - (2) `prefix` is set to \"myoidc:\" and `claim` is - set to \"email\". If the JWT `email` claim contains - value \"userA@myoidc.tld\", the resulting mapped value - will be \"myoidc:userA@myoidc.tld\". (3) `prefix` - is unset, `issuerURL` is set to `https://myoidc.tld`, - the JWT claims include \"username\":\"userA\" and - \"email\":\"userA@myoidc.tld\", and `claim` is set - to: (a) \"username\": the mapped value will be \"https://myoidc.tld#userA\" - (b) \"email\": the mapped value will be \"userA@myoidc.tld\"" - enum: - - "" - - NoPrefix - - Prefix - type: string - required: - - claim - type: object - x-kubernetes-validations: - - message: prefix must be set if prefixPolicy is 'Prefix', - but must remain unset otherwise - rule: 'has(self.prefixPolicy) && self.prefixPolicy == - ''Prefix'' ? (has(self.prefix) && size(self.prefix.prefixString) - > 0) : !has(self.prefix)' - type: object - claimValidationRules: - description: ClaimValidationRules are rules that are applied - to validate token claims to authenticate users. - items: - properties: - requiredClaim: - description: RequiredClaim allows configuring a required - claim name and its expected value - properties: - claim: - description: Claim is a name of a required claim. - Only claims with string values are supported. - minLength: 1 - type: string - requiredValue: - description: RequiredValue is the required value for - the claim. - minLength: 1 - type: string - required: - - claim - - requiredValue - type: object - type: - default: RequiredClaim - description: Type sets the type of the validation rule - enum: - - RequiredClaim - type: string - type: object - type: array - x-kubernetes-list-type: atomic - issuer: - description: Issuer describes atributes of the OIDC token issuer - properties: - audiences: - description: Audiences is an array of audiences that the - token was issued for. Valid tokens must include at least - one of these values in their "aud" claim. Must be set - to exactly one value. - items: - minLength: 1 - type: string - maxItems: 10 - minItems: 1 - type: array - x-kubernetes-list-type: set - issuerCertificateAuthority: - description: CertificateAuthority is a reference to a config - map in the configuration namespace. The .data of the configMap - must contain the "ca-bundle.crt" key. If unset, system - trust is used instead. - properties: - name: - description: name is the metadata.name of the referenced - config map - type: string - required: - - name - type: object - issuerURL: - description: URL is the serving URL of the token issuer. - Must use the https:// scheme. - pattern: ^https:\/\/[^\s] - type: string - required: - - audiences - - issuerURL - type: object - name: - description: Name of the OIDC provider - minLength: 1 - type: string - oidcClients: - description: OIDCClients contains configuration for the platform's - clients that need to request tokens from the issuer - items: - properties: - clientID: - description: ClientID is the identifier of the OIDC client - from the OIDC provider - minLength: 1 - type: string - clientSecret: - description: ClientSecret refers to a secret in the `openshift-config` - namespace that contains the client secret in the `clientSecret` - key of the `.data` field - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - required: - - name - type: object - componentName: - description: ComponentName is the name of the component - that is supposed to consume this client configuration - maxLength: 256 - minLength: 1 - type: string - componentNamespace: - description: ComponentNamespace is the namespace of the - component that is supposed to consume this client configuration - maxLength: 63 - minLength: 1 - type: string - extraScopes: - description: ExtraScopes is an optional set of scopes - to request tokens with. - items: - type: string - type: array - x-kubernetes-list-type: set - required: - - clientID - - componentName - - componentNamespace - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - componentNamespace - - componentName - x-kubernetes-list-type: map - required: - - issuer - - name - type: object - maxItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - serviceAccountIssuer: - description: 'serviceAccountIssuer is the identifier of the bound - service account token issuer. The default is https://kubernetes.default.svc - WARNING: Updating this field will not result in immediate invalidation - of all bound tokens with the previous issuer value. Instead, the - tokens issued by previous service account issuer will continue to - be trusted for a time period chosen by the platform (currently set - to 24h). This time period is subject to change over time. This allows - internal components to transition to use new service account issuer - without service distruption.' - type: string - type: - description: type identifies the cluster managed, user facing authentication - mode in use. Specifically, it manages the component that responds - to login attempts. The default is IntegratedOAuth. - enum: - - "" - - None - - IntegratedOAuth - - OIDC - type: string - webhookTokenAuthenticator: - description: "webhookTokenAuthenticator configures a remote token - reviewer. These remote authentication webhooks can be used to verify - bearer tokens via the tokenreviews.authentication.k8s.io REST API. - This is required to honor bearer tokens that are provisioned by - an external authentication service. \n Can only be set if \"Type\" - is set to \"None\"." - properties: - kubeConfig: - description: "kubeConfig references a secret that contains kube - config file data which describes how to access the remote webhook - service. The namespace for the referenced secret is openshift-config. - \n For further details, see: \n https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - \n The key \"kubeConfig\" is used to locate the data. If the - secret or expected key is not found, the webhook is not honored. - If the specified kube config data is not valid, the webhook - is not honored." - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - required: - - name - type: object - required: - - kubeConfig - type: object - webhookTokenAuthenticators: - description: webhookTokenAuthenticators is DEPRECATED, setting it - has no effect. - items: - description: deprecatedWebhookTokenAuthenticator holds the necessary - configuration options for a remote token authenticator. It's the - same as WebhookTokenAuthenticator but it's missing the 'required' - validation on KubeConfig field. - properties: - kubeConfig: - description: 'kubeConfig contains kube config file data which - describes how to access the remote webhook service. For further - details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - The key "kubeConfig" is used to locate the data. If the secret - or expected key is not found, the webhook is not honored. - If the specified kube config data is not valid, the webhook - is not honored. The namespace for this secret is determined - by the point of use.' - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - required: - - name - type: object - type: object - type: array - x-kubernetes-list-type: atomic - type: object - status: - description: status holds observed values from the cluster. They may not - be overridden. - properties: - integratedOAuthMetadata: - description: 'integratedOAuthMetadata contains the discovery endpoint - data for OAuth 2.0 Authorization Server Metadata for the in-cluster - integrated OAuth server. This discovery document can be viewed from - its served location: oc get --raw ''/.well-known/oauth-authorization-server'' - For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - This contains the observed value based on cluster state. An explicitly - set value in spec.oauthMetadata has precedence over this field. - This field has no meaning if authentication spec.type is not set - to IntegratedOAuth. The key "oauthMetadata" is used to locate the - data. If the config map or expected key is not found, no metadata - is served. If the specified metadata is not valid, no metadata is - served. The namespace for this config map is openshift-config-managed.' - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - required: - - name - type: object - oidcClients: - description: OIDCClients is where participating operators place the - current OIDC client status for OIDC clients that can be customized - by the cluster-admin. - items: - properties: - componentName: - description: ComponentName is the name of the component that - will consume a client configuration. - maxLength: 256 - minLength: 1 - type: string - componentNamespace: - description: ComponentNamespace is the namespace of the component - that will consume a client configuration. - maxLength: 63 - minLength: 1 - type: string - conditions: - description: "Conditions are used to communicate the state of - the `oidcClients` entry. \n Supported conditions include Available, - Degraded and Progressing. \n If Available is true, the component - is successfully using the configured client. If Degraded is - true, that means something has gone wrong trying to handle - the client configuration. If Progressing is true, that means - the component is taking some action related to the `oidcClients` - entry." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - consumingUsers: - description: ConsumingUsers is a slice of ServiceAccounts that - need to have read permission on the `clientSecret` secret. - items: - description: ConsumingUser is an alias for string which we - add validation to. Currently only service accounts are supported. - maxLength: 512 - minLength: 1 - pattern: ^system:serviceaccount:[a-z0-9]([-a-z0-9]*[a-z0-9])?:[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 5 - type: array - x-kubernetes-list-type: set - currentOIDCClients: - description: CurrentOIDCClients is a list of clients that the - component is currently using. - items: - properties: - clientID: - description: ClientID is the identifier of the OIDC client - from the OIDC provider - minLength: 1 - type: string - issuerURL: - description: URL is the serving URL of the token issuer. - Must use the https:// scheme. - pattern: ^https:\/\/[^\s] - type: string - oidcProviderName: - description: OIDCName refers to the `name` of the provider - from `oidcProviders` - minLength: 1 - type: string - required: - - clientID - - issuerURL - - oidcProviderName - type: object - type: array - x-kubernetes-list-map-keys: - - issuerURL - - clientID - x-kubernetes-list-type: map - required: - - componentName - - componentNamespace - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - componentNamespace - - componentName - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - x-kubernetes-validations: - - message: all oidcClients in the oidcProviders must match their componentName - and componentNamespace to either a previously configured oidcClient or - they must exist in the status.oidcClients - rule: '!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) - || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace - == specC.componentNamespace && statusC.componentName == specC.componentName) - || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, - oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, - oldC.componentNamespace == specC.componentNamespace && oldC.componentName - == specC.componentName)))))' - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-Default.crd.yaml deleted file mode 100644 index ffcf1d56ee..0000000000 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-Default.crd.yaml +++ /dev/null @@ -1,171 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: Default - name: authentications.config.openshift.io -spec: - group: config.openshift.io - names: - kind: Authentication - listKind: AuthenticationList - plural: authentications - singular: authentication - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "Authentication specifies cluster-wide settings for authentication - (like OAuth and webhook token authenticators). The canonical name of an - instance is `cluster`. \n Compatibility level 1: Stable within a major release - for a minimum of 12 months or 3 minor releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - properties: - oauthMetadata: - description: 'oauthMetadata contains the discovery endpoint data for - OAuth 2.0 Authorization Server Metadata for an external OAuth server. - This discovery document can be viewed from its served location: - oc get --raw ''/.well-known/oauth-authorization-server'' For further - details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - If oauthMetadata.name is non-empty, this value has precedence over - any metadata reference stored in status. The key "oauthMetadata" - is used to locate the data. If specified and the config map or expected - key is not found, no metadata is served. If the specified metadata - is not valid, no metadata is served. The namespace for this config - map is openshift-config.' - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - required: - - name - type: object - serviceAccountIssuer: - description: 'serviceAccountIssuer is the identifier of the bound - service account token issuer. The default is https://kubernetes.default.svc - WARNING: Updating this field will not result in immediate invalidation - of all bound tokens with the previous issuer value. Instead, the - tokens issued by previous service account issuer will continue to - be trusted for a time period chosen by the platform (currently set - to 24h). This time period is subject to change over time. This allows - internal components to transition to use new service account issuer - without service distruption.' - type: string - type: - description: type identifies the cluster managed, user facing authentication - mode in use. Specifically, it manages the component that responds - to login attempts. The default is IntegratedOAuth. - enum: - - "" - - None - - IntegratedOAuth - type: string - webhookTokenAuthenticator: - description: "webhookTokenAuthenticator configures a remote token - reviewer. These remote authentication webhooks can be used to verify - bearer tokens via the tokenreviews.authentication.k8s.io REST API. - This is required to honor bearer tokens that are provisioned by - an external authentication service. \n Can only be set if \"Type\" - is set to \"None\"." - properties: - kubeConfig: - description: "kubeConfig references a secret that contains kube - config file data which describes how to access the remote webhook - service. The namespace for the referenced secret is openshift-config. - \n For further details, see: \n https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - \n The key \"kubeConfig\" is used to locate the data. If the - secret or expected key is not found, the webhook is not honored. - If the specified kube config data is not valid, the webhook - is not honored." - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - required: - - name - type: object - required: - - kubeConfig - type: object - webhookTokenAuthenticators: - description: webhookTokenAuthenticators is DEPRECATED, setting it - has no effect. - items: - description: deprecatedWebhookTokenAuthenticator holds the necessary - configuration options for a remote token authenticator. It's the - same as WebhookTokenAuthenticator but it's missing the 'required' - validation on KubeConfig field. - properties: - kubeConfig: - description: 'kubeConfig contains kube config file data which - describes how to access the remote webhook service. For further - details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - The key "kubeConfig" is used to locate the data. If the secret - or expected key is not found, the webhook is not honored. - If the specified kube config data is not valid, the webhook - is not honored. The namespace for this secret is determined - by the point of use.' - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - required: - - name - type: object - type: object - type: array - x-kubernetes-list-type: atomic - type: object - status: - description: status holds observed values from the cluster. They may not - be overridden. - properties: - integratedOAuthMetadata: - description: 'integratedOAuthMetadata contains the discovery endpoint - data for OAuth 2.0 Authorization Server Metadata for the in-cluster - integrated OAuth server. This discovery document can be viewed from - its served location: oc get --raw ''/.well-known/oauth-authorization-server'' - For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - This contains the observed value based on cluster state. An explicitly - set value in spec.oauthMetadata has precedence over this field. - This field has no meaning if authentication spec.type is not set - to IntegratedOAuth. The key "oauthMetadata" is used to locate the - data. If the config map or expected key is not found, no metadata - is served. If the specified metadata is not valid, no metadata is - served. The namespace for this config map is openshift-config-managed.' - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - required: - - name - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-TechPreviewNoUpgrade.crd.yaml deleted file mode 100644 index caf9f4faec..0000000000 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-SingleNode-TechPreviewNoUpgrade.crd.yaml +++ /dev/null @@ -1,553 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - name: authentications.config.openshift.io -spec: - group: config.openshift.io - names: - kind: Authentication - listKind: AuthenticationList - plural: authentications - singular: authentication - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "Authentication specifies cluster-wide settings for authentication - (like OAuth and webhook token authenticators). The canonical name of an - instance is `cluster`. \n Compatibility level 1: Stable within a major release - for a minimum of 12 months or 3 minor releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - properties: - oauthMetadata: - description: 'oauthMetadata contains the discovery endpoint data for - OAuth 2.0 Authorization Server Metadata for an external OAuth server. - This discovery document can be viewed from its served location: - oc get --raw ''/.well-known/oauth-authorization-server'' For further - details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - If oauthMetadata.name is non-empty, this value has precedence over - any metadata reference stored in status. The key "oauthMetadata" - is used to locate the data. If specified and the config map or expected - key is not found, no metadata is served. If the specified metadata - is not valid, no metadata is served. The namespace for this config - map is openshift-config.' - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - required: - - name - type: object - oidcProviders: - description: "OIDCProviders are OIDC identity providers that can issue - tokens for this cluster Can only be set if \"Type\" is set to \"OIDC\". - \n At most one provider can be configured." - items: - properties: - claimMappings: - description: ClaimMappings describes rules on how to transform - information from an ID token into a cluster identity - properties: - groups: - description: Groups is a name of the claim that should be - used to construct groups for the cluster identity. The - referenced claim must use array of strings values. - properties: - claim: - description: Claim is a JWT token claim to be used in - the mapping - type: string - prefix: - description: "Prefix is a string to prefix the value - from the token in the result of the claim mapping. - \n By default, no prefixing occurs. \n Example: if - `prefix` is set to \"myoidc:\"\" and the `claim` in - JWT contains an array of strings \"a\", \"b\" and - \ \"c\", the mapping will result in an array of string - \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\"." - type: string - required: - - claim - type: object - username: - description: "Username is a name of the claim that should - be used to construct usernames for the cluster identity. - \n Default value: \"sub\"" - properties: - claim: - description: Claim is a JWT token claim to be used in - the mapping - type: string - prefix: - properties: - prefixString: - minLength: 1 - type: string - required: - - prefixString - type: object - prefixPolicy: - description: "PrefixPolicy specifies how a prefix should - apply. \n By default, claims other than `email` will - be prefixed with the issuer URL to prevent naming - clashes with other plugins. \n Set to \"NoPrefix\" - to disable prefixing. \n Example: (1) `prefix` is - set to \"myoidc:\" and `claim` is set to \"username\". - If the JWT claim `username` contains value `userA`, - the resulting mapped value will be \"myoidc:userA\". - (2) `prefix` is set to \"myoidc:\" and `claim` is - set to \"email\". If the JWT `email` claim contains - value \"userA@myoidc.tld\", the resulting mapped value - will be \"myoidc:userA@myoidc.tld\". (3) `prefix` - is unset, `issuerURL` is set to `https://myoidc.tld`, - the JWT claims include \"username\":\"userA\" and - \"email\":\"userA@myoidc.tld\", and `claim` is set - to: (a) \"username\": the mapped value will be \"https://myoidc.tld#userA\" - (b) \"email\": the mapped value will be \"userA@myoidc.tld\"" - enum: - - "" - - NoPrefix - - Prefix - type: string - required: - - claim - type: object - x-kubernetes-validations: - - message: prefix must be set if prefixPolicy is 'Prefix', - but must remain unset otherwise - rule: 'has(self.prefixPolicy) && self.prefixPolicy == - ''Prefix'' ? (has(self.prefix) && size(self.prefix.prefixString) - > 0) : !has(self.prefix)' - type: object - claimValidationRules: - description: ClaimValidationRules are rules that are applied - to validate token claims to authenticate users. - items: - properties: - requiredClaim: - description: RequiredClaim allows configuring a required - claim name and its expected value - properties: - claim: - description: Claim is a name of a required claim. - Only claims with string values are supported. - minLength: 1 - type: string - requiredValue: - description: RequiredValue is the required value for - the claim. - minLength: 1 - type: string - required: - - claim - - requiredValue - type: object - type: - default: RequiredClaim - description: Type sets the type of the validation rule - enum: - - RequiredClaim - type: string - type: object - type: array - x-kubernetes-list-type: atomic - issuer: - description: Issuer describes atributes of the OIDC token issuer - properties: - audiences: - description: Audiences is an array of audiences that the - token was issued for. Valid tokens must include at least - one of these values in their "aud" claim. Must be set - to exactly one value. - items: - minLength: 1 - type: string - maxItems: 10 - minItems: 1 - type: array - x-kubernetes-list-type: set - issuerCertificateAuthority: - description: CertificateAuthority is a reference to a config - map in the configuration namespace. The .data of the configMap - must contain the "ca-bundle.crt" key. If unset, system - trust is used instead. - properties: - name: - description: name is the metadata.name of the referenced - config map - type: string - required: - - name - type: object - issuerURL: - description: URL is the serving URL of the token issuer. - Must use the https:// scheme. - pattern: ^https:\/\/[^\s] - type: string - required: - - audiences - - issuerURL - type: object - name: - description: Name of the OIDC provider - minLength: 1 - type: string - oidcClients: - description: OIDCClients contains configuration for the platform's - clients that need to request tokens from the issuer - items: - properties: - clientID: - description: ClientID is the identifier of the OIDC client - from the OIDC provider - minLength: 1 - type: string - clientSecret: - description: ClientSecret refers to a secret in the `openshift-config` - namespace that contains the client secret in the `clientSecret` - key of the `.data` field - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - required: - - name - type: object - componentName: - description: ComponentName is the name of the component - that is supposed to consume this client configuration - maxLength: 256 - minLength: 1 - type: string - componentNamespace: - description: ComponentNamespace is the namespace of the - component that is supposed to consume this client configuration - maxLength: 63 - minLength: 1 - type: string - extraScopes: - description: ExtraScopes is an optional set of scopes - to request tokens with. - items: - type: string - type: array - x-kubernetes-list-type: set - required: - - clientID - - componentName - - componentNamespace - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - componentNamespace - - componentName - x-kubernetes-list-type: map - required: - - issuer - - name - type: object - maxItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - serviceAccountIssuer: - description: 'serviceAccountIssuer is the identifier of the bound - service account token issuer. The default is https://kubernetes.default.svc - WARNING: Updating this field will not result in immediate invalidation - of all bound tokens with the previous issuer value. Instead, the - tokens issued by previous service account issuer will continue to - be trusted for a time period chosen by the platform (currently set - to 24h). This time period is subject to change over time. This allows - internal components to transition to use new service account issuer - without service distruption.' - type: string - type: - description: type identifies the cluster managed, user facing authentication - mode in use. Specifically, it manages the component that responds - to login attempts. The default is IntegratedOAuth. - enum: - - "" - - None - - IntegratedOAuth - - OIDC - type: string - webhookTokenAuthenticator: - description: "webhookTokenAuthenticator configures a remote token - reviewer. These remote authentication webhooks can be used to verify - bearer tokens via the tokenreviews.authentication.k8s.io REST API. - This is required to honor bearer tokens that are provisioned by - an external authentication service. \n Can only be set if \"Type\" - is set to \"None\"." - properties: - kubeConfig: - description: "kubeConfig references a secret that contains kube - config file data which describes how to access the remote webhook - service. The namespace for the referenced secret is openshift-config. - \n For further details, see: \n https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - \n The key \"kubeConfig\" is used to locate the data. If the - secret or expected key is not found, the webhook is not honored. - If the specified kube config data is not valid, the webhook - is not honored." - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - required: - - name - type: object - required: - - kubeConfig - type: object - webhookTokenAuthenticators: - description: webhookTokenAuthenticators is DEPRECATED, setting it - has no effect. - items: - description: deprecatedWebhookTokenAuthenticator holds the necessary - configuration options for a remote token authenticator. It's the - same as WebhookTokenAuthenticator but it's missing the 'required' - validation on KubeConfig field. - properties: - kubeConfig: - description: 'kubeConfig contains kube config file data which - describes how to access the remote webhook service. For further - details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication - The key "kubeConfig" is used to locate the data. If the secret - or expected key is not found, the webhook is not honored. - If the specified kube config data is not valid, the webhook - is not honored. The namespace for this secret is determined - by the point of use.' - properties: - name: - description: name is the metadata.name of the referenced - secret - type: string - required: - - name - type: object - type: object - type: array - x-kubernetes-list-type: atomic - type: object - status: - description: status holds observed values from the cluster. They may not - be overridden. - properties: - integratedOAuthMetadata: - description: 'integratedOAuthMetadata contains the discovery endpoint - data for OAuth 2.0 Authorization Server Metadata for the in-cluster - integrated OAuth server. This discovery document can be viewed from - its served location: oc get --raw ''/.well-known/oauth-authorization-server'' - For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 - This contains the observed value based on cluster state. An explicitly - set value in spec.oauthMetadata has precedence over this field. - This field has no meaning if authentication spec.type is not set - to IntegratedOAuth. The key "oauthMetadata" is used to locate the - data. If the config map or expected key is not found, no metadata - is served. If the specified metadata is not valid, no metadata is - served. The namespace for this config map is openshift-config-managed.' - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - required: - - name - type: object - oidcClients: - description: OIDCClients is where participating operators place the - current OIDC client status for OIDC clients that can be customized - by the cluster-admin. - items: - properties: - componentName: - description: ComponentName is the name of the component that - will consume a client configuration. - maxLength: 256 - minLength: 1 - type: string - componentNamespace: - description: ComponentNamespace is the namespace of the component - that will consume a client configuration. - maxLength: 63 - minLength: 1 - type: string - conditions: - description: "Conditions are used to communicate the state of - the `oidcClients` entry. \n Supported conditions include Available, - Degraded and Progressing. \n If Available is true, the component - is successfully using the configured client. If Degraded is - true, that means something has gone wrong trying to handle - the client configuration. If Progressing is true, that means - the component is taking some action related to the `oidcClients` - entry." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - consumingUsers: - description: ConsumingUsers is a slice of ServiceAccounts that - need to have read permission on the `clientSecret` secret. - items: - description: ConsumingUser is an alias for string which we - add validation to. Currently only service accounts are supported. - maxLength: 512 - minLength: 1 - pattern: ^system:serviceaccount:[a-z0-9]([-a-z0-9]*[a-z0-9])?:[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 5 - type: array - x-kubernetes-list-type: set - currentOIDCClients: - description: CurrentOIDCClients is a list of clients that the - component is currently using. - items: - properties: - clientID: - description: ClientID is the identifier of the OIDC client - from the OIDC provider - minLength: 1 - type: string - issuerURL: - description: URL is the serving URL of the token issuer. - Must use the https:// scheme. - pattern: ^https:\/\/[^\s] - type: string - oidcProviderName: - description: OIDCName refers to the `name` of the provider - from `oidcProviders` - minLength: 1 - type: string - required: - - clientID - - issuerURL - - oidcProviderName - type: object - type: array - x-kubernetes-list-map-keys: - - issuerURL - - clientID - x-kubernetes-list-type: map - required: - - componentName - - componentNamespace - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - componentNamespace - - componentName - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - x-kubernetes-validations: - - message: all oidcClients in the oidcProviders must match their componentName - and componentNamespace to either a previously configured oidcClient or - they must exist in the status.oidcClients - rule: '!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) - || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace - == specC.componentNamespace && statusC.componentName == specC.componentName) - || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, - oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, - oldC.componentNamespace == specC.componentNamespace && oldC.componentName - == specC.componentName)))))' - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/doc.go b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/doc.go deleted file mode 100644 index 62ee188b96..0000000000 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/doc.go +++ /dev/null @@ -1 +0,0 @@ -package config_v1_crdmanifests diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index 5caf575661..f5fa22c956 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,9 +5,6 @@ apiservers.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: APIServer @@ -15,7 +12,8 @@ apiservers.config.openshift.io: PluralName: apiservers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_apiserverMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -27,9 +25,6 @@ authentications.config.openshift.io: Category: "" FeatureGates: - ExternalOIDC - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Authentication @@ -37,7 +32,8 @@ authentications.config.openshift.io: PluralName: authentications PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_authentication.crdMARKERS.yaml TopLevelFeatureGates: [] Version: v1 @@ -48,9 +44,6 @@ builds.config.openshift.io: Capability: Build Category: "" FeatureGates: [] - FilenameOperatorName: openshift-controller-manager - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Build @@ -58,7 +51,8 @@ builds.config.openshift.io: PluralName: builds PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_openshift-controller-manager-operator_01_buildMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -71,9 +65,6 @@ clusteroperators.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: cluster-version-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_00" GroupName: config.openshift.io HasStatus: true KindName: ClusterOperator @@ -101,8 +92,8 @@ clusteroperators.config.openshift.io: name: Since type: date Scope: Cluster - ShortNames: - - co + ShortName: co + TargetFilenamePattern: 0000_00_cluster-version-operator_01_clusteroperatorMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -116,9 +107,6 @@ clusterversions.config.openshift.io: Category: "" FeatureGates: - SignatureStores - FilenameOperatorName: cluster-version-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_00" GroupName: config.openshift.io HasStatus: true KindName: ClusterVersion @@ -141,7 +129,8 @@ clusterversions.config.openshift.io: name: Status type: string Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_00_cluster-version-operator_01_clusterversionMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -152,9 +141,6 @@ consoles.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Console @@ -162,7 +148,8 @@ consoles.config.openshift.io: PluralName: consoles PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_consoleMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -173,9 +160,6 @@ dnses.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: DNS @@ -183,7 +167,8 @@ dnses.config.openshift.io: PluralName: dnses PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_dnsMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -194,9 +179,6 @@ featuregates.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: FeatureGate @@ -204,7 +186,8 @@ featuregates.config.openshift.io: PluralName: featuregates PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_featuregateMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -215,9 +198,6 @@ images.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Image @@ -225,7 +205,8 @@ images.config.openshift.io: PluralName: images PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_imageMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -236,9 +217,6 @@ imagecontentpolicies.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: ImageContentPolicy @@ -246,7 +224,8 @@ imagecontentpolicies.config.openshift.io: PluralName: imagecontentpolicies PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_imagecontentpolicyMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -257,9 +236,6 @@ imagedigestmirrorsets.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: ImageDigestMirrorSet @@ -267,8 +243,8 @@ imagedigestmirrorsets.config.openshift.io: PluralName: imagedigestmirrorsets PrinterColumns: [] Scope: Cluster - ShortNames: - - idms + ShortName: idms + TargetFilenamePattern: 0000_10_config-operator_01_imagedigestmirrorsetMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -279,9 +255,6 @@ imagetagmirrorsets.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: ImageTagMirrorSet @@ -289,8 +262,8 @@ imagetagmirrorsets.config.openshift.io: PluralName: imagetagmirrorsets PrinterColumns: [] Scope: Cluster - ShortNames: - - itms + ShortName: itms + TargetFilenamePattern: 0000_10_config-operator_01_imagetagmirrorsetMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -305,9 +278,6 @@ infrastructures.config.openshift.io: - GCPClusterHostedDNS - GCPLabelsTags - VSphereControlPlaneMachineSet - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Infrastructure @@ -315,7 +285,8 @@ infrastructures.config.openshift.io: PluralName: infrastructures PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_infrastructureMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -326,9 +297,6 @@ ingresses.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Ingress @@ -336,29 +304,28 @@ ingresses.config.openshift.io: PluralName: ingresses PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_ingressMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 -networks.config.openshift.io: +projects.config.openshift.io: Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/470 - CRDName: networks.config.openshift.io + ApprovedPRNumber: "" + CRDName: projects.config.openshift.io Capability: "" Category: "" FeatureGates: - NetworkLiveMigration - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io - HasStatus: false + HasStatus: true KindName: Network Labels: {} - PluralName: networks + PluralName: projects PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_networkMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -369,9 +336,6 @@ nodes.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Node @@ -379,7 +343,8 @@ nodes.config.openshift.io: PluralName: nodes PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_nodeMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -390,9 +355,6 @@ oauths.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: OAuth @@ -400,28 +362,8 @@ oauths.config.openshift.io: PluralName: oauths PrinterColumns: [] Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -operatorhubs.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/470 - CRDName: operatorhubs.config.openshift.io - Capability: marketplace - Category: "" - FeatureGates: [] - FilenameOperatorName: marketplace - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" - GroupName: config.openshift.io - HasStatus: true - KindName: OperatorHub - Labels: {} - PluralName: operatorhubs - PrinterColumns: [] - Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_oauthMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -432,9 +374,6 @@ projects.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Project @@ -442,7 +381,8 @@ projects.config.openshift.io: PluralName: projects PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_projectMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -453,9 +393,6 @@ proxies.config.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" GroupName: config.openshift.io HasStatus: true KindName: Proxy @@ -463,7 +400,8 @@ proxies.config.openshift.io: PluralName: proxies PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_03_config-operator_01_proxyMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -475,9 +413,6 @@ schedulers.config.openshift.io: Category: "" FeatureGates: - DynamicResourceAllocation - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true KindName: Scheduler @@ -485,7 +420,8 @@ schedulers.config.openshift.io: PluralName: schedulers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_schedulerMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_backup-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_backup-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..697eb73325 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_backup-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,142 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1482 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: backups.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Backup + listKind: BackupList + plural: backups + singular: backup + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "Backup provides configuration for performing backups of the + openshift cluster. \n Compatibility level 4: No compatibility is provided, + the API can change at any point for any reason. These capabilities should + not be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + etcd: + description: etcd specifies the configuration for periodic backups + of the etcd cluster + properties: + pvcName: + description: PVCName specifies the name of the PersistentVolumeClaim + (PVC) which binds a PersistentVolume where the etcd backup files + would be saved The PVC itself must always be created in the + "openshift-etcd" namespace If the PVC is left unspecified "" + then the platform will choose a reasonable default location + to save the backup. In the future this would be backups saved + across the control-plane master nodes. + type: string + retentionPolicy: + description: RetentionPolicy defines the retention policy for + retaining and deleting existing backups. + properties: + retentionNumber: + description: RetentionNumber configures the retention policy + based on the number of backups + properties: + maxNumberOfBackups: + description: MaxNumberOfBackups defines the maximum number + of backups to retain. If the existing number of backups + saved is equal to MaxNumberOfBackups then the oldest + backup will be removed before a new backup is initiated. + minimum: 1 + type: integer + required: + - maxNumberOfBackups + type: object + retentionSize: + description: RetentionSize configures the retention policy + based on the size of backups + properties: + maxSizeOfBackupsGb: + description: MaxSizeOfBackupsGb defines the total size + in GB of backups to retain. If the current total size + backups exceeds MaxSizeOfBackupsGb then the oldest backup + will be removed before a new backup is initiated. + minimum: 1 + type: integer + required: + - maxSizeOfBackupsGb + type: object + retentionType: + allOf: + - enum: + - RetentionNumber + - RetentionSize + - enum: + - "" + - RetentionNumber + - RetentionSize + description: RetentionType sets the type of retention policy. + Currently, the only valid policies are retention by number + of backups (RetentionNumber), by the size of backups (RetentionSize). + More policies or types may be added in the future. Empty + string means no opinion and the platform is left to choose + a reasonable default which is subject to change without + notice. The current default is RetentionNumber with 15 backups + kept. + type: string + required: + - retentionType + type: object + schedule: + description: 'Schedule defines the recurring backup schedule in + Cron format every 2 hours: 0 */2 * * * every day at 3am: 0 3 + * * * Empty string means no opinion and the platform is left + to choose a reasonable default which is subject to change without + notice. The current default is "no backups", but will change + in the future.' + pattern: ^(@(annually|yearly|monthly|weekly|daily|hourly))|(\*|(?:\*|(?:[0-9]|(?:[1-5][0-9])))\/(?:[0-9]|(?:[1-5][0-9]))|(?:[0-9]|(?:[1-5][0-9]))(?:(?:\-[0-9]|\-(?:[1-5][0-9]))?|(?:\,(?:[0-9]|(?:[1-5][0-9])))*)) + (\*|(?:\*|(?:\*|(?:[0-9]|1[0-9]|2[0-3])))\/(?:[0-9]|1[0-9]|2[0-3])|(?:[0-9]|1[0-9]|2[0-3])(?:(?:\-(?:[0-9]|1[0-9]|2[0-3]))?|(?:\,(?:[0-9]|1[0-9]|2[0-3]))*)) + (\*|(?:[1-9]|(?:[12][0-9])|3[01])(?:(?:\-(?:[1-9]|(?:[12][0-9])|3[01]))?|(?:\,(?:[1-9]|(?:[12][0-9])|3[01]))*)) + (\*|(?:[1-9]|1[012]|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)(?:(?:\-(?:[1-9]|1[012]|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC))?|(?:\,(?:[1-9]|1[012]|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC))*)) + (\*|(?:[0-6]|SUN|MON|TUE|WED|THU|FRI|SAT)(?:(?:\-(?:[0-6]|SUN|MON|TUE|WED|THU|FRI|SAT))?|(?:\,(?:[0-6]|SUN|MON|TUE|WED|THU|FRI|SAT))*))$ + type: string + timeZone: + description: The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones. + If not specified, this will default to the time zone of the + kube-controller-manager process. See https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#time-zones + pattern: ^([A-Za-z_]+([+-]*0)*|[A-Za-z_]+(\/[A-Za-z_]+){1,2})(\/GMT[+-]\d{1,2})?$ + type: string + type: object + required: + - etcd + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..69dbe3a2f3 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml @@ -0,0 +1,398 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1457 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: clusterimagepolicies.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ClusterImagePolicy + listKind: ClusterImagePolicyList + plural: clusterimagepolicies + singular: clusterimagepolicy + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "ClusterImagePolicy holds cluster-wide configuration for image + signature verification \n Compatibility level 4: No compatibility is provided, + the API can change at any point for any reason. These capabilities should + not be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec contains the configuration for the cluster image policy. + properties: + policy: + description: policy contains configuration to allow scopes to be verified, + and defines how images not matching the verification policy will + be treated. + properties: + rootOfTrust: + description: rootOfTrust specifies the root of trust for the policy. + properties: + fulcioCAWithRekor: + description: 'fulcioCAWithRekor defines the root of trust + based on the Fulcio certificate and the Rekor public key. + For more information about Fulcio and Rekor, please refer + to the document at: https://github.com/sigstore/fulcio and + https://github.com/sigstore/rekor' + properties: + fulcioCAData: + description: fulcioCAData contains inline base64-encoded + data for the PEM format fulcio CA. fulcioCAData must + be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + fulcioSubject: + description: fulcioSubject specifies OIDC issuer and the + email of the Fulcio authentication configuration. + properties: + oidcIssuer: + description: 'oidcIssuer contains the expected OIDC + issuer. It will be verified that the Fulcio-issued + certificate contains a (Fulcio-defined) certificate + extension pointing at this OIDC issuer URL. When + Fulcio issues certificates, it includes a value + based on an URL inside the client-provided ID token. + Example: "https://expected.OIDC.issuer/"' + type: string + x-kubernetes-validations: + - message: oidcIssuer must be a valid URL + rule: isURL(self) + signedEmail: + description: 'signedEmail holds the email address + the the Fulcio certificate is issued for. Example: + "expected-signing-user@example.com"' + type: string + x-kubernetes-validations: + - message: invalid email address + rule: self.matches('^\\S+@\\S+$') + required: + - oidcIssuer + - signedEmail + type: object + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - fulcioCAData + - fulcioSubject + - rekorKeyData + type: object + policyType: + description: policyType serves as the union's discriminator. + Users are required to assign a value to this field, choosing + one of the policy types that define the root of trust. "PublicKey" + indicates that the policy relies on a sigstore publicKey + and may optionally use a Rekor verification. "FulcioCAWithRekor" + indicates that the policy is based on the Fulcio certification + and incorporates a Rekor verification. + enum: + - PublicKey + - FulcioCAWithRekor + type: string + publicKey: + description: publicKey defines the root of trust based on + a sigstore public key. + properties: + keyData: + description: keyData contains inline base64-encoded data + for the PEM format public key. KeyData must be at most + 8192 characters. + format: byte + maxLength: 8192 + type: string + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - keyData + type: object + required: + - policyType + type: object + x-kubernetes-validations: + - message: publicKey is required when policyType is PublicKey, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''PublicKey'' + ? has(self.publicKey) : !has(self.publicKey)' + - message: fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''FulcioCAWithRekor'' + ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)' + signedIdentity: + description: signedIdentity specifies what image identity the + signature claims about the image. The required matchPolicy field + specifies the approach used in the verification process to verify + the identity in the signature and the actual image identity, + the default matchPolicy is "MatchRepoDigestOrExact". + properties: + exactRepository: + description: exactRepository is required if matchPolicy is + set to "ExactRepository". + properties: + repository: + description: repository is the reference of the image + identity to be matched. The value should be a repository + name (by omitting the tag or digest) in a registry implementing + the "Docker Registry HTTP API V2". For example, docker.io/library/busybox + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - repository + type: object + matchPolicy: + description: matchPolicy sets the type of matching to be used. + Valid values are "MatchRepoDigestOrExact", "MatchRepository", + "ExactRepository", "RemapIdentity". When omitted, the default + value is "MatchRepoDigestOrExact". If set matchPolicy to + ExactRepository, then the exactRepository must be specified. + If set matchPolicy to RemapIdentity, then the remapIdentity + must be specified. "MatchRepoDigestOrExact" means that the + identity in the signature must be in the same repository + as the image identity if the image identity is referenced + by a digest. Otherwise, the identity in the signature must + be the same as the image identity. "MatchRepository" means + that the identity in the signature must be in the same repository + as the image identity. "ExactRepository" means that the + identity in the signature must be in the same repository + as a specific identity specified by "repository". "RemapIdentity" + means that the signature must be in the same as the remapped + image identity. Remapped image identity is obtained by replacing + the "prefix" with the specified “signedPrefix” if the the + image identity matches the specified remapPrefix. + enum: + - MatchRepoDigestOrExact + - MatchRepository + - ExactRepository + - RemapIdentity + type: string + remapIdentity: + description: remapIdentity is required if matchPolicy is set + to "RemapIdentity". + properties: + prefix: + description: prefix is the prefix of the image identity + to be matched. If the image identity matches the specified + prefix, that prefix is replaced by the specified “signedPrefix” + (otherwise it is used as unchanged and no remapping + takes place). This useful when verifying signatures + for a mirror of some other repository namespace that + preserves the vendor’s repository structure. The prefix + and signedPrefix values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + signedPrefix: + description: signedPrefix is the prefix of the image identity + to be matched in the signature. The format is the same + as "prefix". The values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - prefix + - signedPrefix + type: object + required: + - matchPolicy + type: object + x-kubernetes-validations: + - message: exactRepository is required when matchPolicy is ExactRepository, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''ExactRepository'') + ? has(self.exactRepository) : !has(self.exactRepository)' + - message: remapIdentity is required when matchPolicy is RemapIdentity, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''RemapIdentity'') + ? has(self.remapIdentity) : !has(self.remapIdentity)' + required: + - rootOfTrust + type: object + scopes: + description: 'scopes defines the list of image identities assigned + to a policy. Each item refers to a scope in a registry implementing + the "Docker Registry HTTP API V2". Scopes matching individual images + are named Docker references in the fully expanded form, either using + a tag or digest. For example, docker.io/library/busybox:latest (not + busybox:latest). More general scopes are prefixes of individual-image + scopes, and specify a repository (by omitting the tag or digest), + a repository namespace, or a registry host (by only specifying the + host name and possibly a port number) or a wildcard expression starting + with `*.`, for matching all subdomains (not including a port number). + Wildcards are only supported for subdomain matching, and may not + be used in the middle of the host, i.e. *.example.com is a valid + case, but example*.*.com is not. Please be aware that the scopes + should not be nested under the repositories of OpenShift Container + Platform images. If configured, the policies for OpenShift Container + Platform repositories will not be in effect. For additional details + about the format, please refer to the document explaining the docker + transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker' + items: + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid image scope format, scope must contain a fully + qualified domain name or 'localhost' + rule: 'size(self.split(''/'')[0].split(''.'')) == 1 ? self.split(''/'')[0].split(''.'')[0].split('':'')[0] + == ''localhost'' : true' + - message: invalid image scope with wildcard, a wildcard can only + be at the start of the domain and is only supported for subdomain + matching, not path matching + rule: 'self.contains(''*'') ? self.matches(''^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$'') + : true' + - message: invalid repository namespace or image specification in + the image scope + rule: '!self.contains(''*'') ? self.matches(''^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$'') + : true' + maxItems: 256 + type: array + x-kubernetes-list-type: set + required: + - policy + - scopes + type: object + status: + description: status contains the observed state of the resource. + properties: + conditions: + description: conditions provide details on the status of this API + Resource. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..834c03ae11 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,398 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1457 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: clusterimagepolicies.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ClusterImagePolicy + listKind: ClusterImagePolicyList + plural: clusterimagepolicies + singular: clusterimagepolicy + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "ClusterImagePolicy holds cluster-wide configuration for image + signature verification \n Compatibility level 4: No compatibility is provided, + the API can change at any point for any reason. These capabilities should + not be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec contains the configuration for the cluster image policy. + properties: + policy: + description: policy contains configuration to allow scopes to be verified, + and defines how images not matching the verification policy will + be treated. + properties: + rootOfTrust: + description: rootOfTrust specifies the root of trust for the policy. + properties: + fulcioCAWithRekor: + description: 'fulcioCAWithRekor defines the root of trust + based on the Fulcio certificate and the Rekor public key. + For more information about Fulcio and Rekor, please refer + to the document at: https://github.com/sigstore/fulcio and + https://github.com/sigstore/rekor' + properties: + fulcioCAData: + description: fulcioCAData contains inline base64-encoded + data for the PEM format fulcio CA. fulcioCAData must + be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + fulcioSubject: + description: fulcioSubject specifies OIDC issuer and the + email of the Fulcio authentication configuration. + properties: + oidcIssuer: + description: 'oidcIssuer contains the expected OIDC + issuer. It will be verified that the Fulcio-issued + certificate contains a (Fulcio-defined) certificate + extension pointing at this OIDC issuer URL. When + Fulcio issues certificates, it includes a value + based on an URL inside the client-provided ID token. + Example: "https://expected.OIDC.issuer/"' + type: string + x-kubernetes-validations: + - message: oidcIssuer must be a valid URL + rule: isURL(self) + signedEmail: + description: 'signedEmail holds the email address + the the Fulcio certificate is issued for. Example: + "expected-signing-user@example.com"' + type: string + x-kubernetes-validations: + - message: invalid email address + rule: self.matches('^\\S+@\\S+$') + required: + - oidcIssuer + - signedEmail + type: object + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - fulcioCAData + - fulcioSubject + - rekorKeyData + type: object + policyType: + description: policyType serves as the union's discriminator. + Users are required to assign a value to this field, choosing + one of the policy types that define the root of trust. "PublicKey" + indicates that the policy relies on a sigstore publicKey + and may optionally use a Rekor verification. "FulcioCAWithRekor" + indicates that the policy is based on the Fulcio certification + and incorporates a Rekor verification. + enum: + - PublicKey + - FulcioCAWithRekor + type: string + publicKey: + description: publicKey defines the root of trust based on + a sigstore public key. + properties: + keyData: + description: keyData contains inline base64-encoded data + for the PEM format public key. KeyData must be at most + 8192 characters. + format: byte + maxLength: 8192 + type: string + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - keyData + type: object + required: + - policyType + type: object + x-kubernetes-validations: + - message: publicKey is required when policyType is PublicKey, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''PublicKey'' + ? has(self.publicKey) : !has(self.publicKey)' + - message: fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''FulcioCAWithRekor'' + ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)' + signedIdentity: + description: signedIdentity specifies what image identity the + signature claims about the image. The required matchPolicy field + specifies the approach used in the verification process to verify + the identity in the signature and the actual image identity, + the default matchPolicy is "MatchRepoDigestOrExact". + properties: + exactRepository: + description: exactRepository is required if matchPolicy is + set to "ExactRepository". + properties: + repository: + description: repository is the reference of the image + identity to be matched. The value should be a repository + name (by omitting the tag or digest) in a registry implementing + the "Docker Registry HTTP API V2". For example, docker.io/library/busybox + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - repository + type: object + matchPolicy: + description: matchPolicy sets the type of matching to be used. + Valid values are "MatchRepoDigestOrExact", "MatchRepository", + "ExactRepository", "RemapIdentity". When omitted, the default + value is "MatchRepoDigestOrExact". If set matchPolicy to + ExactRepository, then the exactRepository must be specified. + If set matchPolicy to RemapIdentity, then the remapIdentity + must be specified. "MatchRepoDigestOrExact" means that the + identity in the signature must be in the same repository + as the image identity if the image identity is referenced + by a digest. Otherwise, the identity in the signature must + be the same as the image identity. "MatchRepository" means + that the identity in the signature must be in the same repository + as the image identity. "ExactRepository" means that the + identity in the signature must be in the same repository + as a specific identity specified by "repository". "RemapIdentity" + means that the signature must be in the same as the remapped + image identity. Remapped image identity is obtained by replacing + the "prefix" with the specified “signedPrefix” if the the + image identity matches the specified remapPrefix. + enum: + - MatchRepoDigestOrExact + - MatchRepository + - ExactRepository + - RemapIdentity + type: string + remapIdentity: + description: remapIdentity is required if matchPolicy is set + to "RemapIdentity". + properties: + prefix: + description: prefix is the prefix of the image identity + to be matched. If the image identity matches the specified + prefix, that prefix is replaced by the specified “signedPrefix” + (otherwise it is used as unchanged and no remapping + takes place). This useful when verifying signatures + for a mirror of some other repository namespace that + preserves the vendor’s repository structure. The prefix + and signedPrefix values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + signedPrefix: + description: signedPrefix is the prefix of the image identity + to be matched in the signature. The format is the same + as "prefix". The values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - prefix + - signedPrefix + type: object + required: + - matchPolicy + type: object + x-kubernetes-validations: + - message: exactRepository is required when matchPolicy is ExactRepository, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''ExactRepository'') + ? has(self.exactRepository) : !has(self.exactRepository)' + - message: remapIdentity is required when matchPolicy is RemapIdentity, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''RemapIdentity'') + ? has(self.remapIdentity) : !has(self.remapIdentity)' + required: + - rootOfTrust + type: object + scopes: + description: 'scopes defines the list of image identities assigned + to a policy. Each item refers to a scope in a registry implementing + the "Docker Registry HTTP API V2". Scopes matching individual images + are named Docker references in the fully expanded form, either using + a tag or digest. For example, docker.io/library/busybox:latest (not + busybox:latest). More general scopes are prefixes of individual-image + scopes, and specify a repository (by omitting the tag or digest), + a repository namespace, or a registry host (by only specifying the + host name and possibly a port number) or a wildcard expression starting + with `*.`, for matching all subdomains (not including a port number). + Wildcards are only supported for subdomain matching, and may not + be used in the middle of the host, i.e. *.example.com is a valid + case, but example*.*.com is not. Please be aware that the scopes + should not be nested under the repositories of OpenShift Container + Platform images. If configured, the policies for OpenShift Container + Platform repositories will not be in effect. For additional details + about the format, please refer to the document explaining the docker + transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker' + items: + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid image scope format, scope must contain a fully + qualified domain name or 'localhost' + rule: 'size(self.split(''/'')[0].split(''.'')) == 1 ? self.split(''/'')[0].split(''.'')[0].split('':'')[0] + == ''localhost'' : true' + - message: invalid image scope with wildcard, a wildcard can only + be at the start of the domain and is only supported for subdomain + matching, not path matching + rule: 'self.contains(''*'') ? self.matches(''^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$'') + : true' + - message: invalid repository namespace or image specification in + the image scope + rule: '!self.contains(''*'') ? self.matches(''^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$'') + : true' + maxItems: 256 + type: array + x-kubernetes-list-type: set + required: + - policy + - scopes + type: object + status: + description: status contains the observed state of the resource. + properties: + conditions: + description: conditions provide details on the status of this API + Resource. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..642a19f78c --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml @@ -0,0 +1,398 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1457 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: imagepolicies.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ImagePolicy + listKind: ImagePolicyList + plural: imagepolicies + singular: imagepolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "ImagePolicy holds namespace-wide configuration for image signature + verification \n Compatibility level 4: No compatibility is provided, the + API can change at any point for any reason. These capabilities should not + be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + policy: + description: policy contains configuration to allow scopes to be verified, + and defines how images not matching the verification policy will + be treated. + properties: + rootOfTrust: + description: rootOfTrust specifies the root of trust for the policy. + properties: + fulcioCAWithRekor: + description: 'fulcioCAWithRekor defines the root of trust + based on the Fulcio certificate and the Rekor public key. + For more information about Fulcio and Rekor, please refer + to the document at: https://github.com/sigstore/fulcio and + https://github.com/sigstore/rekor' + properties: + fulcioCAData: + description: fulcioCAData contains inline base64-encoded + data for the PEM format fulcio CA. fulcioCAData must + be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + fulcioSubject: + description: fulcioSubject specifies OIDC issuer and the + email of the Fulcio authentication configuration. + properties: + oidcIssuer: + description: 'oidcIssuer contains the expected OIDC + issuer. It will be verified that the Fulcio-issued + certificate contains a (Fulcio-defined) certificate + extension pointing at this OIDC issuer URL. When + Fulcio issues certificates, it includes a value + based on an URL inside the client-provided ID token. + Example: "https://expected.OIDC.issuer/"' + type: string + x-kubernetes-validations: + - message: oidcIssuer must be a valid URL + rule: isURL(self) + signedEmail: + description: 'signedEmail holds the email address + the the Fulcio certificate is issued for. Example: + "expected-signing-user@example.com"' + type: string + x-kubernetes-validations: + - message: invalid email address + rule: self.matches('^\\S+@\\S+$') + required: + - oidcIssuer + - signedEmail + type: object + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - fulcioCAData + - fulcioSubject + - rekorKeyData + type: object + policyType: + description: policyType serves as the union's discriminator. + Users are required to assign a value to this field, choosing + one of the policy types that define the root of trust. "PublicKey" + indicates that the policy relies on a sigstore publicKey + and may optionally use a Rekor verification. "FulcioCAWithRekor" + indicates that the policy is based on the Fulcio certification + and incorporates a Rekor verification. + enum: + - PublicKey + - FulcioCAWithRekor + type: string + publicKey: + description: publicKey defines the root of trust based on + a sigstore public key. + properties: + keyData: + description: keyData contains inline base64-encoded data + for the PEM format public key. KeyData must be at most + 8192 characters. + format: byte + maxLength: 8192 + type: string + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - keyData + type: object + required: + - policyType + type: object + x-kubernetes-validations: + - message: publicKey is required when policyType is PublicKey, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''PublicKey'' + ? has(self.publicKey) : !has(self.publicKey)' + - message: fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''FulcioCAWithRekor'' + ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)' + signedIdentity: + description: signedIdentity specifies what image identity the + signature claims about the image. The required matchPolicy field + specifies the approach used in the verification process to verify + the identity in the signature and the actual image identity, + the default matchPolicy is "MatchRepoDigestOrExact". + properties: + exactRepository: + description: exactRepository is required if matchPolicy is + set to "ExactRepository". + properties: + repository: + description: repository is the reference of the image + identity to be matched. The value should be a repository + name (by omitting the tag or digest) in a registry implementing + the "Docker Registry HTTP API V2". For example, docker.io/library/busybox + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - repository + type: object + matchPolicy: + description: matchPolicy sets the type of matching to be used. + Valid values are "MatchRepoDigestOrExact", "MatchRepository", + "ExactRepository", "RemapIdentity". When omitted, the default + value is "MatchRepoDigestOrExact". If set matchPolicy to + ExactRepository, then the exactRepository must be specified. + If set matchPolicy to RemapIdentity, then the remapIdentity + must be specified. "MatchRepoDigestOrExact" means that the + identity in the signature must be in the same repository + as the image identity if the image identity is referenced + by a digest. Otherwise, the identity in the signature must + be the same as the image identity. "MatchRepository" means + that the identity in the signature must be in the same repository + as the image identity. "ExactRepository" means that the + identity in the signature must be in the same repository + as a specific identity specified by "repository". "RemapIdentity" + means that the signature must be in the same as the remapped + image identity. Remapped image identity is obtained by replacing + the "prefix" with the specified “signedPrefix” if the the + image identity matches the specified remapPrefix. + enum: + - MatchRepoDigestOrExact + - MatchRepository + - ExactRepository + - RemapIdentity + type: string + remapIdentity: + description: remapIdentity is required if matchPolicy is set + to "RemapIdentity". + properties: + prefix: + description: prefix is the prefix of the image identity + to be matched. If the image identity matches the specified + prefix, that prefix is replaced by the specified “signedPrefix” + (otherwise it is used as unchanged and no remapping + takes place). This useful when verifying signatures + for a mirror of some other repository namespace that + preserves the vendor’s repository structure. The prefix + and signedPrefix values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + signedPrefix: + description: signedPrefix is the prefix of the image identity + to be matched in the signature. The format is the same + as "prefix". The values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - prefix + - signedPrefix + type: object + required: + - matchPolicy + type: object + x-kubernetes-validations: + - message: exactRepository is required when matchPolicy is ExactRepository, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''ExactRepository'') + ? has(self.exactRepository) : !has(self.exactRepository)' + - message: remapIdentity is required when matchPolicy is RemapIdentity, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''RemapIdentity'') + ? has(self.remapIdentity) : !has(self.remapIdentity)' + required: + - rootOfTrust + type: object + scopes: + description: 'scopes defines the list of image identities assigned + to a policy. Each item refers to a scope in a registry implementing + the "Docker Registry HTTP API V2". Scopes matching individual images + are named Docker references in the fully expanded form, either using + a tag or digest. For example, docker.io/library/busybox:latest (not + busybox:latest). More general scopes are prefixes of individual-image + scopes, and specify a repository (by omitting the tag or digest), + a repository namespace, or a registry host (by only specifying the + host name and possibly a port number) or a wildcard expression starting + with `*.`, for matching all subdomains (not including a port number). + Wildcards are only supported for subdomain matching, and may not + be used in the middle of the host, i.e. *.example.com is a valid + case, but example*.*.com is not. Please be aware that the scopes + should not be nested under the repositories of OpenShift Container + Platform images. If configured, the policies for OpenShift Container + Platform repositories will not be in effect. For additional details + about the format, please refer to the document explaining the docker + transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker' + items: + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid image scope format, scope must contain a fully + qualified domain name or 'localhost' + rule: 'size(self.split(''/'')[0].split(''.'')) == 1 ? self.split(''/'')[0].split(''.'')[0].split('':'')[0] + == ''localhost'' : true' + - message: invalid image scope with wildcard, a wildcard can only + be at the start of the domain and is only supported for subdomain + matching, not path matching + rule: 'self.contains(''*'') ? self.matches(''^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$'') + : true' + - message: invalid repository namespace or image specification in + the image scope + rule: '!self.contains(''*'') ? self.matches(''^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$'') + : true' + maxItems: 256 + type: array + x-kubernetes-list-type: set + required: + - policy + - scopes + type: object + status: + description: status contains the observed state of the resource. + properties: + conditions: + description: conditions provide details on the status of this API + Resource. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..2f5ea8863e --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,398 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1457 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: imagepolicies.config.openshift.io +spec: + group: config.openshift.io + names: + kind: ImagePolicy + listKind: ImagePolicyList + plural: imagepolicies + singular: imagepolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "ImagePolicy holds namespace-wide configuration for image signature + verification \n Compatibility level 4: No compatibility is provided, the + API can change at any point for any reason. These capabilities should not + be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + policy: + description: policy contains configuration to allow scopes to be verified, + and defines how images not matching the verification policy will + be treated. + properties: + rootOfTrust: + description: rootOfTrust specifies the root of trust for the policy. + properties: + fulcioCAWithRekor: + description: 'fulcioCAWithRekor defines the root of trust + based on the Fulcio certificate and the Rekor public key. + For more information about Fulcio and Rekor, please refer + to the document at: https://github.com/sigstore/fulcio and + https://github.com/sigstore/rekor' + properties: + fulcioCAData: + description: fulcioCAData contains inline base64-encoded + data for the PEM format fulcio CA. fulcioCAData must + be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + fulcioSubject: + description: fulcioSubject specifies OIDC issuer and the + email of the Fulcio authentication configuration. + properties: + oidcIssuer: + description: 'oidcIssuer contains the expected OIDC + issuer. It will be verified that the Fulcio-issued + certificate contains a (Fulcio-defined) certificate + extension pointing at this OIDC issuer URL. When + Fulcio issues certificates, it includes a value + based on an URL inside the client-provided ID token. + Example: "https://expected.OIDC.issuer/"' + type: string + x-kubernetes-validations: + - message: oidcIssuer must be a valid URL + rule: isURL(self) + signedEmail: + description: 'signedEmail holds the email address + the the Fulcio certificate is issued for. Example: + "expected-signing-user@example.com"' + type: string + x-kubernetes-validations: + - message: invalid email address + rule: self.matches('^\\S+@\\S+$') + required: + - oidcIssuer + - signedEmail + type: object + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - fulcioCAData + - fulcioSubject + - rekorKeyData + type: object + policyType: + description: policyType serves as the union's discriminator. + Users are required to assign a value to this field, choosing + one of the policy types that define the root of trust. "PublicKey" + indicates that the policy relies on a sigstore publicKey + and may optionally use a Rekor verification. "FulcioCAWithRekor" + indicates that the policy is based on the Fulcio certification + and incorporates a Rekor verification. + enum: + - PublicKey + - FulcioCAWithRekor + type: string + publicKey: + description: publicKey defines the root of trust based on + a sigstore public key. + properties: + keyData: + description: keyData contains inline base64-encoded data + for the PEM format public key. KeyData must be at most + 8192 characters. + format: byte + maxLength: 8192 + type: string + rekorKeyData: + description: rekorKeyData contains inline base64-encoded + data for the PEM format from the Rekor public key. rekorKeyData + must be at most 8192 characters. + format: byte + maxLength: 8192 + type: string + required: + - keyData + type: object + required: + - policyType + type: object + x-kubernetes-validations: + - message: publicKey is required when policyType is PublicKey, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''PublicKey'' + ? has(self.publicKey) : !has(self.publicKey)' + - message: fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, + and forbidden otherwise + rule: 'has(self.policyType) && self.policyType == ''FulcioCAWithRekor'' + ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)' + signedIdentity: + description: signedIdentity specifies what image identity the + signature claims about the image. The required matchPolicy field + specifies the approach used in the verification process to verify + the identity in the signature and the actual image identity, + the default matchPolicy is "MatchRepoDigestOrExact". + properties: + exactRepository: + description: exactRepository is required if matchPolicy is + set to "ExactRepository". + properties: + repository: + description: repository is the reference of the image + identity to be matched. The value should be a repository + name (by omitting the tag or digest) in a registry implementing + the "Docker Registry HTTP API V2". For example, docker.io/library/busybox + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - repository + type: object + matchPolicy: + description: matchPolicy sets the type of matching to be used. + Valid values are "MatchRepoDigestOrExact", "MatchRepository", + "ExactRepository", "RemapIdentity". When omitted, the default + value is "MatchRepoDigestOrExact". If set matchPolicy to + ExactRepository, then the exactRepository must be specified. + If set matchPolicy to RemapIdentity, then the remapIdentity + must be specified. "MatchRepoDigestOrExact" means that the + identity in the signature must be in the same repository + as the image identity if the image identity is referenced + by a digest. Otherwise, the identity in the signature must + be the same as the image identity. "MatchRepository" means + that the identity in the signature must be in the same repository + as the image identity. "ExactRepository" means that the + identity in the signature must be in the same repository + as a specific identity specified by "repository". "RemapIdentity" + means that the signature must be in the same as the remapped + image identity. Remapped image identity is obtained by replacing + the "prefix" with the specified “signedPrefix” if the the + image identity matches the specified remapPrefix. + enum: + - MatchRepoDigestOrExact + - MatchRepository + - ExactRepository + - RemapIdentity + type: string + remapIdentity: + description: remapIdentity is required if matchPolicy is set + to "RemapIdentity". + properties: + prefix: + description: prefix is the prefix of the image identity + to be matched. If the image identity matches the specified + prefix, that prefix is replaced by the specified “signedPrefix” + (otherwise it is used as unchanged and no remapping + takes place). This useful when verifying signatures + for a mirror of some other repository namespace that + preserves the vendor’s repository structure. The prefix + and signedPrefix values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + signedPrefix: + description: signedPrefix is the prefix of the image identity + to be matched in the signature. The format is the same + as "prefix". The values can be either host[:port] values + (matching exactly the same host[:port], string), repository + namespaces, or repositories (i.e. they must not contain + tags/digests), and match as prefixes of the fully expanded + form. For example, docker.io/library/busybox (not busybox) + to specify that single repository, or docker.io/library + (not an empty string) to specify the parent namespace + of docker.io/library/busybox. + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid repository or prefix in the signedIdentity, + should not include the tag or digest + rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? + self.matches(''^(localhost:[0-9]+)$''): true' + - message: invalid repository or prefix in the signedIdentity + rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') + required: + - prefix + - signedPrefix + type: object + required: + - matchPolicy + type: object + x-kubernetes-validations: + - message: exactRepository is required when matchPolicy is ExactRepository, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''ExactRepository'') + ? has(self.exactRepository) : !has(self.exactRepository)' + - message: remapIdentity is required when matchPolicy is RemapIdentity, + and forbidden otherwise + rule: '(has(self.matchPolicy) && self.matchPolicy == ''RemapIdentity'') + ? has(self.remapIdentity) : !has(self.remapIdentity)' + required: + - rootOfTrust + type: object + scopes: + description: 'scopes defines the list of image identities assigned + to a policy. Each item refers to a scope in a registry implementing + the "Docker Registry HTTP API V2". Scopes matching individual images + are named Docker references in the fully expanded form, either using + a tag or digest. For example, docker.io/library/busybox:latest (not + busybox:latest). More general scopes are prefixes of individual-image + scopes, and specify a repository (by omitting the tag or digest), + a repository namespace, or a registry host (by only specifying the + host name and possibly a port number) or a wildcard expression starting + with `*.`, for matching all subdomains (not including a port number). + Wildcards are only supported for subdomain matching, and may not + be used in the middle of the host, i.e. *.example.com is a valid + case, but example*.*.com is not. Please be aware that the scopes + should not be nested under the repositories of OpenShift Container + Platform images. If configured, the policies for OpenShift Container + Platform repositories will not be in effect. For additional details + about the format, please refer to the document explaining the docker + transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker' + items: + maxLength: 512 + type: string + x-kubernetes-validations: + - message: invalid image scope format, scope must contain a fully + qualified domain name or 'localhost' + rule: 'size(self.split(''/'')[0].split(''.'')) == 1 ? self.split(''/'')[0].split(''.'')[0].split('':'')[0] + == ''localhost'' : true' + - message: invalid image scope with wildcard, a wildcard can only + be at the start of the domain and is only supported for subdomain + matching, not path matching + rule: 'self.contains(''*'') ? self.matches(''^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$'') + : true' + - message: invalid repository namespace or image specification in + the image scope + rule: '!self.contains(''*'') ? self.matches(''^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$'') + : true' + maxItems: 256 + type: array + x-kubernetes-list-type: set + required: + - policy + - scopes + type: object + status: + description: status contains the observed state of the resource. + properties: + conditions: + description: conditions provide details on the status of this API + Resource. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_insightsdatagather.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_insightsdatagather.crd.yaml new file mode 100644 index 0000000000..b23e917c99 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/0000_10_config-operator_01_insightsdatagather.crd.yaml @@ -0,0 +1,88 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1245 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: insightsdatagathers.config.openshift.io +spec: + group: config.openshift.io + names: + kind: InsightsDataGather + listKind: InsightsDataGatherList + plural: insightsdatagathers + singular: insightsdatagather + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "InsightsDataGather provides data gather configuration options + for the the Insights Operator. \n Compatibility level 4: No compatibility + is provided, the API can change at any point for any reason. These capabilities + should not be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + gatherConfig: + description: gatherConfig spec attribute includes all the configuration + options related to gathering of the Insights data and its uploading + to the ingress. + properties: + dataPolicy: + description: dataPolicy allows user to enable additional global + obfuscation of the IP addresses and base domain in the Insights + archive data. Valid values are "None" and "ObfuscateNetworking". + When set to None the data is not obfuscated. When set to ObfuscateNetworking + the IP addresses and the cluster domain name are obfuscated. + When omitted, this means no opinion and the platform is left + to choose a reasonable default, which is subject to change over + time. The current default is None. + enum: + - "" + - None + - ObfuscateNetworking + type: string + disabledGatherers: + description: 'disabledGatherers is a list of gatherers to be excluded + from the gathering. All the gatherers can be disabled by providing + "all" value. If all the gatherers are disabled, the Insights + operator does not gather any data. The particular gatherers + IDs can be found at https://github.com/openshift/insights-operator/blob/master/docs/gathered-data.md. + Run the following command to get the names of last active gatherers: + "oc get insightsoperators.operator.openshift.io cluster -o json + | jq ''.status.gatherStatus.gatherers[].name''" An example of + disabling gatherers looks like this: `disabledGatherers: ["clusterconfig/machine_configs", + "workloads/workload_info"]`' + items: + type: string + type: array + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/custom.backup.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/custom.backup.testsuite.yaml deleted file mode 100644 index 7a6881070d..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/custom.backup.testsuite.yaml +++ /dev/null @@ -1,202 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Custom] Backup" -crd: 0000_10_config-operator_01_backups-CustomNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a Backup with a valid spec - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* 2 * * *" - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* 2 * * *" - pvcName: etcdbackup-pvc - - name: Should be able to create an EtcdBackup without the pvcName specified - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* 2 * * *" - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* 2 * * *" - - name: Should be able to create a Backup with a valid schedule - At 22:00 on every day-of-week from Monday through Friday - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "0 22 * * 1-5" - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "0 22 * * 1-5" - pvcName: etcdbackup-pvc - - name: Should be able to create a Backup with a valid schedule - At 04:05 on Sunday. - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "5 4 * * SUN" - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "5 4 * * SUN" - pvcName: etcdbackup-pvc - - name: Should be able to create a Backup with a valid schedule - Predefined hourly - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "@hourly" - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "@hourly" - pvcName: etcdbackup-pvc - - name: Should fail to create an EtcdBackup with an invalid schedule - At 04:05 on invalid day FOO. - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "5 4 * * FOO" - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.schedule in body should match" - - name: Should fail to create an EtcdBackup with an invalid schedule - Predefined typo @hourli instead of @hourly. - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "@hourli" - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.schedule in body should match" - - name: Should fail to create an EtcdBackup with an invalid schedule - Non standard L last Friday in month - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* * * * 5L" - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.schedule in body should match" - - name: Should fail to create an EtcdBackup with an invalid schedule - Non standard L 5th day before last day of month - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* * L-5 * *" - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.schedule in body should match" - - name: Should fail to create an EtcdBackup with an invalid schedule - Non standard W closest weekday to 15th of month - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - schedule: "* * 15W * *" - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.schedule in body should match" - - name: Should be able to create a Backup with a valid time zone - Africa/Banjul - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: Africa/Banjul - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: Africa/Banjul - pvcName: etcdbackup-pvc - - name: Should be able to create a Backup with a valid time zone - Etc/GMT-8 - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: Etc/GMT-8 - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: Etc/GMT-8 - pvcName: etcdbackup-pvc - - name: Should be able to create a Backup with a valid time zone - Etc/UTC - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: Etc/UTC - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: Etc/UTC - pvcName: etcdbackup-pvc - - name: Should be able to create a Backup with a valid time zone - America/Argentina/Catamarca - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: America/Argentina/Catamarca - pvcName: etcdbackup-pvc - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: America/Argentina/Catamarca - pvcName: etcdbackup-pvc - - name: Should fail to create an EtcdBackup with an invalid time zone - GMT2 - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: GMT2 - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.timeZone in body should match" - - name: Should fail to create an EtcdBackup with an invalid time zone - GMT+3 - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: Backup - spec: - etcd: - timeZone: GMT+3 - pvcName: etcdbackup-pvc - expectedError: "spec.etcd.timeZone in body should match" - diff --git a/vendor/github.com/openshift/api/config/v1alpha1/custom.clusterimagepolicy.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/custom.clusterimagepolicy.testsuite.yaml index 7644c23f06..232bdf037b 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/custom.clusterimagepolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/custom.clusterimagepolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[CustomNoUpgrade] ClusterImagePolicy" -crd: 0000_10_config-operator_01_clusterimagepolicies-CustomNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImagePolicy with policyType PublicKey diff --git a/vendor/github.com/openshift/api/config/v1alpha1/custom.imagepolicy.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/custom.imagepolicy.testsuite.yaml index 4e7fcf3d13..05b1487faa 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/custom.imagepolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/custom.imagepolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[CustomNoUpgrade] ImagePolicy" -crd: 0000_10_config-operator_01_imagepolicies-CustomNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImagePolicy with policyType PublicKey diff --git a/vendor/github.com/openshift/api/config/v1alpha1/custom.insightsdatagather.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/custom.insightsdatagather.testsuite.yaml deleted file mode 100644 index 7f508c0b79..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/custom.insightsdatagather.testsuite.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Custom] InsightsDataGather" -crd: 0000_10_config-operator_01_insightsdatagathers-CustomNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal InsightsDataGather - initial: | - apiVersion: config.openshift.io/v1alpha1 - kind: InsightsDataGather - spec: {} # No spec is required for a InsightsDataGather - expected: | - apiVersion: config.openshift.io/v1alpha1 - kind: InsightsDataGather - spec: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.backup.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.backup.testsuite.yaml index 446ff8ff8b..91836dd93e 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.backup.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.backup.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreview] Backup" -crd: 0000_10_config-operator_01_backups-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_backup-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a Backup with a valid spec diff --git a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.clusterimagepolicy.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.clusterimagepolicy.testsuite.yaml index b02d390ad5..6253106674 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.clusterimagepolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.clusterimagepolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] ClusterImagePolicy" -crd: 0000_10_config-operator_01_clusterimagepolicies-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImagePolicy with policyType PublicKey diff --git a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.imagepolicy.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.imagepolicy.testsuite.yaml index 7a714b596e..b469d4c523 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.imagepolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.imagepolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] ImagePolicy" -crd: 0000_10_config-operator_01_imagepolicies-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImagePolicy with policyType PublicKey diff --git a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.insightsdatagather.testsuite.yaml b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.insightsdatagather.testsuite.yaml index 7abb2bb098..f737927380 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/techpreview.insightsdatagather.testsuite.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/techpreview.insightsdatagather.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[TechPreview] InsightsDataGather" -crd: 0000_10_config-operator_01_insightsdatagathers-TechPreviewNoUpgrade.crd.yaml +name: "[Stable] InsightsDataGather" +crd: 0000_10_config-operator_01_insightsdatagather.crd.yaml tests: onCreate: - name: Should be able to create a minimal InsightsDataGather diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_backup.go b/vendor/github.com/openshift/api/config/v1alpha1/types_backup.go index 65eb5c1f75..9af55b540e 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_backup.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_backup.go @@ -9,12 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Backup provides configuration for performing backups of the openshift cluster. // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=backups,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1482 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=AutomatedEtcdBackup // +openshift:compatibility-gen:level=4 type Backup struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go index c503fdeab6..5c44e0e74e 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go @@ -9,12 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ClusterImagePolicy holds cluster-wide configuration for image signature verification // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterimagepolicies,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=ImagePolicy // +openshift:compatibility-gen:level=4 type ClusterImagePolicy struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go index 247bab2184..e9ec90902c 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go @@ -8,12 +8,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ImagePolicy holds namespace-wide configuration for image signature verification // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=imagepolicies,scope=Namespaced -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=ImagePolicy // +openshift:compatibility-gen:level=4 type ImagePolicy struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go b/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go index 171e96d5b8..4dcdb2ec4d 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_insights.go @@ -9,12 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // InsightsDataGather provides data gather configuration options for the the Insights Operator. // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=insightsdatagathers,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1245 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=InsightsConfig // +openshift:compatibility-gen:level=4 type InsightsDataGather struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 9b5744d4a0..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,92 +0,0 @@ -backups.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1482 - CRDName: backups.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - AutomatedEtcdBackup - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: Backup - Labels: {} - PluralName: backups - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - AutomatedEtcdBackup - Version: v1alpha1 - -clusterimagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: clusterimagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - ImagePolicy - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ClusterImagePolicy - Labels: {} - PluralName: clusterimagepolicies - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - ImagePolicy - Version: v1alpha1 - -imagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: imagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - ImagePolicy - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ImagePolicy - Labels: {} - PluralName: imagepolicies - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: - - ImagePolicy - Version: v1alpha1 - -insightsdatagathers.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1245 - CRDName: insightsdatagathers.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - InsightsConfig - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: InsightsDataGather - Labels: {} - PluralName: insightsdatagathers - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - InsightsConfig - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/console/v1/00_consoleclidownload.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consoleclidownload.crd.yaml new file mode 100644 index 0000000000..913f4c6eb2 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consoleclidownload.crd.yaml @@ -0,0 +1,88 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/481 + capability.openshift.io/name: Console + description: Extension for configuring openshift web console command line interface + (CLI) downloads. + displayName: ConsoleCLIDownload + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consoleclidownloads.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleCLIDownload + listKind: ConsoleCLIDownloadList + plural: consoleclidownloads + singular: consoleclidownload + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.displayName + name: Display name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: string + name: v1 + schema: + openAPIV3Schema: + description: "ConsoleCLIDownload is an extension for configuring openshift + web console command line interface (CLI) downloads. \n Compatibility level + 2: Stable within a major release for a minimum of 9 months or 3 minor releases + (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleCLIDownloadSpec is the desired cli download configuration. + properties: + description: + description: description is the description of the CLI download (can + include markdown). + type: string + displayName: + description: displayName is the display name of the CLI download. + type: string + links: + description: links is a list of objects that provide CLI download + link details. + items: + properties: + href: + description: href is the absolute secure URL for the link (must + use https) + pattern: ^https:// + type: string + text: + description: text is the display text for the link + type: string + required: + - href + type: object + type: array + required: + - description + - displayName + - links + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/console/v1/00_consoleexternalloglink.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consoleexternalloglink.crd.yaml new file mode 100644 index 0000000000..f658d8bdd3 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consoleexternalloglink.crd.yaml @@ -0,0 +1,92 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/481 + capability.openshift.io/name: Console + description: ConsoleExternalLogLink is an extension for customizing OpenShift + web console log links. + displayName: ConsoleExternalLogLinks + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consoleexternalloglinks.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleExternalLogLink + listKind: ConsoleExternalLogLinkList + plural: consoleexternalloglinks + singular: consoleexternalloglink + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.text + name: Text + type: string + - jsonPath: .spec.hrefTemplate + name: HrefTemplate + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: "ConsoleExternalLogLink is an extension for customizing OpenShift + web console log links. \n Compatibility level 2: Stable within a major release + for a minimum of 9 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleExternalLogLinkSpec is the desired log link configuration. + The log link will appear on the logs tab of the pod details page. + properties: + hrefTemplate: + description: "hrefTemplate is an absolute secure URL (must use https) + for the log link including variables to be replaced. Variables are + specified in the URL with the format ${variableName}, for instance, + ${containerName} and will be replaced with the corresponding values + from the resource. Resource is a pod. Supported variables are: - + ${resourceName} - name of the resource which containes the logs + - ${resourceUID} - UID of the resource which contains the logs - + e.g. `11111111-2222-3333-4444-555555555555` - ${containerName} - + name of the resource's container that contains the logs - ${resourceNamespace} + - namespace of the resource that contains the logs - ${resourceNamespaceUID} + - namespace UID of the resource that contains the logs - ${podLabels} + - JSON representation of labels matching the pod with the logs - + e.g. `{\"key1\":\"value1\",\"key2\":\"value2\"}` \n e.g., https://example.com/logs?resourceName=${resourceName}&containerName=${containerName}&resourceNamespace=${resourceNamespace}&podLabels=${podLabels}" + pattern: ^https:// + type: string + namespaceFilter: + description: namespaceFilter is a regular expression used to restrict + a log link to a matching set of namespaces (e.g., `^openshift-`). + The string is converted into a regular expression using the JavaScript + RegExp constructor. If not specified, links will be displayed for + all the namespaces. + type: string + text: + description: text is the display text for the link + type: string + required: + - hrefTemplate + - text + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/console/v1/00_consolelink.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consolelink.crd.yaml new file mode 100644 index 0000000000..6a4922e98f --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consolelink.crd.yaml @@ -0,0 +1,162 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/481 + capability.openshift.io/name: Console + description: Extension for customizing OpenShift web console links + displayName: ConsoleLinks + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consolelinks.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleLink + listKind: ConsoleLinkList + plural: consolelinks + singular: consolelink + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.text + name: Text + type: string + - jsonPath: .spec.href + name: URL + type: string + - jsonPath: .spec.menu + name: Menu + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: "ConsoleLink is an extension for customizing OpenShift web console + links. \n Compatibility level 2: Stable within a major release for a minimum + of 9 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleLinkSpec is the desired console link configuration. + properties: + applicationMenu: + description: applicationMenu holds information about section and icon + used for the link in the application menu, and it is applicable + only when location is set to ApplicationMenu. + properties: + imageURL: + description: imageUrl is the URL for the icon used in front of + the link in the application menu. The URL must be an HTTPS URL + or a Data URI. The image should be square and will be shown + at 24x24 pixels. + type: string + section: + description: section is the section of the application menu in + which the link should appear. This can be any text that will + appear as a subheading in the application menu dropdown. A new + section will be created if the text does not match text of an + existing section. + type: string + required: + - section + type: object + href: + description: href is the absolute secure URL for the link (must use + https) + pattern: ^https:// + type: string + location: + description: location determines which location in the console the + link will be appended to (ApplicationMenu, HelpMenu, UserMenu, NamespaceDashboard). + pattern: ^(ApplicationMenu|HelpMenu|UserMenu|NamespaceDashboard)$ + type: string + namespaceDashboard: + description: namespaceDashboard holds information about namespaces + in which the dashboard link should appear, and it is applicable + only when location is set to NamespaceDashboard. If not specified, + the link will appear in all namespaces. + properties: + namespaceSelector: + description: namespaceSelector is used to select the Namespaces + that should contain dashboard link by label. If the namespace + labels match, dashboard link will be shown for the namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces is an array of namespace names in which + the dashboard link should appear. + items: + type: string + type: array + type: object + text: + description: text is the display text for the link + type: string + required: + - href + - location + - text + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/console/v1/00_consolenotification.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consolenotification.crd.yaml new file mode 100644 index 0000000000..4952526682 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consolenotification.crd.yaml @@ -0,0 +1,95 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/481 + capability.openshift.io/name: Console + description: Extension for configuring openshift web console notifications. + displayName: ConsoleNotification + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consolenotifications.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleNotification + listKind: ConsoleNotificationList + plural: consolenotifications + singular: consolenotification + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.text + name: Text + type: string + - jsonPath: .spec.location + name: Location + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: "ConsoleNotification is the extension for configuring openshift + web console notifications. \n Compatibility level 2: Stable within a major + release for a minimum of 9 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleNotificationSpec is the desired console notification + configuration. + properties: + backgroundColor: + description: backgroundColor is the color of the background for the + notification as CSS data type color. + type: string + color: + description: color is the color of the text for the notification as + CSS data type color. + type: string + link: + description: link is an object that holds notification link details. + properties: + href: + description: href is the absolute secure URL for the link (must + use https) + pattern: ^https:// + type: string + text: + description: text is the display text for the link + type: string + required: + - href + - text + type: object + location: + description: 'location is the location of the notification in the + console. Valid values are: "BannerTop", "BannerBottom", "BannerTopBottom".' + pattern: ^(BannerTop|BannerBottom|BannerTopBottom)$ + type: string + text: + description: text is the visible text of the notification. + type: string + required: + - text + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/console/v1/00_consolequickstart.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consolequickstart.crd.yaml new file mode 100644 index 0000000000..2aa57ea060 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consolequickstart.crd.yaml @@ -0,0 +1,207 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/750 + capability.openshift.io/name: Console + description: Extension for guiding user through various workflows in the OpenShift + web console. + displayName: ConsoleQuickStart + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consolequickstarts.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleQuickStart + listKind: ConsoleQuickStartList + plural: consolequickstarts + singular: consolequickstart + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ConsoleQuickStart is an extension for guiding user through various + workflows in the OpenShift web console. \n Compatibility level 2: Stable + within a major release for a minimum of 9 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleQuickStartSpec is the desired quick start configuration. + properties: + accessReviewResources: + description: accessReviewResources contains a list of resources that + the user's access will be reviewed against in order for the user + to complete the Quick Start. The Quick Start will be hidden if any + of the access reviews fail. + items: + description: ResourceAttributes includes the authorization attributes + available for resource requests to the Authorizer interface + properties: + group: + description: Group is the API Group of the Resource. "*" means + all. + type: string + name: + description: Name is the name of the resource being requested + for a "get" or deleted for a "delete". "" (empty) means all. + type: string + namespace: + description: Namespace is the namespace of the action being + requested. Currently, there is no distinction between no + namespace and all namespaces "" (empty) is defaulted for LocalSubjectAccessReviews + "" (empty) is empty for cluster-scoped resources "" (empty) + means "all" for namespace scoped resources from a SubjectAccessReview + or SelfSubjectAccessReview + type: string + resource: + description: Resource is one of the existing resource types. "*" + means all. + type: string + subresource: + description: Subresource is one of the existing resource types. "" + means none. + type: string + verb: + description: 'Verb is a kubernetes resource API verb, like: + get, list, watch, create, update, delete, proxy. "*" means + all.' + type: string + version: + description: Version is the API Version of the Resource. "*" + means all. + type: string + type: object + type: array + conclusion: + description: conclusion sums up the Quick Start and suggests the possible + next steps. (includes markdown) + type: string + description: + description: description is the description of the Quick Start. (includes + markdown) + maxLength: 256 + minLength: 1 + type: string + displayName: + description: displayName is the display name of the Quick Start. + minLength: 1 + type: string + durationMinutes: + description: durationMinutes describes approximately how many minutes + it will take to complete the Quick Start. + minimum: 1 + type: integer + icon: + description: icon is a base64 encoded image that will be displayed + beside the Quick Start display name. The icon should be an vector + image for easy scaling. The size of the icon should be 40x40. + type: string + introduction: + description: introduction describes the purpose of the Quick Start. + (includes markdown) + minLength: 1 + type: string + nextQuickStart: + description: nextQuickStart is a list of the following Quick Starts, + suggested for the user to try. + items: + type: string + type: array + prerequisites: + description: prerequisites contains all prerequisites that need to + be met before taking a Quick Start. (includes markdown) + items: + type: string + type: array + tags: + description: tags is a list of strings that describe the Quick Start. + items: + type: string + type: array + tasks: + description: tasks is the list of steps the user has to perform to + complete the Quick Start. + items: + description: ConsoleQuickStartTask is a single step in a Quick Start. + properties: + description: + description: description describes the steps needed to complete + the task. (includes markdown) + minLength: 1 + type: string + review: + description: review contains instructions to validate the task + is complete. The user will select 'Yes' or 'No'. using a radio + button, which indicates whether the step was completed successfully. + properties: + failedTaskHelp: + description: failedTaskHelp contains suggestions for a failed + task review and is shown at the end of task. (includes + markdown) + minLength: 1 + type: string + instructions: + description: instructions contains steps that user needs + to take in order to validate his work after going through + a task. (includes markdown) + minLength: 1 + type: string + required: + - failedTaskHelp + - instructions + type: object + summary: + description: summary contains information about the passed step. + properties: + failed: + description: failed briefly describes the unsuccessfully + passed task. (includes markdown) + maxLength: 128 + minLength: 1 + type: string + success: + description: success describes the succesfully passed task. + minLength: 1 + type: string + required: + - failed + - success + type: object + title: + description: title describes the task and is displayed as a + step heading. + minLength: 1 + type: string + required: + - description + - title + type: object + minItems: 1 + type: array + required: + - description + - displayName + - durationMinutes + - introduction + - tasks + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/console/v1/00_consolesample.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consolesample.crd.yaml new file mode 100644 index 0000000000..4c62c4cc38 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consolesample.crd.yaml @@ -0,0 +1,241 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/481 + capability.openshift.io/name: Console + description: ConsoleSample is an extension to customizing OpenShift web console + by adding samples. + displayName: ConsoleSample + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consolesamples.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleSample + listKind: ConsoleSampleList + plural: consolesamples + singular: consolesample + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ConsoleSample is an extension to customizing OpenShift web console + by adding samples. \n Compatibility level 1: Stable within a major release + for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec contains configuration for a console sample. + properties: + abstract: + description: "abstract is a short introduction to the sample. \n It + is required and must be no more than 100 characters in length. \n + The abstract is shown on the sample card tile below the title and + provider and is limited to three lines of content." + maxLength: 100 + type: string + description: + description: "description is a long form explanation of the sample. + \n It is required and can have a maximum length of **4096** characters. + \n It is a README.md-like content for additional information, links, + pre-conditions, and other instructions. It will be rendered as Markdown + so that it can contain line breaks, links, and other simple formatting." + maxLength: 4096 + type: string + icon: + description: "icon is an optional base64 encoded image and shown beside + the sample title. \n The format must follow the data: URL format + and can have a maximum size of **10 KB**. \n data:[][;base64], \n For example: \n data:image;base64, plus + the base64 encoded image. \n Vector images can also be used. SVG + icons must start with: \n data:image/svg+xml;base64, plus the + base64 encoded SVG image. \n All sample catalog icons will be shown + on a white background (also when the dark theme is used). The web + console ensures that different aspect ratios work correctly. Currently, + the surface of the icon is at most 40x100px. \n For more information + on the data URL format, please visit https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URLs." + maxLength: 14000 + pattern: ^data:([a-z/\.+0-9]*;(([-a-zA-Z0-9=])*;)?)?base64, + type: string + provider: + description: "provider is an optional label to honor who provides + the sample. \n It is optional and must be no more than 50 characters + in length. \n A provider can be a company like \"Red Hat\" or an + organization like \"CNCF\" or \"Knative\". \n Currently, the provider + is only shown on the sample card tile below the title with the prefix + \"Provided by \"" + maxLength: 50 + type: string + source: + description: source defines where to deploy the sample service from. + The sample may be sourced from an external git repository or container + image. + properties: + containerImport: + description: containerImport allows the user import a container + image. + properties: + image: + description: "reference to a container image that provides + a HTTP service. The service must be exposed on the default + port (8080) unless otherwise configured with the port field. + \n Supported formats: - / - + docker.io// - quay.io// + - quay.io//@sha256: + - quay.io//:" + maxLength: 256 + minLength: 1 + type: string + service: + default: + targetPort: 8080 + description: service contains configuration for the Service + resource created for this sample. + properties: + targetPort: + default: 8080 + description: targetPort is the port that the service listens + on for HTTP requests. This port will be used for Service + and Route created for this sample. Port must be in the + range 1 to 65535. Default port is 8080. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + type: object + required: + - image + type: object + gitImport: + description: gitImport allows the user to import code from a git + repository. + properties: + repository: + description: repository contains the reference to the actual + Git repository. + properties: + contextDir: + description: contextDir is used to specify a directory + within the repository to build the component. Must start + with `/` and have a maximum length of 256 characters. + When omitted, the default value is to build from the + root of the repository. + maxLength: 256 + pattern: ^/ + type: string + revision: + description: revision is the git revision at which to + clone the git repository Can be used to clone a specific + branch, tag or commit SHA. Must be at most 256 characters + in length. When omitted the repository's default branch + is used. + maxLength: 256 + type: string + url: + description: "url of the Git repository that contains + a HTTP service. The HTTP service must be exposed on + the default port (8080) unless otherwise configured + with the port field. \n Only public repositories on + GitHub, GitLab and Bitbucket are currently supported: + \n - https://github.com// - https://gitlab.com// + - https://bitbucket.org// \n The url + must have a maximum length of 256 characters." + maxLength: 256 + minLength: 1 + pattern: ^https:\/\/(github.com|gitlab.com|bitbucket.org)\/[a-zA-Z0-9-]+\/[a-zA-Z0-9-]+(.git)?$ + type: string + required: + - url + type: object + service: + default: + targetPort: 8080 + description: service contains configuration for the Service + resource created for this sample. + properties: + targetPort: + default: 8080 + description: targetPort is the port that the service listens + on for HTTP requests. This port will be used for Service + created for this sample. Port must be in the range 1 + to 65535. Default port is 8080. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + type: object + required: + - repository + type: object + type: + allOf: + - enum: + - GitImport + - ContainerImport + - enum: + - GitImport + - ContainerImport + description: 'type of the sample, currently supported: "GitImport";"ContainerImport"' + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: source.gitImport is required when source.type is GitImport, + and forbidden otherwise + rule: 'self.type == ''GitImport'' ? has(self.gitImport) : !has(self.gitImport)' + - message: source.containerImport is required when source.type is + ContainerImport, and forbidden otherwise + rule: 'self.type == ''ContainerImport'' ? has(self.containerImport) + : !has(self.containerImport)' + tags: + description: "tags are optional string values that can be used to + find samples in the samples catalog. \n Examples of common tags + may be \"Java\", \"Quarkus\", etc. \n They will be displayed on + the samples details page." + items: + type: string + maxItems: 10 + type: array + x-kubernetes-list-type: set + title: + description: "title is the display name of the sample. \n It is required + and must be no more than 50 characters in length." + maxLength: 50 + minLength: 1 + type: string + type: + description: "type is an optional label to group multiple samples. + \n It is optional and must be no more than 20 characters in length. + \n Recommendation is a singular term like \"Builder Image\", \"Devfile\" + or \"Serverless Function\". \n Currently, the type is shown a badge + on the sample card tile in the top right corner." + maxLength: 20 + type: string + required: + - abstract + - description + - source + - title + type: object + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/console/v1/00_consoleyamlsample.crd.yaml b/vendor/github.com/openshift/api/console/v1/00_consoleyamlsample.crd.yaml new file mode 100644 index 0000000000..f40a7c68e0 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/00_consoleyamlsample.crd.yaml @@ -0,0 +1,91 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/481 + capability.openshift.io/name: Console + description: Extension for configuring openshift web console YAML samples. + displayName: ConsoleYAMLSample + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: consoleyamlsamples.console.openshift.io +spec: + group: console.openshift.io + names: + kind: ConsoleYAMLSample + listKind: ConsoleYAMLSampleList + plural: consoleyamlsamples + singular: consoleyamlsample + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ConsoleYAMLSample is an extension for customizing OpenShift + web console YAML samples. \n Compatibility level 2: Stable within a major + release for a minimum of 9 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleYAMLSampleSpec is the desired YAML sample configuration. + Samples will appear with their descriptions in a samples sidebar when + creating a resources in the web console. + properties: + description: + description: description of the YAML sample. + pattern: ^(.|\s)*\S(.|\s)*$ + type: string + snippet: + description: snippet indicates that the YAML sample is not the full + YAML resource definition, but a fragment that can be inserted into + the existing YAML document at the user's cursor. + type: boolean + targetResource: + description: targetResource contains apiVersion and kind of the resource + YAML sample is representating. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + type: object + title: + description: title of the YAML sample. + pattern: ^(.|\s)*\S(.|\s)*$ + type: string + yaml: + description: yaml is the YAML sample to display. + pattern: ^(.|\s)*\S(.|\s)*$ + type: string + required: + - description + - targetResource + - title + - yaml + type: object + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/console/v1/90_consoleplugin.crd.yaml b/vendor/github.com/openshift/api/console/v1/90_consoleplugin.crd.yaml new file mode 100644 index 0000000000..294152a824 --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1/90_consoleplugin.crd.yaml @@ -0,0 +1,374 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1186 + capability.openshift.io/name: Console + description: Extension for configuring openshift web console plugins. + displayName: ConsolePlugin + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + service.beta.openshift.io/inject-cabundle: "true" + name: consoleplugins.console.openshift.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: webhook + namespace: openshift-console-operator + path: /crdconvert + port: 9443 + conversionReviewVersions: + - v1 + - v1alpha1 + group: console.openshift.io + names: + kind: ConsolePlugin + listKind: ConsolePluginList + plural: consoleplugins + singular: consoleplugin + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ConsolePlugin is an extension for customizing OpenShift web + console by dynamically loading code from another service running on the + cluster. \n Compatibility level 1: Stable within a major release for a minimum + of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsolePluginSpec is the desired plugin configuration. + properties: + backend: + description: backend holds the configuration of backend which is serving + console's plugin . + properties: + service: + description: service is a Kubernetes Service that exposes the + plugin using a deployment with an HTTP server. The Service must + use HTTPS and Service serving certificate. The console backend + will proxy the plugins assets from the Service using the service + CA bundle. + properties: + basePath: + default: / + description: basePath is the path to the plugin's assets. + The primary asset it the manifest file called `plugin-manifest.json`, + which is a JSON document that contains metadata about the + plugin and the extensions. + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9.\-_~!$&'()*+,;=:@\/]*$ + type: string + name: + description: name of Service that is serving the plugin assets. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that is serving the plugin + assets. + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that is serving the + plugin is listening to. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + - namespace + - port + type: object + type: + description: "type is the backend type which servers the console's + plugin. Currently only \"Service\" is supported. \n ---" + enum: + - Service + type: string + required: + - type + type: object + displayName: + description: displayName is the display name of the plugin. The dispalyName + should be between 1 and 128 characters. + maxLength: 128 + minLength: 1 + type: string + i18n: + description: i18n is the configuration of plugin's localization resources. + properties: + loadType: + description: loadType indicates how the plugin's localization + resource should be loaded. Valid values are Preload, Lazy and + the empty string. When set to Preload, all localization resources + are fetched when the plugin is loaded. When set to Lazy, localization + resources are lazily loaded as and when they are required by + the console. When omitted or set to the empty string, the behaviour + is equivalent to Lazy type. + enum: + - Preload + - Lazy + - "" + type: string + required: + - loadType + type: object + proxy: + description: proxy is a list of proxies that describe various service + type to which the plugin needs to connect to. + items: + description: ConsolePluginProxy holds information on various service + types to which console's backend will proxy the plugin's requests. + properties: + alias: + description: "alias is a proxy name that identifies the plugin's + proxy. An alias name should be unique per plugin. The console + backend exposes following proxy endpoint: \n /api/proxy/plugin///? + \n Request example path: \n /api/proxy/plugin/acm/search/pods?namespace=openshift-apiserver" + maxLength: 128 + minLength: 1 + pattern: ^[A-Za-z0-9-_]+$ + type: string + authorization: + default: None + description: authorization provides information about authorization + type, which the proxied request should contain + enum: + - UserToken + - None + type: string + caCertificate: + description: caCertificate provides the cert authority certificate + contents, in case the proxied Service is using custom service + CA. By default, the service CA bundle provided by the service-ca + operator is used. + pattern: ^-----BEGIN CERTIFICATE-----([\s\S]*)-----END CERTIFICATE-----\s?$ + type: string + endpoint: + description: endpoint provides information about endpoint to + which the request is proxied to. + properties: + service: + description: 'service is an in-cluster Service that the + plugin will connect to. The Service must use HTTPS. The + console backend exposes an endpoint in order to proxy + communication between the plugin and the Service. Note: + service field is required for now, since currently only + "Service" type is supported.' + properties: + name: + description: name of Service that the plugin needs to + connect to. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that the plugin needs + to connect to + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that the plugin + needs to connect to is listening on. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + - namespace + - port + type: object + type: + description: "type is the type of the console plugin's proxy. + Currently only \"Service\" is supported. \n ---" + enum: + - Service + type: string + required: + - type + type: object + required: + - alias + - endpoint + type: object + type: array + required: + - backend + - displayName + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "ConsolePlugin is an extension for customizing OpenShift web + console by dynamically loading code from another service running on the + cluster. \n Compatibility level 4: No compatibility is provided, the API + can change at any point for any reason. These capabilities should not be + used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsolePluginSpec is the desired plugin configuration. + properties: + displayName: + description: displayName is the display name of the plugin. + minLength: 1 + type: string + proxy: + description: proxy is a list of proxies that describe various service + type to which the plugin needs to connect to. + items: + description: ConsolePluginProxy holds information on various service + types to which console's backend will proxy the plugin's requests. + properties: + alias: + description: "alias is a proxy name that identifies the plugin's + proxy. An alias name should be unique per plugin. The console + backend exposes following proxy endpoint: \n /api/proxy/plugin///? + \n Request example path: \n /api/proxy/plugin/acm/search/pods?namespace=openshift-apiserver" + maxLength: 128 + minLength: 1 + pattern: ^[A-Za-z0-9-_]+$ + type: string + authorize: + default: false + description: "authorize indicates if the proxied request should + contain the logged-in user's OpenShift access token in the + \"Authorization\" request header. For example: \n Authorization: + Bearer sha256~kV46hPnEYhCWFnB85r5NrprAxggzgb6GOeLbgcKNsH0 + \n By default the access token is not part of the proxied + request." + type: boolean + caCertificate: + description: caCertificate provides the cert authority certificate + contents, in case the proxied Service is using custom service + CA. By default, the service CA bundle provided by the service-ca + operator is used. + pattern: ^-----BEGIN CERTIFICATE-----([\s\S]*)-----END CERTIFICATE-----\s?$ + type: string + service: + description: 'service is an in-cluster Service that the plugin + will connect to. The Service must use HTTPS. The console backend + exposes an endpoint in order to proxy communication between + the plugin and the Service. Note: service field is required + for now, since currently only "Service" type is supported.' + properties: + name: + description: name of Service that the plugin needs to connect + to. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that the plugin needs + to connect to + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that the plugin needs + to connect to is listening on. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + - namespace + - port + type: object + type: + description: type is the type of the console plugin's proxy. + Currently only "Service" is supported. + pattern: ^(Service)$ + type: string + required: + - alias + - type + type: object + type: array + service: + description: service is a Kubernetes Service that exposes the plugin + using a deployment with an HTTP server. The Service must use HTTPS + and Service serving certificate. The console backend will proxy + the plugins assets from the Service using the service CA bundle. + properties: + basePath: + default: / + description: basePath is the path to the plugin's assets. The + primary asset it the manifest file called `plugin-manifest.json`, + which is a JSON document that contains metadata about the plugin + and the extensions. + minLength: 1 + pattern: ^/ + type: string + name: + description: name of Service that is serving the plugin assets. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that is serving the plugin assets. + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that is serving the plugin + is listening to. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - basePath + - name + - namespace + - port + type: object + required: + - service + type: object + required: + - metadata + - spec + type: object + served: true + storage: false diff --git a/vendor/github.com/openshift/api/console/v1/stable.consoleclidownload.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consoleclidownload.testsuite.yaml index 1ed32bae1e..8faef369b3 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consoleclidownload.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consoleclidownload.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleCLIDownload" -crd: 00_consoleclidownloads.crd.yaml +crd: 00_consoleclidownload.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleCLIDownload diff --git a/vendor/github.com/openshift/api/console/v1/stable.consoleexternalloglink.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consoleexternalloglink.testsuite.yaml index 1fc26978d1..8602d88b8e 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consoleexternalloglink.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consoleexternalloglink.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleExternalLogLink" -crd: 00_consoleexternalloglinks.crd.yaml +crd: 00_consoleexternalloglink.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleExternalLogLink diff --git a/vendor/github.com/openshift/api/console/v1/stable.consolelink.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consolelink.testsuite.yaml index e1930e8db0..87415ec163 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consolelink.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consolelink.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleLink" -crd: 00_consolelinks.crd.yaml +crd: 00_consolelink.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleLink diff --git a/vendor/github.com/openshift/api/console/v1/stable.consolenotification.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consolenotification.testsuite.yaml index 880148dc2e..c60dd0a64e 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consolenotification.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consolenotification.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleNotification" -crd: 00_consolenotifications.crd.yaml +crd: 00_consolenotification.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleNotification diff --git a/vendor/github.com/openshift/api/console/v1/stable.consoleplugin.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consoleplugin.testsuite.yaml index a4c7afba3a..0abe23ba7a 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consoleplugin.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consoleplugin.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsolePlugin" -crd: 90_consoleplugins.crd.yaml +crd: 90_consoleplugin.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsolePlugin diff --git a/vendor/github.com/openshift/api/console/v1/stable.consolequickstart.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consolequickstart.testsuite.yaml index c1fd3a368f..d9c3ec93f4 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consolequickstart.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consolequickstart.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleQuickStart" -crd: 00_consolequickstarts.crd.yaml +crd: 00_consolequickstart.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleQuickStart diff --git a/vendor/github.com/openshift/api/console/v1/stable.consolesample.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consolesample.testsuite.yaml index a6c1076ddc..f5af743603 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consolesample.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consolesample.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleSample" -crd: 00_consolesamples.crd.yaml +crd: 00_consolesample.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleSample with GitImport diff --git a/vendor/github.com/openshift/api/console/v1/stable.consoleyamlsample.testsuite.yaml b/vendor/github.com/openshift/api/console/v1/stable.consoleyamlsample.testsuite.yaml index 82f2ec5fa5..1e72d5ac71 100644 --- a/vendor/github.com/openshift/api/console/v1/stable.consoleyamlsample.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1/stable.consoleyamlsample.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsoleYAMLSample" -crd: 00_consoleyamlsamples.crd.yaml +crd: 00_consoleyamlsample.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsoleYAMLSample diff --git a/vendor/github.com/openshift/api/console/v1/types_console_cli_download.go b/vendor/github.com/openshift/api/console/v1/types_console_cli_download.go index 90c32815ce..0e77bedaea 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_cli_download.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_cli_download.go @@ -9,16 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ConsoleCLIDownload is an extension for configuring openshift web console command line interface (CLI) downloads. // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consoleclidownloads,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/481 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift web console command line interface (CLI) downloads." -// +kubebuilder:metadata:annotations="displayName=ConsoleCLIDownload" -// +kubebuilder:printcolumn:name=Display name,JSONPath=.spec.displayName,type=string -// +kubebuilder:printcolumn:name=Age,JSONPath=.metadata.creationTimestamp,type=string // +openshift:compatibility-gen:level=2 type ConsoleCLIDownload struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_external_log_links.go b/vendor/github.com/openshift/api/console/v1/types_console_external_log_links.go index 0824e49c17..6cf252af98 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_external_log_links.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_external_log_links.go @@ -9,17 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ConsoleExternalLogLink is an extension for customizing OpenShift web console log links. // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consoleexternalloglinks,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/481 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=ConsoleExternalLogLink is an extension for customizing OpenShift web console log links." -// +kubebuilder:metadata:annotations="displayName=ConsoleExternalLogLinks" -// +kubebuilder:printcolumn:name=Text,JSONPath=.spec.text,type=string -// +kubebuilder:printcolumn:name=HrefTemplate,JSONPath=.spec.hrefTemplate,type=string -// +kubebuilder:printcolumn:name=Age,JSONPath=.metadata.creationTimestamp,type=date // +openshift:compatibility-gen:level=2 type ConsoleExternalLogLink struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_link.go b/vendor/github.com/openshift/api/console/v1/types_console_link.go index 24a5dbadcd..8ba48907f4 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_link.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_link.go @@ -9,18 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ConsoleLink is an extension for customizing OpenShift web console links. // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consolelinks,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/481 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for customizing OpenShift web console links" -// +kubebuilder:metadata:annotations="displayName=ConsoleLinks" -// +kubebuilder:printcolumn:name=Text,JSONPath=.spec.text,type=string -// +kubebuilder:printcolumn:name=URL,JSONPath=.spec.href,type=string -// +kubebuilder:printcolumn:name=Menu,JSONPath=.spec.menu,type=string -// +kubebuilder:printcolumn:name=Age,JSONPath=.metadata.creationTimestamp,type=date // +openshift:compatibility-gen:level=2 type ConsoleLink struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_notification.go b/vendor/github.com/openshift/api/console/v1/types_console_notification.go index 0571ca77f2..5408f1044b 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_notification.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_notification.go @@ -9,17 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ConsoleNotification is the extension for configuring openshift web console notifications. // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consolenotifications,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/481 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift web console notifications." -// +kubebuilder:metadata:annotations="displayName=ConsoleNotification" -// +kubebuilder:printcolumn:name=Text,JSONPath=.spec.text,type=string -// +kubebuilder:printcolumn:name=Location,JSONPath=.spec.location,type=string -// +kubebuilder:printcolumn:name=Age,JSONPath=.metadata.creationTimestamp,type=date // +openshift:compatibility-gen:level=2 type ConsoleNotification struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_plugin.go b/vendor/github.com/openshift/api/console/v1/types_console_plugin.go index 24954687d5..624ad73b1c 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_plugin.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_plugin.go @@ -11,14 +11,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // dynamically loading code from another service running on the cluster. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consoleplugins,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1186 -// +openshift:file-pattern=operatorOrdering=90 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift web console plugins." -// +kubebuilder:metadata:annotations="displayName=ConsolePlugin" -// +kubebuilder:metadata:annotations="service.beta.openshift.io/inject-cabundle=true" type ConsolePlugin struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go b/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go index bb62fb8fc8..613dfa9039 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_quick_start.go @@ -13,13 +13,6 @@ import ( // workflows in the OpenShift web console. // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consolequickstarts,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/750 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for guiding user through various workflows in the OpenShift web console." -// +kubebuilder:metadata:annotations="displayName=ConsoleQuickStart" // +openshift:compatibility-gen:level=2 type ConsoleQuickStart struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_sample.go b/vendor/github.com/openshift/api/console/v1/types_console_sample.go index c0175bf9ba..7edb4ba9ea 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_sample.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_sample.go @@ -9,13 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ConsoleSample is an extension to customizing OpenShift web console by adding samples. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consolesamples,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/481 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=ConsoleSample is an extension to customizing OpenShift web console by adding samples." -// +kubebuilder:metadata:annotations="displayName=ConsoleSample" // +openshift:compatibility-gen:level=1 type ConsoleSample struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/types_console_yaml_sample.go b/vendor/github.com/openshift/api/console/v1/types_console_yaml_sample.go index 9cdfa53f4b..8888b5162c 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_yaml_sample.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_yaml_sample.go @@ -9,13 +9,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // ConsoleYAMLSample is an extension for customizing OpenShift web console YAML samples. // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consoleyamlsamples,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/481 -// +openshift:file-pattern=operatorOrdering=00 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift web console YAML samples." -// +kubebuilder:metadata:annotations="displayName=ConsoleYAMLSample" // +openshift:compatibility-gen:level=2 type ConsoleYAMLSample struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 98abc7147b..0000000000 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,225 +0,0 @@ -consoleclidownloads.console.openshift.io: - Annotations: - description: Extension for configuring openshift web console command line interface - (CLI) downloads. - displayName: ConsoleCLIDownload - ApprovedPRNumber: https://github.com/openshift/api/pull/481 - CRDName: consoleclidownloads.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: true - KindName: ConsoleCLIDownload - Labels: {} - PluralName: consoleclidownloads - PrinterColumns: - - jsonPath: .spec.displayName - name: Display name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consoleexternalloglinks.console.openshift.io: - Annotations: - description: ConsoleExternalLogLink is an extension for customizing OpenShift - web console log links. - displayName: ConsoleExternalLogLinks - ApprovedPRNumber: https://github.com/openshift/api/pull/481 - CRDName: consoleexternalloglinks.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: true - KindName: ConsoleExternalLogLink - Labels: {} - PluralName: consoleexternalloglinks - PrinterColumns: - - jsonPath: .spec.text - name: Text - type: string - - jsonPath: .spec.hrefTemplate - name: HrefTemplate - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consolelinks.console.openshift.io: - Annotations: - description: Extension for customizing OpenShift web console links - displayName: ConsoleLinks - ApprovedPRNumber: https://github.com/openshift/api/pull/481 - CRDName: consolelinks.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: true - KindName: ConsoleLink - Labels: {} - PluralName: consolelinks - PrinterColumns: - - jsonPath: .spec.text - name: Text - type: string - - jsonPath: .spec.href - name: URL - type: string - - jsonPath: .spec.menu - name: Menu - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consolenotifications.console.openshift.io: - Annotations: - description: Extension for configuring openshift web console notifications. - displayName: ConsoleNotification - ApprovedPRNumber: https://github.com/openshift/api/pull/481 - CRDName: consolenotifications.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: true - KindName: ConsoleNotification - Labels: {} - PluralName: consolenotifications - PrinterColumns: - - jsonPath: .spec.text - name: Text - type: string - - jsonPath: .spec.location - name: Location - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consoleplugins.console.openshift.io: - Annotations: - description: Extension for configuring openshift web console plugins. - displayName: ConsolePlugin - service.beta.openshift.io/inject-cabundle: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/1186 - CRDName: consoleplugins.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "90" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: false - KindName: ConsolePlugin - Labels: {} - PluralName: consoleplugins - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consolequickstarts.console.openshift.io: - Annotations: - description: Extension for guiding user through various workflows in the OpenShift - web console. - displayName: ConsoleQuickStart - ApprovedPRNumber: https://github.com/openshift/api/pull/750 - CRDName: consolequickstarts.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: false - KindName: ConsoleQuickStart - Labels: {} - PluralName: consolequickstarts - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consolesamples.console.openshift.io: - Annotations: - description: ConsoleSample is an extension to customizing OpenShift web console - by adding samples. - displayName: ConsoleSample - ApprovedPRNumber: https://github.com/openshift/api/pull/481 - CRDName: consolesamples.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: false - KindName: ConsoleSample - Labels: {} - PluralName: consolesamples - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -consoleyamlsamples.console.openshift.io: - Annotations: - description: Extension for configuring openshift web console YAML samples. - displayName: ConsoleYAMLSample - ApprovedPRNumber: https://github.com/openshift/api/pull/481 - CRDName: consoleyamlsamples.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: false - KindName: ConsoleYAMLSample - Labels: {} - PluralName: consoleyamlsamples - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/console/v1alpha1/90_consoleplugin.crd.yaml b/vendor/github.com/openshift/api/console/v1alpha1/90_consoleplugin.crd.yaml new file mode 100644 index 0000000000..f2cb187c8d --- /dev/null +++ b/vendor/github.com/openshift/api/console/v1alpha1/90_consoleplugin.crd.yaml @@ -0,0 +1,374 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/764 + capability.openshift.io/name: Console + description: Extension for configuring openshift web console plugins. + displayName: ConsolePlugin + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + service.beta.openshift.io/inject-cabundle: "true" + name: consoleplugins.console.openshift.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: webhook + namespace: openshift-console-operator + path: /crdconvert + port: 9443 + conversionReviewVersions: + - v1 + - v1alpha1 + group: console.openshift.io + names: + kind: ConsolePlugin + listKind: ConsolePluginList + plural: consoleplugins + singular: consoleplugin + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ConsolePlugin is an extension for customizing OpenShift web + console by dynamically loading code from another service running on the + cluster. \n Compatibility level 1: Stable within a major release for a minimum + of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsolePluginSpec is the desired plugin configuration. + properties: + backend: + description: backend holds the configuration of backend which is serving + console's plugin . + properties: + service: + description: service is a Kubernetes Service that exposes the + plugin using a deployment with an HTTP server. The Service must + use HTTPS and Service serving certificate. The console backend + will proxy the plugins assets from the Service using the service + CA bundle. + properties: + basePath: + default: / + description: basePath is the path to the plugin's assets. + The primary asset it the manifest file called `plugin-manifest.json`, + which is a JSON document that contains metadata about the + plugin and the extensions. + maxLength: 256 + minLength: 1 + pattern: ^[a-zA-Z0-9.\-_~!$&'()*+,;=:@\/]*$ + type: string + name: + description: name of Service that is serving the plugin assets. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that is serving the plugin + assets. + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that is serving the + plugin is listening to. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + - namespace + - port + type: object + type: + description: "type is the backend type which servers the console's + plugin. Currently only \"Service\" is supported. \n ---" + enum: + - Service + type: string + required: + - type + type: object + displayName: + description: displayName is the display name of the plugin. The dispalyName + should be between 1 and 128 characters. + maxLength: 128 + minLength: 1 + type: string + i18n: + description: i18n is the configuration of plugin's localization resources. + properties: + loadType: + description: loadType indicates how the plugin's localization + resource should be loaded. Valid values are Preload, Lazy and + the empty string. When set to Preload, all localization resources + are fetched when the plugin is loaded. When set to Lazy, localization + resources are lazily loaded as and when they are required by + the console. When omitted or set to the empty string, the behaviour + is equivalent to Lazy type. + enum: + - Preload + - Lazy + - "" + type: string + required: + - loadType + type: object + proxy: + description: proxy is a list of proxies that describe various service + type to which the plugin needs to connect to. + items: + description: ConsolePluginProxy holds information on various service + types to which console's backend will proxy the plugin's requests. + properties: + alias: + description: "alias is a proxy name that identifies the plugin's + proxy. An alias name should be unique per plugin. The console + backend exposes following proxy endpoint: \n /api/proxy/plugin///? + \n Request example path: \n /api/proxy/plugin/acm/search/pods?namespace=openshift-apiserver" + maxLength: 128 + minLength: 1 + pattern: ^[A-Za-z0-9-_]+$ + type: string + authorization: + default: None + description: authorization provides information about authorization + type, which the proxied request should contain + enum: + - UserToken + - None + type: string + caCertificate: + description: caCertificate provides the cert authority certificate + contents, in case the proxied Service is using custom service + CA. By default, the service CA bundle provided by the service-ca + operator is used. + pattern: ^-----BEGIN CERTIFICATE-----([\s\S]*)-----END CERTIFICATE-----\s?$ + type: string + endpoint: + description: endpoint provides information about endpoint to + which the request is proxied to. + properties: + service: + description: 'service is an in-cluster Service that the + plugin will connect to. The Service must use HTTPS. The + console backend exposes an endpoint in order to proxy + communication between the plugin and the Service. Note: + service field is required for now, since currently only + "Service" type is supported.' + properties: + name: + description: name of Service that the plugin needs to + connect to. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that the plugin needs + to connect to + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that the plugin + needs to connect to is listening on. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + - namespace + - port + type: object + type: + description: "type is the type of the console plugin's proxy. + Currently only \"Service\" is supported. \n ---" + enum: + - Service + type: string + required: + - type + type: object + required: + - alias + - endpoint + type: object + type: array + required: + - backend + - displayName + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "ConsolePlugin is an extension for customizing OpenShift web + console by dynamically loading code from another service running on the + cluster. \n Compatibility level 4: No compatibility is provided, the API + can change at any point for any reason. These capabilities should not be + used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsolePluginSpec is the desired plugin configuration. + properties: + displayName: + description: displayName is the display name of the plugin. + minLength: 1 + type: string + proxy: + description: proxy is a list of proxies that describe various service + type to which the plugin needs to connect to. + items: + description: ConsolePluginProxy holds information on various service + types to which console's backend will proxy the plugin's requests. + properties: + alias: + description: "alias is a proxy name that identifies the plugin's + proxy. An alias name should be unique per plugin. The console + backend exposes following proxy endpoint: \n /api/proxy/plugin///? + \n Request example path: \n /api/proxy/plugin/acm/search/pods?namespace=openshift-apiserver" + maxLength: 128 + minLength: 1 + pattern: ^[A-Za-z0-9-_]+$ + type: string + authorize: + default: false + description: "authorize indicates if the proxied request should + contain the logged-in user's OpenShift access token in the + \"Authorization\" request header. For example: \n Authorization: + Bearer sha256~kV46hPnEYhCWFnB85r5NrprAxggzgb6GOeLbgcKNsH0 + \n By default the access token is not part of the proxied + request." + type: boolean + caCertificate: + description: caCertificate provides the cert authority certificate + contents, in case the proxied Service is using custom service + CA. By default, the service CA bundle provided by the service-ca + operator is used. + pattern: ^-----BEGIN CERTIFICATE-----([\s\S]*)-----END CERTIFICATE-----\s?$ + type: string + service: + description: 'service is an in-cluster Service that the plugin + will connect to. The Service must use HTTPS. The console backend + exposes an endpoint in order to proxy communication between + the plugin and the Service. Note: service field is required + for now, since currently only "Service" type is supported.' + properties: + name: + description: name of Service that the plugin needs to connect + to. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that the plugin needs + to connect to + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that the plugin needs + to connect to is listening on. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + - namespace + - port + type: object + type: + description: type is the type of the console plugin's proxy. + Currently only "Service" is supported. + pattern: ^(Service)$ + type: string + required: + - alias + - type + type: object + type: array + service: + description: service is a Kubernetes Service that exposes the plugin + using a deployment with an HTTP server. The Service must use HTTPS + and Service serving certificate. The console backend will proxy + the plugins assets from the Service using the service CA bundle. + properties: + basePath: + default: / + description: basePath is the path to the plugin's assets. The + primary asset it the manifest file called `plugin-manifest.json`, + which is a JSON document that contains metadata about the plugin + and the extensions. + minLength: 1 + pattern: ^/ + type: string + name: + description: name of Service that is serving the plugin assets. + maxLength: 128 + minLength: 1 + type: string + namespace: + description: namespace of Service that is serving the plugin assets. + maxLength: 128 + minLength: 1 + type: string + port: + description: port on which the Service that is serving the plugin + is listening to. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - basePath + - name + - namespace + - port + type: object + required: + - service + type: object + required: + - metadata + - spec + type: object + served: true + storage: false diff --git a/vendor/github.com/openshift/api/console/v1alpha1/stable.consoleplugin.testsuite.yaml b/vendor/github.com/openshift/api/console/v1alpha1/stable.consoleplugin.testsuite.yaml index 3a42782554..d861a65434 100644 --- a/vendor/github.com/openshift/api/console/v1alpha1/stable.consoleplugin.testsuite.yaml +++ b/vendor/github.com/openshift/api/console/v1alpha1/stable.consoleplugin.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ConsolePlugin" -crd: 90_consoleplugins.crd.yaml +crd: 90_consoleplugin.crd.yaml tests: onCreate: - name: Should be able to create a minimal ConsolePlugin diff --git a/vendor/github.com/openshift/api/console/v1alpha1/types_console_plugin.go b/vendor/github.com/openshift/api/console/v1alpha1/types_console_plugin.go index 3533b63994..835e20010d 100644 --- a/vendor/github.com/openshift/api/console/v1alpha1/types_console_plugin.go +++ b/vendor/github.com/openshift/api/console/v1alpha1/types_console_plugin.go @@ -11,14 +11,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // dynamically loading code from another service running on the cluster. // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=consoleplugins,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/764 -// +openshift:file-pattern=operatorOrdering=90 -// +openshift:capability=Console -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift web console plugins." -// +kubebuilder:metadata:annotations="displayName=ConsolePlugin" -// +kubebuilder:metadata:annotations="service.beta.openshift.io/inject-cabundle=true" type ConsolePlugin struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/console/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/console/v1alpha1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index d219598d9d..0000000000 --- a/vendor/github.com/openshift/api/console/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,24 +0,0 @@ -consoleplugins.console.openshift.io: - Annotations: - description: Extension for configuring openshift web console plugins. - displayName: ConsolePlugin - service.beta.openshift.io/inject-cabundle: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/764 - CRDName: consoleplugins.console.openshift.io - Capability: Console - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "90" - FilenameRunLevel: "" - GroupName: console.openshift.io - HasStatus: false - KindName: ConsolePlugin - Labels: {} - PluralName: consoleplugins - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md deleted file mode 100644 index 3f99a8a6ef..0000000000 --- a/vendor/github.com/openshift/api/features.md +++ /dev/null @@ -1,54 +0,0 @@ -| FeatureGate | Default on Hypershift | Default on SelfManagedHA | Default on SingleNode | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA | TechPreviewNoUpgrade on SingleNode | -| ------ | --- | --- | --- | --- | --- | --- | -| AdminNetworkPolicy| | | | Enabled | Enabled | Enabled | -| AlertingRules| | | | Enabled | Enabled | Enabled | -| AutomatedEtcdBackup| | | | Enabled | Enabled | Enabled | -| CSIDriverSharedResource| | | | Enabled | Enabled | Enabled | -| DNSNameResolver| | | | Enabled | Enabled | Enabled | -| DynamicResourceAllocation| | | | Enabled | Enabled | Enabled | -| Example| | | | Enabled | Enabled | Enabled | -| ExternalRouteCertificate| | | | Enabled | Enabled | Enabled | -| GCPClusterHostedDNS| | | | Enabled | Enabled | Enabled | -| GCPLabelsTags| | | | Enabled | Enabled | Enabled | -| GatewayAPI| | | | Enabled | Enabled | Enabled | -| HardwareSpeed| | | | Enabled | Enabled | Enabled | -| ImagePolicy| | | | Enabled | Enabled | Enabled | -| InsightsConfig| | | | Enabled | Enabled | Enabled | -| InsightsConfigAPI| | | | Enabled | Enabled | Enabled | -| InsightsOnDemandDataGather| | | | Enabled | Enabled | Enabled | -| InstallAlternateInfrastructureAWS| | | | Enabled | Enabled | Enabled | -| MachineAPIProviderOpenStack| | | | Enabled | Enabled | Enabled | -| MachineConfigNodes| | | | Enabled | Enabled | Enabled | -| ManagedBootImages| | | | Enabled | Enabled | Enabled | -| MaxUnavailableStatefulSet| | | | Enabled | Enabled | Enabled | -| MetricsServer| | | | Enabled | Enabled | Enabled | -| MixedCPUsAllocation| | | | Enabled | Enabled | Enabled | -| NewOLM| | | | Enabled | Enabled | Enabled | -| NodeDisruptionPolicy| | | | Enabled | Enabled | Enabled | -| NodeSwap| | | | Enabled | Enabled | Enabled | -| OnClusterBuild| | | | Enabled | Enabled | Enabled | -| PinnedImages| | | | Enabled | Enabled | Enabled | -| PlatformOperators| | | | Enabled | Enabled | Enabled | -| RouteExternalCertificate| | | | Enabled | Enabled | Enabled | -| SignatureStores| | | | Enabled | Enabled | Enabled | -| SigstoreImageVerification| | | | Enabled | Enabled | Enabled | -| TranslateStreamCloseWebsocketRequests| | | | Enabled | Enabled | Enabled | -| UpgradeStatus| | | | Enabled | Enabled | Enabled | -| ValidatingAdmissionPolicy| | | | Enabled | Enabled | Enabled | -| VolumeGroupSnapshot| | | | Enabled | Enabled | Enabled | -| ExternalOIDC| Enabled | | | Enabled | Enabled | Enabled | -| AlibabaPlatform| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| BareMetalLoadBalancer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| CloudDualStackNodeIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProvider| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderExternal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PrivateHostedZoneAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VSphereControlPlaneMachineSet| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| VSphereStaticIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/install/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/helm/v1beta1/00_helm-chart-repository.crd.yaml similarity index 62% rename from install/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/helm/v1beta1/00_helm-chart-repository.crd.yaml index 75e7146102..bcf81ae9c9 100644 --- a/install/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/helm/v1beta1/00_helm-chart-repository.crd.yaml @@ -2,32 +2,26 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1713 - api.openshift.io/merged-by-featuregates: "true" + api-approved.openshift.io: https://github.com/openshift/api/pull/598 include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - labels: - openshift.io/operator-managed: "" - name: pinnedimagesets.machineconfiguration.openshift.io + name: helmchartrepositories.helm.openshift.io spec: - group: machineconfiguration.openshift.io + group: helm.openshift.io names: - kind: PinnedImageSet - listKind: PinnedImageSetList - plural: pinnedimagesets - singular: pinnedimageset + kind: HelmChartRepository + listKind: HelmChartRepositoryList + plural: helmchartrepositories + singular: helmchartrepository scope: Cluster versions: - - name: v1alpha1 + - name: v1beta1 schema: openAPIV3Schema: - description: "PinnedImageSet describes a set of images that should be pinned - by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools. - \n Compatibility level 4: No compatibility is provided, the API can change - at any point for any reason. These capabilities should not be used by applications - needing long term support." + description: "HelmChartRepository holds cluster-wide configuration for proxied + Helm chart repository \n Compatibility level 2: Stable within a major release + for a minimum of 9 months or 3 minor releases (whichever is longer)." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -42,50 +36,67 @@ spec: metadata: type: object spec: - description: spec describes the configuration of this pinned image set. + description: spec holds user settable values for configuration properties: - pinnedImages: - description: "pinnedImages is a list of OCI Image referenced by digest - that should be pinned and pre-loaded by the nodes of a MachineConfigPool. - Translates into a new file inside the /etc/crio/crio.conf.d directory - with content similar to this: \n pinned_images = [ \"quay.io/openshift-release-dev/ocp-release@sha256:...\", - \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", - ... ] \n These image references should all be by digest, tags aren't - allowed." - items: - properties: - name: - description: "name is an OCI Image referenced by digest. \n - The format of the image ref is: host[:port][/namespace]/name@sha256:" - maxLength: 447 - minLength: 1 - type: string - x-kubernetes-validations: - - message: the OCI Image reference must end with a valid '@sha256:' - suffix, where '' is 64 characters long - rule: self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$') - - message: the OCI Image name should follow the host[:port][/namespace]/name - format, resembling a valid URL without the scheme - rule: self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$') - required: - - name - type: object - maxItems: 500 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - pinnedImages + connectionConfig: + description: Required configuration for connecting to the chart repo + properties: + ca: + description: ca is an optional reference to a config map by name + containing the PEM-encoded CA bundle. It is used as a trust + anchor to validate the TLS certificate presented by the remote + server. The key "ca-bundle.crt" is used to locate the data. + If empty, the default system roots are used. The namespace for + this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + tlsClientConfig: + description: tlsClientConfig is an optional reference to a secret + by name that contains the PEM-encoded TLS client certificate + and private key to present when connecting to the server. The + key "tls.crt" is used to locate the client certificate. The + key "tls.key" is used to locate the private key. The namespace + for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + url: + description: Chart repository URL + maxLength: 2048 + pattern: ^https?:\/\/ + type: string + type: object + description: + description: Optional human readable repository description, it can + be used by UI for displaying purposes + maxLength: 2048 + minLength: 1 + type: string + disabled: + description: If set to true, disable the repo usage in the cluster/namespace + type: boolean + name: + description: Optional associated human readable repository name, it + can be used by UI for displaying purposes + maxLength: 100 + minLength: 1 + type: string type: object status: - description: status describes the last observed state of this pinned image - set. + description: Observed status of the repository within the cluster.. properties: conditions: - description: conditions represent the observations of a pinned image - set's current state. + description: conditions is a list of conditions and their statuses items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct @@ -153,9 +164,6 @@ spec: - type type: object type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map type: object required: - spec diff --git a/vendor/github.com/openshift/api/helm/v1beta1/00_project-helm-chart-repository.crd.yaml b/vendor/github.com/openshift/api/helm/v1beta1/00_project-helm-chart-repository.crd.yaml new file mode 100644 index 0000000000..22dca20fbf --- /dev/null +++ b/vendor/github.com/openshift/api/helm/v1beta1/00_project-helm-chart-repository.crd.yaml @@ -0,0 +1,192 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1084 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: projecthelmchartrepositories.helm.openshift.io +spec: + group: helm.openshift.io + names: + kind: ProjectHelmChartRepository + listKind: ProjectHelmChartRepositoryList + plural: projecthelmchartrepositories + singular: projecthelmchartrepository + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: "ProjectHelmChartRepository holds namespace-wide configuration + for proxied Helm chart repository \n Compatibility level 2: Stable within + a major release for a minimum of 9 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + connectionConfig: + description: Required configuration for connecting to the chart repo + properties: + basicAuthConfig: + description: basicAuthConfig is an optional reference to a secret + by name that contains the basic authentication credentials to + present when connecting to the server. The key "username" is + used locate the username. The key "password" is used to locate + the password. The namespace for this secret must be same as + the namespace where the project helm chart repository is getting + instantiated. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + ca: + description: ca is an optional reference to a config map by name + containing the PEM-encoded CA bundle. It is used as a trust + anchor to validate the TLS certificate presented by the remote + server. The key "ca-bundle.crt" is used to locate the data. + If empty, the default system roots are used. The namespace for + this configmap must be same as the namespace where the project + helm chart repository is getting instantiated. + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + tlsClientConfig: + description: tlsClientConfig is an optional reference to a secret + by name that contains the PEM-encoded TLS client certificate + and private key to present when connecting to the server. The + key "tls.crt" is used to locate the client certificate. The + key "tls.key" is used to locate the private key. The namespace + for this secret must be same as the namespace where the project + helm chart repository is getting instantiated. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + url: + description: Chart repository URL + maxLength: 2048 + pattern: ^https?:\/\/ + type: string + type: object + description: + description: Optional human readable repository description, it can + be used by UI for displaying purposes + maxLength: 2048 + minLength: 1 + type: string + disabled: + description: If set to true, disable the repo usage in the namespace + type: boolean + name: + description: Optional associated human readable repository name, it + can be used by UI for displaying purposes + maxLength: 100 + minLength: 1 + type: string + type: object + status: + description: Observed status of the repository within the namespace.. + properties: + conditions: + description: conditions is a list of conditions and their statuses + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/helm/v1beta1/stable.helmchartrepository.testsuite.yaml b/vendor/github.com/openshift/api/helm/v1beta1/stable.helmchartrepository.testsuite.yaml index 0e3d9f19bd..64f1447ccc 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/stable.helmchartrepository.testsuite.yaml +++ b/vendor/github.com/openshift/api/helm/v1beta1/stable.helmchartrepository.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] HelmChartRepository" -crd: 00_helmchartrepositories.crd.yaml +crd: 00_helm-chart-repository.crd.yaml tests: onCreate: - name: Should be able to create a minimal HelmChartRepository diff --git a/vendor/github.com/openshift/api/helm/v1beta1/stable.projecthelmchartrepository.testsuite.yaml b/vendor/github.com/openshift/api/helm/v1beta1/stable.projecthelmchartrepository.testsuite.yaml index e960a32c56..d7c402a534 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/stable.projecthelmchartrepository.testsuite.yaml +++ b/vendor/github.com/openshift/api/helm/v1beta1/stable.projecthelmchartrepository.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ProjectHelmChartRepository" -crd: 00_projecthelmchartrepositories.crd.yaml +crd: 00_project-helm-chart-repository.crd.yaml tests: onCreate: - name: Should be able to create a minimal ProjectHelmChartRepository diff --git a/vendor/github.com/openshift/api/helm/v1beta1/types_helm_chart_repository.go b/vendor/github.com/openshift/api/helm/v1beta1/types_helm_chart_repository.go index 91f25fb673..826c1496fb 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/types_helm_chart_repository.go +++ b/vendor/github.com/openshift/api/helm/v1beta1/types_helm_chart_repository.go @@ -14,11 +14,6 @@ import ( // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=2 -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=helmchartrepositories,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/598 -// +openshift:file-pattern=operatorOrdering=00 type HelmChartRepository struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/helm/v1beta1/types_project_helm_chart_repository.go b/vendor/github.com/openshift/api/helm/v1beta1/types_project_helm_chart_repository.go index 37ff581c14..c4cd7759a9 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/types_project_helm_chart_repository.go +++ b/vendor/github.com/openshift/api/helm/v1beta1/types_project_helm_chart_repository.go @@ -13,11 +13,6 @@ import ( // // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=2 -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=projecthelmchartrepositories,scope=Namespaced -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1084 -// +openshift:file-pattern=operatorOrdering=00 type ProjectHelmChartRepository struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/helm/v1beta1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/helm/v1beta1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 218c072c16..0000000000 --- a/vendor/github.com/openshift/api/helm/v1beta1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,42 +0,0 @@ -helmchartrepositories.helm.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/598 - CRDName: helmchartrepositories.helm.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: helm.openshift.io - HasStatus: true - KindName: HelmChartRepository - Labels: {} - PluralName: helmchartrepositories - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1beta1 - -projecthelmchartrepositories.helm.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1084 - CRDName: projecthelmchartrepositories.helm.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: helm.openshift.io - HasStatus: true - KindName: ProjectHelmChartRepository - Labels: {} - PluralName: projecthelmchartrepositories - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1beta1 - diff --git a/vendor/github.com/openshift/api/imageregistry/v1/00_imageregistry.crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/00_imageregistry.crd.yaml new file mode 100644 index 0000000000..ce7c09b8dd --- /dev/null +++ b/vendor/github.com/openshift/api/imageregistry/v1/00_imageregistry.crd.yaml @@ -0,0 +1,2369 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/519 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: configs.imageregistry.operator.openshift.io +spec: + group: imageregistry.operator.openshift.io + names: + kind: Config + listKind: ConfigList + plural: configs + singular: config + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "Config is the configuration object for a registry instance managed + by the registry operator \n Compatibility level 1: Stable within a major + release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImageRegistrySpec defines the specs for the running registry. + properties: + affinity: + description: affinity is a group of node affinity scheduling rules + for the image registry pod(s). + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key in (value)` to select + the group of existing pods which pods will be + taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MatchLabelKeys and LabelSelector. Also, + MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key notin (value)` to + select the group of existing pods which pods will + be taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MismatchLabelKeys and LabelSelector. Also, + MismatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key in (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires enabling + MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key notin (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MismatchLabelKeys and + LabelSelector. Also, MismatchLabelKeys cannot be set + when LabelSelector isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key in (value)` to select + the group of existing pods which pods will be + taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MatchLabelKeys and LabelSelector. Also, + MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key notin (value)` to + select the group of existing pods which pods will + be taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MismatchLabelKeys and LabelSelector. Also, + MismatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key in (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires enabling + MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key notin (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MismatchLabelKeys and + LabelSelector. Also, MismatchLabelKeys cannot be set + when LabelSelector isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + defaultRoute: + description: defaultRoute indicates whether an external facing route + for the registry should be created using the default generated hostname. + type: boolean + disableRedirect: + description: disableRedirect controls whether to route all data through + the Registry, rather than redirecting to the backend. + type: boolean + httpSecret: + description: httpSecret is the value needed by the registry to secure + uploads, generated by default. + type: string + logLevel: + default: Normal + description: "logLevel is an intent based logging for an overall component. + \ It does not give fine grained control, but it is a simple way + to manage coarse grained logging choices that operators have to + interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", + \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + logging: + description: logging is deprecated, use logLevel instead. + format: int64 + type: integer + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + nodeSelector: + additionalProperties: + type: string + description: nodeSelector defines the node selection constraints for + the registry pod. + type: object + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + proxy: + description: proxy defines the proxy to be used when calling master + api, upstream registries, etc. + properties: + http: + description: http defines the proxy to be used by the image registry + when accessing HTTP endpoints. + type: string + https: + description: https defines the proxy to be used by the image registry + when accessing HTTPS endpoints. + type: string + noProxy: + description: noProxy defines a comma-separated list of host names + that shouldn't go through any proxy. + type: string + type: object + readOnly: + description: readOnly indicates whether the registry instance should + reject attempts to push new images or delete existing ones. + type: boolean + replicas: + description: replicas determines the number of registry instances + to run. + format: int32 + type: integer + requests: + description: requests controls how many parallel requests a given + registry instance will handle before queuing additional requests. + properties: + read: + description: read defines limits for image registry's reads. + properties: + maxInQueue: + description: maxInQueue sets the maximum queued api requests + to the registry. + type: integer + maxRunning: + description: maxRunning sets the maximum in flight api requests + to the registry. + type: integer + maxWaitInQueue: + description: maxWaitInQueue sets the maximum time a request + can wait in the queue before being rejected. + format: duration + type: string + type: object + write: + description: write defines limits for image registry's writes. + properties: + maxInQueue: + description: maxInQueue sets the maximum queued api requests + to the registry. + type: integer + maxRunning: + description: maxRunning sets the maximum in flight api requests + to the registry. + type: integer + maxWaitInQueue: + description: maxWaitInQueue sets the maximum time a request + can wait in the queue before being rejected. + format: duration + type: string + type: object + type: object + resources: + description: resources defines the resource requests+limits for the + registry pod. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + rolloutStrategy: + description: rolloutStrategy defines rollout strategy for the image + registry deployment. + pattern: ^(RollingUpdate|Recreate)$ + type: string + routes: + description: routes defines additional external facing routes which + should be created for the registry. + items: + description: ImageRegistryConfigRoute holds information on external + route access to image registry. + properties: + hostname: + description: hostname for the route. + type: string + name: + description: name of the route to be created. + type: string + secretName: + description: secretName points to secret containing the certificates + to be used by the route. + type: string + required: + - name + type: object + type: array + storage: + description: storage details for configuring registry storage, e.g. + S3 bucket coordinates. + properties: + azure: + description: azure represents configuration that uses Azure Blob + Storage. + properties: + accountName: + description: accountName defines the account to be used by + the registry. + type: string + cloudName: + description: cloudName is the name of the Azure cloud environment + to be used by the registry. If empty, the operator will + set it based on the infrastructure object. + type: string + container: + description: container defines Azure's container to be used + by registry. + maxLength: 63 + minLength: 3 + pattern: ^[0-9a-z]+(-[0-9a-z]+)*$ + type: string + networkAccess: + default: + type: External + description: 'networkAccess defines the network access properties + for the storage account. Defaults to type: External.' + properties: + internal: + description: 'internal defines the vnet and subnet names + to configure a private endpoint and connect it to the + storage account in order to make it private. when type: + Internal and internal is unset, the image registry operator + will discover vnet and subnet names, and generate a + private endpoint name.' + properties: + networkResourceGroupName: + description: networkResourceGroupName is the resource + group name where the cluster's vnet and subnet are. + When omitted, the registry operator will use the + cluster resource group (from in the infrastructure + status). If you set a networkResourceGroupName on + your install-config.yaml, that value will be used + automatically (for clusters configured with publish:Internal). + Note that both vnet and subnet must be in the same + resource group. It must be between 1 and 90 characters + in length and must consist only of alphanumeric + characters, hyphens (-), periods (.) and underscores + (_), and not end with a period. + maxLength: 90 + minLength: 1 + pattern: ^[0-9A-Za-z_.-](?:[0-9A-Za-z_.-]*[0-9A-Za-z_-])?$ + type: string + privateEndpointName: + description: privateEndpointName is the name of the + private endpoint for the registry. When provided, + the registry will use it as the name of the private + endpoint it will create for the storage account. + When omitted, the registry will generate one. It + must be between 2 and 64 characters in length and + must consist only of alphanumeric characters, hyphens + (-), periods (.) and underscores (_). It must start + with an alphanumeric character and end with an alphanumeric + character or an underscore. + maxLength: 64 + minLength: 2 + pattern: ^[0-9A-Za-z][0-9A-Za-z_.-]*[0-9A-Za-z_]$ + type: string + subnetName: + description: subnetName is the name of the subnet + the registry operates in. When omitted, the registry + operator will discover and set this by using the + `kubernetes.io_cluster.` tag in the + vnet resource, then using one of listed subnets. + Advanced cluster network configurations that use + network security groups to protect subnets should + ensure the provided subnetName has access to Azure + Storage service. It must be between 1 and 80 characters + in length and must consist only of alphanumeric + characters, hyphens (-), periods (.) and underscores + (_). + maxLength: 80 + minLength: 1 + pattern: ^[0-9A-Za-z](?:[0-9A-Za-z_.-]*[0-9A-Za-z_])?$ + type: string + vnetName: + description: vnetName is the name of the vnet the + registry operates in. When omitted, the registry + operator will discover and set this by using the + `kubernetes.io_cluster.` tag in the + vnet resource. This tag is set automatically by + the installer. Commonly, this will be the same vnet + as the cluster. Advanced cluster network configurations + should ensure the provided vnetName is the vnet + of the nodes where the image registry pods are running + from. It must be between 2 and 64 characters in + length and must consist only of alphanumeric characters, + hyphens (-), periods (.) and underscores (_). It + must start with an alphanumeric character and end + with an alphanumeric character or an underscore. + maxLength: 64 + minLength: 2 + pattern: ^[0-9A-Za-z][0-9A-Za-z_.-]*[0-9A-Za-z_]$ + type: string + type: object + type: + default: External + description: 'type is the network access level to be used + for the storage account. type: Internal means the storage + account will be private, type: External means the storage + account will be publicly accessible. Internal storage + accounts are only exposed within the cluster''s vnet. + External storage accounts are publicly exposed on the + internet. When type: Internal is used, a vnetName, subNetName + and privateEndpointName may optionally be specified. + If unspecificed, the image registry operator will discover + vnet and subnet names, and generate a privateEndpointName. + Defaults to "External".' + enum: + - Internal + - External + type: string + type: object + x-kubernetes-validations: + - message: internal is forbidden when type is not Internal + rule: 'has(self.type) && self.type == ''Internal'' ? true + : !has(self.internal)' + type: object + emptyDir: + description: 'emptyDir represents ephemeral storage on the pod''s + host node. WARNING: this storage cannot be used with more than + 1 replica and is not suitable for production use. When the pod + is removed from a node for any reason, the data in the emptyDir + is deleted forever.' + type: object + gcs: + description: gcs represents configuration that uses Google Cloud + Storage. + properties: + bucket: + description: bucket is the bucket name in which you want to + store the registry's data. Optional, will be generated if + not provided. + type: string + keyID: + description: keyID is the KMS key ID to use for encryption. + Optional, buckets are encrypted by default on GCP. This + allows for the use of a custom encryption key. + type: string + projectID: + description: projectID is the Project ID of the GCP project + that this bucket should be associated with. + type: string + region: + description: region is the GCS location in which your bucket + exists. Optional, will be set based on the installed GCS + Region. + type: string + type: object + ibmcos: + description: ibmcos represents configuration that uses IBM Cloud + Object Storage. + properties: + bucket: + description: bucket is the bucket name in which you want to + store the registry's data. Optional, will be generated if + not provided. + type: string + location: + description: location is the IBM Cloud location in which your + bucket exists. Optional, will be set based on the installed + IBM Cloud location. + type: string + resourceGroupName: + description: resourceGroupName is the name of the IBM Cloud + resource group that this bucket and its service instance + is associated with. Optional, will be set based on the installed + IBM Cloud resource group. + type: string + resourceKeyCRN: + description: resourceKeyCRN is the CRN of the IBM Cloud resource + key that is created for the service instance. Commonly referred + as a service credential and must contain HMAC type credentials. + Optional, will be computed if not provided. + pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+:resource-key:.+$ + type: string + serviceInstanceCRN: + description: serviceInstanceCRN is the CRN of the IBM Cloud + Object Storage service instance that this bucket is associated + with. Optional, will be computed if not provided. + pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+::$ + type: string + type: object + managementState: + description: managementState indicates if the operator manages + the underlying storage unit. If Managed the operator will remove + the storage when this operator gets Removed. + pattern: ^(Managed|Unmanaged)$ + type: string + oss: + description: Oss represents configuration that uses Alibaba Cloud + Object Storage Service. + properties: + bucket: + description: Bucket is the bucket name in which you want to + store the registry's data. About Bucket naming, more details + you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) + Empty value means no opinion and the platform chooses the + a default, which is subject to change over time. Currently + the default will be autogenerated in the form of -image-registry-- + maxLength: 63 + minLength: 3 + pattern: ^[0-9a-z]+(-[0-9a-z]+)*$ + type: string + encryption: + anyOf: + - not: + required: + - kms + properties: + method: + not: + enum: + - KMS + - properties: + method: + enum: + - KMS + required: + - kms + description: Encryption specifies whether you would like your + data encrypted on the server side. More details, you can + look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) + properties: + kms: + description: KMS (key management service) is an encryption + type that holds the struct for KMS KeyID + properties: + keyID: + description: KeyID holds the KMS encryption key ID + minLength: 1 + type: string + required: + - keyID + type: object + method: + default: AES256 + description: Method defines the different encrytion modes + available Empty value means no opinion and the platform + chooses the a default, which is subject to change over + time. Currently the default is `AES256`. + enum: + - KMS + - AES256 + type: string + type: object + endpointAccessibility: + default: Internal + description: EndpointAccessibility specifies whether the registry + use the OSS VPC internal endpoint Empty value means no opinion + and the platform chooses the a default, which is subject + to change over time. Currently the default is `Internal`. + enum: + - Internal + - Public + - "" + type: string + region: + description: Region is the Alibaba Cloud Region in which your + bucket exists. For a list of regions, you can look at the + [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). + Empty value means no opinion and the platform chooses the + a default, which is subject to change over time. Currently + the default will be based on the installed Alibaba Cloud + Region. + type: string + type: object + pvc: + description: pvc represents configuration that uses a PersistentVolumeClaim. + properties: + claim: + description: claim defines the Persisent Volume Claim's name + to be used. + type: string + type: object + s3: + description: s3 represents configuration that uses Amazon Simple + Storage Service. + properties: + bucket: + description: bucket is the bucket name in which you want to + store the registry's data. Optional, will be generated if + not provided. + type: string + cloudFront: + description: cloudFront configures Amazon Cloudfront as the + storage middleware in a registry. + properties: + baseURL: + description: baseURL contains the SCHEME://HOST[/PATH] + at which Cloudfront is served. + type: string + duration: + description: duration is the duration of the Cloudfront + session. + format: duration + type: string + keypairID: + description: keypairID is key pair ID provided by AWS. + type: string + privateKey: + description: privateKey points to secret containing the + private key, provided by AWS. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - baseURL + - keypairID + - privateKey + type: object + encrypt: + description: encrypt specifies whether the registry stores + the image in encrypted format or not. Optional, defaults + to false. + type: boolean + keyID: + description: keyID is the KMS key ID to use for encryption. + Optional, Encrypt must be true, or this parameter is ignored. + type: string + region: + description: region is the AWS region in which your bucket + exists. Optional, will be set based on the installed AWS + Region. + type: string + regionEndpoint: + description: regionEndpoint is the endpoint for S3 compatible + storage services. It should be a valid URL with scheme, + e.g. https://s3.example.com. Optional, defaults based on + the Region that is provided. + type: string + trustedCA: + description: "trustedCA is a reference to a config map containing + a CA bundle. The image registry and its operator use certificates + from this bundle to verify S3 server certificates. \n The + namespace for the config map referenced by trustedCA is + \"openshift-config\". The key for the bundle in the config + map is \"ca-bundle.crt\"." + properties: + name: + description: name is the metadata.name of the referenced + config map. This field must adhere to standard config + map naming restrictions. The name must consist solely + of alphanumeric characters, hyphens (-) and periods + (.). It has a maximum length of 253 characters. If this + field is not specified or is empty string, the default + trust bundle will be used. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + type: object + virtualHostedStyle: + description: virtualHostedStyle enables using S3 virtual hosted + style bucket paths with a custom RegionEndpoint Optional, + defaults to false. + type: boolean + type: object + swift: + description: swift represents configuration that uses OpenStack + Object Storage. + properties: + authURL: + description: authURL defines the URL for obtaining an authentication + token. + type: string + authVersion: + description: authVersion specifies the OpenStack Auth's version. + type: string + container: + description: container defines the name of Swift container + where to store the registry's data. + type: string + domain: + description: domain specifies Openstack's domain name for + Identity v3 API. + type: string + domainID: + description: domainID specifies Openstack's domain id for + Identity v3 API. + type: string + regionName: + description: regionName defines Openstack's region in which + container exists. + type: string + tenant: + description: tenant defines Openstack tenant name to be used + by registry. + type: string + tenantID: + description: tenant defines Openstack tenant id to be used + by registry. + type: string + type: object + type: object + tolerations: + description: tolerations defines the tolerations for the registry + pod. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: topologySpreadConstraints specify how to spread matching + pods among the given topology. + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods + that match this label selector are counted to determine the + number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select + the pods over which spreading will be calculated. The keys + are used to lookup values from the incoming pod labels, those + key-value labels are ANDed with labelSelector to select the + group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in + both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot + be set when LabelSelector isn't set. Keys that don't exist + in the incoming pod labels will be ignored. A null or empty + list means only match against labelSelector. \n This is a + beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which pods may + be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods + in an eligible domain or zero if the number of eligible domains + is less than MinDomains. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 2/2/1: In this case, the global minimum is 1. | + zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew + is 1, incoming pod can only be scheduled to zone3 to become + 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming + pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies that satisfy + it. It''s a required field. Default value is 1 and 0 is not + allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number of eligible + domains. When the number of eligible domains with matching + topology keys is less than minDomains, Pod Topology Spread + treats \"global minimum\" as 0, and then the calculation of + Skew is performed. And when the number of eligible domains + with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. As a result, when + the number of eligible domains is less than minDomains, scheduler + won't schedule more than maxSkew Pods to those domains. If + value is nil, the constraint behaves as if MinDomains is equal + to 1. Valid values are integers greater than 0. When value + is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For + example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains + is set to 5 and pods with the same labelSelector spread as + 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | + The number of domains is less than 5(MinDomains), so \"global + minimum\" is treated as 0. In this situation, new pod with + the same labelSelector cannot be scheduled, because computed + skew will be 3(3 - 0) if new Pod is scheduled to any of the + three zones, it will violate MaxSkew. \n This is a beta field + and requires the MinDomainsInPodTopologySpread feature gate + to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat + Pod's nodeAffinity/nodeSelector when calculating pod topology + spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. \n + If this value is nil, the behavior is equivalent to the Honor + policy. This is a beta-level feature default enabled by the + NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node + taints when calculating pod topology spread skew. Options + are: - Honor: nodes without taints, along with tainted nodes + for which the incoming pod has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + \n If this value is nil, the behavior is equivalent to the + Ignore policy. This is a beta-level feature default enabled + by the NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. Nodes that + have a label with this key and identical values are considered + to be in the same topology. We consider each + as a "bucket", and try to put balanced number of pods into + each bucket. We define a domain as a particular instance of + a topology. Also, we define an eligible domain as a domain + whose nodes meet the requirements of nodeAffinityPolicy and + nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain of + that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a + pod if it doesn''t satisfy the spread constraint. - DoNotSchedule + (default) tells the scheduler not to schedule it. - ScheduleAnyway + tells the scheduler to schedule the pod in any location, but + giving higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" for an + incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. For + example, in a 3-zone cluster, MaxSkew is set to 1, and pods + with the same labelSelector spread as 3/1/1: | zone1 | zone2 + | zone3 | | P P P | P | P | If WhenUnsatisfiable is + set to DoNotSchedule, incoming pod can only be scheduled to + zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on + zone2(zone3) satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make it *more* + imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + unsupportedConfigOverrides: + description: unsupportedConfigOverrides overrides the final configuration + that was computed by the operator. Red Hat does not support the + use of this field. Misuse of this field could lead to unexpected + behavior or conflict with other configuration options. Seek guidance + from the Red Hat support before using this field. Use of this property + blocks cluster upgrades, it must be removed before upgrading your + cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - replicas + type: object + status: + description: ImageRegistryStatus reports image registry operational status. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + x-kubernetes-list-type: atomic + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + storage: + description: storage indicates the current applied storage configuration + of the registry. + properties: + azure: + description: azure represents configuration that uses Azure Blob + Storage. + properties: + accountName: + description: accountName defines the account to be used by + the registry. + type: string + cloudName: + description: cloudName is the name of the Azure cloud environment + to be used by the registry. If empty, the operator will + set it based on the infrastructure object. + type: string + container: + description: container defines Azure's container to be used + by registry. + maxLength: 63 + minLength: 3 + pattern: ^[0-9a-z]+(-[0-9a-z]+)*$ + type: string + networkAccess: + default: + type: External + description: 'networkAccess defines the network access properties + for the storage account. Defaults to type: External.' + properties: + internal: + description: 'internal defines the vnet and subnet names + to configure a private endpoint and connect it to the + storage account in order to make it private. when type: + Internal and internal is unset, the image registry operator + will discover vnet and subnet names, and generate a + private endpoint name.' + properties: + networkResourceGroupName: + description: networkResourceGroupName is the resource + group name where the cluster's vnet and subnet are. + When omitted, the registry operator will use the + cluster resource group (from in the infrastructure + status). If you set a networkResourceGroupName on + your install-config.yaml, that value will be used + automatically (for clusters configured with publish:Internal). + Note that both vnet and subnet must be in the same + resource group. It must be between 1 and 90 characters + in length and must consist only of alphanumeric + characters, hyphens (-), periods (.) and underscores + (_), and not end with a period. + maxLength: 90 + minLength: 1 + pattern: ^[0-9A-Za-z_.-](?:[0-9A-Za-z_.-]*[0-9A-Za-z_-])?$ + type: string + privateEndpointName: + description: privateEndpointName is the name of the + private endpoint for the registry. When provided, + the registry will use it as the name of the private + endpoint it will create for the storage account. + When omitted, the registry will generate one. It + must be between 2 and 64 characters in length and + must consist only of alphanumeric characters, hyphens + (-), periods (.) and underscores (_). It must start + with an alphanumeric character and end with an alphanumeric + character or an underscore. + maxLength: 64 + minLength: 2 + pattern: ^[0-9A-Za-z][0-9A-Za-z_.-]*[0-9A-Za-z_]$ + type: string + subnetName: + description: subnetName is the name of the subnet + the registry operates in. When omitted, the registry + operator will discover and set this by using the + `kubernetes.io_cluster.` tag in the + vnet resource, then using one of listed subnets. + Advanced cluster network configurations that use + network security groups to protect subnets should + ensure the provided subnetName has access to Azure + Storage service. It must be between 1 and 80 characters + in length and must consist only of alphanumeric + characters, hyphens (-), periods (.) and underscores + (_). + maxLength: 80 + minLength: 1 + pattern: ^[0-9A-Za-z](?:[0-9A-Za-z_.-]*[0-9A-Za-z_])?$ + type: string + vnetName: + description: vnetName is the name of the vnet the + registry operates in. When omitted, the registry + operator will discover and set this by using the + `kubernetes.io_cluster.` tag in the + vnet resource. This tag is set automatically by + the installer. Commonly, this will be the same vnet + as the cluster. Advanced cluster network configurations + should ensure the provided vnetName is the vnet + of the nodes where the image registry pods are running + from. It must be between 2 and 64 characters in + length and must consist only of alphanumeric characters, + hyphens (-), periods (.) and underscores (_). It + must start with an alphanumeric character and end + with an alphanumeric character or an underscore. + maxLength: 64 + minLength: 2 + pattern: ^[0-9A-Za-z][0-9A-Za-z_.-]*[0-9A-Za-z_]$ + type: string + type: object + type: + default: External + description: 'type is the network access level to be used + for the storage account. type: Internal means the storage + account will be private, type: External means the storage + account will be publicly accessible. Internal storage + accounts are only exposed within the cluster''s vnet. + External storage accounts are publicly exposed on the + internet. When type: Internal is used, a vnetName, subNetName + and privateEndpointName may optionally be specified. + If unspecificed, the image registry operator will discover + vnet and subnet names, and generate a privateEndpointName. + Defaults to "External".' + enum: + - Internal + - External + type: string + type: object + x-kubernetes-validations: + - message: internal is forbidden when type is not Internal + rule: 'has(self.type) && self.type == ''Internal'' ? true + : !has(self.internal)' + type: object + emptyDir: + description: 'emptyDir represents ephemeral storage on the pod''s + host node. WARNING: this storage cannot be used with more than + 1 replica and is not suitable for production use. When the pod + is removed from a node for any reason, the data in the emptyDir + is deleted forever.' + type: object + gcs: + description: gcs represents configuration that uses Google Cloud + Storage. + properties: + bucket: + description: bucket is the bucket name in which you want to + store the registry's data. Optional, will be generated if + not provided. + type: string + keyID: + description: keyID is the KMS key ID to use for encryption. + Optional, buckets are encrypted by default on GCP. This + allows for the use of a custom encryption key. + type: string + projectID: + description: projectID is the Project ID of the GCP project + that this bucket should be associated with. + type: string + region: + description: region is the GCS location in which your bucket + exists. Optional, will be set based on the installed GCS + Region. + type: string + type: object + ibmcos: + description: ibmcos represents configuration that uses IBM Cloud + Object Storage. + properties: + bucket: + description: bucket is the bucket name in which you want to + store the registry's data. Optional, will be generated if + not provided. + type: string + location: + description: location is the IBM Cloud location in which your + bucket exists. Optional, will be set based on the installed + IBM Cloud location. + type: string + resourceGroupName: + description: resourceGroupName is the name of the IBM Cloud + resource group that this bucket and its service instance + is associated with. Optional, will be set based on the installed + IBM Cloud resource group. + type: string + resourceKeyCRN: + description: resourceKeyCRN is the CRN of the IBM Cloud resource + key that is created for the service instance. Commonly referred + as a service credential and must contain HMAC type credentials. + Optional, will be computed if not provided. + pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+:resource-key:.+$ + type: string + serviceInstanceCRN: + description: serviceInstanceCRN is the CRN of the IBM Cloud + Object Storage service instance that this bucket is associated + with. Optional, will be computed if not provided. + pattern: ^crn:.+:.+:.+:cloud-object-storage:.+:.+:.+::$ + type: string + type: object + managementState: + description: managementState indicates if the operator manages + the underlying storage unit. If Managed the operator will remove + the storage when this operator gets Removed. + pattern: ^(Managed|Unmanaged)$ + type: string + oss: + description: Oss represents configuration that uses Alibaba Cloud + Object Storage Service. + properties: + bucket: + description: Bucket is the bucket name in which you want to + store the registry's data. About Bucket naming, more details + you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) + Empty value means no opinion and the platform chooses the + a default, which is subject to change over time. Currently + the default will be autogenerated in the form of -image-registry-- + maxLength: 63 + minLength: 3 + pattern: ^[0-9a-z]+(-[0-9a-z]+)*$ + type: string + encryption: + description: Encryption specifies whether you would like your + data encrypted on the server side. More details, you can + look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) + properties: + kms: + description: KMS (key management service) is an encryption + type that holds the struct for KMS KeyID + properties: + keyID: + description: KeyID holds the KMS encryption key ID + minLength: 1 + type: string + required: + - keyID + type: object + method: + default: AES256 + description: Method defines the different encrytion modes + available Empty value means no opinion and the platform + chooses the a default, which is subject to change over + time. Currently the default is `AES256`. + enum: + - KMS + - AES256 + type: string + type: object + endpointAccessibility: + default: Internal + description: EndpointAccessibility specifies whether the registry + use the OSS VPC internal endpoint Empty value means no opinion + and the platform chooses the a default, which is subject + to change over time. Currently the default is `Internal`. + enum: + - Internal + - Public + - "" + type: string + region: + description: Region is the Alibaba Cloud Region in which your + bucket exists. For a list of regions, you can look at the + [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). + Empty value means no opinion and the platform chooses the + a default, which is subject to change over time. Currently + the default will be based on the installed Alibaba Cloud + Region. + type: string + type: object + pvc: + description: pvc represents configuration that uses a PersistentVolumeClaim. + properties: + claim: + description: claim defines the Persisent Volume Claim's name + to be used. + type: string + type: object + s3: + description: s3 represents configuration that uses Amazon Simple + Storage Service. + properties: + bucket: + description: bucket is the bucket name in which you want to + store the registry's data. Optional, will be generated if + not provided. + type: string + cloudFront: + description: cloudFront configures Amazon Cloudfront as the + storage middleware in a registry. + properties: + baseURL: + description: baseURL contains the SCHEME://HOST[/PATH] + at which Cloudfront is served. + type: string + duration: + description: duration is the duration of the Cloudfront + session. + format: duration + type: string + keypairID: + description: keypairID is key pair ID provided by AWS. + type: string + privateKey: + description: privateKey points to secret containing the + private key, provided by AWS. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - baseURL + - keypairID + - privateKey + type: object + encrypt: + description: encrypt specifies whether the registry stores + the image in encrypted format or not. Optional, defaults + to false. + type: boolean + keyID: + description: keyID is the KMS key ID to use for encryption. + Optional, Encrypt must be true, or this parameter is ignored. + type: string + region: + description: region is the AWS region in which your bucket + exists. Optional, will be set based on the installed AWS + Region. + type: string + regionEndpoint: + description: regionEndpoint is the endpoint for S3 compatible + storage services. It should be a valid URL with scheme, + e.g. https://s3.example.com. Optional, defaults based on + the Region that is provided. + type: string + trustedCA: + description: "trustedCA is a reference to a config map containing + a CA bundle. The image registry and its operator use certificates + from this bundle to verify S3 server certificates. \n The + namespace for the config map referenced by trustedCA is + \"openshift-config\". The key for the bundle in the config + map is \"ca-bundle.crt\"." + properties: + name: + description: name is the metadata.name of the referenced + config map. This field must adhere to standard config + map naming restrictions. The name must consist solely + of alphanumeric characters, hyphens (-) and periods + (.). It has a maximum length of 253 characters. If this + field is not specified or is empty string, the default + trust bundle will be used. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + type: object + virtualHostedStyle: + description: virtualHostedStyle enables using S3 virtual hosted + style bucket paths with a custom RegionEndpoint Optional, + defaults to false. + type: boolean + type: object + swift: + description: swift represents configuration that uses OpenStack + Object Storage. + properties: + authURL: + description: authURL defines the URL for obtaining an authentication + token. + type: string + authVersion: + description: authVersion specifies the OpenStack Auth's version. + type: string + container: + description: container defines the name of Swift container + where to store the registry's data. + type: string + domain: + description: domain specifies Openstack's domain name for + Identity v3 API. + type: string + domainID: + description: domainID specifies Openstack's domain id for + Identity v3 API. + type: string + regionName: + description: regionName defines Openstack's region in which + container exists. + type: string + tenant: + description: tenant defines Openstack tenant name to be used + by registry. + type: string + tenantID: + description: tenant defines Openstack tenant id to be used + by registry. + type: string + type: object + type: object + storageManaged: + description: storageManaged is deprecated, please refer to Storage.managementState + type: boolean + version: + description: version is the level this availability applies to + type: string + required: + - storage + - storageManaged + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/imageregistry/v1/00_imageregistry.crd.yaml-patch b/vendor/github.com/openshift/api/imageregistry/v1/00_imageregistry.crd.yaml-patch new file mode 100644 index 0000000000..1bd29f5667 --- /dev/null +++ b/vendor/github.com/openshift/api/imageregistry/v1/00_imageregistry.crd.yaml-patch @@ -0,0 +1,13 @@ +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/storage/properties/oss/properties/encryption/anyOf + value: + - properties: + method: + not: + enum: ["KMS"] + not: + required: ["kms"] + - properties: + method: + enum: ["KMS"] + required: ["kms"] diff --git a/vendor/github.com/openshift/api/imageregistry/v1/01_imagepruner.crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/01_imagepruner.crd.yaml new file mode 100644 index 0000000000..d4d3603b00 --- /dev/null +++ b/vendor/github.com/openshift/api/imageregistry/v1/01_imagepruner.crd.yaml @@ -0,0 +1,1212 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/555 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: imagepruners.imageregistry.operator.openshift.io +spec: + group: imageregistry.operator.openshift.io + names: + kind: ImagePruner + listKind: ImagePrunerList + plural: imagepruners + singular: imagepruner + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ImagePruner is the configuration object for an image registry + pruner managed by the registry operator. \n Compatibility level 1: Stable + within a major release for a minimum of 12 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ImagePrunerSpec defines the specs for the running image pruner. + properties: + affinity: + description: affinity is a group of node affinity scheduling rules + for the image pruner pod. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key in (value)` to select + the group of existing pods which pods will be + taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MatchLabelKeys and LabelSelector. Also, + MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key notin (value)` to + select the group of existing pods which pods will + be taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MismatchLabelKeys and LabelSelector. Also, + MismatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key in (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires enabling + MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key notin (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MismatchLabelKeys and + LabelSelector. Also, MismatchLabelKeys cannot be set + when LabelSelector isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key in (value)` to select + the group of existing pods which pods will be + taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MatchLabelKeys and LabelSelector. Also, + MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key notin (value)` to + select the group of existing pods which pods will + be taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MismatchLabelKeys and LabelSelector. Also, + MismatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key in (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires enabling + MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key notin (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MismatchLabelKeys and + LabelSelector. Also, MismatchLabelKeys cannot be set + when LabelSelector isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + failedJobsHistoryLimit: + description: failedJobsHistoryLimit specifies how many failed image + pruner jobs to retain. Defaults to 3 if not set. + format: int32 + type: integer + ignoreInvalidImageReferences: + description: ignoreInvalidImageReferences indicates whether the pruner + can ignore errors while parsing image references. + type: boolean + keepTagRevisions: + description: keepTagRevisions specifies the number of image revisions + for a tag in an image stream that will be preserved. Defaults to + 3. + type: integer + keepYoungerThan: + description: 'keepYoungerThan specifies the minimum age in nanoseconds + of an image and its referrers for it to be considered a candidate + for pruning. DEPRECATED: This field is deprecated in favor of keepYoungerThanDuration. + If both are set, this field is ignored and keepYoungerThanDuration + takes precedence.' + format: int64 + type: integer + keepYoungerThanDuration: + description: keepYoungerThanDuration specifies the minimum age of + an image and its referrers for it to be considered a candidate for + pruning. Defaults to 60m (60 minutes). + format: duration + type: string + logLevel: + default: Normal + description: "logLevel sets the level of log output for the pruner + job. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". + Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + nodeSelector: + additionalProperties: + type: string + description: nodeSelector defines the node selection constraints for + the image pruner pod. + type: object + resources: + description: resources defines the resource requests and limits for + the image pruner pod. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + schedule: + description: 'schedule specifies when to execute the job using standard + cronjob syntax: https://wikipedia.org/wiki/Cron. Defaults to `0 + 0 * * *`.' + type: string + successfulJobsHistoryLimit: + description: successfulJobsHistoryLimit specifies how many successful + image pruner jobs to retain. Defaults to 3 if not set. + format: int32 + type: integer + suspend: + description: suspend specifies whether or not to suspend subsequent + executions of this cronjob. Defaults to false. + type: boolean + tolerations: + description: tolerations defines the node tolerations for the image + pruner pod. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + status: + description: ImagePrunerStatus reports image pruner operational status. + properties: + conditions: + description: conditions is a list of conditions and their status. + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change that + has been applied. + format: int64 + type: integer + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/imageregistry/v1/stable.config.testsuite.yaml b/vendor/github.com/openshift/api/imageregistry/v1/stable.config.testsuite.yaml index 963bb98092..9d64cece98 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/stable.config.testsuite.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/stable.config.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Config" -crd: 00_configs.crd.yaml +crd: 00_imageregistry.crd.yaml tests: onCreate: - name: Should be able to create a minimal Config diff --git a/vendor/github.com/openshift/api/imageregistry/v1/stable.imagepruner.testsuite.yaml b/vendor/github.com/openshift/api/imageregistry/v1/stable.imagepruner.testsuite.yaml index 6ae3f77c12..53c055cb20 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/stable.imagepruner.testsuite.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/stable.imagepruner.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ImagePruner" -crd: 01_imagepruners.crd.yaml +crd: 01_imagepruner.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImagePruner diff --git a/vendor/github.com/openshift/api/imageregistry/v1/types.go b/vendor/github.com/openshift/api/imageregistry/v1/types.go index aecdc8a3ed..840ac74c92 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/types.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/types.go @@ -39,11 +39,6 @@ const ( // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=configs,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/519 -// +openshift:file-pattern=operatorOrdering=00 type Config struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go b/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go index 43aa2b5cf9..3c4b6c51c6 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go @@ -33,11 +33,6 @@ type ImagePrunerList struct { // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=imagepruners,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/555 -// +openshift:file-pattern=operatorOrdering=01 type ImagePruner struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 95613c7ae2..0000000000 --- a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,42 +0,0 @@ -configs.imageregistry.operator.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/519 - CRDName: configs.imageregistry.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: imageregistry.operator.openshift.io - HasStatus: true - KindName: Config - Labels: {} - PluralName: configs - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -imagepruners.imageregistry.operator.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/555 - CRDName: imagepruners.imageregistry.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "01" - FilenameRunLevel: "" - GroupName: imageregistry.operator.openshift.io - HasStatus: true - KindName: ImagePruner - Labels: {} - PluralName: imagepruners - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/machine/v1/0000_10_controlplanemachineset.crd.yaml b/vendor/github.com/openshift/api/machine/v1/0000_10_controlplanemachineset.crd.yaml new file mode 100644 index 0000000000..544a670696 --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1/0000_10_controlplanemachineset.crd.yaml @@ -0,0 +1,948 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1112 + api.openshift.io/merged-by-featuregates: "true" + capability.openshift.io/name: MachineAPI + exclude.release.openshift.io/internal-openshift-hosted: "true" + include.release.openshift.io/self-managed-high-availability: "true" + name: controlplanemachinesets.machine.openshift.io +spec: + group: machine.openshift.io + names: + kind: ControlPlaneMachineSet + listKind: ControlPlaneMachineSetList + plural: controlplanemachinesets + singular: controlplanemachineset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Desired Replicas + jsonPath: .spec.replicas + name: Desired + type: integer + - description: Current Replicas + jsonPath: .status.replicas + name: Current + type: integer + - description: Ready Replicas + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Updated Replicas + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Observed number of unavailable replicas + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + - description: ControlPlaneMachineSet state + jsonPath: .spec.state + name: State + type: string + - description: ControlPlaneMachineSet age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: 'ControlPlaneMachineSet ensures that a specified number of control + plane machine replicas are running at any given time. Compatibility level + 1: Stable within a major release for a minimum of 12 months or 3 minor releases + (whichever is longer).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ControlPlaneMachineSet represents the configuration of the + ControlPlaneMachineSet. + properties: + replicas: + default: 3 + description: Replicas defines how many Control Plane Machines should + be created by this ControlPlaneMachineSet. This field is immutable + and cannot be changed after cluster installation. The ControlPlaneMachineSet + only operates with 3 or 5 node control planes, 3 and 5 are the only + valid values for this field. + enum: + - 3 + - 5 + format: int32 + type: integer + x-kubernetes-validations: + - message: replicas is immutable + rule: self == oldSelf + selector: + description: Label selector for Machines. Existing Machines selected + by this selector will be the ones affected by this ControlPlaneMachineSet. + It must match the template's labels. This field is considered immutable + after creation of the resource. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + x-kubernetes-validations: + - message: selector is immutable + rule: self == oldSelf + state: + default: Inactive + description: State defines whether the ControlPlaneMachineSet is Active + or Inactive. When Inactive, the ControlPlaneMachineSet will not + take any action on the state of the Machines within the cluster. + When Active, the ControlPlaneMachineSet will reconcile the Machines + and will update the Machines as necessary. Once Active, a ControlPlaneMachineSet + cannot be made Inactive. To prevent further action please remove + the ControlPlaneMachineSet. + enum: + - Active + - Inactive + type: string + x-kubernetes-validations: + - message: state cannot be changed once Active + rule: oldSelf != 'Active' || self == oldSelf + strategy: + default: + type: RollingUpdate + description: Strategy defines how the ControlPlaneMachineSet will + update Machines when it detects a change to the ProviderSpec. + properties: + type: + default: RollingUpdate + description: Type defines the type of update strategy that should + be used when updating Machines owned by the ControlPlaneMachineSet. + Valid values are "RollingUpdate" and "OnDelete". The current + default value is "RollingUpdate". + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the Control Plane Machines that will + be created by this ControlPlaneMachineSet. + properties: + machineType: + description: MachineType determines the type of Machines that + should be managed by the ControlPlaneMachineSet. Currently, + the only valid value is machines_v1beta1_machine_openshift_io. + enum: + - machines_v1beta1_machine_openshift_io + type: string + machines_v1beta1_machine_openshift_io: + description: OpenShiftMachineV1Beta1Machine defines the template + for creating Machines from the v1beta1.machine.openshift.io + API group. + properties: + failureDomains: + description: FailureDomains is the list of failure domains + (sometimes called availability zones) in which the ControlPlaneMachineSet + should balance the Control Plane Machines. This will be + merged into the ProviderSpec given in the template. This + field is optional on platforms that do not require placement + information. + properties: + aws: + description: AWS configures failure domain information + for the AWS platform. + items: + description: AWSFailureDomain configures failure domain + information for the AWS platform. + minProperties: 1 + properties: + placement: + description: Placement configures the placement + information for this instance. + properties: + availabilityZone: + description: AvailabilityZone is the availability + zone of the instance. + type: string + required: + - availabilityZone + type: object + subnet: + description: Subnet is a reference to the subnet + to use for this instance. + properties: + arn: + description: ARN of resource. + type: string + filters: + description: Filters is a set of filters used + to identify a resource. + items: + description: AWSResourceFilter is a filter + used to identify an AWS resource + properties: + name: + description: Name of the filter. Filter + names are case-sensitive. + type: string + values: + description: Values includes one or more + filter values. Filter values are case-sensitive. + items: + type: string + type: array + required: + - name + type: object + type: array + id: + description: ID of resource. + type: string + type: + description: Type determines how the reference + will fetch the AWS resource. + enum: + - ID + - ARN + - Filters + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: id is required when type is ID, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''ID'' ? has(self.id) + : !has(self.id)' + - message: arn is required when type is ARN, and + forbidden otherwise + rule: 'has(self.type) && self.type == ''ARN'' + ? has(self.arn) : !has(self.arn)' + - message: filters is required when type is Filters, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Filters'' + ? has(self.filters) : !has(self.filters)' + type: object + type: array + azure: + description: Azure configures failure domain information + for the Azure platform. + items: + description: AzureFailureDomain configures failure domain + information for the Azure platform. + properties: + subnet: + description: subnet is the name of the network subnet + in which the VM will be created. When omitted, + the subnet value from the machine providerSpec + template will be used. + maxLength: 80 + pattern: ^[a-zA-Z0-9](?:[a-zA-Z0-9._-]*[a-zA-Z0-9_])?$ + type: string + zone: + description: Availability Zone for the virtual machine. + If nil, the virtual machine should be deployed + to no zone. + type: string + required: + - zone + type: object + type: array + gcp: + description: GCP configures failure domain information + for the GCP platform. + items: + description: GCPFailureDomain configures failure domain + information for the GCP platform + properties: + zone: + description: Zone is the zone in which the GCP machine + provider will create the VM. + type: string + required: + - zone + type: object + type: array + nutanix: + description: nutanix configures failure domain information + for the Nutanix platform. + items: + description: NutanixFailureDomainReference refers to + the failure domain of the Nutanix platform. + properties: + name: + description: name of the failure domain in which + the nutanix machine provider will create the VM. + Failure domains are defined in a cluster's config.openshift.io/Infrastructure + resource. + maxLength: 64 + minLength: 1 + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?' + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + openstack: + description: OpenStack configures failure domain information + for the OpenStack platform. + items: + description: OpenStackFailureDomain configures failure + domain information for the OpenStack platform. + minProperties: 1 + properties: + availabilityZone: + description: 'availabilityZone is the nova availability + zone in which the OpenStack machine provider will + create the VM. If not specified, the VM will be + created in the default availability zone specified + in the nova configuration. Availability zone names + must NOT contain : since it is used by admin users + to specify hosts where instances are launched + in server creation. Also, it must not contain + spaces otherwise it will lead to node that belongs + to this availability zone register failure, see + kubernetes/cloud-provider-openstack#1379 for further + information. The maximum length of availability + zone name is 63 as per labels limits.' + maxLength: 63 + minLength: 1 + pattern: '^[^: ]*$' + type: string + rootVolume: + description: rootVolume contains settings that will + be used by the OpenStack machine provider to create + the root volume attached to the VM. If not specified, + no root volume will be created. + properties: + availabilityZone: + description: availabilityZone specifies the + Cinder availability zone where the root volume + will be created. If not specifified, the root + volume will be created in the availability + zone specified by the volume type in the cinder + configuration. If the volume type (configured + in the OpenStack cluster) does not specify + an availability zone, the root volume will + be created in the default availability zone + specified in the cinder configuration. See + https://docs.openstack.org/cinder/latest/admin/availability-zone-type.html + for more details. If the OpenStack cluster + is deployed with the cross_az_attach configuration + option set to false, the root volume will + have to be in the same availability zone as + the VM (defined by OpenStackFailureDomain.AvailabilityZone). + Availability zone names must NOT contain spaces + otherwise it will lead to volume that belongs + to this availability zone register failure, + see kubernetes/cloud-provider-openstack#1379 + for further information. The maximum length + of availability zone name is 63 as per labels + limits. + maxLength: 63 + minLength: 1 + pattern: ^[^ ]*$ + type: string + volumeType: + description: volumeType specifies the type of + the root volume that will be provisioned. + The maximum length of a volume type name is + 255 characters, as per the OpenStack limit. + maxLength: 255 + minLength: 1 + type: string + required: + - volumeType + type: object + type: object + x-kubernetes-validations: + - message: rootVolume.availabilityZone is required when + availabilityZone is set + rule: '!has(self.availabilityZone) || !has(self.rootVolume) + || has(self.rootVolume.availabilityZone)' + type: array + platform: + description: Platform identifies the platform for which + the FailureDomain represents. Currently supported values + are AWS, Azure, GCP, OpenStack, VSphere and Nutanix. + enum: + - "" + - AWS + - Azure + - BareMetal + - GCP + - Libvirt + - OpenStack + - None + - VSphere + - oVirt + - IBMCloud + - KubeVirt + - EquinixMetal + - PowerVS + - AlibabaCloud + - Nutanix + - External + type: string + vsphere: + description: vsphere configures failure domain information + for the VSphere platform. + items: + description: VSphereFailureDomain configures failure + domain information for the vSphere platform + properties: + name: + description: name of the failure domain in which + the vSphere machine provider will create the VM. + Failure domains are defined in a cluster's config.openshift.io/Infrastructure + resource. When balancing machines across failure + domains, the control plane machine set will inject + configuration from the Infrastructure resource + into the machine providerSpec to allocate the + machine to a failure domain. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - platform + type: object + x-kubernetes-validations: + - message: aws configuration is required when platform is + AWS, and forbidden otherwise + rule: 'has(self.platform) && self.platform == ''AWS'' ? has(self.aws) + : !has(self.aws)' + - message: azure configuration is required when platform is + Azure, and forbidden otherwise + rule: 'has(self.platform) && self.platform == ''Azure'' + ? has(self.azure) : !has(self.azure)' + - message: gcp configuration is required when platform is + GCP, and forbidden otherwise + rule: 'has(self.platform) && self.platform == ''GCP'' ? has(self.gcp) + : !has(self.gcp)' + - message: openstack configuration is required when platform + is OpenStack, and forbidden otherwise + rule: 'has(self.platform) && self.platform == ''OpenStack'' + ? has(self.openstack) : !has(self.openstack)' + - message: vsphere configuration is required when platform + is VSphere, and forbidden otherwise + rule: 'has(self.platform) && self.platform == ''VSphere'' + ? has(self.vsphere) : !has(self.vsphere)' + - message: nutanix configuration is required when platform + is Nutanix, and forbidden otherwise + rule: 'has(self.platform) && self.platform == ''Nutanix'' + ? has(self.nutanix) : !has(self.nutanix)' + metadata: + description: 'ObjectMeta is the standard object metadata More + info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + Labels are required to match the ControlPlaneMachineSet + selector.' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels. + This field must contain both the ''machine.openshift.io/cluster-api-machine-role'' + and ''machine.openshift.io/cluster-api-machine-type'' + labels, both with a value of ''master''. It must also + contain a label with the key ''machine.openshift.io/cluster-api-cluster''.' + type: object + x-kubernetes-validations: + - message: label 'machine.openshift.io/cluster-api-machine-role' + is required, and must have value 'master' + rule: '''machine.openshift.io/cluster-api-machine-role'' + in self && self[''machine.openshift.io/cluster-api-machine-role''] + == ''master''' + - message: label 'machine.openshift.io/cluster-api-machine-type' + is required, and must have value 'master' + rule: '''machine.openshift.io/cluster-api-machine-type'' + in self && self[''machine.openshift.io/cluster-api-machine-type''] + == ''master''' + - message: label 'machine.openshift.io/cluster-api-cluster' + is required + rule: '''machine.openshift.io/cluster-api-cluster'' + in self' + required: + - labels + type: object + spec: + description: Spec contains the desired configuration of the + Control Plane Machines. The ProviderSpec within contains + platform specific details for creating the Control Plane + Machines. The ProviderSe should be complete apart from the + platform specific failure domain field. This will be overriden + when the Machines are created based on the FailureDomains + field. + properties: + lifecycleHooks: + description: LifecycleHooks allow users to pause operations + on the machine at certain predefined points within the + machine lifecycle. + properties: + preDrain: + description: PreDrain hooks prevent the machine from + being drained. This also blocks further lifecycle + events, such as termination. + items: + description: LifecycleHook represents a single instance + of a lifecycle hook + properties: + name: + description: Name defines a unique name for + the lifcycle hook. The name should be unique + and descriptive, ideally 1-3 words, in CamelCase + or it may be namespaced, eg. foo.example.com/CamelCase. + Names must be unique and should only be managed + by a single entity. + maxLength: 256 + minLength: 3 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + owner: + description: Owner defines the owner of the + lifecycle hook. This should be descriptive + enough so that users can identify who/what + is responsible for blocking the lifecycle. + This could be the name of a controller (e.g. + clusteroperator/etcd) or an administrator + managing the hook. + maxLength: 512 + minLength: 3 + type: string + required: + - name + - owner + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + preTerminate: + description: PreTerminate hooks prevent the machine + from being terminated. PreTerminate hooks be actioned + after the Machine has been drained. + items: + description: LifecycleHook represents a single instance + of a lifecycle hook + properties: + name: + description: Name defines a unique name for + the lifcycle hook. The name should be unique + and descriptive, ideally 1-3 words, in CamelCase + or it may be namespaced, eg. foo.example.com/CamelCase. + Names must be unique and should only be managed + by a single entity. + maxLength: 256 + minLength: 3 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + owner: + description: Owner defines the owner of the + lifecycle hook. This should be descriptive + enough so that users can identify who/what + is responsible for blocking the lifecycle. + This could be the name of a controller (e.g. + clusteroperator/etcd) or an administrator + managing the hook. + maxLength: 512 + minLength: 3 + type: string + required: + - name + - owner + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + metadata: + description: ObjectMeta will autopopulate the Node created. + Use this to indicate what labels, annotations, name + prefix, etc., should be used when creating the Node. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. + They are not queryable and should be preserved when + modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, + used by the server, to generate a unique name ONLY + IF the Name field has not been provided. If this + field is used, the name returned to the client will + be different than the name passed. This value will + also be combined with a unique suffix. The provided + value has the same validation rules as the Name + field, and may be truncated by the length of the + suffix required to make the value unique on the + server. \n If this field is specified and the generated + name exists, the server will NOT return a 409 - + instead, it will either return 201 Created or 500 + with Reason ServerTimeout indicating a unique name + could not be found in the time allotted, and the + client should retry (optionally after the time indicated + in the Retry-After header). \n Applied only if Name + is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency" + type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. + Is required when creating resources, although some + resources may allow a client to request the generation + of an appropriate name automatically. Name is primarily + intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each + name must be unique. An empty namespace is equivalent + to the \"default\" namespace, but \"default\" is + the canonical representation. Not all objects are + required to be scoped to a namespace - the value + of this field for those objects will be empty. \n + Must be a DNS_LABEL. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. + If ALL objects in the list have been deleted, this + object will be garbage collected. If this object + is managed by a controller, then an entry in this + list will point to this controller, with the controller + field set to true. There cannot be more than one + managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. An owning + object must be in the same namespace as the dependent, + or be cluster-scoped, so there is no namespace + field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the + "foregroundDeletion" finalizer, then the owner + cannot be deleted from the key-value store + until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with + this field and enforces the foreground deletion. + Defaults to false. To set this field, a user + needs "delete" permission of the owner, otherwise + 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points + to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + type: object + providerID: + description: ProviderID is the identification ID of the + machine provided by the provider. This field must match + the provider ID as seen on the node object corresponding + to this machine. This field is required by higher level + consumers of cluster-api. Example use case is cluster + autoscaler with cluster-api as provider. Clean-up logic + in the autoscaler compares machines to nodes to find + out machines at provider which could not get registered + as Kubernetes nodes. With cluster-api as a generic out-of-tree + provider for autoscaler, this field is required by autoscaler + to be able to have a provider view of the list of machines. + Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered + machines and are marked for delete. This field will + be set by the actuators and consumed by higher level + entities like autoscaler that will be interfacing with + cluster-api as generic provider. + type: string + providerSpec: + description: ProviderSpec details Provider-specific configuration + to use during node creation. + properties: + value: + description: Value is an inlined, serialized representation + of the resource configuration. It is recommended + that providers maintain their own versioned API + types that should be serialized/deserialized from + this field, akin to component config. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + taints: + description: The list of the taints to be applied to the + corresponding Node in additive manner. This list will + not overwrite any other taints added to the Node on + an ongoing basis by other entities. These taints should + be actively reconciled e.g. if you ask the machine controller + to apply a taint and then manually remove the taint + the machine controller will put it back) but not have + the machine controller remove any taints + items: + description: The node this Taint is attached to has + the "effect" on any pod that does not tolerate the + Taint. + properties: + effect: + description: Required. The effect of the taint on + pods that do not tolerate the taint. Valid effects + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which + the taint was added. It is only written for NoExecute + taints. + format: date-time + type: string + value: + description: The taint value corresponding to the + taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + required: + - metadata + - spec + type: object + required: + - machineType + type: object + x-kubernetes-validations: + - message: machines_v1beta1_machine_openshift_io configuration is + required when machineType is machines_v1beta1_machine_openshift_io, + and forbidden otherwise + rule: 'has(self.machineType) && self.machineType == ''machines_v1beta1_machine_openshift_io'' + ? has(self.machines_v1beta1_machine_openshift_io) : !has(self.machines_v1beta1_machine_openshift_io)' + required: + - replicas + - selector + - template + type: object + status: + description: ControlPlaneMachineSetStatus represents the status of the + ControlPlaneMachineSet CRD. + properties: + conditions: + description: 'Conditions represents the observations of the ControlPlaneMachineSet''s + current state. Known .status.conditions.type are: Available, Degraded + and Progressing.' + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this ControlPlaneMachineSet. It corresponds to the ControlPlaneMachineSets's + generation, which is updated on mutation by the API Server. + format: int64 + type: integer + readyReplicas: + description: ReadyReplicas is the number of Control Plane Machines + created by the ControlPlaneMachineSet controller which are ready. + Note that this value may be higher than the desired number of replicas + while rolling updates are in-progress. + format: int32 + type: integer + replicas: + description: Replicas is the number of Control Plane Machines created + by the ControlPlaneMachineSet controller. Note that during update + operations this value may differ from the desired replica count. + format: int32 + type: integer + unavailableReplicas: + description: UnavailableReplicas is the number of Control Plane Machines + that are still required before the ControlPlaneMachineSet reaches + the desired available capacity. When this value is non-zero, the + number of ReadyReplicas is less than the desired Replicas. + format: int32 + type: integer + updatedReplicas: + description: UpdatedReplicas is the number of non-terminated Control + Plane Machines created by the ControlPlaneMachineSet controller + that have the desired provider spec and are ready. This value is + set to 0 when a change is detected to the desired spec. When the + update strategy is RollingUpdate, this will also coincide with starting + the process of updating the Machines. When the update strategy is + OnDelete, this value will remain at 0 until a user deletes an existing + replica and its replacement has become ready. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.labelSelector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} diff --git a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.aws.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.aws.testsuite.yaml index fdabe1c345..07a5ec7c13 100644 --- a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.aws.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.aws.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ControlPlaneMachineSet (AWS)" -crd: 0000_10_control-plane-machine-set_01_controlplanemachinesets.crd.yaml +crd: 0000_10_controlplanemachineset.crd.yaml tests: onCreate: - name: Should reject an AWS platform failure domain without any AWS config diff --git a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.azure.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.azure.testsuite.yaml index 2d72dd9ade..191bf65f2e 100644 --- a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.azure.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.azure.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ControlPlaneMachineSet" -crd: 0000_10_control-plane-machine-set_01_controlplanemachinesets.crd.yaml +crd: 0000_10_controlplanemachineset.crd.yaml tests: onCreate: - name: Should reject an Azure platform failure domain without any Azure config diff --git a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.gcp.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.gcp.testsuite.yaml index bfd35b158c..518625f915 100644 --- a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.gcp.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.gcp.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ControlPlaneMachineSet" -crd: 0000_10_control-plane-machine-set_01_controlplanemachinesets.crd.yaml +crd: 0000_10_controlplanemachineset.crd.yaml tests: onCreate: - name: Should reject an GCP platform failure domain without any GCP config diff --git a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.openstack.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.openstack.testsuite.yaml index 72590babe9..a09de51e0f 100644 --- a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.openstack.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.openstack.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ControlPlaneMachineSet" -crd: 0000_10_control-plane-machine-set_01_controlplanemachinesets.crd.yaml +crd: 0000_10_controlplanemachineset.crd.yaml tests: onCreate: - name: Should reject an OpenStack platform failure domain without any OpenStack config diff --git a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.testsuite.yaml index cb877e31b7..bd105cad9c 100644 --- a/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1/stable.controlplanemachineset.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ControlPlaneMachineSet" -crd: 0000_10_control-plane-machine-set_01_controlplanemachinesets.crd.yaml +crd: 0000_10_controlplanemachineset.crd.yaml tests: onCreate: - name: Should reject an VSphere platform failure domain without any VSphere config diff --git a/vendor/github.com/openshift/api/machine/v1/types_controlplanemachineset.go b/vendor/github.com/openshift/api/machine/v1/types_controlplanemachineset.go index a2e7ae03e1..2b294d09c0 100644 --- a/vendor/github.com/openshift/api/machine/v1/types_controlplanemachineset.go +++ b/vendor/github.com/openshift/api/machine/v1/types_controlplanemachineset.go @@ -21,7 +21,7 @@ import ( // +kubebuilder:printcolumn:name="State",type="string",JSONPath=".spec.state",description="ControlPlaneMachineSet state" // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="ControlPlaneMachineSet age" // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1112 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=control-plane-machine-set,operatorOrdering=01 +// +openshift:file-pattern=0000_10_controlplanemachinesetMARKERS.crd.yaml // +openshift:capability=MachineAPI // +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true diff --git a/vendor/github.com/openshift/api/machine/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machine/v1/zz_generated.featuregated-crd-manifests.yaml index 258caa113b..35d057b729 100644 --- a/vendor/github.com/openshift/api/machine/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machine/v1/zz_generated.featuregated-crd-manifests.yaml @@ -7,9 +7,6 @@ controlplanemachinesets.machine.openshift.io: Capability: MachineAPI Category: "" FeatureGates: [] - FilenameOperatorName: control-plane-machine-set - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: machine.openshift.io HasStatus: true KindName: ControlPlaneMachineSet @@ -45,7 +42,8 @@ controlplanemachinesets.machine.openshift.io: name: Age type: date Scope: Namespaced - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_controlplanemachinesetMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machine.crd.yaml b/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machine.crd.yaml new file mode 100644 index 0000000000..8d8a95af98 --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machine.crd.yaml @@ -0,0 +1,492 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/948 + capability.openshift.io/name: MachineAPI + exclude.release.openshift.io/internal-openshift-hosted: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: machines.machine.openshift.io +spec: + group: machine.openshift.io + names: + kind: Machine + listKind: MachineList + plural: machines + singular: machine + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Phase of machine + jsonPath: .status.phase + name: Phase + type: string + - description: Type of instance + jsonPath: .metadata.labels['machine\.openshift\.io/instance-type'] + name: Type + type: string + - description: Region associated with machine + jsonPath: .metadata.labels['machine\.openshift\.io/region'] + name: Region + type: string + - description: Zone associated with machine + jsonPath: .metadata.labels['machine\.openshift\.io/zone'] + name: Zone + type: string + - description: Machine age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Node associated with machine + jsonPath: .status.nodeRef.name + name: Node + priority: 1 + type: string + - description: Provider ID of machine created in cloud provider + jsonPath: .spec.providerID + name: ProviderID + priority: 1 + type: string + - description: State of instance + jsonPath: .metadata.annotations['machine\.openshift\.io/instance-state'] + name: State + priority: 1 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: 'Machine is the Schema for the machines API Compatibility level + 2: Stable within a major release for a minimum of 9 months or 3 minor releases + (whichever is longer).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine + properties: + lifecycleHooks: + description: LifecycleHooks allow users to pause operations on the + machine at certain predefined points within the machine lifecycle. + properties: + preDrain: + description: PreDrain hooks prevent the machine from being drained. + This also blocks further lifecycle events, such as termination. + items: + description: LifecycleHook represents a single instance of a + lifecycle hook + properties: + name: + description: Name defines a unique name for the lifcycle + hook. The name should be unique and descriptive, ideally + 1-3 words, in CamelCase or it may be namespaced, eg. foo.example.com/CamelCase. + Names must be unique and should only be managed by a single + entity. + maxLength: 256 + minLength: 3 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + owner: + description: Owner defines the owner of the lifecycle hook. + This should be descriptive enough so that users can identify + who/what is responsible for blocking the lifecycle. This + could be the name of a controller (e.g. clusteroperator/etcd) + or an administrator managing the hook. + maxLength: 512 + minLength: 3 + type: string + required: + - name + - owner + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + preTerminate: + description: PreTerminate hooks prevent the machine from being + terminated. PreTerminate hooks be actioned after the Machine + has been drained. + items: + description: LifecycleHook represents a single instance of a + lifecycle hook + properties: + name: + description: Name defines a unique name for the lifcycle + hook. The name should be unique and descriptive, ideally + 1-3 words, in CamelCase or it may be namespaced, eg. foo.example.com/CamelCase. + Names must be unique and should only be managed by a single + entity. + maxLength: 256 + minLength: 3 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + owner: + description: Owner defines the owner of the lifecycle hook. + This should be descriptive enough so that users can identify + who/what is responsible for blocking the lifecycle. This + could be the name of a controller (e.g. clusteroperator/etcd) + or an administrator managing the hook. + maxLength: 512 + minLength: 3 + type: string + required: + - name + - owner + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + metadata: + description: ObjectMeta will autopopulate the Node created. Use this + to indicate what labels, annotations, name prefix, etc., should + be used when creating the Node. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by the + server, to generate a unique name ONLY IF the Name field has + not been provided. If this field is used, the name returned + to the client will be different than the name passed. This value + will also be combined with a unique suffix. The provided value + has the same validation rules as the Name field, and may be + truncated by the length of the suffix required to make the value + unique on the server. \n If this field is specified and the + generated name exists, the server will NOT return a 409 - instead, + it will either return 201 Created or 500 with Reason ServerTimeout + indicating a unique name could not be found in the time allotted, + and the client should retry (optionally after the time indicated + in the Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency" + type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a + client to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must + be unique. An empty namespace is equivalent to the \"default\" + namespace, but \"default\" is the canonical representation. + Not all objects are required to be scoped to a namespace - the + value of this field for those objects will be empty. \n Must + be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in + this list will point to this controller, with the controller + field set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. An owning object must be in + the same namespace as the dependent, or be cluster-scoped, + so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this field + and enforces the foreground deletion. Defaults to false. + To set this field, a user needs "delete" permission of + the owner, otherwise 422 (Unprocessable Entity) will be + returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + providerID: + description: ProviderID is the identification ID of the machine provided + by the provider. This field must match the provider ID as seen on + the node object corresponding to this machine. This field is required + by higher level consumers of cluster-api. Example use case is cluster + autoscaler with cluster-api as provider. Clean-up logic in the autoscaler + compares machines to nodes to find out machines at provider which + could not get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field is required + by autoscaler to be able to have a provider view of the list of + machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines + and are marked for delete. This field will be set by the actuators + and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + providerSpec: + description: ProviderSpec details Provider-specific configuration + to use during node creation. + properties: + value: + description: Value is an inlined, serialized representation of + the resource configuration. It is recommended that providers + maintain their own versioned API types that should be serialized/deserialized + from this field, akin to component config. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + taints: + description: The list of the taints to be applied to the corresponding + Node in additive manner. This list will not overwrite any other + taints added to the Node on an ongoing basis by other entities. + These taints should be actively reconciled e.g. if you ask the machine + controller to apply a taint and then manually remove the taint the + machine controller will put it back) but not have the machine controller + remove any taints + items: + description: The node this Taint is attached to has the "effect" + on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that + do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint + was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + status: + description: MachineStatus defines the observed state of Machine + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. + Queried from cloud provider, if available. + items: + description: NodeAddress contains information for the node's address. + properties: + address: + description: The node address. + type: string + type: + description: Node address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions defines the current state of the Machine + items: + description: Condition defines an observation of a Machine API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + type: object + type: array + errorMessage: + description: "ErrorMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. \n This + field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the Machine's spec or the configuration of the controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the controller, or the responsible controller + itself being critically misconfigured. \n Any transient errors that + occur during the reconciliation of Machines can be added as events + to the Machine object and/or logged in the controller's output." + type: string + errorReason: + description: "ErrorReason will be set in the event that there is a + terminal problem reconciling the Machine and will contain a succinct + value suitable for machine interpretation. \n This field should + not be set for transitive errors that a controller faces that are + expected to be fixed automatically over time (like service outages), + but instead indicate that something is fundamentally wrong with + the Machine's spec or the configuration of the controller, and that + manual intervention is required. Examples of terminal errors would + be invalid combinations of settings in the spec, values that are + unsupported by the controller, or the responsible controller itself + being critically misconfigured. \n Any transient errors that occur + during the reconciliation of Machines can be added as events to + the Machine object and/or logged in the controller's output." + type: string + lastOperation: + description: LastOperation describes the last-operation performed + by the machine-controller. This API should be useful as a history + in terms of the latest operation performed on the specific machine. + It should also convey the state of the latest-operation for example + if it is still on-going, failed or completed successfully. + properties: + description: + description: Description is the human-readable description of + the last operation. + type: string + lastUpdated: + description: LastUpdated is the timestamp at which LastOperation + API was last-updated. + format: date-time + type: string + state: + description: State is the current status of the last performed + operation. E.g. Processing, Failed, Successful etc + type: string + type: + description: Type is the type of operation which was last performed. + E.g. Create, Delete, Update etc + type: string + type: object + lastUpdated: + description: LastUpdated identifies when this status was last observed. + format: date-time + type: string + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + phase: + description: 'Phase represents the current phase of machine actuation. + One of: Failed, Provisioning, Provisioned, Running, Deleting' + type: string + providerStatus: + description: ProviderStatus details a Provider-specific status. It + is recommended that providers maintain their own versioned API types + that should be serialized/deserialized from this field. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machinehealthcheck.yaml b/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machinehealthcheck.yaml new file mode 100644 index 0000000000..86b3f81109 --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machinehealthcheck.yaml @@ -0,0 +1,270 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1032 + capability.openshift.io/name: MachineAPI + exclude.release.openshift.io/internal-openshift-hosted: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + creationTimestamp: null + name: machinehealthchecks.machine.openshift.io +spec: + group: machine.openshift.io + names: + kind: MachineHealthCheck + listKind: MachineHealthCheckList + plural: machinehealthchecks + shortNames: + - mhc + - mhcs + singular: machinehealthcheck + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: 'MachineHealthCheck is the Schema for the machinehealthchecks + API Compatibility level 2: Stable within a major release for a minimum of + 9 months or 3 minor releases (whichever is longer).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + maxUnhealthy: + anyOf: + - type: integer + - type: string + default: 100% + description: Any farther remediation is only allowed if at most "MaxUnhealthy" + machines selected by "selector" are not healthy. Expects either + a postive integer value or a percentage value. Percentage values + must be positive whole numbers and are capped at 100%. Both 0 and + 0% are valid and will block all remediation. + pattern: ^((100|[0-9]{1,2})%|[0-9]+)$ + x-kubernetes-int-or-string: true + nodeStartupTimeout: + default: 10m + description: Machines older than this duration without a node will + be considered to have failed and will be remediated. To prevent + Machines without Nodes from being removed, disable startup checks + by setting this value explicitly to "0". Expects an unsigned duration + string of decimal numbers each with optional fraction and a unit + suffix, eg "300ms", "1.5h" or "2h45m". Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + pattern: ^0|([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This field is + completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off + remediation of the machine to a controller that lives outside of + Machine API Operator." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: 'Label selector to match machines whose health will be + exercised. Note: An empty selector will match all machines.' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The conditions + are combined in a logical OR, i.e. if any of the conditions is met, + the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type + and value with a timeout specified as a duration. When the named + condition has been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + description: Expects an unsigned duration string of decimal + numbers each with optional fraction and a unit suffix, eg + "300ms", "1.5h" or "2h45m". Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ + type: string + type: + minLength: 1 + type: string + type: object + minItems: 1 + type: array + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines the current state of the MachineHealthCheck + items: + description: Condition defines an observation of a Machine API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + type: object + type: array + currentHealthy: + description: total number of machines counted by this machine health + check + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health + check + minimum: 0 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations + allowed by this machine health check before maxUnhealthy short circuiting + will be applied + format: int32 + minimum: 0 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machineset.crd.yaml b/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machineset.crd.yaml new file mode 100644 index 0000000000..b191293ea5 --- /dev/null +++ b/vendor/github.com/openshift/api/machine/v1beta1/0000_10_machineset.crd.yaml @@ -0,0 +1,562 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1032 + capability.openshift.io/name: MachineAPI + exclude.release.openshift.io/internal-openshift-hosted: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + creationTimestamp: null + name: machinesets.machine.openshift.io +spec: + group: machine.openshift.io + names: + kind: MachineSet + listKind: MachineSetList + plural: machinesets + singular: machineset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Desired Replicas + jsonPath: .spec.replicas + name: Desired + type: integer + - description: Current Replicas + jsonPath: .status.replicas + name: Current + type: integer + - description: Ready Replicas + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Observed number of available replicas + jsonPath: .status.availableReplicas + name: Available + type: string + - description: Machineset age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: 'MachineSet ensures that a specified number of machines replicas + are running at any given time. Compatibility level 2: Stable within a major + release for a minimum of 9 months or 3 minor releases (whichever is longer).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet + properties: + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes + to delete when downscaling. Defaults to "Random". Valid values + are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for + which a newly created machine should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) + format: int32 + type: integer + replicas: + default: 1 + description: Replicas is the number of desired replicas. This is a + pointer to distinguish between explicit zero and unspecified. Defaults + to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should + match the replica count. Label keys and values that must match in + order to be controlled by this MachineSet. It must match the machine + template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that + will be created if insufficient replicas are detected. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by + the server, to generate a unique name ONLY IF the Name field + has not been provided. If this field is used, the name returned + to the client will be different than the name passed. This + value will also be combined with a unique suffix. The provided + value has the same validation rules as the Name field, and + may be truncated by the length of the suffix required to + make the value unique on the server. \n If this field is + specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created + or 500 with Reason ServerTimeout indicating a unique name + could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the + Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency" + type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow + a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence + and configuration definition. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name + must be unique. An empty namespace is equivalent to the + \"default\" namespace, but \"default\" is the canonical + representation. Not all objects are required to be scoped + to a namespace - the value of this field for those objects + will be empty. \n Must be a DNS_LABEL. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL + objects in the list have been deleted, this object will + be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, + with the controller field set to true. There cannot be more + than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or be + cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the + key-value store until this reference is removed. See + https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this + field and enforces the foreground deletion. Defaults + to false. To set this field, a user needs "delete" + permission of the owner, otherwise 422 (Unprocessable + Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + lifecycleHooks: + description: LifecycleHooks allow users to pause operations + on the machine at certain predefined points within the machine + lifecycle. + properties: + preDrain: + description: PreDrain hooks prevent the machine from being + drained. This also blocks further lifecycle events, + such as termination. + items: + description: LifecycleHook represents a single instance + of a lifecycle hook + properties: + name: + description: Name defines a unique name for the + lifcycle hook. The name should be unique and descriptive, + ideally 1-3 words, in CamelCase or it may be namespaced, + eg. foo.example.com/CamelCase. Names must be unique + and should only be managed by a single entity. + maxLength: 256 + minLength: 3 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + owner: + description: Owner defines the owner of the lifecycle + hook. This should be descriptive enough so that + users can identify who/what is responsible for + blocking the lifecycle. This could be the name + of a controller (e.g. clusteroperator/etcd) or + an administrator managing the hook. + maxLength: 512 + minLength: 3 + type: string + required: + - name + - owner + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + preTerminate: + description: PreTerminate hooks prevent the machine from + being terminated. PreTerminate hooks be actioned after + the Machine has been drained. + items: + description: LifecycleHook represents a single instance + of a lifecycle hook + properties: + name: + description: Name defines a unique name for the + lifcycle hook. The name should be unique and descriptive, + ideally 1-3 words, in CamelCase or it may be namespaced, + eg. foo.example.com/CamelCase. Names must be unique + and should only be managed by a single entity. + maxLength: 256 + minLength: 3 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + owner: + description: Owner defines the owner of the lifecycle + hook. This should be descriptive enough so that + users can identify who/what is responsible for + blocking the lifecycle. This could be the name + of a controller (e.g. clusteroperator/etcd) or + an administrator managing the hook. + maxLength: 512 + minLength: 3 + type: string + required: + - name + - owner + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + metadata: + description: ObjectMeta will autopopulate the Node created. + Use this to indicate what labels, annotations, name prefix, + etc., should be used when creating the Node. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used + by the server, to generate a unique name ONLY IF the + Name field has not been provided. If this field is used, + the name returned to the client will be different than + the name passed. This value will also be combined with + a unique suffix. The provided value has the same validation + rules as the Name field, and may be truncated by the + length of the suffix required to make the value unique + on the server. \n If this field is specified and the + generated name exists, the server will NOT return a + 409 - instead, it will either return 201 Created or + 500 with Reason ServerTimeout indicating a unique name + could not be found in the time allotted, and the client + should retry (optionally after the time indicated in + the Retry-After header). \n Applied only if Name is + not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency" + type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. + Is required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be + updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each + name must be unique. An empty namespace is equivalent + to the \"default\" namespace, but \"default\" is the + canonical representation. Not all objects are required + to be scoped to a namespace - the value of this field + for those objects will be empty. \n Must be a DNS_LABEL. + Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. + If ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed + by a controller, then an entry in this list will point + to this controller, with the controller field set to + true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or + be cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this + field and enforces the foreground deletion. Defaults + to false. To set this field, a user needs "delete" + permission of the owner, otherwise 422 (Unprocessable + Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + providerSpec: + description: ProviderSpec details Provider-specific configuration + to use during node creation. + properties: + value: + description: Value is an inlined, serialized representation + of the resource configuration. It is recommended that + providers maintain their own versioned API types that + should be serialized/deserialized from this field, akin + to component config. + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + taints: + description: The list of the taints to be applied to the corresponding + Node in additive manner. This list will not overwrite any + other taints added to the Node on an ongoing basis by other + entities. These taints should be actively reconciled e.g. + if you ask the machine controller to apply a taint and then + manually remove the taint the machine controller will put + it back) but not have the machine controller remove any + taints + items: + description: The node this Taint is attached to has the + "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods + that do not tolerate the taint. Valid effects are + NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to + a node. + type: string + timeAdded: + description: TimeAdded represents the time at which + the taint was added. It is only written for NoExecute + taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint + key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachineSet. + format: int32 + type: integer + errorMessage: + type: string + errorReason: + description: "In the event that there is a terminal problem reconciling + the replicas, both ErrorReason and ErrorMessage will be set. ErrorReason + will be populated with a succinct value suitable for machine interpretation, + while ErrorMessage will contain a more verbose string suitable for + logging and human consumption. \n These fields should not be set + for transitive errors that a controller faces that are expected + to be fixed automatically over time (like service outages), but + instead indicate that something is fundamentally wrong with the + MachineTemplate's spec or the configuration of the machine controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the machine controller, or the responsible machine + controller itself being critically misconfigured. \n Any transient + errors that occur during the reconciliation of Machines can be added + as events to the MachineSet object and/or logged in the controller's + output." + type: string + fullyLabeledReplicas: + description: The number of replicas that have labels matching the + labels of the machine template of the MachineSet. + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed MachineSet. + format: int64 + type: integer + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine + is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.labelSelector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/machine/v1beta1/stable.machine.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1beta1/stable.machine.testsuite.yaml index ee3a63686f..2a7e0d62c6 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/stable.machine.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1beta1/stable.machine.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Machine" -crd: 0000_10_machine-api_01_machines.crd.yaml +crd: 0000_10_machine.crd.yaml tests: onCreate: - name: Should be able to create a minimal Machine diff --git a/vendor/github.com/openshift/api/machine/v1beta1/stable.machinehealthcheck.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1beta1/stable.machinehealthcheck.testsuite.yaml index 9689040312..703bcdef1d 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/stable.machinehealthcheck.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1beta1/stable.machinehealthcheck.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] MachineHealthCheck" -crd: 0000_10_machine-api_01_machinehealthchecks.crd.yaml +crd: 0000_10_machinehealthcheck.yaml tests: onCreate: - name: Should be able to create a minimal MachineHealthCheck diff --git a/vendor/github.com/openshift/api/machine/v1beta1/stable.machineset.testsuite.yaml b/vendor/github.com/openshift/api/machine/v1beta1/stable.machineset.testsuite.yaml index 3e10fc0d84..f4dbda11be 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/stable.machineset.testsuite.yaml +++ b/vendor/github.com/openshift/api/machine/v1beta1/stable.machineset.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] MachineSet" -crd: 0000_10_machine-api_01_machinesets.crd.yaml +crd: 0000_10_machineset.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineSet diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go index 8fbe7859b5..3f4b128937 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machine.go @@ -176,15 +176,7 @@ const ( // Machine is the Schema for the machines API // +k8s:openapi-gen=true -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machines,scope=Namespaced // +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/948 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=machine-api,operatorOrdering=01 -// +openshift:capability=MachineAPI -// +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/self-managed-high-availability=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/single-node-developer=true" // +kubebuilder:printcolumn:name="Phase",type="string",JSONPath=".status.phase",description="Phase of machine" // +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".metadata.labels['machine\\.openshift\\.io/instance-type']",description="Type of instance" // +kubebuilder:printcolumn:name="Region",type="string",JSONPath=".metadata.labels['machine\\.openshift\\.io/region']",description="Region associated with machine" diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go index 3f166a9b9f..1ad80fe25a 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machinehealthcheck.go @@ -13,15 +13,8 @@ type RemediationStrategyType string // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // MachineHealthCheck is the Schema for the machinehealthchecks API -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machinehealthchecks,scope=Namespaced,shortName=mhc;mhcs // +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1032 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=machine-api,operatorOrdering=01 -// +openshift:capability=MachineAPI -// +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/self-managed-high-availability=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/single-node-developer=true" +// +kubebuilder:resource:shortName=mhc;mhcs // +k8s:openapi-gen=true // +kubebuilder:printcolumn:name="MaxUnhealthy",type="string",JSONPath=".spec.maxUnhealthy",description="Maximum number of unhealthy machines allowed" // +kubebuilder:printcolumn:name="ExpectedMachines",type="integer",JSONPath=".status.expectedMachines",description="Number of machines currently monitored" diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go index 153477137e..fb5afebc1b 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go @@ -9,15 +9,7 @@ import ( // MachineSet ensures that a specified number of machines replicas are running at any given time. // +k8s:openapi-gen=true -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machinesets,scope=Namespaced // +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1032 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=machine-api,operatorOrdering=01 -// +openshift:capability=MachineAPI -// +kubebuilder:metadata:annotations="exclude.release.openshift.io/internal-openshift-hosted=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/self-managed-high-availability=true" -// +kubebuilder:metadata:annotations="include.release.openshift.io/single-node-developer=true" // +kubebuilder:subresource:scale:specpath=.spec.replicas,statuspath=.status.replicas,selectorpath=.status.labelSelector // +kubebuilder:printcolumn:name="Desired",type="integer",JSONPath=".spec.replicas",description="Desired Replicas" // +kubebuilder:printcolumn:name="Current",type="integer",JSONPath=".status.replicas",description="Current Replicas" diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 61f304ee09..0000000000 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,141 +0,0 @@ -machines.machine.openshift.io: - Annotations: - exclude.release.openshift.io/internal-openshift-hosted: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/948 - CRDName: machines.machine.openshift.io - Capability: MachineAPI - Category: "" - FeatureGates: [] - FilenameOperatorName: machine-api - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: machine.openshift.io - HasStatus: true - KindName: Machine - Labels: {} - PluralName: machines - PrinterColumns: - - description: Phase of machine - jsonPath: .status.phase - name: Phase - type: string - - description: Type of instance - jsonPath: .metadata.labels['machine\.openshift\.io/instance-type'] - name: Type - type: string - - description: Region associated with machine - jsonPath: .metadata.labels['machine\.openshift\.io/region'] - name: Region - type: string - - description: Zone associated with machine - jsonPath: .metadata.labels['machine\.openshift\.io/zone'] - name: Zone - type: string - - description: Machine age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Node associated with machine - jsonPath: .status.nodeRef.name - name: Node - priority: 1 - type: string - - description: Provider ID of machine created in cloud provider - jsonPath: .spec.providerID - name: ProviderID - priority: 1 - type: string - - description: State of instance - jsonPath: .metadata.annotations['machine\.openshift\.io/instance-state'] - name: State - priority: 1 - type: string - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1beta1 - -machinehealthchecks.machine.openshift.io: - Annotations: - exclude.release.openshift.io/internal-openshift-hosted: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/1032 - CRDName: machinehealthchecks.machine.openshift.io - Capability: MachineAPI - Category: "" - FeatureGates: [] - FilenameOperatorName: machine-api - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: machine.openshift.io - HasStatus: true - KindName: MachineHealthCheck - Labels: {} - PluralName: machinehealthchecks - PrinterColumns: - - description: Maximum number of unhealthy machines allowed - jsonPath: .spec.maxUnhealthy - name: MaxUnhealthy - type: string - - description: Number of machines currently monitored - jsonPath: .status.expectedMachines - name: ExpectedMachines - type: integer - - description: Current observed healthy machines - jsonPath: .status.currentHealthy - name: CurrentHealthy - type: integer - Scope: Namespaced - ShortNames: - - mhc - - mhcs - TopLevelFeatureGates: [] - Version: v1beta1 - -machinesets.machine.openshift.io: - Annotations: - exclude.release.openshift.io/internal-openshift-hosted: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/1032 - CRDName: machinesets.machine.openshift.io - Capability: MachineAPI - Category: "" - FeatureGates: [] - FilenameOperatorName: machine-api - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: machine.openshift.io - HasStatus: true - KindName: MachineSet - Labels: {} - PluralName: machinesets - PrinterColumns: - - description: Desired Replicas - jsonPath: .spec.replicas - name: Desired - type: integer - - description: Current Replicas - jsonPath: .status.replicas - name: Current - type: integer - - description: Ready Replicas - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Observed number of available replicas - jsonPath: .status.availableReplicas - name: Available - type: string - - description: Machineset age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1beta1 - diff --git a/install/0000_80_machine-config_01_containerruntimeconfig.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml similarity index 99% rename from install/0000_80_machine-config_01_containerruntimeconfig.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml index 02ac99c36d..e1f9b1fd4a 100644 --- a/install/0000_80_machine-config_01_containerruntimeconfig.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_containerruntimeconfig.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-CustomNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-CustomNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-Default.crd.yaml similarity index 94% rename from vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-Default.crd.yaml index d4f05b8394..0b2f0d8874 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-Default.crd.yaml @@ -1510,36 +1510,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on BareMetal platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object machineNetworks: description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. @@ -1786,36 +1756,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on Nutanix platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object type: object openstack: description: OpenStack contains settings specific to the @@ -1972,36 +1912,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on Ovirt platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object nodeDNSIP: description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in @@ -2167,36 +2077,6 @@ spec: maxItems: 2 type: array x-kubernetes-list-type: set - loadBalancer: - default: - type: OpenShiftManagedDefault - description: loadBalancer defines how the load balancer - used by the cluster is configured. - properties: - type: - default: OpenShiftManagedDefault - description: type defines the type of load balancer - used by the cluster on VSphere platform which - can be a user-managed or openshift-managed load - balancer that is to be used for the OpenShift - API and Ingress endpoints. When set to OpenShiftManagedDefault - the static pods in charge of API and Ingress - traffic load-balancing defined in the machine - config operator will be deployed. When set to - UserManaged these static pods will not be deployed - and it is expected that the load balancer is - configured out of band by the deployer. When - omitted, this means no opinion and the platform - is left to choose a reasonable default. The - default value is OpenShiftManagedDefault. - enum: - - OpenShiftManagedDefault - - UserManaged - type: string - x-kubernetes-validations: - - message: type is immutable once set - rule: oldSelf == '' || self == oldSelf - type: object machineNetworks: description: machineNetworks are IP networks used to connect all the OpenShift cluster nodes. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-TechPreviewNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_controllerconfig-TechPreviewNoUpgrade.crd.yaml diff --git a/install/0000_80_machine-config_01_kubeletconfig.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml similarity index 99% rename from install/0000_80_machine-config_01_kubeletconfig.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml index 8c9c53a02d..53205de7d2 100644 --- a/install/0000_80_machine-config_01_kubeletconfig.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_kubeletconfig.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" diff --git a/install/0000_80_machine-config_01_machineconfig.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_machineconfig.crd.yaml similarity index 97% rename from install/0000_80_machine-config_01_machineconfig.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_machineconfig.crd.yaml index 2c5d82f387..f2554ca705 100644 --- a/install/0000_80_machine-config_01_machineconfig.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_machineconfig.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" @@ -14,7 +13,6 @@ spec: group: machineconfiguration.openshift.io names: kind: MachineConfig - listKind: MachineConfigList plural: machineconfigs shortNames: - mc diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml index 39434c3d49..20d2d79fe1 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-Default.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml @@ -3,11 +3,9 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: Default labels: openshift.io/operator-managed: "" name: machineconfigpools.machineconfiguration.openshift.io @@ -15,7 +13,6 @@ spec: group: machineconfiguration.openshift.io names: kind: MachineConfigPool - listKind: MachineConfigPoolList plural: machineconfigpools shortNames: - mcp @@ -36,8 +33,8 @@ spec: jsonPath: .status.conditions[?(@.type=="Updating")].status name: Updating type: string - - description: When progress is blocked on updating one or more nodes or the pool - configuration is failing. + - description: When progress is blocked on updating one or more nodes, or the + pool configuration is failing. jsonPath: .status.conditions[?(@.type=="Degraded")].status name: Degraded type: string diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/Makefile b/vendor/github.com/openshift/api/machineconfiguration/v1/Makefile deleted file mode 100644 index 7cd8eee901..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/Makefile +++ /dev/null @@ -1,3 +0,0 @@ -.PHONY: test -test: - make -C ../../tests test GINKGO_EXTRA_ARGS=--focus="machineconfiguration.openshift.io/v1" diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/custom.controllerconfig.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/custom.controllerconfig.testsuite.yaml index 9abe1f0bae..6d54b498cd 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/custom.controllerconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/custom.controllerconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Custom] ControllerConfig" -crd: 0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml +crd: 0000_80_controllerconfig-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a ControllerConfig for vSphere with external load balancer diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/custom.machineconfigpool.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/custom.machineconfigpool.testsuite.yaml deleted file mode 100644 index 80f474d8bd..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/custom.machineconfigpool.testsuite.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Custom] MachineConfigPool" -crd: 0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal MachineConfigPool - initial: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: {} # No spec is required for a MachineConfigPool - expected: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: {} - - name: Should be able to add a PinnedImageSet - initial: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: - pinnedImageSets: - - name: test-pinnedimageset - expected: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: - pinnedImageSets: - - name: test-pinnedimageset diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml index 920077dfa9..5a901bfebe 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.containerruntimeconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ContainerRuntimeConfig" -crd: 0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +crd: 0000_80_containerruntimeconfig.crd.yaml tests: onCreate: - name: Should be able to create a minimal ContainerRuntimeConfig diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml index ce2c1313f7..cb4b370d69 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.controllerconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ControllerConfig" -crd: 0000_80_machine-config_01_controllerconfigs-Default.crd.yaml +crd: 0000_80_controllerconfig-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal ControllerConfig @@ -100,120 +100,3 @@ tests: namespace: openshift-config releaseImage: "" rootCAData: Y2VydGlmaWNhdGUK - - name: Should be able to create a ControllerConfig for vSphere with external load balancer - initial: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: ControllerConfig - spec: - additionalTrustBundle: Y2VydGlmaWNhdGUK - baseOSContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e - baseOSExtensionsContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e - cloudProviderCAData: null - cloudProviderConfig: "" - clusterDNSIP: fd02::a - dns: - apiVersion: config.openshift.io/v1 - kind: DNS - spec: - baseDomain: fake.redhat.com - images: - machineConfigOperator: rexample.com/example/openshift-release-dev@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306 - infra: - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - cloudConfig: - name: "" - platformSpec: - type: VSphere - vsphere: {} - status: - apiServerInternalURI: https://api-int.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 - apiServerURL: https://api.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 - cpuPartitioning: "None" - controlPlaneTopology: SingleReplica - etcdDiscoveryDomain: "" - infrastructureName: cnfde4-sxhr7 - infrastructureTopology: SingleReplica - platform: VSphere - platformStatus: - type: VSphere - vsphere: - apiServerInternalIP: 10.38.153.2 - apiServerInternalIPs: - - 10.38.153.2 - ingressIP: 10.38.153.3 - ingressIPs: - - 10.38.153.3 - loadBalancer: - type: UserManaged - ipFamilies: IPv6 - kubeAPIServerServingCAData: Y2VydGlmaWNhdGUK - network: null - networkType: OVNKubernetes - osImageURL: example.com/example/openshift-release-dev@sha256:eacdc37aec78fdbf8caa9601e4012ab31453cf59b086474901900e853e803ea8 - platform: none - proxy: null - pullSecret: - name: pull-secret - namespace: openshift-config - releaseImage: "" - rootCAData: Y2VydGlmaWNhdGUK - expected: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: ControllerConfig - spec: - additionalTrustBundle: Y2VydGlmaWNhdGUK - baseOSContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e - baseOSExtensionsContainerImage: example.com/example/openshift-release-dev@sha256:d98795f7932441b30bb8bcfbbf05912875383fad1f2b3be08a22ec148d68607e - cloudProviderCAData: null - cloudProviderConfig: "" - clusterDNSIP: fd02::a - dns: - apiVersion: config.openshift.io/v1 - kind: DNS - spec: - baseDomain: fake.redhat.com - images: - machineConfigOperator: rexample.com/example/openshift-release-dev@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306 - infra: - apiVersion: config.openshift.io/v1 - kind: Infrastructure - spec: - cloudConfig: - name: "" - platformSpec: - type: VSphere - vsphere: {} - status: - apiServerInternalURI: https://api-int.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 - apiServerURL: https://api.cnfde4.sno.ptp.lab.eng.bos.redhat.com:6443 - cpuPartitioning: "None" - controlPlaneTopology: SingleReplica - etcdDiscoveryDomain: "" - infrastructureName: cnfde4-sxhr7 - infrastructureTopology: SingleReplica - platform: VSphere - platformStatus: - type: VSphere - vsphere: - apiServerInternalIP: 10.38.153.2 - apiServerInternalIPs: - - 10.38.153.2 - ingressIP: 10.38.153.3 - ingressIPs: - - 10.38.153.3 - loadBalancer: - type: UserManaged - ipFamilies: IPv6 - kubeAPIServerServingCAData: Y2VydGlmaWNhdGUK - network: null - networkType: OVNKubernetes - osImageURL: example.com/example/openshift-release-dev@sha256:eacdc37aec78fdbf8caa9601e4012ab31453cf59b086474901900e853e803ea8 - platform: none - proxy: null - pullSecret: - name: pull-secret - namespace: openshift-config - releaseImage: "" - rootCAData: Y2VydGlmaWNhdGUK diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml index be12077520..c4456ce82b 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.kubeletconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] KubeletConfig" -crd: 0000_80_machine-config_01_kubeletconfigs.crd.yaml +crd: 0000_80_kubeletconfig.crd.yaml tests: onCreate: - name: Should be able to create a minimal KubeletConfig diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfig.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfig.testsuite.yaml index e9759376b1..26db0e8aed 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] MachineConfig" -crd: 0000_80_machine-config_01_machineconfigs.crd.yaml +crd: 0000_80_machineconfig.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfig diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml index fba5e7a93e..37fb01e733 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/stable.machineconfigpool.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Default] MachineConfigPool" -crd: 0000_80_machine-config_01_machineconfigpools-Default.crd.yaml +name: "[Stable] MachineConfigPool" +crd: 0000_80_machineconfigpool.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfigPool diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.controllerconfig.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.controllerconfig.testsuite.yaml index 25d6381d06..37239c6fd1 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.controllerconfig.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.controllerconfig.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreview] ControllerConfig" -crd: 0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml +crd: 0000_80_controllerconfig-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a ControllerConfig for vSphere with external load balancer diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.machineconfigpool.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.machineconfigpool.testsuite.yaml deleted file mode 100644 index aed5e416da..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/techpreview.machineconfigpool.testsuite.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[TechPreview] MachineConfigPool" -crd: 0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal MachineConfigPool - initial: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: {} # No spec is required for a MachineConfigPool - expected: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: {} - - name: Should be able to add a PinnedImageSet - initial: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: - pinnedImageSets: - - name: test-pinnedimageset - expected: | - apiVersion: machineconfiguration.openshift.io/v1 - kind: MachineConfigPool - spec: - pinnedImageSets: - - name: test-pinnedimageset diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types.go index 5b1b196df6..9067af4929 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types.go @@ -23,7 +23,7 @@ const KubeletConfigRoleLabelPrefix = "pools.operator.machineconfiguration.opensh // +kubebuilder:resource:path=controllerconfigs,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1453 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 +// +openshift:file-pattern=0000_80_controllerconfigMARKERS.crd.yaml // +kubebuilder:metadata:labels=openshift.io/operator-managed= // ControllerConfig describes configuration for MachineConfigController. @@ -289,14 +289,6 @@ type ControllerConfigList struct { // MachineConfig defines the configuration for a machine // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machineconfigs,scope=Cluster,shortName=mc -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1453 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +kubebuilder:metadata:labels="openshift.io/operator-managed=" -// +kubebuilder:printcolumn:name=GeneratedByController,JSONPath=.metadata.annotations.machineconfiguration\.openshift\.io/generated-by-controller-version,type=string,description=Version of the controller that generated the machineconfig. This will be empty if the machineconfig is not managed by a controller. -// +kubebuilder:printcolumn:name=IgnitionVersion,JSONPath=.spec.config.ignition.version,type=string,description=Version of the Ignition Config defined in the machineconfig. -// +kubebuilder:printcolumn:name=Age,JSONPath=.metadata.creationTimestamp,type=date // +openshift:compatibility-gen:level=1 type MachineConfig struct { metav1.TypeMeta `json:",inline"` @@ -362,21 +354,6 @@ type MachineConfigList struct { // MachineConfigPool describes a pool of MachineConfigs. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machineconfigpools,scope=Cluster,shortName=mcp -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1453 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +kubebuilder:metadata:labels="openshift.io/operator-managed=" -// +kubebuilder:printcolumn:name=Config,JSONPath=.status.configuration.name,type=string -// +kubebuilder:printcolumn:name=Updated,JSONPath=.status.conditions[?(@.type=="Updated")].status,type=string,description=When all the machines in the pool are updated to the correct machine config. -// +kubebuilder:printcolumn:name=Updating,JSONPath=.status.conditions[?(@.type=="Updating")].status,type=string,description=When at least one of machine is not either not updated or is in the process of updating to the desired machine config. -// +kubebuilder:printcolumn:name=Degraded,JSONPath=.status.conditions[?(@.type=="Degraded")].status,type=string,description=When progress is blocked on updating one or more nodes or the pool configuration is failing. -// +kubebuilder:printcolumn:name=MachineCount,JSONPath=.status.machineCount,type=number,description=Total number of machines in the machine config pool -// +kubebuilder:printcolumn:name=ReadyMachineCount,JSONPath=.status.readyMachineCount,type=number,description=Total number of ready machines targeted by the pool -// +kubebuilder:printcolumn:name=UpdatedMachineCount,JSONPath=.status.updatedMachineCount,type=number,description=Total number of machines targeted by the pool that have the CurrentMachineConfig as their config -// +kubebuilder:printcolumn:name=DegradedMachineCount,JSONPath=.status.degradedMachineCount,type=number,description=Total number of machines marked degraded (or unreconcilable) -// +kubebuilder:printcolumn:name=Age,JSONPath=.metadata.creationTimestamp,type=date // +openshift:compatibility-gen:level=1 type MachineConfigPool struct { metav1.TypeMeta `json:",inline"` @@ -421,44 +398,6 @@ type MachineConfigPoolSpec struct { // The targeted MachineConfig object for the machine config pool. // +optional Configuration MachineConfigPoolStatusConfiguration `json:"configuration"` - - // pinnedImageSets specifies a sequence of PinnedImageSetRef objects for the - // pool. Nodes within this pool will preload and pin images defined in the - // PinnedImageSet. Before pulling images the MachineConfigDaemon will ensure - // the total uncompressed size of all the images does not exceed available - // resources. If the total size of the images exceeds the available - // resources the controller will report a Degraded status to the - // MachineConfigPool and not attempt to pull any images. Also to help ensure - // the kubelet can mitigate storage risk, the pinned_image configuration and - // subsequent service reload will happen only after all of the images have - // been pulled for each set. Images from multiple PinnedImageSets are loaded - // and pinned sequentially as listed. Duplicate and existing images will be - // skipped. - // - // Any failure to prefetch or pin images will result in a Degraded pool. - // Resolving these failures is the responsibility of the user. The admin - // should be proactive in ensuring adequate storage and proper image - // authentication exists in advance. - // +openshift:enable:FeatureGate=PinnedImages - // +optional - // +listType=map - // +listMapKey=name - PinnedImageSets []PinnedImageSetRef `json:"pinnedImageSets,omitempty"` -} - -type PinnedImageSetRef struct { - // name is a reference to the name of a PinnedImageSet. Must adhere to - // RFC-1123 (https://tools.ietf.org/html/rfc1123). - // Made up of one of more period-separated (.) segments, where each segment - // consists of alphanumeric characters and hyphens (-), must begin and end - // with an alphanumeric character, and is at most 63 characters in length. - // The total length of the name must not exceed 253 characters. - // +openshift:enable:FeatureGate=PinnedImages - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=253 - // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$` - // +kubebuilder:validation:Required - Name string `json:"name"` } // MachineConfigPoolStatus is the status for MachineConfigPool resource. @@ -608,12 +547,6 @@ type MachineConfigPoolList struct { // KubeletConfig describes a customized Kubelet configuration. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=kubeletconfigs,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1453 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +kubebuilder:metadata:labels="openshift.io/operator-managed=" // +openshift:compatibility-gen:level=1 type KubeletConfig struct { metav1.TypeMeta `json:",inline"` @@ -717,12 +650,6 @@ type KubeletConfigList struct { // ContainerRuntimeConfig describes a customized Container Runtime configuration. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=containerruntimeconfigs,scope=Cluster,shortName=ctrcfg -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1453 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +kubebuilder:metadata:labels="openshift.io/operator-managed=" // +openshift:compatibility-gen:level=1 type ContainerRuntimeConfig struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml deleted file mode 100644 index 02ac99c36d..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_containerruntimeconfigs.crd.yaml +++ /dev/null @@ -1,180 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - labels: - openshift.io/operator-managed: "" - name: containerruntimeconfigs.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: ContainerRuntimeConfig - listKind: ContainerRuntimeConfigList - plural: containerruntimeconfigs - shortNames: - - ctrcfg - singular: containerruntimeconfig - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "ContainerRuntimeConfig describes a customized Container Runtime - configuration. \n Compatibility level 1: Stable within a major release for - a minimum of 12 months or 3 minor releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ContainerRuntimeConfigSpec defines the desired state of ContainerRuntimeConfig - properties: - containerRuntimeConfig: - description: ContainerRuntimeConfiguration defines the tuneables of - the container runtime - properties: - defaultRuntime: - description: defaultRuntime is the name of the OCI runtime to - be used as the default. - type: string - logLevel: - description: logLevel specifies the verbosity of the logs based - on the level it is set to. Options are fatal, panic, error, - warn, info, and debug. - type: string - logSizeMax: - anyOf: - - type: integer - - type: string - description: logSizeMax specifies the Maximum size allowed for - the container log file. Negative numbers indicate that no size - limit is imposed. If it is positive, it must be >= 8192 to match/exceed - conmon's read buffer. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - overlaySize: - anyOf: - - type: integer - - type: string - description: 'overlaySize specifies the maximum size of a container - image. This flag can be used to set quota on the size of container - images. (default: 10GB)' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - pidsLimit: - description: pidsLimit specifies the maximum number of processes - allowed in a container - format: int64 - type: integer - type: object - machineConfigPoolSelector: - description: MachineConfigPoolSelector selects which pools the ContainerRuntimeConfig - shoud apply to. A nil selector will result in no pools being selected. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - containerRuntimeConfig - type: object - status: - description: ContainerRuntimeConfigStatus defines the observed state of - a ContainerRuntimeConfig - properties: - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: ContainerRuntimeConfigCondition defines the state of - the ContainerRuntimeConfig - properties: - lastTransitionTime: - description: lastTransitionTime is the time of the last update - to the current status object. - format: date-time - nullable: true - type: string - message: - description: message provides additional information about the - current condition. This is only to be consumed by humans. - type: string - reason: - description: reason is the reason for the condition's last transition. Reasons - are PascalCase - type: string - status: - description: status of the condition, one of True, False, Unknown. - type: string - type: - description: type specifies the state of the operator's reconciliation - functionality. - type: string - type: object - type: array - x-kubernetes-list-type: atomic - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_kubeletconfigs.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_kubeletconfigs.crd.yaml deleted file mode 100644 index 8c9c53a02d..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_kubeletconfigs.crd.yaml +++ /dev/null @@ -1,240 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - labels: - openshift.io/operator-managed: "" - name: kubeletconfigs.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: KubeletConfig - listKind: KubeletConfigList - plural: kubeletconfigs - singular: kubeletconfig - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "KubeletConfig describes a customized Kubelet configuration. - \n Compatibility level 1: Stable within a major release for a minimum of - 12 months or 3 minor releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeletConfigSpec defines the desired state of KubeletConfig - properties: - autoSizingReserved: - type: boolean - kubeletConfig: - description: kubeletConfig fields are defined in kubernetes upstream. - Please refer to the types defined in the version/commit used by - OpenShift of the upstream kubernetes. It's important to note that, - since the fields of the kubelet configuration are directly fetched - from upstream the validation of those values is handled directly - by the kubelet. Please refer to the upstream version of the relevant - kubernetes for the valid values of these fields. Invalid values - of the kubelet configuration fields may render cluster nodes unusable. - type: object - x-kubernetes-preserve-unknown-fields: true - logLevel: - format: int32 - type: integer - machineConfigPoolSelector: - description: MachineConfigPoolSelector selects which pools the KubeletConfig - shoud apply to. A nil selector will result in no pools being selected. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - tlsSecurityProfile: - description: If unset, the default is based on the apiservers.config.openshift.io/cluster - resource. Note that only Old and Intermediate profiles are currently - supported, and the maximum available minTLSVersion is VersionTLS12. - properties: - custom: - description: "custom is a user-defined TLS security profile. Be - extremely careful using a custom profile as invalid configurations - can be catastrophic. An example custom profile looks like this: - \n ciphers: \n - ECDHE-ECDSA-CHACHA20-POLY1305 \n - ECDHE-RSA-CHACHA20-POLY1305 - \n - ECDHE-RSA-AES128-GCM-SHA256 \n - ECDHE-ECDSA-AES128-GCM-SHA256 - \n minTLSVersion: VersionTLS11" - nullable: true - properties: - ciphers: - description: "ciphers is used to specify the cipher algorithms - that are negotiated during the TLS handshake. Operators - may remove entries their operands do not support. For example, - to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" - items: - type: string - type: array - minTLSVersion: - description: "minTLSVersion is used to specify the minimal - version of the TLS protocol that is negotiated during the - TLS handshake. For example, to use TLS versions 1.1, 1.2 - and 1.3 (yaml): \n minTLSVersion: VersionTLS11 \n NOTE: - currently the highest minTLSVersion allowed is VersionTLS12" - enum: - - VersionTLS10 - - VersionTLS11 - - VersionTLS12 - - VersionTLS13 - type: string - type: object - intermediate: - description: "intermediate is a TLS security profile based on: - \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 - \n and looks like this (yaml): \n ciphers: \n - TLS_AES_128_GCM_SHA256 - \n - TLS_AES_256_GCM_SHA384 \n - TLS_CHACHA20_POLY1305_SHA256 - \n - ECDHE-ECDSA-AES128-GCM-SHA256 \n - ECDHE-RSA-AES128-GCM-SHA256 - \n - ECDHE-ECDSA-AES256-GCM-SHA384 \n - ECDHE-RSA-AES256-GCM-SHA384 - \n - ECDHE-ECDSA-CHACHA20-POLY1305 \n - ECDHE-RSA-CHACHA20-POLY1305 - \n - DHE-RSA-AES128-GCM-SHA256 \n - DHE-RSA-AES256-GCM-SHA384 - \n minTLSVersion: VersionTLS12" - nullable: true - type: object - modern: - description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility - \n and looks like this (yaml): \n ciphers: \n - TLS_AES_128_GCM_SHA256 - \n - TLS_AES_256_GCM_SHA384 \n - TLS_CHACHA20_POLY1305_SHA256 - \n minTLSVersion: VersionTLS13" - nullable: true - type: object - old: - description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility - \n and looks like this (yaml): \n ciphers: \n - TLS_AES_128_GCM_SHA256 - \n - TLS_AES_256_GCM_SHA384 \n - TLS_CHACHA20_POLY1305_SHA256 - \n - ECDHE-ECDSA-AES128-GCM-SHA256 \n - ECDHE-RSA-AES128-GCM-SHA256 - \n - ECDHE-ECDSA-AES256-GCM-SHA384 \n - ECDHE-RSA-AES256-GCM-SHA384 - \n - ECDHE-ECDSA-CHACHA20-POLY1305 \n - ECDHE-RSA-CHACHA20-POLY1305 - \n - DHE-RSA-AES128-GCM-SHA256 \n - DHE-RSA-AES256-GCM-SHA384 - \n - DHE-RSA-CHACHA20-POLY1305 \n - ECDHE-ECDSA-AES128-SHA256 - \n - ECDHE-RSA-AES128-SHA256 \n - ECDHE-ECDSA-AES128-SHA \n - - ECDHE-RSA-AES128-SHA \n - ECDHE-ECDSA-AES256-SHA384 \n - ECDHE-RSA-AES256-SHA384 - \n - ECDHE-ECDSA-AES256-SHA \n - ECDHE-RSA-AES256-SHA \n - DHE-RSA-AES128-SHA256 - \n - DHE-RSA-AES256-SHA256 \n - AES128-GCM-SHA256 \n - AES256-GCM-SHA384 - \n - AES128-SHA256 \n - AES256-SHA256 \n - AES128-SHA \n - AES256-SHA - \n - DES-CBC3-SHA \n minTLSVersion: VersionTLS10" - nullable: true - type: object - type: - description: "type is one of Old, Intermediate, Modern or Custom. - Custom provides the ability to specify individual TLS security - profile parameters. Old, Intermediate and Modern are TLS security - profiles based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations - \n The profiles are intent based, so they may change over time - as new ciphers are developed and existing ciphers are found - to be insecure. Depending on precisely which ciphers are available - to a process, the list may be reduced. \n Note that the Modern - profile is currently not supported because it is not yet well - adopted by common software libraries." - enum: - - Old - - Intermediate - - Modern - - Custom - type: string - type: object - type: object - status: - description: KubeletConfigStatus defines the observed state of a KubeletConfig - properties: - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: KubeletConfigCondition defines the state of the KubeletConfig - properties: - lastTransitionTime: - description: lastTransitionTime is the time of the last update - to the current status object. - format: date-time - nullable: true - type: string - message: - description: message provides additional information about the - current condition. This is only to be consumed by humans. - type: string - reason: - description: reason is the reason for the condition's last transition. Reasons - are PascalCase - type: string - status: - description: status of the condition, one of True, False, Unknown. - type: string - type: - description: type specifies the state of the operator's reconciliation - functionality. - type: string - type: object - type: array - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml deleted file mode 100644 index 81385e0b3b..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-CustomNoUpgrade.crd.yaml +++ /dev/null @@ -1,553 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: CustomNoUpgrade - labels: - openshift.io/operator-managed: "" - name: machineconfigpools.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfigPool - listKind: MachineConfigPoolList - plural: machineconfigpools - shortNames: - - mcp - singular: machineconfigpool - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.configuration.name - name: Config - type: string - - description: When all the machines in the pool are updated to the correct machine - config. - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - description: When at least one of machine is not either not updated or is in - the process of updating to the desired machine config. - jsonPath: .status.conditions[?(@.type=="Updating")].status - name: Updating - type: string - - description: When progress is blocked on updating one or more nodes or the pool - configuration is failing. - jsonPath: .status.conditions[?(@.type=="Degraded")].status - name: Degraded - type: string - - description: Total number of machines in the machine config pool - jsonPath: .status.machineCount - name: MachineCount - type: number - - description: Total number of ready machines targeted by the pool - jsonPath: .status.readyMachineCount - name: ReadyMachineCount - type: number - - description: Total number of machines targeted by the pool that have the CurrentMachineConfig - as their config - jsonPath: .status.updatedMachineCount - name: UpdatedMachineCount - type: number - - description: Total number of machines marked degraded (or unreconcilable) - jsonPath: .status.degradedMachineCount - name: DegradedMachineCount - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: "MachineConfigPool describes a pool of MachineConfigs. \n Compatibility - level 1: Stable within a major release for a minimum of 12 months or 3 minor - releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineConfigPoolSpec is the spec for MachineConfigPool resource. - properties: - configuration: - description: The targeted MachineConfig object for the machine config - pool. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - source: - description: source is the list of MachineConfig objects that - were used to generate the single MachineConfig object specified - in `content`. - items: - description: "ObjectReference contains enough information to - let you inspect or modify the referred object. --- New uses - of this type are discouraged because of difficulty describing - its usage when embedded in APIs. 1. Ignored fields. It includes - many fields which are not generally honored. For instance, - ResourceVersion and FieldPath are both very rarely valid in - actual usage. 2. Invalid usage help. It is impossible to - add specific help for individual usage. In most embedded - usages, there are particular restrictions like, \"must refer - only to types A and B\" or \"UID not honored\" or \"name must - be restricted\". Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, - the validation rules are different by usage, which makes it - hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency - is on the group,resource tuple and the version of the actual - struct is irrelevant. 5. We cannot easily change it. Because - this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an - underspecified API type they do not control. \n Instead of - using this type, create a locally provided and used type that - is well-focused on your reference. For example, ServiceReferences - for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - machineConfigSelector: - description: machineConfigSelector specifies a label selector for - MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - on how label and selectors work. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - maxUnavailable: - anyOf: - - type: integer - - type: string - description: "maxUnavailable defines either an integer number or percentage - of nodes in the pool that can go Unavailable during an update. This - includes nodes Unavailable for any reason, including user initiated - cordons, failing nodes, etc. The default value is 1. \n A value - larger than 1 will mean multiple nodes going unavailable during - the update, which may affect your workload stress on the remaining - nodes. You cannot set this value to 0 to stop updates (it will default - back to 1); to stop updates, use the 'paused' property instead. - Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum - guards, even if maxUnavailable is greater than one." - x-kubernetes-int-or-string: true - nodeSelector: - description: nodeSelector specifies a label selector for Machines - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - paused: - description: paused specifies whether or not changes to this machine - config pool should be stopped. This includes generating new desiredMachineConfig - and update of machines. - type: boolean - pinnedImageSets: - description: "pinnedImageSets specifies a sequence of PinnedImageSetRef - objects for the pool. Nodes within this pool will preload and pin - images defined in the PinnedImageSet. Before pulling images the - MachineConfigDaemon will ensure the total uncompressed size of all - the images does not exceed available resources. If the total size - of the images exceeds the available resources the controller will - report a Degraded status to the MachineConfigPool and not attempt - to pull any images. Also to help ensure the kubelet can mitigate - storage risk, the pinned_image configuration and subsequent service - reload will happen only after all of the images have been pulled - for each set. Images from multiple PinnedImageSets are loaded and - pinned sequentially as listed. Duplicate and existing images will - be skipped. \n Any failure to prefetch or pin images will result - in a Degraded pool. Resolving these failures is the responsibility - of the user. The admin should be proactive in ensuring adequate - storage and proper image authentication exists in advance." - items: - properties: - name: - description: name is a reference to the name of a PinnedImageSet. Must - adhere to RFC-1123 (https://tools.ietf.org/html/rfc1123). - Made up of one of more period-separated (.) segments, where - each segment consists of alphanumeric characters and hyphens - (-), must begin and end with an alphanumeric character, and - is at most 63 characters in length. The total length of the - name must not exceed 253 characters. - maxLength: 253 - minLength: 1 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - status: - description: MachineConfigPoolStatus is the status for MachineConfigPool - resource. - properties: - certExpirys: - description: certExpirys keeps track of important certificate expiration - data - items: - description: ceryExpiry contains the bundle name and the expiry - date - properties: - bundle: - description: bundle is the name of the bundle in which the subject - certificate resides - type: string - expiry: - description: expiry is the date after which the certificate - will no longer be valid - format: date-time - type: string - subject: - description: subject is the subject of the certificate - type: string - required: - - bundle - - subject - type: object - type: array - x-kubernetes-list-type: atomic - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: MachineConfigPoolCondition contains condition information - for an MachineConfigPool. - properties: - lastTransitionTime: - description: lastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - nullable: true - type: string - message: - description: message is a human readable description of the - details of the last transition, complementing reason. - type: string - reason: - description: reason is a brief machine readable explanation - for the condition's last transition. - type: string - status: - description: status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - type: - description: type of the condition, currently ('Done', 'Updating', - 'Failed'). - type: string - type: object - type: array - x-kubernetes-list-type: atomic - configuration: - description: configuration represents the current MachineConfig object - for the machine config pool. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - source: - description: source is the list of MachineConfig objects that - were used to generate the single MachineConfig object specified - in `content`. - items: - description: "ObjectReference contains enough information to - let you inspect or modify the referred object. --- New uses - of this type are discouraged because of difficulty describing - its usage when embedded in APIs. 1. Ignored fields. It includes - many fields which are not generally honored. For instance, - ResourceVersion and FieldPath are both very rarely valid in - actual usage. 2. Invalid usage help. It is impossible to - add specific help for individual usage. In most embedded - usages, there are particular restrictions like, \"must refer - only to types A and B\" or \"UID not honored\" or \"name must - be restricted\". Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, - the validation rules are different by usage, which makes it - hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency - is on the group,resource tuple and the version of the actual - struct is irrelevant. 5. We cannot easily change it. Because - this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an - underspecified API type they do not control. \n Instead of - using this type, create a locally provided and used type that - is well-focused on your reference. For example, ServiceReferences - for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - degradedMachineCount: - description: degradedMachineCount represents the total number of machines - marked degraded (or unreconcilable). A node is marked degraded if - applying a configuration failed.. - format: int32 - type: integer - machineCount: - description: machineCount represents the total number of machines - in the machine config pool. - format: int32 - type: integer - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - readyMachineCount: - description: readyMachineCount represents the total number of ready - machines targeted by the pool. - format: int32 - type: integer - unavailableMachineCount: - description: unavailableMachineCount represents the total number of - unavailable (non-ready) machines targeted by the pool. A node is - marked unavailable if it is in updating state or NodeReady condition - is false. - format: int32 - type: integer - updatedMachineCount: - description: updatedMachineCount represents the total number of machines - targeted by the pool that have the CurrentMachineConfig as their - config. - format: int32 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml deleted file mode 100644 index 5356610e12..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigpools-TechPreviewNoUpgrade.crd.yaml +++ /dev/null @@ -1,553 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - labels: - openshift.io/operator-managed: "" - name: machineconfigpools.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfigPool - listKind: MachineConfigPoolList - plural: machineconfigpools - shortNames: - - mcp - singular: machineconfigpool - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.configuration.name - name: Config - type: string - - description: When all the machines in the pool are updated to the correct machine - config. - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - description: When at least one of machine is not either not updated or is in - the process of updating to the desired machine config. - jsonPath: .status.conditions[?(@.type=="Updating")].status - name: Updating - type: string - - description: When progress is blocked on updating one or more nodes or the pool - configuration is failing. - jsonPath: .status.conditions[?(@.type=="Degraded")].status - name: Degraded - type: string - - description: Total number of machines in the machine config pool - jsonPath: .status.machineCount - name: MachineCount - type: number - - description: Total number of ready machines targeted by the pool - jsonPath: .status.readyMachineCount - name: ReadyMachineCount - type: number - - description: Total number of machines targeted by the pool that have the CurrentMachineConfig - as their config - jsonPath: .status.updatedMachineCount - name: UpdatedMachineCount - type: number - - description: Total number of machines marked degraded (or unreconcilable) - jsonPath: .status.degradedMachineCount - name: DegradedMachineCount - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: "MachineConfigPool describes a pool of MachineConfigs. \n Compatibility - level 1: Stable within a major release for a minimum of 12 months or 3 minor - releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineConfigPoolSpec is the spec for MachineConfigPool resource. - properties: - configuration: - description: The targeted MachineConfig object for the machine config - pool. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - source: - description: source is the list of MachineConfig objects that - were used to generate the single MachineConfig object specified - in `content`. - items: - description: "ObjectReference contains enough information to - let you inspect or modify the referred object. --- New uses - of this type are discouraged because of difficulty describing - its usage when embedded in APIs. 1. Ignored fields. It includes - many fields which are not generally honored. For instance, - ResourceVersion and FieldPath are both very rarely valid in - actual usage. 2. Invalid usage help. It is impossible to - add specific help for individual usage. In most embedded - usages, there are particular restrictions like, \"must refer - only to types A and B\" or \"UID not honored\" or \"name must - be restricted\". Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, - the validation rules are different by usage, which makes it - hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency - is on the group,resource tuple and the version of the actual - struct is irrelevant. 5. We cannot easily change it. Because - this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an - underspecified API type they do not control. \n Instead of - using this type, create a locally provided and used type that - is well-focused on your reference. For example, ServiceReferences - for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - machineConfigSelector: - description: machineConfigSelector specifies a label selector for - MachineConfigs. Refer https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - on how label and selectors work. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - maxUnavailable: - anyOf: - - type: integer - - type: string - description: "maxUnavailable defines either an integer number or percentage - of nodes in the pool that can go Unavailable during an update. This - includes nodes Unavailable for any reason, including user initiated - cordons, failing nodes, etc. The default value is 1. \n A value - larger than 1 will mean multiple nodes going unavailable during - the update, which may affect your workload stress on the remaining - nodes. You cannot set this value to 0 to stop updates (it will default - back to 1); to stop updates, use the 'paused' property instead. - Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum - guards, even if maxUnavailable is greater than one." - x-kubernetes-int-or-string: true - nodeSelector: - description: nodeSelector specifies a label selector for Machines - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - paused: - description: paused specifies whether or not changes to this machine - config pool should be stopped. This includes generating new desiredMachineConfig - and update of machines. - type: boolean - pinnedImageSets: - description: "pinnedImageSets specifies a sequence of PinnedImageSetRef - objects for the pool. Nodes within this pool will preload and pin - images defined in the PinnedImageSet. Before pulling images the - MachineConfigDaemon will ensure the total uncompressed size of all - the images does not exceed available resources. If the total size - of the images exceeds the available resources the controller will - report a Degraded status to the MachineConfigPool and not attempt - to pull any images. Also to help ensure the kubelet can mitigate - storage risk, the pinned_image configuration and subsequent service - reload will happen only after all of the images have been pulled - for each set. Images from multiple PinnedImageSets are loaded and - pinned sequentially as listed. Duplicate and existing images will - be skipped. \n Any failure to prefetch or pin images will result - in a Degraded pool. Resolving these failures is the responsibility - of the user. The admin should be proactive in ensuring adequate - storage and proper image authentication exists in advance." - items: - properties: - name: - description: name is a reference to the name of a PinnedImageSet. Must - adhere to RFC-1123 (https://tools.ietf.org/html/rfc1123). - Made up of one of more period-separated (.) segments, where - each segment consists of alphanumeric characters and hyphens - (-), must begin and end with an alphanumeric character, and - is at most 63 characters in length. The total length of the - name must not exceed 253 characters. - maxLength: 253 - minLength: 1 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - status: - description: MachineConfigPoolStatus is the status for MachineConfigPool - resource. - properties: - certExpirys: - description: certExpirys keeps track of important certificate expiration - data - items: - description: ceryExpiry contains the bundle name and the expiry - date - properties: - bundle: - description: bundle is the name of the bundle in which the subject - certificate resides - type: string - expiry: - description: expiry is the date after which the certificate - will no longer be valid - format: date-time - type: string - subject: - description: subject is the subject of the certificate - type: string - required: - - bundle - - subject - type: object - type: array - x-kubernetes-list-type: atomic - conditions: - description: conditions represents the latest available observations - of current state. - items: - description: MachineConfigPoolCondition contains condition information - for an MachineConfigPool. - properties: - lastTransitionTime: - description: lastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - nullable: true - type: string - message: - description: message is a human readable description of the - details of the last transition, complementing reason. - type: string - reason: - description: reason is a brief machine readable explanation - for the condition's last transition. - type: string - status: - description: status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - type: - description: type of the condition, currently ('Done', 'Updating', - 'Failed'). - type: string - type: object - type: array - x-kubernetes-list-type: atomic - configuration: - description: configuration represents the current MachineConfig object - for the machine config pool. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - source: - description: source is the list of MachineConfig objects that - were used to generate the single MachineConfig object specified - in `content`. - items: - description: "ObjectReference contains enough information to - let you inspect or modify the referred object. --- New uses - of this type are discouraged because of difficulty describing - its usage when embedded in APIs. 1. Ignored fields. It includes - many fields which are not generally honored. For instance, - ResourceVersion and FieldPath are both very rarely valid in - actual usage. 2. Invalid usage help. It is impossible to - add specific help for individual usage. In most embedded - usages, there are particular restrictions like, \"must refer - only to types A and B\" or \"UID not honored\" or \"name must - be restricted\". Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, - the validation rules are different by usage, which makes it - hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency - is on the group,resource tuple and the version of the actual - struct is irrelevant. 5. We cannot easily change it. Because - this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an - underspecified API type they do not control. \n Instead of - using this type, create a locally provided and used type that - is well-focused on your reference. For example, ServiceReferences - for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - degradedMachineCount: - description: degradedMachineCount represents the total number of machines - marked degraded (or unreconcilable). A node is marked degraded if - applying a configuration failed.. - format: int32 - type: integer - machineCount: - description: machineCount represents the total number of machines - in the machine config pool. - format: int32 - type: integer - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. - format: int64 - type: integer - readyMachineCount: - description: readyMachineCount represents the total number of ready - machines targeted by the pool. - format: int32 - type: integer - unavailableMachineCount: - description: unavailableMachineCount represents the total number of - unavailable (non-ready) machines targeted by the pool. A node is - marked unavailable if it is in updating state or NodeReady condition - is false. - format: int32 - type: integer - updatedMachineCount: - description: updatedMachineCount represents the total number of machines - targeted by the pool that have the CurrentMachineConfig as their - config. - format: int32 - type: integer - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigs.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigs.crd.yaml deleted file mode 100644 index 2c5d82f387..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigs.crd.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - labels: - openshift.io/operator-managed: "" - name: machineconfigs.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfig - listKind: MachineConfigList - plural: machineconfigs - shortNames: - - mc - singular: machineconfig - scope: Cluster - versions: - - additionalPrinterColumns: - - description: Version of the controller that generated the machineconfig. This - will be empty if the machineconfig is not managed by a controller. - jsonPath: .metadata.annotations.machineconfiguration\.openshift\.io/generated-by-controller-version - name: GeneratedByController - type: string - - description: Version of the Ignition Config defined in the machineconfig. - jsonPath: .spec.config.ignition.version - name: IgnitionVersion - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: "MachineConfig defines the configuration for a machine \n Compatibility - level 1: Stable within a major release for a minimum of 12 months or 3 minor - releases (whichever is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineConfigSpec is the spec for MachineConfig - properties: - baseOSExtensionsContainerImage: - description: BaseOSExtensionsContainerImage specifies the remote location - that will be used to fetch the extensions container matching a new-format - OS image - type: string - config: - description: Config is a Ignition Config object. - type: object - x-kubernetes-preserve-unknown-fields: true - extensions: - description: extensions contains a list of additional features that - can be enabled on host - items: - type: string - type: array - x-kubernetes-list-type: atomic - fips: - description: fips controls FIPS mode - type: boolean - kernelArguments: - description: kernelArguments contains a list of kernel arguments to - be added - items: - type: string - nullable: true - type: array - x-kubernetes-list-type: atomic - kernelType: - description: kernelType contains which kernel we want to be running - like default (traditional), realtime, 64k-pages (aarch64 only). - type: string - osImageURL: - description: OSImageURL specifies the remote location that will be - used to fetch the OS. - type: string - type: object - type: object - served: true - storage: true diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/doc.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/doc.go deleted file mode 100644 index 86fab796eb..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/doc.go +++ /dev/null @@ -1 +0,0 @@ -package machineconfiguration_v1_crdmanifests diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go index d89627b91d..180027a84e 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go @@ -730,11 +730,6 @@ func (in *MachineConfigPoolSpec) DeepCopyInto(out *MachineConfigPoolSpec) { **out = **in } in.Configuration.DeepCopyInto(&out.Configuration) - if in.PinnedImageSets != nil { - in, out := &in.PinnedImageSets, &out.PinnedImageSets - *out = make([]PinnedImageSetRef, len(*in)) - copy(*out, *in) - } return } @@ -848,19 +843,3 @@ func (in *NetworkInfo) DeepCopy() *NetworkInfo { in.DeepCopyInto(out) return out } - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetRef) DeepCopyInto(out *PinnedImageSetRef) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetRef. -func (in *PinnedImageSetRef) DeepCopy() *PinnedImageSetRef { - if in == nil { - return nil - } - out := new(PinnedImageSetRef) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml index a10144da5a..39d2ae4d90 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml @@ -1,26 +1,3 @@ -containerruntimeconfigs.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1453 - CRDName: containerruntimeconfigs.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: ContainerRuntimeConfig - Labels: - openshift.io/operator-managed: "" - PluralName: containerruntimeconfigs - PrinterColumns: [] - Scope: Cluster - ShortNames: - - ctrcfg - TopLevelFeatureGates: [] - Version: v1 - controllerconfigs.machineconfiguration.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/1453 @@ -32,9 +9,6 @@ controllerconfigs.machineconfiguration.openshift.io: - GCPClusterHostedDNS - GCPLabelsTags - VSphereControlPlaneMachineSet - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" GroupName: machineconfiguration.openshift.io HasStatus: true KindName: ControllerConfig @@ -43,126 +17,8 @@ controllerconfigs.machineconfiguration.openshift.io: PluralName: controllerconfigs PrinterColumns: [] Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -kubeletconfigs.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1453 - CRDName: kubeletconfigs.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: KubeletConfig - Labels: - openshift.io/operator-managed: "" - PluralName: kubeletconfigs - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -machineconfigs.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1453 - CRDName: machineconfigs.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: false - KindName: MachineConfig - Labels: - openshift.io/operator-managed: "" - PluralName: machineconfigs - PrinterColumns: - - description: Version of the controller that generated the machineconfig. This - will be empty if the machineconfig is not managed by a controller. - jsonPath: .metadata.annotations.machineconfiguration\.openshift\.io/generated-by-controller-version - name: GeneratedByController - type: string - - description: Version of the Ignition Config defined in the machineconfig. - jsonPath: .spec.config.ignition.version - name: IgnitionVersion - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - Scope: Cluster - ShortNames: - - mc - TopLevelFeatureGates: [] - Version: v1 - -machineconfigpools.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1453 - CRDName: machineconfigpools.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: - - PinnedImages - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: MachineConfigPool - Labels: - openshift.io/operator-managed: "" - PluralName: machineconfigpools - PrinterColumns: - - jsonPath: .status.configuration.name - name: Config - type: string - - description: When all the machines in the pool are updated to the correct machine - config. - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - description: When at least one of machine is not either not updated or is in the - process of updating to the desired machine config. - jsonPath: .status.conditions[?(@.type=="Updating")].status - name: Updating - type: string - - description: When progress is blocked on updating one or more nodes or the pool - configuration is failing. - jsonPath: .status.conditions[?(@.type=="Degraded")].status - name: Degraded - type: string - - description: Total number of machines in the machine config pool - jsonPath: .status.machineCount - name: MachineCount - type: number - - description: Total number of ready machines targeted by the pool - jsonPath: .status.readyMachineCount - name: ReadyMachineCount - type: number - - description: Total number of machines targeted by the pool that have the CurrentMachineConfig - as their config - jsonPath: .status.updatedMachineCount - name: UpdatedMachineCount - type: number - - description: Total number of machines marked degraded (or unreconcilable) - jsonPath: .status.degradedMachineCount - name: DegradedMachineCount - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - Scope: Cluster - ShortNames: - - mcp + ShortName: "" + TargetFilenamePattern: 0000_80_controllerconfigMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go index 8923b78b8b..d1151c23b4 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -279,7 +279,6 @@ var map_MachineConfigPoolSpec = map[string]string{ "paused": "paused specifies whether or not changes to this machine config pool should be stopped. This includes generating new desiredMachineConfig and update of machines.", "maxUnavailable": "maxUnavailable defines either an integer number or percentage of nodes in the pool that can go Unavailable during an update. This includes nodes Unavailable for any reason, including user initiated cordons, failing nodes, etc. The default value is 1.\n\nA value larger than 1 will mean multiple nodes going unavailable during the update, which may affect your workload stress on the remaining nodes. You cannot set this value to 0 to stop updates (it will default back to 1); to stop updates, use the 'paused' property instead. Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if maxUnavailable is greater than one.", "configuration": "The targeted MachineConfig object for the machine config pool.", - "pinnedImageSets": "pinnedImageSets specifies a sequence of PinnedImageSetRef objects for the pool. Nodes within this pool will preload and pin images defined in the PinnedImageSet. Before pulling images the MachineConfigDaemon will ensure the total uncompressed size of all the images does not exceed available resources. If the total size of the images exceeds the available resources the controller will report a Degraded status to the MachineConfigPool and not attempt to pull any images. Also to help ensure the kubelet can mitigate storage risk, the pinned_image configuration and subsequent service reload will happen only after all of the images have been pulled for each set. Images from multiple PinnedImageSets are loaded and pinned sequentially as listed. Duplicate and existing images will be skipped.\n\nAny failure to prefetch or pin images will result in a Degraded pool. Resolving these failures is the responsibility of the user. The admin should be proactive in ensuring adequate storage and proper image authentication exists in advance.", } func (MachineConfigPoolSpec) SwaggerDoc() map[string]string { @@ -336,12 +335,4 @@ func (NetworkInfo) SwaggerDoc() map[string]string { return map_NetworkInfo } -var map_PinnedImageSetRef = map[string]string{ - "name": "name is a reference to the name of a PinnedImageSet. Must adhere to RFC-1123 (https://tools.ietf.org/html/rfc1123). Made up of one of more period-separated (.) segments, where each segment consists of alphanumeric characters and hyphens (-), must begin and end with an alphanumeric character, and is at most 63 characters in length. The total length of the name must not exceed 253 characters.", -} - -func (PinnedImageSetRef) SwaggerDoc() map[string]string { - return map_PinnedImageSetRef -} - // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/0000_80_machineconfignode-CustomNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1alpha1/0000_80_machineconfignode-CustomNoUpgrade.crd.yaml diff --git a/install/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/0000_80_machineconfignode-TechPreviewNoUpgrade.crd.yaml similarity index 100% rename from install/0000_80_machine-config_01_machineconfignode-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/machineconfiguration/v1alpha1/0000_80_machineconfignode-TechPreviewNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.machineconfignode.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.machineconfignode.testsuite.yaml index 744bb942cb..3b12d072af 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.machineconfignode.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.machineconfignode.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Custom] MachineConfigNode" -crd: 0000_80_machine-config_01_machineconfignodes-CustomNoUpgrade.crd.yaml +crd: 0000_80_machineconfignode-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfigNode diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.pinnedimageset.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.pinnedimageset.testsuite.yaml deleted file mode 100644 index 43917d9e27..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/custom.pinnedimageset.testsuite.yaml +++ /dev/null @@ -1,98 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Custom] PinnedImageSet" -crd: 0000_80_machine-config_01_pinnedimagesets-CustomNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal PinnedImageSet - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "example.io/my-project/image-v1.0_23@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306" - - name: "example.com:5000/project/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "example.com/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "my-registry.local/project/my-image@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - expected: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "example.io/my-project/image-v1.0_23@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306" - - name: "example.com:5000/project/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "example.com/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "my-registry.local/project/my-image@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: Invalid image referenced by tag - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "example.io/my-project/image-v1.0_23:latest" - expectedError: "Invalid value: \"string\": the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" - - name: Invalid empty image - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "" - expectedError: "Invalid value: \"\": spec.pinnedImages[0].name in body should be at least 1 chars long" - - name: Should reject a malformed SHA256 digest - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-bad-digest length - spec: - pinnedImages: - - name: "example.io/bad-digest/image@sha256:12345" - expectedError: "Invalid value: \"string\": the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" - - name: Should accept multiple images with different registries and namespaces - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-multiple-registries - spec: - pinnedImages: - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: "quay.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - expected: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-multiple-registries - spec: - pinnedImages: - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: "quay.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: Should reject images without a registry specified - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-no-registry - spec: - pinnedImages: - - name: "my-project/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - expectedError: "Invalid value: \"string\": the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme" - - name: Should reject duplicate images - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-duplicates - spec: - pinnedImages: - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - expectedError: "Duplicate value: map[string]interface {}{\"name\":\"docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef\"}" diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go index c60f521f94..b18dfac66e 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go @@ -26,8 +26,6 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(GroupVersion, &MachineConfigNode{}, &MachineConfigNodeList{}, - &PinnedImageSet{}, - &PinnedImageSetList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.machineconfignode.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.machineconfignode.testsuite.yaml index 66c386133a..eec4192e2e 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.machineconfignode.testsuite.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.machineconfignode.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreview] MachineConfigNode" -crd: 0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml +crd: 0000_80_machineconfignode-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfigNode diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.pinnedimageset.testsuite.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.pinnedimageset.testsuite.yaml deleted file mode 100644 index 41ef4e31f2..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/techpreview.pinnedimageset.testsuite.yaml +++ /dev/null @@ -1,98 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[TechPreview] PinnedImageSet" -crd: 0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create a minimal PinnedImageSet - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "example.io/my-project/image-v1.0_23@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306" - - name: "example.com:5000/project/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "example.com/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "my-registry.local/project/my-image@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - expected: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "example.io/my-project/image-v1.0_23@sha256:2c3ea52ac3a41c6d58e85977c3149413e3fa4b70eb2397426456863adbf43306" - - name: "example.com:5000/project/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "example.com/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - - name: "my-registry.local/project/my-image@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: Invalid image referenced by tag - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "example.io/my-project/image-v1.0_23:latest" - expectedError: "Invalid value: \"string\": the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" - - name: Invalid empty image - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset - spec: - pinnedImages: - - name: "" - expectedError: "Invalid value: \"\": spec.pinnedImages[0].name in body should be at least 1 chars long" - - name: Should reject a malformed SHA256 digest - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-bad-digest length - spec: - pinnedImages: - - name: "example.io/bad-digest/image@sha256:12345" - expectedError: "Invalid value: \"string\": the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" - - name: Should accept multiple images with different registries and namespaces - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-multiple-registries - spec: - pinnedImages: - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: "quay.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - expected: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-multiple-registries - spec: - pinnedImages: - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: "quay.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: Should reject images without a registry specified - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-no-registry - spec: - pinnedImages: - - name: "my-project/image@sha256:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" - expectedError: "Invalid value: \"string\": the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme" - - name: Should reject duplicate images - initial: | - apiVersion: machineconfiguration.openshift.io/v1alpha1 - kind: PinnedImageSet - metadata: - name: test-pinnedimageset-duplicates - spec: - pinnedImages: - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - - name: "docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" - expectedError: "Duplicate value: map[string]interface {}{\"name\":\"docker.io/project/name@sha256:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef\"}" \ No newline at end of file diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go index b2d3cbab9a..0ef7a9ce0d 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=machineconfignodes,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1596 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 +// +openshift:file-pattern=0000_80_machineconfignodeMARKERS.crd.yaml // +openshift:enable:FeatureGate=MachineConfigNodes // +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status // +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go deleted file mode 100644 index 2718d98deb..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go +++ /dev/null @@ -1,96 +0,0 @@ -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=pinnedimagesets,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1713 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=PinnedImages -// +kubebuilder:metadata:labels=openshift.io/operator-managed= - -// PinnedImageSet describes a set of images that should be pinned by CRI-O and -// pulled to the nodes which are members of the declared MachineConfigPools. -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type PinnedImageSet struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec describes the configuration of this pinned image set. - // +kubebuilder:validation:Required - Spec PinnedImageSetSpec `json:"spec"` - - // status describes the last observed state of this pinned image set. - // +optional - Status PinnedImageSetStatus `json:"status"` -} - -// PinnedImageSetStatus describes the current state of a PinnedImageSet. -type PinnedImageSetStatus struct { - // conditions represent the observations of a pinned image set's current state. - // +patchMergeKey=type - // +patchStrategy=merge - // +listType=map - // +listMapKey=type - Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -// PinnedImageSetSpec defines the desired state of a PinnedImageSet. -type PinnedImageSetSpec struct { - // pinnedImages is a list of OCI Image referenced by digest that should be - // pinned and pre-loaded by the nodes of a MachineConfigPool. - // Translates into a new file inside the /etc/crio/crio.conf.d directory - // with content similar to this: - // - // pinned_images = [ - // "quay.io/openshift-release-dev/ocp-release@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // ... - // ] - // - // These image references should all be by digest, tags aren't allowed. - // +kubebuilder:validation:Required - // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=500 - // +listType=map - // +listMapKey=name - PinnedImages []PinnedImageRef `json:"pinnedImages"` -} - -type PinnedImageRef struct { - // name is an OCI Image referenced by digest. - // - // The format of the image ref is: - // host[:port][/namespace]/name@sha256: - // +kubebuilder:validation:Required - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=447 - // +kubebuilder:validation:XValidation:rule=`self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')`,message="the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" - // +kubebuilder:validation:XValidation:rule=`self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme" - Name string `json:"name"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PinnedImageSetList is a list of PinnedImageSet resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type PinnedImageSetList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []PinnedImageSet `json:"items"` -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml deleted file mode 100644 index 356d0fc686..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-TechPreviewNoUpgrade.crd.yaml +++ /dev/null @@ -1,282 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1596 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - labels: - openshift.io/operator-managed: "" - name: machineconfignodes.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfigNode - listKind: MachineConfigNodeList - plural: machineconfignodes - singular: machineconfignode - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status - name: UpdatePrepared - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status - name: UpdateExecuted - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status - name: UpdatePostActionComplete - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status - name: UpdateComplete - type: string - - jsonPath: .status.conditions[?(@.type=="Resumed")].status - name: Resumed - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateCompatible")].status - name: UpdateCompatible - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="AppliedFilesAndOS")].status - name: UpdatedFilesAndOS - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Cordoned")].status - name: CordonedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Drained")].status - name: DrainedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="RebootedNode")].status - name: RebootedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="ReloadedCRIO")].status - name: ReloadedCRIO - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Uncordoned")].status - name: UncordonedNode - priority: 1 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'MachineConfigNode describes the health of the Machines on the - system Compatibility level 4: No compatibility is provided, the API can - change at any point for any reason. These capabilities should not be used - by applications needing long term support.' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec describes the configuration of the machine config node. - properties: - configVersion: - description: configVersion holds the desired config version for the - node targeted by this machine config node resource. The desired - version represents the machine config the node will attempt to update - to. This gets set before the machine config operator validates the - new machine config against the current machine config. - properties: - desired: - description: desired is the name of the machine config that the - the node should be upgraded to. This value is set when the machine - config pool generates a new version of its rendered configuration. - When this value is changed, the machine config daemon starts - the node upgrade process. This value gets set in the machine - config node spec once the machine config has been targeted for - upgrade and before it is validated. Must be a lowercase RFC-1123 - hostname (https://tools.ietf.org/html/rfc1123) It may consist - of only alphanumeric characters, hyphens (-) and periods (.) - and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - desired - type: object - node: - description: node contains a reference to the node for this machine - config node. - properties: - name: - description: name is the object name. Must be a lowercase RFC-1123 - hostname (https://tools.ietf.org/html/rfc1123) It may consist - of only alphanumeric characters, hyphens (-) and periods (.) - and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - name - type: object - pool: - description: pool contains a reference to the machine config pool - that this machine config node's referenced node belongs to. - properties: - name: - description: name is the object name. Must be a lowercase RFC-1123 - hostname (https://tools.ietf.org/html/rfc1123) It may consist - of only alphanumeric characters, hyphens (-) and periods (.) - and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - name - type: object - required: - - configVersion - - node - - pool - type: object - status: - description: status describes the last observed state of this machine - config node. - properties: - conditions: - description: conditions represent the observations of a machine config - node's current state. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - configVersion: - description: configVersion describes the current and desired machine - config for this node. The current version represents the current - machine config for the node and is updated after a successful update. - The desired version represents the machine config the node will - attempt to update to. This desired machine config has been compared - to the current machine config and has been validated by the machine - config operator as one that is valid and that exists. - properties: - current: - description: current is the name of the machine config currently - in use on the node. This value is updated once the machine config - daemon has completed the update of the configuration for the - node. This value should match the desired version unless an - upgrade is in progress. Must be a lowercase RFC-1123 hostname - (https://tools.ietf.org/html/rfc1123) It may consist of only - alphanumeric characters, hyphens (-) and periods (.) and must - be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - desired: - description: desired is the MachineConfig the node wants to upgrade - to. This value gets set in the machine config node status once - the machine config has been validated against the current machine - config. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) - It may consist of only alphanumeric characters, hyphens (-) - and periods (.) and must be at most 253 characters in length. - maxLength: 253 - pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ - type: string - required: - - desired - type: object - observedGeneration: - description: observedGeneration represents the generation observed - by the controller. This field is updated when the controller observes - a change to the desiredConfig in the configVersion of the machine - config node spec. - format: int64 - type: integer - required: - - configVersion - type: object - required: - - spec - type: object - x-kubernetes-validations: - - message: spec.node.name should match metadata.name - rule: self.metadata.name == self.spec.node.name - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/doc.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/doc.go deleted file mode 100644 index b190f01fcb..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/doc.go +++ /dev/null @@ -1 +0,0 @@ -package machineconfiguration_v1alpha1_crdmanifests diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go index 183e0f30d9..d2ab9b91af 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go @@ -161,124 +161,3 @@ func (in *MachineConfigNodeStatusMachineConfigVersion) DeepCopy() *MachineConfig in.DeepCopyInto(out) return out } - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageRef) DeepCopyInto(out *PinnedImageRef) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageRef. -func (in *PinnedImageRef) DeepCopy() *PinnedImageRef { - if in == nil { - return nil - } - out := new(PinnedImageRef) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSet) DeepCopyInto(out *PinnedImageSet) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSet. -func (in *PinnedImageSet) DeepCopy() *PinnedImageSet { - if in == nil { - return nil - } - out := new(PinnedImageSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PinnedImageSet) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetList) DeepCopyInto(out *PinnedImageSetList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PinnedImageSet, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetList. -func (in *PinnedImageSetList) DeepCopy() *PinnedImageSetList { - if in == nil { - return nil - } - out := new(PinnedImageSetList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PinnedImageSetList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetSpec) DeepCopyInto(out *PinnedImageSetSpec) { - *out = *in - if in.PinnedImages != nil { - in, out := &in.PinnedImages, &out.PinnedImages - *out = make([]PinnedImageRef, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetSpec. -func (in *PinnedImageSetSpec) DeepCopy() *PinnedImageSetSpec { - if in == nil { - return nil - } - out := new(PinnedImageSetSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetStatus) DeepCopyInto(out *PinnedImageSetStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetStatus. -func (in *PinnedImageSetStatus) DeepCopy() *PinnedImageSetStatus { - if in == nil { - return nil - } - out := new(PinnedImageSetStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 4ee4b94416..dff676e7b6 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -6,9 +6,6 @@ machineconfignodes.machineconfiguration.openshift.io: Category: "" FeatureGates: - MachineConfigNodes - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" GroupName: machineconfiguration.openshift.io HasStatus: true KindName: MachineConfigNode @@ -63,32 +60,9 @@ machineconfignodes.machineconfiguration.openshift.io: priority: 1 type: string Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_80_machineconfignodeMARKERS.crd.yaml TopLevelFeatureGates: - MachineConfigNodes Version: v1alpha1 -pinnedimagesets.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1713 - CRDName: pinnedimagesets.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: - - PinnedImages - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: PinnedImageSet - Labels: - openshift.io/operator-managed: "" - PluralName: pinnedimagesets - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - PinnedImages - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go index e7e8c165cc..0044c9c4b6 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go @@ -79,49 +79,4 @@ func (MachineConfigNodeStatusMachineConfigVersion) SwaggerDoc() map[string]strin return map_MachineConfigNodeStatusMachineConfigVersion } -var map_PinnedImageRef = map[string]string{ - "name": "name is an OCI Image referenced by digest.\n\nThe format of the image ref is: host[:port][/namespace]/name@sha256:", -} - -func (PinnedImageRef) SwaggerDoc() map[string]string { - return map_PinnedImageRef -} - -var map_PinnedImageSet = map[string]string{ - "": "PinnedImageSet describes a set of images that should be pinned by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "spec": "spec describes the configuration of this pinned image set.", - "status": "status describes the last observed state of this pinned image set.", -} - -func (PinnedImageSet) SwaggerDoc() map[string]string { - return map_PinnedImageSet -} - -var map_PinnedImageSetList = map[string]string{ - "": "PinnedImageSetList is a list of PinnedImageSet resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (PinnedImageSetList) SwaggerDoc() map[string]string { - return map_PinnedImageSetList -} - -var map_PinnedImageSetSpec = map[string]string{ - "": "PinnedImageSetSpec defines the desired state of a PinnedImageSet.", - "pinnedImages": "pinnedImages is a list of OCI Image referenced by digest that should be pinned and pre-loaded by the nodes of a MachineConfigPool. Translates into a new file inside the /etc/crio/crio.conf.d directory with content similar to this:\n\n pinned_images = [\n \"quay.io/openshift-release-dev/ocp-release@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n ...\n ]\n\nThese image references should all be by digest, tags aren't allowed.", -} - -func (PinnedImageSetSpec) SwaggerDoc() map[string]string { - return map_PinnedImageSetSpec -} - -var map_PinnedImageSetStatus = map[string]string{ - "": "PinnedImageSetStatus describes the current state of a PinnedImageSet.", - "conditions": "conditions represent the observations of a pinned image set's current state.", -} - -func (PinnedImageSetStatus) SwaggerDoc() map[string]string { - return map_PinnedImageSetStatus -} - // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_01_alertingrules-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_01_alertingrules-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..ea2b74ff80 --- /dev/null +++ b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_01_alertingrules-CustomNoUpgrade.crd.yaml @@ -0,0 +1,203 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1179 + api.openshift.io/merged-by-featuregates: "true" + description: OpenShift Monitoring alerting rules + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: alertingrules.monitoring.openshift.io +spec: + group: monitoring.openshift.io + names: + kind: AlertingRule + listKind: AlertingRuleList + plural: alertingrules + singular: alertingrule + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "AlertingRule represents a set of user-defined Prometheus rule + groups containing alerting rules. This resource is the supported method + for cluster admins to create alerts based on metrics recorded by the platform + monitoring stack in OpenShift, i.e. the Prometheus instance deployed to + the openshift-monitoring namespace. You might use this to create custom + alerting rules not shipped with OpenShift based on metrics from components + such as the node_exporter, which provides machine-level metrics such as + CPU usage, or kube-state-metrics, which provides metrics on Kubernetes usage. + \n The API is mostly compatible with the upstream PrometheusRule type from + the prometheus-operator. The primary difference being that recording rules + are not allowed here -- only alerting rules. For each AlertingRule resource + created, a corresponding PrometheusRule will be created in the openshift-monitoring + namespace. OpenShift requires admins to use the AlertingRule resource rather + than the upstream type in order to allow better OpenShift specific defaulting + and validation, while not modifying the upstream APIs directly. \n You can + find upstream API documentation for PrometheusRule resources here: \n https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md + \n Compatibility level 4: No compatibility is provided, the API can change + at any point for any reason. These capabilities should not be used by applications + needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec describes the desired state of this AlertingRule object. + properties: + groups: + description: "groups is a list of grouped alerting rules. Rule groups + are the unit at which Prometheus parallelizes rule processing. All + rules in a single group share a configured evaluation interval. + \ All rules in the group will be processed together on this interval, + sequentially, and all rules will be processed. \n It's common to + group related alerting rules into a single AlertingRule resources, + and within that resource, closely related alerts, or simply alerts + with the same interval, into individual groups. You are also free + to create AlertingRule resources with only a single rule group, + but be aware that this can have a performance impact on Prometheus + if the group is extremely large or has very complex query expressions + to evaluate. Spreading very complex rules across multiple groups + to allow them to be processed in parallel is also a common use-case." + items: + description: RuleGroup is a list of sequentially evaluated alerting + rules. + properties: + interval: + description: "interval is how often rules in the group are evaluated. + \ If not specified, it defaults to the global.evaluation_interval + configured in Prometheus, which itself defaults to 30 seconds. + \ You can check if this value has been modified from the default + on your cluster by inspecting the platform Prometheus configuration: + \n $ oc -n openshift-monitoring describe prometheus k8s \n + The relevant field in that resource is: spec.evaluationInterval + \n This is represented as a Prometheus duration, e.g. 1d, + 1h30m, 5m, 10s. You can find the upstream documentation here: + \n https://prometheus.io/docs/prometheus/latest/configuration/configuration/#duration" + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + name: + description: name is the name of the group. + type: string + rules: + description: rules is a list of sequentially evaluated alerting + rules. Prometheus may process rule groups in parallel, but + rules within a single group are always processed sequentially, + and all rules are processed. + items: + description: 'Rule describes an alerting rule. See Prometheus + documentation: - https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules' + properties: + alert: + description: alert is the name of the alert. Must be a + valid label value, i.e. only contain ASCII letters, + numbers, and underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + annotations: + additionalProperties: + type: string + description: "annotations to add to each alert. These + are values that can be used to store longer additional + information that you won't query on, such as alert descriptions + or runbook links, e.g.: \n annotations: summary: HAProxy + reload failure description: | This alert fires when + HAProxy fails to reload its configuration, which will + result in the router not picking up recently created + or modified routes." + type: object + expr: + anyOf: + - type: integer + - type: string + description: "expr is the PromQL expression to evaluate. + Every evaluation cycle this is evaluated at the current + time, and all resultant time series become pending or + firing alerts. This is most often a string representing + a PromQL expression, e.g.: \n mapi_current_pending_csr + > mapi_max_pending_csr \n In rare cases this could be + a simple integer, e.g. a simple \"1\" if the intent + is to create an alert that is always firing. This is + sometimes used to create an always-firing \"Watchdog\" + alert in order to ensure the alerting pipeline is functional." + x-kubernetes-int-or-string: true + for: + description: 'for is the time period after which alerts + are considered firing after first returning results. Alerts + which have not yet fired for long enough are considered + pending. This is represented as a Prometheus duration, + for details on the format see: - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#duration' + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + labels: + additionalProperties: + type: string + description: "labels to add or overwrite for each alert. + \ The results of the PromQL expression for the alert + will result in an existing set of labels for the alert, + after evaluating the expression, for any label specified + here with the same name as a label in that set, the + label here wins and overwrites the previous value. These + should typically be short identifying values that may + be useful to query against. A common example is the + alert severity: \n labels: severity: warning" + type: object + required: + - alert + - expr + type: object + minItems: 1 + type: array + required: + - name + - rules + type: object + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - groups + type: object + status: + description: status describes the current state of this AlertOverrides + object. + properties: + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with. + format: int64 + type: integer + prometheusRule: + description: prometheusRule is the generated PrometheusRule for this + AlertingRule. Each AlertingRule instance results in a generated + PrometheusRule object in the same namespace, which is always the + openshift-monitoring namespace. + properties: + name: + description: name of the referenced PrometheusRule. + type: string + required: + - name + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_01_alertingrules-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_01_alertingrules-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..cf31a9c3ce --- /dev/null +++ b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_01_alertingrules-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,203 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1179 + api.openshift.io/merged-by-featuregates: "true" + description: OpenShift Monitoring alerting rules + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: alertingrules.monitoring.openshift.io +spec: + group: monitoring.openshift.io + names: + kind: AlertingRule + listKind: AlertingRuleList + plural: alertingrules + singular: alertingrule + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "AlertingRule represents a set of user-defined Prometheus rule + groups containing alerting rules. This resource is the supported method + for cluster admins to create alerts based on metrics recorded by the platform + monitoring stack in OpenShift, i.e. the Prometheus instance deployed to + the openshift-monitoring namespace. You might use this to create custom + alerting rules not shipped with OpenShift based on metrics from components + such as the node_exporter, which provides machine-level metrics such as + CPU usage, or kube-state-metrics, which provides metrics on Kubernetes usage. + \n The API is mostly compatible with the upstream PrometheusRule type from + the prometheus-operator. The primary difference being that recording rules + are not allowed here -- only alerting rules. For each AlertingRule resource + created, a corresponding PrometheusRule will be created in the openshift-monitoring + namespace. OpenShift requires admins to use the AlertingRule resource rather + than the upstream type in order to allow better OpenShift specific defaulting + and validation, while not modifying the upstream APIs directly. \n You can + find upstream API documentation for PrometheusRule resources here: \n https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md + \n Compatibility level 4: No compatibility is provided, the API can change + at any point for any reason. These capabilities should not be used by applications + needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec describes the desired state of this AlertingRule object. + properties: + groups: + description: "groups is a list of grouped alerting rules. Rule groups + are the unit at which Prometheus parallelizes rule processing. All + rules in a single group share a configured evaluation interval. + \ All rules in the group will be processed together on this interval, + sequentially, and all rules will be processed. \n It's common to + group related alerting rules into a single AlertingRule resources, + and within that resource, closely related alerts, or simply alerts + with the same interval, into individual groups. You are also free + to create AlertingRule resources with only a single rule group, + but be aware that this can have a performance impact on Prometheus + if the group is extremely large or has very complex query expressions + to evaluate. Spreading very complex rules across multiple groups + to allow them to be processed in parallel is also a common use-case." + items: + description: RuleGroup is a list of sequentially evaluated alerting + rules. + properties: + interval: + description: "interval is how often rules in the group are evaluated. + \ If not specified, it defaults to the global.evaluation_interval + configured in Prometheus, which itself defaults to 30 seconds. + \ You can check if this value has been modified from the default + on your cluster by inspecting the platform Prometheus configuration: + \n $ oc -n openshift-monitoring describe prometheus k8s \n + The relevant field in that resource is: spec.evaluationInterval + \n This is represented as a Prometheus duration, e.g. 1d, + 1h30m, 5m, 10s. You can find the upstream documentation here: + \n https://prometheus.io/docs/prometheus/latest/configuration/configuration/#duration" + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + name: + description: name is the name of the group. + type: string + rules: + description: rules is a list of sequentially evaluated alerting + rules. Prometheus may process rule groups in parallel, but + rules within a single group are always processed sequentially, + and all rules are processed. + items: + description: 'Rule describes an alerting rule. See Prometheus + documentation: - https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules' + properties: + alert: + description: alert is the name of the alert. Must be a + valid label value, i.e. only contain ASCII letters, + numbers, and underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + annotations: + additionalProperties: + type: string + description: "annotations to add to each alert. These + are values that can be used to store longer additional + information that you won't query on, such as alert descriptions + or runbook links, e.g.: \n annotations: summary: HAProxy + reload failure description: | This alert fires when + HAProxy fails to reload its configuration, which will + result in the router not picking up recently created + or modified routes." + type: object + expr: + anyOf: + - type: integer + - type: string + description: "expr is the PromQL expression to evaluate. + Every evaluation cycle this is evaluated at the current + time, and all resultant time series become pending or + firing alerts. This is most often a string representing + a PromQL expression, e.g.: \n mapi_current_pending_csr + > mapi_max_pending_csr \n In rare cases this could be + a simple integer, e.g. a simple \"1\" if the intent + is to create an alert that is always firing. This is + sometimes used to create an always-firing \"Watchdog\" + alert in order to ensure the alerting pipeline is functional." + x-kubernetes-int-or-string: true + for: + description: 'for is the time period after which alerts + are considered firing after first returning results. Alerts + which have not yet fired for long enough are considered + pending. This is represented as a Prometheus duration, + for details on the format see: - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#duration' + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + labels: + additionalProperties: + type: string + description: "labels to add or overwrite for each alert. + \ The results of the PromQL expression for the alert + will result in an existing set of labels for the alert, + after evaluating the expression, for any label specified + here with the same name as a label in that set, the + label here wins and overwrites the previous value. These + should typically be short identifying values that may + be useful to query against. A common example is the + alert severity: \n labels: severity: warning" + type: object + required: + - alert + - expr + type: object + minItems: 1 + type: array + required: + - name + - rules + type: object + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - groups + type: object + status: + description: status describes the current state of this AlertOverrides + object. + properties: + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with. + format: int64 + type: integer + prometheusRule: + description: prometheusRule is the generated PrometheusRule for this + AlertingRule. Each AlertingRule instance results in a generated + PrometheusRule object in the same namespace, which is always the + openshift-monitoring namespace. + properties: + name: + description: name of the referenced PrometheusRule. + type: string + required: + - name + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_02_alertrelabelconfigs-CustomNoUpgrade.crd.yaml similarity index 59% rename from manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_02_alertrelabelconfigs-CustomNoUpgrade.crd.yaml index 75e7146102..0157c57d9a 100644 --- a/manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_02_alertrelabelconfigs-CustomNoUpgrade.crd.yaml @@ -2,29 +2,27 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1713 + api-approved.openshift.io: https://github.com/openshift/api/pull/1179 api.openshift.io/merged-by-featuregates: "true" + description: OpenShift Monitoring alert relabel configurations include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - labels: - openshift.io/operator-managed: "" - name: pinnedimagesets.machineconfiguration.openshift.io + release.openshift.io/feature-set: CustomNoUpgrade + name: alertrelabelconfigs.monitoring.openshift.io spec: - group: machineconfiguration.openshift.io + group: monitoring.openshift.io names: - kind: PinnedImageSet - listKind: PinnedImageSetList - plural: pinnedimagesets - singular: pinnedimageset - scope: Cluster + kind: AlertRelabelConfig + listKind: AlertRelabelConfigList + plural: alertrelabelconfigs + singular: alertrelabelconfig + scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: - description: "PinnedImageSet describes a set of images that should be pinned - by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools. + description: "AlertRelabelConfig defines a set of relabel configs for alerts. \n Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support." @@ -42,50 +40,82 @@ spec: metadata: type: object spec: - description: spec describes the configuration of this pinned image set. + description: spec describes the desired state of this AlertRelabelConfig + object. properties: - pinnedImages: - description: "pinnedImages is a list of OCI Image referenced by digest - that should be pinned and pre-loaded by the nodes of a MachineConfigPool. - Translates into a new file inside the /etc/crio/crio.conf.d directory - with content similar to this: \n pinned_images = [ \"quay.io/openshift-release-dev/ocp-release@sha256:...\", - \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", - ... ] \n These image references should all be by digest, tags aren't - allowed." + configs: + description: configs is a list of sequentially evaluated alert relabel + configs. items: + description: 'RelabelConfig allows dynamic rewriting of label sets + for alerts. See Prometheus documentation: - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs + - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' properties: - name: - description: "name is an OCI Image referenced by digest. \n - The format of the image ref is: host[:port][/namespace]/name@sha256:" - maxLength: 447 - minLength: 1 + action: + default: Replace + description: 'action to perform based on regex matching. Must + be one of: Replace, Keep, Drop, HashMod, LabelMap, LabelDrop, + or LabelKeep. Default is: ''Replace''' + enum: + - Replace + - Keep + - Drop + - HashMod + - LabelMap + - LabelDrop + - LabelKeep + type: string + modulus: + description: modulus to take of the hash of the source label + values. This can be combined with the 'HashMod' action to + set 'target_label' to the 'modulus' of a hash of the concatenated + 'source_labels'. + format: int64 + type: integer + regex: + description: 'regex against which the extracted value is matched. + Default is: ''(.*)''' + type: string + replacement: + description: 'replacement value against which a regex replace + is performed if the regular expression matches. This is required + if the action is ''Replace'' or ''LabelMap''. Regex capture + groups are available. Default is: ''$1''' + type: string + separator: + description: separator placed between concatenated source label + values. When omitted, Prometheus will use its default value + of ';'. + type: string + sourceLabels: + description: sourceLabels select values from existing labels. + Their content is concatenated using the configured separator + and matched against the configured regular expression for + the Replace, Keep, and Drop actions. + items: + description: LabelName is a valid Prometheus label name which + may only contain ASCII letters, numbers, and underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: targetLabel to which the resulting value is written + in a 'Replace' action. It is mandatory for 'Replace' and 'HashMod' + actions. Regex capture groups are available. type: string - x-kubernetes-validations: - - message: the OCI Image reference must end with a valid '@sha256:' - suffix, where '' is 64 characters long - rule: self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$') - - message: the OCI Image name should follow the host[:port][/namespace]/name - format, resembling a valid URL without the scheme - rule: self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$') - required: - - name type: object - maxItems: 500 minItems: 1 type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map required: - - pinnedImages + - configs type: object status: - description: status describes the last observed state of this pinned image - set. + description: status describes the current state of this AlertRelabelConfig + object. properties: conditions: - description: conditions represent the observations of a pinned image - set's current state. + description: conditions contains details on the state of the AlertRelabelConfig, + may be empty. items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct @@ -153,9 +183,6 @@ spec: - type type: object type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map type: object required: - spec diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_02_alertrelabelconfigs-TechPreviewNoUpgrade.crd.yaml similarity index 60% rename from vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_02_alertrelabelconfigs-TechPreviewNoUpgrade.crd.yaml index 75e7146102..7b3daf749b 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/monitoring/v1alpha1/0000_50_monitoring_02_alertrelabelconfigs-TechPreviewNoUpgrade.crd.yaml @@ -2,29 +2,27 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1713 + api-approved.openshift.io: https://github.com/openshift/api/pull/1179 api.openshift.io/merged-by-featuregates: "true" + description: OpenShift Monitoring alert relabel configurations include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" release.openshift.io/feature-set: TechPreviewNoUpgrade - labels: - openshift.io/operator-managed: "" - name: pinnedimagesets.machineconfiguration.openshift.io + name: alertrelabelconfigs.monitoring.openshift.io spec: - group: machineconfiguration.openshift.io + group: monitoring.openshift.io names: - kind: PinnedImageSet - listKind: PinnedImageSetList - plural: pinnedimagesets - singular: pinnedimageset - scope: Cluster + kind: AlertRelabelConfig + listKind: AlertRelabelConfigList + plural: alertrelabelconfigs + singular: alertrelabelconfig + scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: - description: "PinnedImageSet describes a set of images that should be pinned - by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools. + description: "AlertRelabelConfig defines a set of relabel configs for alerts. \n Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support." @@ -42,50 +40,82 @@ spec: metadata: type: object spec: - description: spec describes the configuration of this pinned image set. + description: spec describes the desired state of this AlertRelabelConfig + object. properties: - pinnedImages: - description: "pinnedImages is a list of OCI Image referenced by digest - that should be pinned and pre-loaded by the nodes of a MachineConfigPool. - Translates into a new file inside the /etc/crio/crio.conf.d directory - with content similar to this: \n pinned_images = [ \"quay.io/openshift-release-dev/ocp-release@sha256:...\", - \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", - ... ] \n These image references should all be by digest, tags aren't - allowed." + configs: + description: configs is a list of sequentially evaluated alert relabel + configs. items: + description: 'RelabelConfig allows dynamic rewriting of label sets + for alerts. See Prometheus documentation: - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs + - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' properties: - name: - description: "name is an OCI Image referenced by digest. \n - The format of the image ref is: host[:port][/namespace]/name@sha256:" - maxLength: 447 - minLength: 1 + action: + default: Replace + description: 'action to perform based on regex matching. Must + be one of: Replace, Keep, Drop, HashMod, LabelMap, LabelDrop, + or LabelKeep. Default is: ''Replace''' + enum: + - Replace + - Keep + - Drop + - HashMod + - LabelMap + - LabelDrop + - LabelKeep + type: string + modulus: + description: modulus to take of the hash of the source label + values. This can be combined with the 'HashMod' action to + set 'target_label' to the 'modulus' of a hash of the concatenated + 'source_labels'. + format: int64 + type: integer + regex: + description: 'regex against which the extracted value is matched. + Default is: ''(.*)''' + type: string + replacement: + description: 'replacement value against which a regex replace + is performed if the regular expression matches. This is required + if the action is ''Replace'' or ''LabelMap''. Regex capture + groups are available. Default is: ''$1''' + type: string + separator: + description: separator placed between concatenated source label + values. When omitted, Prometheus will use its default value + of ';'. + type: string + sourceLabels: + description: sourceLabels select values from existing labels. + Their content is concatenated using the configured separator + and matched against the configured regular expression for + the Replace, Keep, and Drop actions. + items: + description: LabelName is a valid Prometheus label name which + may only contain ASCII letters, numbers, and underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: targetLabel to which the resulting value is written + in a 'Replace' action. It is mandatory for 'Replace' and 'HashMod' + actions. Regex capture groups are available. type: string - x-kubernetes-validations: - - message: the OCI Image reference must end with a valid '@sha256:' - suffix, where '' is 64 characters long - rule: self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$') - - message: the OCI Image name should follow the host[:port][/namespace]/name - format, resembling a valid URL without the scheme - rule: self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$') - required: - - name type: object - maxItems: 500 minItems: 1 type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map required: - - pinnedImages + - configs type: object status: - description: status describes the last observed state of this pinned image - set. + description: status describes the current state of this AlertRelabelConfig + object. properties: conditions: - description: conditions represent the observations of a pinned image - set's current state. + description: conditions contains details on the state of the AlertRelabelConfig, + may be empty. items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct @@ -153,9 +183,6 @@ spec: - type type: object type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map type: object required: - spec diff --git a/vendor/github.com/openshift/api/monitoring/v1alpha1/types.go b/vendor/github.com/openshift/api/monitoring/v1alpha1/types.go index d2776037e6..4c47f268ad 100644 --- a/vendor/github.com/openshift/api/monitoring/v1alpha1/types.go +++ b/vendor/github.com/openshift/api/monitoring/v1alpha1/types.go @@ -35,7 +35,7 @@ import ( // +kubebuilder:resource:path=alertingrules,scope=Namespaced // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1179 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=monitoring,operatorOrdering=01 +// +openshift:file-pattern=0000_50_monitoring_01_alertingrulesMARKERS.crd.yaml // +openshift:enable:FeatureGate=AlertingRules // +kubebuilder:metadata:annotations="description=OpenShift Monitoring alerting rules" type AlertingRule struct { @@ -240,7 +240,7 @@ type PrometheusRuleRef struct { // +kubebuilder:resource:path=alertrelabelconfigs,scope=Namespaced // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1179 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=monitoring,operatorOrdering=02 +// +openshift:file-pattern=0000_50_monitoring_02_alertrelabelconfigsMARKERS.crd.yaml // +openshift:enable:FeatureGate=AlertingRules // +kubebuilder:metadata:annotations="description=OpenShift Monitoring alert relabel configurations" type AlertRelabelConfig struct { diff --git a/vendor/github.com/openshift/api/monitoring/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/monitoring/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 2dcb2bc84b..7fd9751e1d 100644 --- a/vendor/github.com/openshift/api/monitoring/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/monitoring/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -7,9 +7,6 @@ alertrelabelconfigs.monitoring.openshift.io: Category: "" FeatureGates: - AlertingRules - FilenameOperatorName: monitoring - FilenameOperatorOrdering: "02" - FilenameRunLevel: "0000_50" GroupName: monitoring.openshift.io HasStatus: true KindName: AlertRelabelConfig @@ -17,7 +14,8 @@ alertrelabelconfigs.monitoring.openshift.io: PluralName: alertrelabelconfigs PrinterColumns: [] Scope: Namespaced - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_monitoring_02_alertrelabelconfigsMARKERS.crd.yaml TopLevelFeatureGates: - AlertingRules Version: v1alpha1 @@ -31,9 +29,6 @@ alertingrules.monitoring.openshift.io: Category: "" FeatureGates: - AlertingRules - FilenameOperatorName: monitoring - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_50" GroupName: monitoring.openshift.io HasStatus: true KindName: AlertingRule @@ -41,7 +36,8 @@ alertingrules.monitoring.openshift.io: PluralName: alertingrules PrinterColumns: [] Scope: Namespaced - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_monitoring_01_alertingrulesMARKERS.crd.yaml TopLevelFeatureGates: - AlertingRules Version: v1alpha1 diff --git a/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml b/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml new file mode 100644 index 0000000000..6cde4de8fa --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1/001-clusternetwork-crd.yaml @@ -0,0 +1,130 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/527 + name: clusternetworks.network.openshift.io +spec: + group: network.openshift.io + names: + kind: ClusterNetwork + listKind: ClusterNetworkList + plural: clusternetworks + singular: clusternetwork + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The primary cluster network CIDR + jsonPath: .network + name: Cluster Network + type: string + - description: The service network CIDR + jsonPath: .serviceNetwork + name: Service Network + type: string + - description: The OpenShift SDN network plug-in in use + jsonPath: .pluginName + name: Plugin Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: "ClusterNetwork describes the cluster network. There is normally + only one object of this type, named \"default\", which is created by the + SDN network plugin based on the master configuration when the cluster is + brought up for the first time. \n Compatibility level 1: Stable within a + major release for a minimum of 12 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + clusterNetworks: + description: ClusterNetworks is a list of ClusterNetwork objects that + defines the global overlay network's L3 space by specifying a set of + CIDR and netmasks that the SDN can allocate addresses from. + items: + description: ClusterNetworkEntry defines an individual cluster network. + The CIDRs cannot overlap with other cluster network CIDRs, CIDRs reserved + for external ips, CIDRs reserved for service networks, and CIDRs reserved + for ingress ips. + properties: + CIDR: + description: CIDR defines the total range of a cluster networks + address space. + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + type: string + hostSubnetLength: + description: HostSubnetLength is the number of bits of the accompanying + CIDR address to allocate to each node. eg, 8 would mean that each + node would have a /24 slice of the overlay network for its pods. + format: int32 + maximum: 30 + minimum: 2 + type: integer + required: + - CIDR + - hostSubnetLength + type: object + type: array + hostsubnetlength: + description: HostSubnetLength is the number of bits of network to allocate + to each node. eg, 8 would mean that each node would have a /24 slice + of the overlay network for its pods + format: int32 + maximum: 30 + minimum: 2 + type: integer + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + mtu: + description: MTU is the MTU for the overlay network. This should be 50 + less than the MTU of the network connecting the nodes. It is normally + autodetected by the cluster network operator. + format: int32 + maximum: 65536 + minimum: 576 + type: integer + network: + description: Network is a CIDR string specifying the global overlay network's + L3 space + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + type: string + pluginName: + description: PluginName is the name of the network plugin being used + type: string + serviceNetwork: + description: ServiceNetwork is the CIDR range that Service IP addresses + are allocated from + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + type: string + vxlanPort: + description: VXLANPort sets the VXLAN destination port used by the cluster. + It is set by the master configuration file on startup and cannot be + edited manually. Valid values for VXLANPort are integers 1-65535 inclusive + and if unset defaults to 4789. Changing VXLANPort allows users to resolve + issues between openshift SDN and other software trying to use the same + VXLAN destination port. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - clusterNetworks + - serviceNetwork + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml b/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml new file mode 100644 index 0000000000..dc1a80770e --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1/002-hostsubnet-crd.yaml @@ -0,0 +1,107 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/527 + name: hostsubnets.network.openshift.io +spec: + group: network.openshift.io + names: + kind: HostSubnet + listKind: HostSubnetList + plural: hostsubnets + singular: hostsubnet + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The name of the node + jsonPath: .host + name: Host + type: string + - description: The IP address to be used as a VTEP by other nodes in the overlay + network + jsonPath: .hostIP + name: Host IP + type: string + - description: The CIDR range of the overlay network assigned to the node for + its pods + jsonPath: .subnet + name: Subnet + type: string + - description: The network egress CIDRs + jsonPath: .egressCIDRs + name: Egress CIDRs + type: string + - description: The network egress IP addresses + jsonPath: .egressIPs + name: Egress IPs + type: string + name: v1 + schema: + openAPIV3Schema: + description: "HostSubnet describes the container subnet network on a node. + The HostSubnet object must have the same name as the Node object it corresponds + to. \n Compatibility level 1: Stable within a major release for a minimum + of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + egressCIDRs: + description: EgressCIDRs is the list of CIDR ranges available for automatically + assigning egress IPs to this node from. If this field is set then EgressIPs + should be treated as read-only. + items: + description: HostSubnetEgressCIDR represents one egress CIDR from which + to assign IP addresses for this node represented by the HostSubnet + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + type: string + type: array + egressIPs: + description: EgressIPs is the list of automatic egress IP addresses currently + hosted by this node. If EgressCIDRs is empty, this can be set by hand; + if EgressCIDRs is set then the master will overwrite the value here + with its own allocation of egress IPs. + items: + description: HostSubnetEgressIP represents one egress IP address currently + hosted on the node represented by HostSubnet + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ + type: string + type: array + host: + description: Host is the name of the node. (This is the same as the object's + name, but both fields must be set.) + pattern: ^[a-z0-9.-]+$ + type: string + hostIP: + description: HostIP is the IP address to be used as a VTEP by other nodes + in the overlay network + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + subnet: + description: Subnet is the CIDR range of the overlay network assigned + to the node for its pods + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + type: string + required: + - host + - hostIP + - subnet + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml b/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml new file mode 100644 index 0000000000..b279ba0f59 --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1/003-netnamespace-crd.yaml @@ -0,0 +1,81 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/527 + name: netnamespaces.network.openshift.io +spec: + group: network.openshift.io + names: + kind: NetNamespace + listKind: NetNamespaceList + plural: netnamespaces + singular: netnamespace + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The network identifier of the network namespace + jsonPath: .netid + name: NetID + type: integer + - description: The network egress IP addresses + jsonPath: .egressIPs + name: Egress IPs + type: string + name: v1 + schema: + openAPIV3Schema: + description: "NetNamespace describes a single isolated network. When using + the redhat/openshift-ovs-multitenant plugin, every Namespace will have a + corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, + NetNamespaces are not used.) \n Compatibility level 1: Stable within a major + release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + egressIPs: + description: EgressIPs is a list of reserved IPs that will be used as + the source for external traffic coming from pods in this namespace. + (If empty, external traffic will be masqueraded to Node IPs.) + items: + description: NetNamespaceEgressIP is a single egress IP out of a list + of reserved IPs used as source of external traffic coming from pods + in this namespace + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$ + type: string + type: array + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + netid: + description: NetID is the network identifier of the network namespace + assigned to each overlay network packet. This can be manipulated with + the "oc adm pod-network" commands. + format: int32 + maximum: 16777215 + minimum: 0 + type: integer + netname: + description: NetName is the name of the network namespace. (This is the + same as the object's name, but both fields must be set.) + pattern: ^[a-z0-9.-]+$ + type: string + required: + - netid + - netname + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml b/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml new file mode 100644 index 0000000000..0e5a14e805 --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1/004-egressnetworkpolicy-crd.yaml @@ -0,0 +1,90 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/527 + name: egressnetworkpolicies.network.openshift.io +spec: + group: network.openshift.io + names: + kind: EgressNetworkPolicy + listKind: EgressNetworkPolicyList + plural: egressnetworkpolicies + singular: egressnetworkpolicy + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "EgressNetworkPolicy describes the current egress network policy + for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network + plugin, traffic from a pod to an IP address outside the cluster will be + checked against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, + in order. If no rule matches (or no EgressNetworkPolicy is present) then + the traffic will be allowed by default. \n Compatibility level 1: Stable + within a major release for a minimum of 12 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the current egress network policy + properties: + egress: + description: egress contains the list of egress policy rules + items: + description: EgressNetworkPolicyRule contains a single egress network + policy rule + properties: + to: + description: to is the target that traffic is allowed/denied + to + properties: + cidrSelector: + description: CIDRSelector is the CIDR range to allow/deny + traffic to. If this is set, dnsName must be unset Ideally + we would have liked to use the cidr openapi format for + this property. But openshift-sdn only supports v4 while + specifying the cidr format allows both v4 and v6 cidrs + We are therefore using a regex pattern to validate instead. + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$ + type: string + dnsName: + description: DNSName is the domain name to allow/deny traffic + to. If this is set, cidrSelector must be unset + pattern: ^([A-Za-z0-9-]+\.)*[A-Za-z0-9-]+\.?$ + type: string + type: object + type: + description: type marks this as an "Allow" or "Deny" rule + pattern: ^Allow|Deny$ + type: string + required: + - to + - type + type: object + type: array + required: + - egress + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/network/v1/generated.proto b/vendor/github.com/openshift/api/network/v1/generated.proto index b7016bfb25..213de6cf55 100644 --- a/vendor/github.com/openshift/api/network/v1/generated.proto +++ b/vendor/github.com/openshift/api/network/v1/generated.proto @@ -16,13 +16,10 @@ option go_package = "github.com/openshift/api/network/v1"; // when the cluster is brought up for the first time. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusternetworks,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=001 -// +kubebuilder:printcolumn:name="Cluster Network",type=string,JSONPath=.network,description="The primary cluster network CIDR" -// +kubebuilder:printcolumn:name="Service Network",type=string,JSONPath=.serviceNetwork,description="The service network CIDR" -// +kubebuilder:printcolumn:name="Plugin Name",type=string,JSONPath=.pluginName,description="The OpenShift SDN network plug-in in use" +// +kubebuilder:resource:scope="Cluster" +// +kubebuilder:printcolumn:name="Cluster Network",type=string,JSONPath=`.network`,description="The primary cluster network CIDR" +// +kubebuilder:printcolumn:name="Service Network",type=string,JSONPath=`.serviceNetwork`,description="The service network CIDR" +// +kubebuilder:printcolumn:name="Plugin Name",type=string,JSONPath=`.pluginName`,description="The Openshift SDN network plug-in in use" // +openshift:compatibility-gen:level=1 message ClusterNetwork { // metadata is the standard object's metadata. @@ -98,10 +95,6 @@ message ClusterNetworkList { // is present) then the traffic will be allowed by default. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=egressnetworkpolicies,scope=Namespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=004 // +openshift:compatibility-gen:level=1 message EgressNetworkPolicy { // metadata is the standard object's metadata. @@ -158,15 +151,11 @@ message EgressNetworkPolicySpec { // same name as the Node object it corresponds to. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=hostsubnets,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=002 -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=.host,description="The name of the node" -// +kubebuilder:printcolumn:name="Host IP",type=string,JSONPath=.hostIP,description="The IP address to be used as a VTEP by other nodes in the overlay network" -// +kubebuilder:printcolumn:name="Subnet",type=string,JSONPath=.subnet,description="The CIDR range of the overlay network assigned to the node for its pods" -// +kubebuilder:printcolumn:name="Egress CIDRs",type=string,JSONPath=.egressCIDRs,description="The network egress CIDRs" -// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=.egressIPs,description="The network egress IP addresses" +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.host`,description="The name of the node" +// +kubebuilder:printcolumn:name="Host IP",type=string,JSONPath=`.hostIP`,description="The IP address to be used as a VTEP by other nodes in the overlay network" +// +kubebuilder:printcolumn:name="Subnet",type=string,JSONPath=`.subnet`,description="The CIDR range of the overlay network assigned to the node for its pods" +// +kubebuilder:printcolumn:name="Egress CIDRs",type=string,JSONPath=`.egressCIDRs`,description="The network egress CIDRs" +// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=`.egressIPs`,description="The network egress IP addresses" // +openshift:compatibility-gen:level=1 message HostSubnet { // metadata is the standard object's metadata. @@ -216,12 +205,8 @@ message HostSubnetList { // (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.) // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=netnamespaces,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=003 -// +kubebuilder:printcolumn:name="NetID",type=integer,JSONPath=.netid,description="The network identifier of the network namespace" -// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=.egressIPs,description="The network egress IP addresses" +// +kubebuilder:printcolumn:name="NetID",type=integer,JSONPath=`.netid`,description="The network identifier of the network namespace" +// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=`.egressIPs`,description="The network egress IP addresses" // +openshift:compatibility-gen:level=1 message NetNamespace { // metadata is the standard object's metadata. diff --git a/vendor/github.com/openshift/api/network/v1/stable.clusternetwork.testsuite.yaml b/vendor/github.com/openshift/api/network/v1/stable.clusternetwork.testsuite.yaml index 979de50148..1593231c80 100644 --- a/vendor/github.com/openshift/api/network/v1/stable.clusternetwork.testsuite.yaml +++ b/vendor/github.com/openshift/api/network/v1/stable.clusternetwork.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ClusterNetwork" -crd: 001_clusternetworks.crd.yaml +crd: 001-clusternetwork-crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterNetwork diff --git a/vendor/github.com/openshift/api/network/v1/stable.egressnetworkpolicy.testsuite.yaml b/vendor/github.com/openshift/api/network/v1/stable.egressnetworkpolicy.testsuite.yaml index 26093c3913..6ae75505f0 100644 --- a/vendor/github.com/openshift/api/network/v1/stable.egressnetworkpolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/network/v1/stable.egressnetworkpolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] EgressNetworkPolicy" -crd: 004_egressnetworkpolicies.crd.yaml +crd: 004-egressnetworkpolicy-crd.yaml tests: onCreate: - name: Should be able to create a minimal EgressNetworkPolicy diff --git a/vendor/github.com/openshift/api/network/v1/stable.hostsubnet.testsuite.yaml b/vendor/github.com/openshift/api/network/v1/stable.hostsubnet.testsuite.yaml index 2676b1190a..4740019daa 100644 --- a/vendor/github.com/openshift/api/network/v1/stable.hostsubnet.testsuite.yaml +++ b/vendor/github.com/openshift/api/network/v1/stable.hostsubnet.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] HostSubnet" -crd: 002_hostsubnets.crd.yaml +crd: 002-hostsubnet-crd.yaml tests: onCreate: - name: Should be able to create a minimal HostSubnet diff --git a/vendor/github.com/openshift/api/network/v1/stable.netnamespace.testsuite.yaml b/vendor/github.com/openshift/api/network/v1/stable.netnamespace.testsuite.yaml index 877d47214b..887ce749b4 100644 --- a/vendor/github.com/openshift/api/network/v1/stable.netnamespace.testsuite.yaml +++ b/vendor/github.com/openshift/api/network/v1/stable.netnamespace.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] NetNamespace" -crd: 003_netnamespaces.crd.yaml +crd: 003-netnamespace-crd.yaml tests: onCreate: - name: Should be able to create a minimal NetNamespace diff --git a/vendor/github.com/openshift/api/network/v1/types.go b/vendor/github.com/openshift/api/network/v1/types.go index f39e786c20..e71c6cf5a3 100644 --- a/vendor/github.com/openshift/api/network/v1/types.go +++ b/vendor/github.com/openshift/api/network/v1/types.go @@ -17,13 +17,10 @@ const ( // when the cluster is brought up for the first time. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusternetworks,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=001 -// +kubebuilder:printcolumn:name="Cluster Network",type=string,JSONPath=.network,description="The primary cluster network CIDR" -// +kubebuilder:printcolumn:name="Service Network",type=string,JSONPath=.serviceNetwork,description="The service network CIDR" -// +kubebuilder:printcolumn:name="Plugin Name",type=string,JSONPath=.pluginName,description="The OpenShift SDN network plug-in in use" +// +kubebuilder:resource:scope="Cluster" +// +kubebuilder:printcolumn:name="Cluster Network",type=string,JSONPath=`.network`,description="The primary cluster network CIDR" +// +kubebuilder:printcolumn:name="Service Network",type=string,JSONPath=`.serviceNetwork`,description="The service network CIDR" +// +kubebuilder:printcolumn:name="Plugin Name",type=string,JSONPath=`.pluginName`,description="The Openshift SDN network plug-in in use" // +openshift:compatibility-gen:level=1 type ClusterNetwork struct { metav1.TypeMeta `json:",inline"` @@ -116,15 +113,11 @@ type HostSubnetEgressCIDR string // same name as the Node object it corresponds to. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=hostsubnets,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=002 -// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=.host,description="The name of the node" -// +kubebuilder:printcolumn:name="Host IP",type=string,JSONPath=.hostIP,description="The IP address to be used as a VTEP by other nodes in the overlay network" -// +kubebuilder:printcolumn:name="Subnet",type=string,JSONPath=.subnet,description="The CIDR range of the overlay network assigned to the node for its pods" -// +kubebuilder:printcolumn:name="Egress CIDRs",type=string,JSONPath=.egressCIDRs,description="The network egress CIDRs" -// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=.egressIPs,description="The network egress IP addresses" +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.host`,description="The name of the node" +// +kubebuilder:printcolumn:name="Host IP",type=string,JSONPath=`.hostIP`,description="The IP address to be used as a VTEP by other nodes in the overlay network" +// +kubebuilder:printcolumn:name="Subnet",type=string,JSONPath=`.subnet`,description="The CIDR range of the overlay network assigned to the node for its pods" +// +kubebuilder:printcolumn:name="Egress CIDRs",type=string,JSONPath=`.egressCIDRs`,description="The network egress CIDRs" +// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=`.egressIPs`,description="The network egress IP addresses" // +openshift:compatibility-gen:level=1 type HostSubnet struct { metav1.TypeMeta `json:",inline"` @@ -189,12 +182,8 @@ type NetNamespaceEgressIP string // (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.) // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=netnamespaces,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=003 -// +kubebuilder:printcolumn:name="NetID",type=integer,JSONPath=.netid,description="The network identifier of the network namespace" -// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=.egressIPs,description="The network egress IP addresses" +// +kubebuilder:printcolumn:name="NetID",type=integer,JSONPath=`.netid`,description="The network identifier of the network namespace" +// +kubebuilder:printcolumn:name="Egress IPs",type=string,JSONPath=`.egressIPs`,description="The network egress IP addresses" // +openshift:compatibility-gen:level=1 type NetNamespace struct { metav1.TypeMeta `json:",inline"` @@ -281,10 +270,6 @@ type EgressNetworkPolicySpec struct { // is present) then the traffic will be allowed by default. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=egressnetworkpolicies,scope=Namespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/527 -// +openshift:file-pattern=operatorOrdering=004 // +openshift:compatibility-gen:level=1 type EgressNetworkPolicy struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/network/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/network/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 2f32210d28..0000000000 --- a/vendor/github.com/openshift/api/network/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,126 +0,0 @@ -clusternetworks.network.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/527 - CRDName: clusternetworks.network.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "001" - FilenameRunLevel: "" - GroupName: network.openshift.io - HasStatus: false - KindName: ClusterNetwork - Labels: {} - PluralName: clusternetworks - PrinterColumns: - - description: The primary cluster network CIDR - jsonPath: .network - name: Cluster Network - type: string - - description: The service network CIDR - jsonPath: .serviceNetwork - name: Service Network - type: string - - description: The OpenShift SDN network plug-in in use - jsonPath: .pluginName - name: Plugin Name - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -egressnetworkpolicies.network.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/527 - CRDName: egressnetworkpolicies.network.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "004" - FilenameRunLevel: "" - GroupName: network.openshift.io - HasStatus: false - KindName: EgressNetworkPolicy - Labels: {} - PluralName: egressnetworkpolicies - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -hostsubnets.network.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/527 - CRDName: hostsubnets.network.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "002" - FilenameRunLevel: "" - GroupName: network.openshift.io - HasStatus: false - KindName: HostSubnet - Labels: {} - PluralName: hostsubnets - PrinterColumns: - - description: The name of the node - jsonPath: .host - name: Host - type: string - - description: The IP address to be used as a VTEP by other nodes in the overlay - network - jsonPath: .hostIP - name: Host IP - type: string - - description: The CIDR range of the overlay network assigned to the node for its - pods - jsonPath: .subnet - name: Subnet - type: string - - description: The network egress CIDRs - jsonPath: .egressCIDRs - name: Egress CIDRs - type: string - - description: The network egress IP addresses - jsonPath: .egressIPs - name: Egress IPs - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - -netnamespaces.network.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/527 - CRDName: netnamespaces.network.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "003" - FilenameRunLevel: "" - GroupName: network.openshift.io - HasStatus: false - KindName: NetNamespace - Labels: {} - PluralName: netnamespaces - PrinterColumns: - - description: The network identifier of the network namespace - jsonPath: .netid - name: NetID - type: integer - - description: The network egress IP addresses - jsonPath: .egressIPs - name: Egress IPs - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/network/v1alpha1/0000_70_dnsnameresolver_00-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/network/v1alpha1/0000_70_dnsnameresolver_00-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..eb5209740d --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1alpha1/0000_70_dnsnameresolver_00-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,246 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1524 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: dnsnameresolvers.network.openshift.io +spec: + group: network.openshift.io + names: + kind: DNSNameResolver + listKind: DNSNameResolverList + plural: dnsnameresolvers + singular: dnsnameresolver + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "DNSNameResolver stores the DNS name resolution information of + a DNS name. It can be enabled by the TechPreviewNoUpgrade feature set. It + can also be enabled by the feature gate DNSNameResolver when using CustomNoUpgrade + feature set. \n Compatibility level 4: No compatibility is provided, the + API can change at any point for any reason. These capabilities should not + be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + DNSNameResolver. + properties: + name: + description: name is the DNS name for which the DNS name resolution + information will be stored. For a regular DNS name, only the DNS + name resolution information of the regular DNS name will be stored. + For a wildcard DNS name, the DNS name resolution information of + all the DNS names that match the wildcard DNS name will be stored. + For a wildcard DNS name, the '*' will match only one label. Additionally, + only a single '*' can be used at the beginning of the wildcard DNS + name. For example, '*.example.com.' will match 'sub1.example.com.' + but won't match 'sub2.sub1.example.com.' + maxLength: 254 + pattern: ^(\*\.)?([a-z0-9]([-a-z0-9]{0,61}[a-z0-9])?\.){2,}$ + type: string + x-kubernetes-validations: + - message: spec.name is immutable + rule: self == oldSelf + required: + - name + type: object + status: + description: status is the most recently observed status of the DNSNameResolver. + properties: + resolvedNames: + description: resolvedNames contains a list of matching DNS names and + their corresponding IP addresses along with their TTL and last DNS + lookup times. + items: + description: DNSNameResolverResolvedName describes the details of + a resolved DNS name. + properties: + conditions: + description: 'conditions provide information about the state + of the DNS name. Known .status.conditions.type is: "Degraded". + "Degraded" is true when the last resolution failed for the + DNS name, and false otherwise.' + items: + description: "Condition contains details for one aspect of + the current state of this API Resource. --- This struct + is intended for direct use as an array at the field path + .status.conditions. For example, \n type FooStatus struct{ + // Represents the observations of a foo's current state. + // Known .status.conditions.type are: \"Available\", \"Progressing\", + and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields + }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should + be when the underlying condition changed. If that is + not known, then using the time when the API field changed + is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the + current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last transition. + Producers of specific condition types may define expected + values and meanings for this field, and whether the + values are considered a guaranteed API. The value should + be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across + resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability + to deconflict is important. The regex it matches is + (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + dnsName: + description: dnsName is the resolved DNS name matching the name + field of DNSNameResolverSpec. This field can store both regular + and wildcard DNS names which match the spec.name field. When + the spec.name field contains a regular DNS name, this field + will store the same regular DNS name after it is successfully + resolved. When the spec.name field contains a wildcard DNS + name, each resolvedName.dnsName will store the regular DNS + names which match the wildcard DNS name and have been successfully + resolved. If the wildcard DNS name can also be successfully + resolved, then this field will store the wildcard DNS name + as well. + maxLength: 254 + pattern: ^(\*\.)?([a-z0-9]([-a-z0-9]{0,61}[a-z0-9])?\.){2,}$ + type: string + resolutionFailures: + description: resolutionFailures keeps the count of how many + consecutive times the DNS resolution failed for the dnsName. + If the DNS resolution succeeds then the field will be set + to zero. Upon every failure, the value of the field will be + incremented by one. The details about the DNS name will be + removed, if the value of resolutionFailures reaches 5 and + the TTL of all the associated IP addresses have expired. + format: int32 + type: integer + resolvedAddresses: + description: resolvedAddresses gives the list of associated + IP addresses and their corresponding TTLs and last lookup + times for the dnsName. + items: + description: DNSNameResolverResolvedAddress describes the + details of an IP address for a resolved DNS name. + properties: + ip: + anyOf: + - format: ipv4 + - format: ipv6 + description: ip is an IP address associated with the dnsName. + The validity of the IP address expires after lastLookupTime + + ttlSeconds. To refresh the information, a DNS lookup + will be performed upon the expiration of the IP address's + validity. If the information is not refreshed then it + will be removed with a grace period after the expiration + of the IP address's validity. + type: string + lastLookupTime: + description: lastLookupTime is the timestamp when the + last DNS lookup was completed successfully. The validity + of the IP address expires after lastLookupTime + ttlSeconds. + The value of this field will be updated to the current + time on a successful DNS lookup. If the information + is not refreshed then it will be removed with a grace + period after the expiration of the IP address's validity. + format: date-time + type: string + ttlSeconds: + description: ttlSeconds is the time-to-live value of the + IP address. The validity of the IP address expires after + lastLookupTime + ttlSeconds. On a successful DNS lookup + the value of this field will be updated with the current + time-to-live value. If the information is not refreshed + then it will be removed with a grace period after the + expiration of the IP address's validity. + format: int32 + type: integer + required: + - ip + - lastLookupTime + - ttlSeconds + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + required: + - dnsName + - resolvedAddresses + type: object + type: array + x-kubernetes-list-map-keys: + - dnsName + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/network/v1alpha1/0000_70_dnsnameresolver_00-customnoupgrade.crd.yaml b/vendor/github.com/openshift/api/network/v1alpha1/0000_70_dnsnameresolver_00-customnoupgrade.crd.yaml new file mode 100644 index 0000000000..fda4977898 --- /dev/null +++ b/vendor/github.com/openshift/api/network/v1alpha1/0000_70_dnsnameresolver_00-customnoupgrade.crd.yaml @@ -0,0 +1,246 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1524 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: dnsnameresolvers.network.openshift.io +spec: + group: network.openshift.io + names: + kind: DNSNameResolver + listKind: DNSNameResolverList + plural: dnsnameresolvers + singular: dnsnameresolver + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "DNSNameResolver stores the DNS name resolution information of + a DNS name. It can be enabled by the TechPreviewNoUpgrade feature set. It + can also be enabled by the feature gate DNSNameResolver when using CustomNoUpgrade + feature set. \n Compatibility level 4: No compatibility is provided, the + API can change at any point for any reason. These capabilities should not + be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + DNSNameResolver. + properties: + name: + description: name is the DNS name for which the DNS name resolution + information will be stored. For a regular DNS name, only the DNS + name resolution information of the regular DNS name will be stored. + For a wildcard DNS name, the DNS name resolution information of + all the DNS names that match the wildcard DNS name will be stored. + For a wildcard DNS name, the '*' will match only one label. Additionally, + only a single '*' can be used at the beginning of the wildcard DNS + name. For example, '*.example.com.' will match 'sub1.example.com.' + but won't match 'sub2.sub1.example.com.' + maxLength: 254 + pattern: ^(\*\.)?([a-z0-9]([-a-z0-9]{0,61}[a-z0-9])?\.){2,}$ + type: string + x-kubernetes-validations: + - message: spec.name is immutable + rule: self == oldSelf + required: + - name + type: object + status: + description: status is the most recently observed status of the DNSNameResolver. + properties: + resolvedNames: + description: resolvedNames contains a list of matching DNS names and + their corresponding IP addresses along with their TTL and last DNS + lookup times. + items: + description: DNSNameResolverResolvedName describes the details of + a resolved DNS name. + properties: + conditions: + description: 'conditions provide information about the state + of the DNS name. Known .status.conditions.type is: "Degraded". + "Degraded" is true when the last resolution failed for the + DNS name, and false otherwise.' + items: + description: "Condition contains details for one aspect of + the current state of this API Resource. --- This struct + is intended for direct use as an array at the field path + .status.conditions. For example, \n type FooStatus struct{ + // Represents the observations of a foo's current state. + // Known .status.conditions.type are: \"Available\", \"Progressing\", + and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields + }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should + be when the underlying condition changed. If that is + not known, then using the time when the API field changed + is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the + current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last transition. + Producers of specific condition types may define expected + values and meanings for this field, and whether the + values are considered a guaranteed API. The value should + be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across + resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability + to deconflict is important. The regex it matches is + (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + dnsName: + description: dnsName is the resolved DNS name matching the name + field of DNSNameResolverSpec. This field can store both regular + and wildcard DNS names which match the spec.name field. When + the spec.name field contains a regular DNS name, this field + will store the same regular DNS name after it is successfully + resolved. When the spec.name field contains a wildcard DNS + name, each resolvedName.dnsName will store the regular DNS + names which match the wildcard DNS name and have been successfully + resolved. If the wildcard DNS name can also be successfully + resolved, then this field will store the wildcard DNS name + as well. + maxLength: 254 + pattern: ^(\*\.)?([a-z0-9]([-a-z0-9]{0,61}[a-z0-9])?\.){2,}$ + type: string + resolutionFailures: + description: resolutionFailures keeps the count of how many + consecutive times the DNS resolution failed for the dnsName. + If the DNS resolution succeeds then the field will be set + to zero. Upon every failure, the value of the field will be + incremented by one. The details about the DNS name will be + removed, if the value of resolutionFailures reaches 5 and + the TTL of all the associated IP addresses have expired. + format: int32 + type: integer + resolvedAddresses: + description: resolvedAddresses gives the list of associated + IP addresses and their corresponding TTLs and last lookup + times for the dnsName. + items: + description: DNSNameResolverResolvedAddress describes the + details of an IP address for a resolved DNS name. + properties: + ip: + anyOf: + - format: ipv4 + - format: ipv6 + description: ip is an IP address associated with the dnsName. + The validity of the IP address expires after lastLookupTime + + ttlSeconds. To refresh the information, a DNS lookup + will be performed upon the expiration of the IP address's + validity. If the information is not refreshed then it + will be removed with a grace period after the expiration + of the IP address's validity. + type: string + lastLookupTime: + description: lastLookupTime is the timestamp when the + last DNS lookup was completed successfully. The validity + of the IP address expires after lastLookupTime + ttlSeconds. + The value of this field will be updated to the current + time on a successful DNS lookup. If the information + is not refreshed then it will be removed with a grace + period after the expiration of the IP address's validity. + format: date-time + type: string + ttlSeconds: + description: ttlSeconds is the time-to-live value of the + IP address. The validity of the IP address expires after + lastLookupTime + ttlSeconds. On a successful DNS lookup + the value of this field will be updated with the current + time-to-live value. If the information is not refreshed + then it will be removed with a grace period after the + expiration of the IP address's validity. + format: int32 + type: integer + required: + - ip + - lastLookupTime + - ttlSeconds + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + required: + - dnsName + - resolvedAddresses + type: object + type: array + x-kubernetes-list-map-keys: + - dnsName + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/network/v1alpha1/custom.dnsnameresolver.testsuite.yaml b/vendor/github.com/openshift/api/network/v1alpha1/custom.dnsnameresolver.testsuite.yaml index 1a34496425..f988aa36d8 100644 --- a/vendor/github.com/openshift/api/network/v1alpha1/custom.dnsnameresolver.testsuite.yaml +++ b/vendor/github.com/openshift/api/network/v1alpha1/custom.dnsnameresolver.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[CustomNoUpgrade] DNSNameResolver" -crd: 0000_70_dns_00_dnsnameresolvers-CustomNoUpgrade.crd.yaml +crd: 0000_70_dnsnameresolver_00-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal DNSNameResolver with a regular DNS name @@ -268,7 +268,7 @@ tests: - ip: "256.256.256.256" ttlSeconds: 60 lastLookupTime: "2023-08-08T15:07:04Z" - expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"256.256.256.256\": resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"256.256.256.256\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" + expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"status.resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), status.resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"256.256.256.256\": status.resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"256.256.256.256\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" - name: Should be able to add valid IPv6 address initial: | apiVersion: network.openshift.io/v1alpha1 @@ -399,4 +399,4 @@ tests: - ip: "10000:10000:10000:10000:10000:10000:10000:10000" ttlSeconds: 60 lastLookupTime: "2023-08-08T15:07:04Z" - expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"10000:10000:10000:10000:10000:10000:10000:10000\": resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"10000:10000:10000:10000:10000:10000:10000:10000\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" + expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"status.resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), status.resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"10000:10000:10000:10000:10000:10000:10000:10000\": status.resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"10000:10000:10000:10000:10000:10000:10000:10000\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" diff --git a/vendor/github.com/openshift/api/network/v1alpha1/techpreview.dnsnameresolver.testsuite.yaml b/vendor/github.com/openshift/api/network/v1alpha1/techpreview.dnsnameresolver.testsuite.yaml index bcfcd68435..60fa337fb7 100644 --- a/vendor/github.com/openshift/api/network/v1alpha1/techpreview.dnsnameresolver.testsuite.yaml +++ b/vendor/github.com/openshift/api/network/v1alpha1/techpreview.dnsnameresolver.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] DNSNameResolver" -crd: 0000_70_dns_00_dnsnameresolvers-TechPreviewNoUpgrade.crd.yaml +crd: 0000_70_dnsnameresolver_00-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal DNSNameResolver @@ -268,7 +268,7 @@ tests: - ip: "256.256.256.256" ttlSeconds: 60 lastLookupTime: "2023-08-08T15:07:04Z" - expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"256.256.256.256\": resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"256.256.256.256\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" + expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"status.resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), status.resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"256.256.256.256\": status.resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"256.256.256.256\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" - name: Should be able to add valid IPv6 address initial: | apiVersion: network.openshift.io/v1alpha1 @@ -399,4 +399,4 @@ tests: - ip: "10000:10000:10000:10000:10000:10000:10000:10000" ttlSeconds: 60 lastLookupTime: "2023-08-08T15:07:04Z" - expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"10000:10000:10000:10000:10000:10000:10000:10000\": resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"10000:10000:10000:10000:10000:10000:10000:10000\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" + expectedStatusError: "DNSNameResolver.network.openshift.io \"example\" is invalid: [: Invalid value: \"\": \"status.resolvedNames[0].resolvedAddresses[0].ip\" must validate at least one schema (anyOf), status.resolvedNames[0].resolvedAddresses[0].ip: Invalid value: \"10000:10000:10000:10000:10000:10000:10000:10000\": status.resolvedNames[0].resolvedAddresses[0].ip in body must be of type ipv4: \"10000:10000:10000:10000:10000:10000:10000:10000\", : Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]" diff --git a/vendor/github.com/openshift/api/network/v1alpha1/types_dnsnameresolver.go b/vendor/github.com/openshift/api/network/v1alpha1/types_dnsnameresolver.go index 394f2e4ac0..f36901215f 100644 --- a/vendor/github.com/openshift/api/network/v1alpha1/types_dnsnameresolver.go +++ b/vendor/github.com/openshift/api/network/v1alpha1/types_dnsnameresolver.go @@ -10,7 +10,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=dnsnameresolvers,scope=Namespaced // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1524 -// +openshift:file-pattern=cvoRunLevel=0000_70,operatorName=dns,operatorOrdering=00 +// +openshift:file-pattern=0000_70_dnsnameresolver_00MARKERS.crd.yaml // +openshift:compatibility-gen:level=4 // +openshift:enable:FeatureGate=DNSNameResolver diff --git a/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 0070eb584e..5e980becf5 100644 --- a/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/network/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -6,9 +6,6 @@ dnsnameresolvers.network.openshift.io: Category: "" FeatureGates: - DNSNameResolver - FilenameOperatorName: dns - FilenameOperatorOrdering: "00" - FilenameRunLevel: "0000_70" GroupName: network.openshift.io HasStatus: true KindName: DNSNameResolver @@ -16,7 +13,8 @@ dnsnameresolvers.network.openshift.io: PluralName: dnsnameresolvers PrinterColumns: [] Scope: Namespaced - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_70_dnsnameresolver_00MARKERS.crd.yaml TopLevelFeatureGates: - DNSNameResolver Version: v1alpha1 diff --git a/vendor/github.com/openshift/api/networkoperator/v1/001-egressrouter.crd.yaml b/vendor/github.com/openshift/api/networkoperator/v1/001-egressrouter.crd.yaml new file mode 100644 index 0000000000..6019c14c2a --- /dev/null +++ b/vendor/github.com/openshift/api/networkoperator/v1/001-egressrouter.crd.yaml @@ -0,0 +1,250 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/851 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + creationTimestamp: null + name: egressrouters.network.operator.openshift.io +spec: + group: network.operator.openshift.io + names: + kind: EgressRouter + listKind: EgressRouterList + plural: egressrouters + singular: egressrouter + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[*].type + name: Condition + type: string + - jsonPath: .status.conditions[*].status + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: "EgressRouter is a feature allowing the user to define an egress + router that acts as a bridge between pods and external systems. The egress + router runs a service that redirects egress traffic originating from a pod + or a group of pods to a remote external system or multiple destinations + as per configuration. \n It is consumed by the cluster-network-operator. + More specifically, given an EgressRouter CR with , the CNO will create + and manage: - A service called - An egress pod called - A + NAD called \n Compatibility level 1: Stable within a major release + for a minimum of 12 months or 3 minor releases (whichever is longer). \n + EgressRouter is a single egressrouter pod configuration object." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired egress router. + oneOf: + - properties: + mode: + enum: + - Redirect + required: + - redirect + properties: + addresses: + description: List of IP addresses to configure on the pod's secondary + interface. + items: + description: EgressRouterAddress contains a pair of IP CIDR and + gateway to be configured on the router's interface + properties: + gateway: + anyOf: + - format: ipv4 + - format: ipv6 + description: IP address of the next-hop gateway, if it cannot + be automatically determined. Can be IPv4 or IPv6. + type: string + ip: + description: IP is the address to configure on the router's + interface. Can be IPv4 or IPv6. + type: string + required: + - ip + type: object + type: array + mode: + default: Redirect + description: Mode depicts the mode that is used for the egress router. + The default mode is "Redirect" and is the only supported mode currently. + enum: + - Redirect + type: string + networkInterface: + default: + macvlan: + mode: Bridge + description: Specification of interface to create/use. The default + is macvlan. Currently only macvlan is supported. + oneOf: + - required: + - macvlan + properties: + macvlan: + default: + mode: Bridge + description: Arguments specific to the interfaceType macvlan + properties: + master: + description: Name of the master interface. Need not be specified + if it can be inferred from the IP address. + type: string + mode: + default: Bridge + description: Mode depicts the mode that is used for the macvlan + interface; one of Bridge|Private|VEPA|Passthru. The default + mode is "Bridge". + enum: + - Bridge + - Private + - VEPA + - Passthru + type: string + required: + - mode + type: object + type: object + redirect: + description: Redirect represents the configuration parameters specific + to redirect mode. + properties: + fallbackIP: + anyOf: + - format: ipv4 + - format: ipv6 + description: FallbackIP specifies the remote destination's IP + address. Can be IPv4 or IPv6. If no redirect rules are specified, + all traffic from the router are redirected to this IP. If redirect + rules are specified, then any connections on any other port + (undefined in the rules) on the router will be redirected to + this IP. If redirect rules are specified and no fallback IP + is provided, connections on other ports will simply be rejected. + type: string + redirectRules: + description: List of L4RedirectRules that define the DNAT redirection + from the pod to the destination in redirect mode. + items: + description: L4RedirectRule defines a DNAT redirection from + a given port to a destination IP and port. + properties: + destinationIP: + anyOf: + - format: ipv4 + - format: ipv6 + description: IP specifies the remote destination's IP address. + Can be IPv4 or IPv6. + type: string + port: + description: Port is the port number to which clients should + send traffic to be redirected. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: Protocol can be TCP, SCTP or UDP. + enum: + - TCP + - UDP + - SCTP + type: string + targetPort: + description: TargetPort allows specifying the port number + on the remote destination to which the traffic gets redirected + to. If unspecified, the value from "Port" is used. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - destinationIP + - port + - protocol + type: object + type: array + type: object + required: + - addresses + - mode + - networkInterface + type: object + status: + description: Observed status of EgressRouter. + properties: + conditions: + description: Observed status of the egress router + items: + description: EgressRouterStatusCondition represents the state of + the egress router's managed and monitored components. + properties: + lastTransitionTime: + description: LastTransitionTime is the time of the last update + to the current status property. + format: date-time + nullable: true + type: string + message: + description: Message provides additional information about the + current condition. This is only to be consumed by humans. It + may contain Line Feed characters (U+000A), which should be + rendered as new lines. + type: string + reason: + description: Reason is the CamelCase reason for the condition's + current status. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type specifies the aspect reported by this condition; + one of Available, Progressing, Degraded + enum: + - Available + - Progressing + - Degraded + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + required: + - conditions + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/vendor/github.com/openshift/api/networkoperator/v1/001-egressrouter.crd.yaml-patch b/vendor/github.com/openshift/api/networkoperator/v1/001-egressrouter.crd.yaml-patch new file mode 100644 index 0000000000..3f1cc0342b --- /dev/null +++ b/vendor/github.com/openshift/api/networkoperator/v1/001-egressrouter.crd.yaml-patch @@ -0,0 +1,26 @@ +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/addresses/items/properties/gateway/anyOf + value: + - format: ipv4 + - format: ipv6 +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/redirect/properties/fallbackIP/anyOf + value: + - format: ipv4 + - format: ipv6 +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/redirect/properties/redirectRules/items/properties/destinationIP/anyOf + value: + - format: ipv4 + - format: ipv6 +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/oneOf + value: + - properties: + mode: + enum: ["Redirect"] + required: ["redirect"] +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/networkInterface/oneOf + value: + - required: ["macvlan"] diff --git a/vendor/github.com/openshift/api/networkoperator/v1/generated.proto b/vendor/github.com/openshift/api/networkoperator/v1/generated.proto index 2f813e2a5e..540637af44 100644 --- a/vendor/github.com/openshift/api/networkoperator/v1/generated.proto +++ b/vendor/github.com/openshift/api/networkoperator/v1/generated.proto @@ -27,16 +27,11 @@ option go_package = "github.com/openshift/api/networkoperator/v1"; // // EgressRouter is a single egressrouter pod configuration object. // +k8s:openapi-gen=true -// +openshift:compatibility-gen:level=1 -// +kubebuilder:object:root=true // +kubebuilder:subresource:status // +kubebuilder:resource:path=egressrouters,scope=Namespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/851 -// +openshift:file-pattern=operatorOrdering=001 -// +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/ibm-cloud-managed=true // +kubebuilder:printcolumn:name="Condition",type=string,JSONPath=".status.conditions[*].type" // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[*].status" +// +openshift:compatibility-gen:level=1 message EgressRouter { // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata diff --git a/vendor/github.com/openshift/api/networkoperator/v1/stable.egressrouter.testsuite.yaml b/vendor/github.com/openshift/api/networkoperator/v1/stable.egressrouter.testsuite.yaml index e713c28dd9..2d4a476d34 100644 --- a/vendor/github.com/openshift/api/networkoperator/v1/stable.egressrouter.testsuite.yaml +++ b/vendor/github.com/openshift/api/networkoperator/v1/stable.egressrouter.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] EgressRouter" -crd: 001_egressrouters.crd.yaml +crd: 001-egressrouter.crd.yaml tests: onCreate: - name: Should be able to create a minimal EgressRouter diff --git a/vendor/github.com/openshift/api/networkoperator/v1/types_egressrouter.go b/vendor/github.com/openshift/api/networkoperator/v1/types_egressrouter.go index 9f11590e05..4acebb177d 100644 --- a/vendor/github.com/openshift/api/networkoperator/v1/types_egressrouter.go +++ b/vendor/github.com/openshift/api/networkoperator/v1/types_egressrouter.go @@ -20,16 +20,11 @@ import ( // // EgressRouter is a single egressrouter pod configuration object. // +k8s:openapi-gen=true -// +openshift:compatibility-gen:level=1 -// +kubebuilder:object:root=true // +kubebuilder:subresource:status // +kubebuilder:resource:path=egressrouters,scope=Namespaced -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/851 -// +openshift:file-pattern=operatorOrdering=001 -// +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/ibm-cloud-managed=true // +kubebuilder:printcolumn:name="Condition",type=string,JSONPath=".status.conditions[*].type" // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[*].status" +// +openshift:compatibility-gen:level=1 type EgressRouter struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/networkoperator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/networkoperator/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 8af113091e..0000000000 --- a/vendor/github.com/openshift/api/networkoperator/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,29 +0,0 @@ -egressrouters.network.operator.openshift.io: - Annotations: - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/851 - CRDName: egressrouters.network.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "001" - FilenameRunLevel: "" - GroupName: network.operator.openshift.io - HasStatus: true - KindName: EgressRouter - Labels: {} - PluralName: egressrouters - PrinterColumns: - - jsonPath: .status.conditions[*].type - name: Condition - type: string - - jsonPath: .status.conditions[*].status - name: Status - type: string - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_10_config-operator_01_configs.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_10_config-operator_01_configs.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config-CustomNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config-CustomNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-Default.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config-Default.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-Default.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config-Default.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config-TechPreviewNoUpgrade.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config-TechPreviewNoUpgrade.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-scheduler_01_kubeschedulers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_25_kube-scheduler_01_kubeschedulers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_cloud-credential_00_cloudcredentials.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_cloud-credential_00_cloudcredentials.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_authentication_01_authentications.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_authentication_01_authentications.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_storage_01_storages.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_storage_01_storages.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_ingress_00_ingresscontrollers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_insights_00_insightsoperators.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_insights-operator_00-insightsoperator.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_insights_00_insightsoperators.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_50_insights-operator_00-insightsoperator.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_service-ca_02_servicecas.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_service-ca_02_servicecas.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_dns_00_dnses.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_dns_00_dnses.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..c493e302c8 --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-CustomNoUpgrade.crd.yaml @@ -0,0 +1,395 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: machineconfigurations.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: MachineConfiguration + listKind: MachineConfigurationList + plural: machineconfigurations + singular: machineconfiguration + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "MachineConfiguration provides information to configure an operator + to manage Machine Configuration. \n Compatibility level 1: Stable within + a major release for a minimum of 12 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Machine Config Operator + properties: + failedRevisionLimit: + description: failedRevisionLimit is the number of failed static pod + installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: forceRedeploymentReason can be used to force the redeployment + of the operand by providing a unique string. This provides a mechanism + to kick a previously failed deployment and provide a reason why + you think it will work this time instead of failing again on the + same config. + type: string + logLevel: + default: Normal + description: "logLevel is an intent based logging for an overall component. + \ It does not give fine grained control, but it is a simple way + to manage coarse grained logging choices that operators have to + interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", + \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managedBootImages: + description: managedBootImages allows configuration for the management + of boot images for machine resources within the cluster. This configuration + allows users to select resources that should be updated to the latest + boot images during cluster upgrades, ensuring that new machines + always boot with the current cluster version's boot image. When + omitted, no boot images will be updated. + properties: + machineManagers: + description: machineManagers can be used to register machine management + resources for boot image updates. The Machine Config Operator + will watch for changes to this list. Only one entry is permitted + per type of machine management resource. + items: + description: MachineManager describes a target machine resource + that is registered for boot image updates. It stores identifying + information such as the resource type and the API Group of + the resource. It also provides granular control via the selection + field. + properties: + apiGroup: + description: apiGroup is name of the APIGroup that the machine + management resource belongs to. The only current valid + value is machine.openshift.io. machine.openshift.io means + that the machine manager will only register resources + that belong to OpenShift machine API group. + enum: + - machine.openshift.io + type: string + resource: + description: resource is the machine management resource's + type. The only current valid value is machinesets. machinesets + means that the machine manager will only register resources + of the kind MachineSet. + enum: + - machinesets + type: string + selection: + description: selection allows granular control of the machine + management resources that will be registered for boot + image updates. + properties: + mode: + description: mode determines how machine managers will + be selected for updates. Valid values are All and + Partial. All means that every resource matched by + the machine manager will be updated. Partial requires + specified selector(s) and allows customisation of + which resources matched by the machine manager will + be updated. + enum: + - All + - Partial + type: string + partial: + description: partial provides label selector(s) that + can be used to match machine management resources. + Only permitted when mode is set to "Partial". + properties: + machineResourceSelector: + description: machineResourceSelector is a label + selector that can be used to select machine resources + like MachineSets. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - machineResourceSelector + type: object + required: + - mode + type: object + x-kubernetes-validations: + - message: Partial is required when type is partial, and + forbidden otherwise + rule: 'has(self.mode) && self.mode == ''Partial'' ? has(self.partial) + : !has(self.partial)' + required: + - apiGroup + - resource + - selection + type: object + type: array + x-kubernetes-list-map-keys: + - resource + - apiGroup + x-kubernetes-list-type: map + type: object + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: succeededRevisionLimit is the number of successful static + pod installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: unsupportedConfigOverrides overrides the final configuration + that was computed by the operator. Red Hat does not support the + use of this field. Misuse of this field could lead to unexpected + behavior or conflict with other configuration options. Seek guidance + from the Red Hat support before using this field. Use of this property + blocks cluster upgrades, it must be removed before upgrading your + cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Machine + Config Operator + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + x-kubernetes-list-type: atomic + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: currentRevision is the generation of the most recently + successful deployment + format: int32 + type: integer + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: targetRevision is the generation of the deployment + we're trying to apply + format: int32 + type: integer + required: + - nodeName + type: object + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-Default.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-Default.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..af978be951 --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/0000_80_machine-config-operator_01_config-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,395 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1453 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: machineconfigurations.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: MachineConfiguration + listKind: MachineConfigurationList + plural: machineconfigurations + singular: machineconfiguration + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "MachineConfiguration provides information to configure an operator + to manage Machine Configuration. \n Compatibility level 1: Stable within + a major release for a minimum of 12 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Machine Config Operator + properties: + failedRevisionLimit: + description: failedRevisionLimit is the number of failed static pod + installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: forceRedeploymentReason can be used to force the redeployment + of the operand by providing a unique string. This provides a mechanism + to kick a previously failed deployment and provide a reason why + you think it will work this time instead of failing again on the + same config. + type: string + logLevel: + default: Normal + description: "logLevel is an intent based logging for an overall component. + \ It does not give fine grained control, but it is a simple way + to manage coarse grained logging choices that operators have to + interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", + \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managedBootImages: + description: managedBootImages allows configuration for the management + of boot images for machine resources within the cluster. This configuration + allows users to select resources that should be updated to the latest + boot images during cluster upgrades, ensuring that new machines + always boot with the current cluster version's boot image. When + omitted, no boot images will be updated. + properties: + machineManagers: + description: machineManagers can be used to register machine management + resources for boot image updates. The Machine Config Operator + will watch for changes to this list. Only one entry is permitted + per type of machine management resource. + items: + description: MachineManager describes a target machine resource + that is registered for boot image updates. It stores identifying + information such as the resource type and the API Group of + the resource. It also provides granular control via the selection + field. + properties: + apiGroup: + description: apiGroup is name of the APIGroup that the machine + management resource belongs to. The only current valid + value is machine.openshift.io. machine.openshift.io means + that the machine manager will only register resources + that belong to OpenShift machine API group. + enum: + - machine.openshift.io + type: string + resource: + description: resource is the machine management resource's + type. The only current valid value is machinesets. machinesets + means that the machine manager will only register resources + of the kind MachineSet. + enum: + - machinesets + type: string + selection: + description: selection allows granular control of the machine + management resources that will be registered for boot + image updates. + properties: + mode: + description: mode determines how machine managers will + be selected for updates. Valid values are All and + Partial. All means that every resource matched by + the machine manager will be updated. Partial requires + specified selector(s) and allows customisation of + which resources matched by the machine manager will + be updated. + enum: + - All + - Partial + type: string + partial: + description: partial provides label selector(s) that + can be used to match machine management resources. + Only permitted when mode is set to "Partial". + properties: + machineResourceSelector: + description: machineResourceSelector is a label + selector that can be used to select machine resources + like MachineSets. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + required: + - machineResourceSelector + type: object + required: + - mode + type: object + x-kubernetes-validations: + - message: Partial is required when type is partial, and + forbidden otherwise + rule: 'has(self.mode) && self.mode == ''Partial'' ? has(self.partial) + : !has(self.partial)' + required: + - apiGroup + - resource + - selection + type: object + type: array + x-kubernetes-list-map-keys: + - resource + - apiGroup + x-kubernetes-list-type: map + type: object + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + succeededRevisionLimit: + description: succeededRevisionLimit is the number of successful static + pod installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: unsupportedConfigOverrides overrides the final configuration + that was computed by the operator. Red Hat does not support the + use of this field. Misuse of this field could lead to unexpected + behavior or conflict with other configuration options. Seek guidance + from the Red Hat support before using this field. Use of this property + blocks cluster upgrades, it must be removed before upgrading your + cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Machine + Config Operator + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + x-kubernetes-list-type: atomic + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: currentRevision is the generation of the most recently + successful deployment + format: int32 + type: integer + lastFailedCount: + description: lastFailedCount is how often the installer pod + of the last failed revision failed. + type: integer + lastFailedReason: + description: lastFailedReason is a machine readable failure + reason string. + type: string + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of human readable + errors during the failed deployment referenced in lastFailedRevision. + items: + type: string + type: array + x-kubernetes-list-type: atomic + lastFailedTime: + description: lastFailedTime is the time the last failed revision + failed the last time. + format: date-time + type: string + lastFallbackCount: + description: lastFallbackCount is how often a fallback to a + previous revision happened. + type: integer + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: targetRevision is the generation of the deployment + we're trying to apply + format: int32 + type: integer + required: + - nodeName + type: object + type: array + x-kubernetes-list-map-keys: + - nodeName + x-kubernetes-list-type: map + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_90_csi-driver_01_clustercsidrivers.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_90_csi-driver_01_clustercsidrivers.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml b/vendor/github.com/openshift/api/operator/v1/00_console-operator.crd.yaml similarity index 100% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_50_console_01_consoles.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/00_console-operator.crd.yaml diff --git a/vendor/github.com/openshift/api/operator/v1/custom.etcd.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/custom.etcd.testsuite.yaml index 57a2c994bd..a414ac1cb4 100644 --- a/vendor/github.com/openshift/api/operator/v1/custom.etcd.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/custom.etcd.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Custom] Etcd" -crd: 0000_12_etcd_01_etcds-CustomNoUpgrade.crd.yaml +crd: 0000_12_etcd-operator_01_config-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create with Standard hardware speed diff --git a/vendor/github.com/openshift/api/operator/v1/custom.machineconfiguration.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/custom.machineconfiguration.testsuite.yaml index 0bffe92f58..529b436ba2 100644 --- a/vendor/github.com/openshift/api/operator/v1/custom.machineconfiguration.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/custom.machineconfiguration.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[CustomNoUpgrade] MachineConfiguration" -crd: 0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml +crd: 0000_80_machine-config-operator_01_config-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfiguration diff --git a/vendor/github.com/openshift/api/operator/v1/stable.authentication.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.authentication.testsuite.yaml index 19c88d55b1..8ec1f66501 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.authentication.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.authentication.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Authentication" -crd: 0000_50_authentication_01_authentications.crd.yaml +crd: 0000_50_cluster-authentication-operator_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal Authentication diff --git a/vendor/github.com/openshift/api/operator/v1/stable.cloudcredential.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.cloudcredential.testsuite.yaml index 970549c46d..fa3c34bff6 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.cloudcredential.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.cloudcredential.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] CloudCredential" -crd: 0000_40_cloud-credential_00_cloudcredentials.crd.yaml +crd: 0000_40_cloud-credential-operator_00_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal CloudCredential diff --git a/vendor/github.com/openshift/api/operator/v1/stable.clustercsidriver.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.clustercsidriver.testsuite.yaml index 2501131b29..7a159da860 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.clustercsidriver.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.clustercsidriver.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ClusterCSIDriver" -crd: 0000_90_csi-driver_01_clustercsidrivers.crd.yaml +crd: 0000_90_cluster_csi_driver_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterCSIDriver diff --git a/vendor/github.com/openshift/api/operator/v1/stable.config.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.config.testsuite.yaml index ad3e0ed6bc..e3708dd00d 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.config.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.config.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Config" -crd: 0000_10_config-operator_01_configs.crd.yaml +crd: 0000_10_config-operator_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal Config diff --git a/vendor/github.com/openshift/api/operator/v1/stable.console.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.console.testsuite.yaml index 5c21b3f306..065d490e45 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.console.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.console.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Console" -crd: 0000_50_console_01_consoles.crd.yaml +crd: 00_console-operator.crd.yaml tests: onCreate: - name: Should be able to create a minimal Console diff --git a/vendor/github.com/openshift/api/operator/v1/stable.csisnapshotcontroller.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.csisnapshotcontroller.testsuite.yaml index b1ecd44b2b..f87e08121e 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.csisnapshotcontroller.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.csisnapshotcontroller.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] CSISnapshotController" -crd: 0000_80_csi-snapshot-controller_01_csisnapshotcontrollers.crd.yaml +crd: 0000_80_csi_snapshot_controller_operator_01_crd.yaml tests: onCreate: - name: Should be able to create a minimal CSISnapshotController diff --git a/vendor/github.com/openshift/api/operator/v1/stable.dns.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.dns.testsuite.yaml index e08dbe5d42..1f2def70cf 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.dns.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.dns.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] DNS" -crd: 0000_70_dns_00_dnses.crd.yaml +crd: 0000_70_dns-operator_00.crd.yaml tests: onCreate: - name: Should be able to create a minimal DNS diff --git a/vendor/github.com/openshift/api/operator/v1/stable.etcd.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.etcd.testsuite.yaml index 04feb2dd45..ba4b2bc469 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.etcd.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.etcd.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Etcd" -crd: 0000_12_etcd_01_etcds-Default.crd.yaml +crd: 0000_12_etcd-operator_01_config-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal Etcd diff --git a/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml index 0ad87bcfda..903d8e60c5 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.ingresscontroller.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] IngressController" -crd: 0000_50_ingress_00_ingresscontrollers.crd.yaml +crd: 0000_50_ingress-operator_00-ingresscontroller.crd.yaml tests: onCreate: - name: Should be able to create a minimal IngressController diff --git a/vendor/github.com/openshift/api/operator/v1/stable.insightsoperator.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.insightsoperator.testsuite.yaml index 410e026014..f17d7ae26c 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.insightsoperator.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.insightsoperator.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] InsightsOperator" -crd: 0000_50_insights_00_insightsoperators.crd.yaml +crd: 0000_50_insights-operator_00-insightsoperator.crd.yaml tests: onCreate: - name: Should be able to create a minimal InsightsOperator diff --git a/vendor/github.com/openshift/api/operator/v1/stable.kubeapiserver.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.kubeapiserver.testsuite.yaml index 3e86c38d87..0428bde074 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.kubeapiserver.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.kubeapiserver.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] KubeAPIServer" -crd: 0000_20_kube-apiserver_01_kubeapiservers.crd.yaml +crd: 0000_20_kube-apiserver-operator_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal KubeAPIServer diff --git a/vendor/github.com/openshift/api/operator/v1/stable.kubecontrollermanager.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.kubecontrollermanager.testsuite.yaml index b3d506f299..44286f6591 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.kubecontrollermanager.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.kubecontrollermanager.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] KubeControllerManager" -crd: 0000_25_kube-controller-manager_01_kubecontrollermanagers.crd.yaml +crd: 0000_25_kube-controller-manager-operator_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal KubeControllerManager diff --git a/vendor/github.com/openshift/api/operator/v1/stable.kubescheduler.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.kubescheduler.testsuite.yaml index bd6eb927d7..0096050396 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.kubescheduler.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.kubescheduler.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] KubeScheduler" -crd: 0000_25_kube-scheduler_01_kubeschedulers.crd.yaml +crd: 0000_25_kube-scheduler-operator_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal KubeScheduler diff --git a/vendor/github.com/openshift/api/operator/v1/stable.kubestorageversionmigrator.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.kubestorageversionmigrator.testsuite.yaml index e8b342ec0c..a0b194406c 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.kubestorageversionmigrator.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.kubestorageversionmigrator.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] KubeStorageVersionMigrator" -crd: 0000_40_kube-storage-version-migrator_00_kubestorageversionmigrators.crd.yaml +crd: 0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal KubeStorageVersionMigrator diff --git a/vendor/github.com/openshift/api/operator/v1/stable.machineconfiguration.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.machineconfiguration.testsuite.yaml index b5b445021c..73496f761c 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.machineconfiguration.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.machineconfiguration.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] MachineConfiguration" -crd: 0000_80_machine-config_01_machineconfigurations-Default.crd.yaml +crd: 0000_80_machine-config-operator_01_config-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfiguration diff --git a/vendor/github.com/openshift/api/operator/v1/stable.network.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.network.testsuite.yaml index b3176ced2c..2ebeaf4f5c 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.network.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.network.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Network" -crd: 0000_70_network_01_networks.crd.yaml +crd: 0000_70_cluster-network-operator_01.crd.yaml tests: onCreate: - name: Should be able to create a minimal Network diff --git a/vendor/github.com/openshift/api/operator/v1/stable.openshiftapiserver.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.openshiftapiserver.testsuite.yaml index 0fed36317b..385c2940ba 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.openshiftapiserver.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.openshiftapiserver.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] OpenShiftAPIServer" -crd: 0000_30_openshift-apiserver_01_openshiftapiservers.crd.yaml +crd: 0000_30_openshift-apiserver-operator_01_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal OpenShiftAPIServer diff --git a/vendor/github.com/openshift/api/operator/v1/stable.openshiftcontrollermanager.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.openshiftcontrollermanager.testsuite.yaml index 29ef128c37..05c1cf66fd 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.openshiftcontrollermanager.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.openshiftcontrollermanager.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] OpenShiftControllerManager" -crd: 0000_50_openshift-controller-manager_02_openshiftcontrollermanagers.crd.yaml +crd: 0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml tests: onCreate: - name: Should be able to create a minimal OpenShiftControllerManager diff --git a/vendor/github.com/openshift/api/operator/v1/stable.serviceca.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.serviceca.testsuite.yaml index 8aa7037738..0463461426 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.serviceca.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.serviceca.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ServiceCA" -crd: 0000_50_service-ca_02_servicecas.crd.yaml +crd: 0000_50_service-ca-operator_02_crd.yaml tests: onCreate: - name: Should be able to create a minimal ServiceCA diff --git a/vendor/github.com/openshift/api/operator/v1/stable.storage.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/stable.storage.testsuite.yaml index ea3ff06eaa..98afa6ea72 100644 --- a/vendor/github.com/openshift/api/operator/v1/stable.storage.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/stable.storage.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Storage" -crd: 0000_50_storage_01_storages.crd.yaml +crd: 0000_50_cluster_storage_operator_01_crd.yaml tests: onCreate: - name: Should be able to create a minimal Storage diff --git a/vendor/github.com/openshift/api/operator/v1/techpreview.etcd.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/techpreview.etcd.testsuite.yaml index 72f6202198..27108a3af1 100644 --- a/vendor/github.com/openshift/api/operator/v1/techpreview.etcd.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/techpreview.etcd.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreview] Etcd" -crd: 0000_12_etcd_01_etcds-TechPreviewNoUpgrade.crd.yaml +crd: 0000_12_etcd-operator_01_config-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create with Standard hardware speed diff --git a/vendor/github.com/openshift/api/operator/v1/techpreview.machineconfiguration.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1/techpreview.machineconfiguration.testsuite.yaml index 38dcbcf348..af780b9673 100644 --- a/vendor/github.com/openshift/api/operator/v1/techpreview.machineconfiguration.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1/techpreview.machineconfiguration.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreviewNoUpgrade] MachineConfiguration" -crd: 0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml +crd: 0000_80_machine-config-operator_01_config-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal MachineConfiguration @@ -115,212 +115,3 @@ tests: selection: mode: All expectedError: "spec.managedBootImages.machineManagers[1]: Duplicate value: map[string]interface {}{\"apiGroup\":\"machine.openshift.io\", \"resource\":\"machinesets\"}" - - name: Should be able to create a valid node disruption policy - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: my.service - units: - - name: "my.service" - actions: - - type: Restart - restart: - serviceName: my-other.service - sshkey: - actions: - - type: None - expected: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - logLevel: Normal - operatorLogLevel: Normal - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: my.service - units: - - name: "my.service" - actions: - - type: Restart - restart: - serviceName: my-other.service - sshkey: - actions: - - type: None - - name: Should be able to define a node disruption policy with multiple entries of the same type - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: my.service - - path: "/etc/my-other-file" - actions: - - type: Drain - - type: Restart - restart: - serviceName: my.service - expected: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - logLevel: Normal - operatorLogLevel: Normal - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: my.service - - path: "/etc/my-other-file" - actions: - - type: Drain - - type: Restart - restart: - serviceName: my.service - - name: Node disruption policies with duplicate file entries should fail - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: my.service - - path: "/etc/my-file" - actions: - - type: Drain - - type: Reload - reload: - serviceName: my.service - expectedError: "spec.nodeDisruptionPolicy.files[1]: Duplicate value: map[string]interface {}{\"path\":\"/etc/my-file\"}" - - name: Node disruption policies that specify a reload action should fail if you don't specify the reload field - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - expectedError: "reload is required when type is Reload, and forbidden otherwise" - - name: Node disruption policies that specify a reboot action should not allow other actions in the list - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: Reboot - - type: DaemonReload - expectedError: "Reboot action can only be specified standalone, as it will override any other actions" - - name: Node disruption policies should use service name(s) which have a valid name prefix. - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: .service - expectedError: "Invalid ${NAME} in service name. Expected format is ${NAME}${SERVICETYPE}, where {NAME} must be atleast 1 character long and can only consist of alphabets, digits, \":\", \"-\", \"_\", \".\", and \"\\\"" - - name: Node disruption policies should use service name(s) which have a valid name suffix. - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: service - expectedError: "Invalid ${SERVICETYPE} in service name. Expected format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\",\".snapshot\", \".slice\" or \".scope\"." - - name: Node disruption policies should use service name(s) which have a valid name suffix. - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: serv.ice - expectedError: "Invalid ${SERVICETYPE} in service name. Expected format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\",\".snapshot\", \".slice\" or \".scope\"." - - name: Should be able to define a node disruption policy that has a service name which has multiple permitted special characters - initial: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: a:b_c-d\.e.swap - - path: "/etc/my-other-file" - actions: - - type: Drain - - type: Restart - restart: - serviceName: a.b.c.d.e.snapshot - expected: | - apiVersion: operator.openshift.io/v1 - kind: MachineConfiguration - spec: - logLevel: Normal - operatorLogLevel: Normal - nodeDisruptionPolicy: - files: - - path: "/etc/my-file" - actions: - - type: DaemonReload - - type: Reload - reload: - serviceName: a:b_c-d\.e.swap - - path: "/etc/my-other-file" - actions: - - type: Drain - - type: Restart - restart: - serviceName: a.b.c.d.e.snapshot diff --git a/vendor/github.com/openshift/api/operator/v1/types_authentication.go b/vendor/github.com/openshift/api/operator/v1/types_authentication.go index 888e8205be..414a3d1246 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/operator/v1/types_authentication.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=authentications,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=authentication,operatorOrdering=01 +// +openshift:file-pattern=0000_50_cluster-authentication-operator_01_configMARKERS.crd.yaml // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true // +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true diff --git a/vendor/github.com/openshift/api/operator/v1/types_cloudcredential.go b/vendor/github.com/openshift/api/operator/v1/types_cloudcredential.go index 9666b27922..4bf2023be3 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_cloudcredential.go +++ b/vendor/github.com/openshift/api/operator/v1/types_cloudcredential.go @@ -12,7 +12,7 @@ import ( // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/692 // +openshift:capability=CloudCredential -// +openshift:file-pattern=cvoRunLevel=0000_40,operatorName=cloud-credential,operatorOrdering=00 +// +openshift:file-pattern=0000_40_cloud-credential-operator_00_configMARKERS.crd.yaml // CloudCredential provides a means to configure an operator to manage CredentialsRequests. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_config.go b/vendor/github.com/openshift/api/operator/v1/types_config.go index e7c6d59dbb..0967483cfe 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_config.go +++ b/vendor/github.com/openshift/api/operator/v1/types_config.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=configs,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/612 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=0000_10_config-operator_01_configMARKERS.crd.yaml // Config specifies the behavior of the config operator which is responsible for creating the initial configuration of other components // on the cluster. The operator also handles installation, migration or synchronization of cloud configurations for AWS and Azure cloud based clusters diff --git a/vendor/github.com/openshift/api/operator/v1/types_console.go b/vendor/github.com/openshift/api/operator/v1/types_console.go index 474253d5d7..4e37094029 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_console.go +++ b/vendor/github.com/openshift/api/operator/v1/types_console.go @@ -13,7 +13,7 @@ import ( // +kubebuilder:resource:path=consoles,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/486 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=console,operatorOrdering=01 +// +openshift:file-pattern=00_console-operatorMARKERS.crd.yaml // Console provides a means to configure an operator to manage the console. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index 0156d6df32..bcc73f7594 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -20,7 +20,7 @@ import ( // +kubebuilder:resource:path=clustercsidrivers,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/701 -// +openshift:file-pattern=cvoRunLevel=0000_90,operatorName=csi-driver,operatorOrdering=01 +// +openshift:file-pattern=0000_90_cluster_csi_driver_01_configMARKERS.crd.yaml // ClusterCSIDriver object allows management and configuration of a CSI driver operator // installed by default in OpenShift. Name of the object must be name of the CSI driver diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_snapshot.go b/vendor/github.com/openshift/api/operator/v1/types_csi_snapshot.go index f96384819c..7f4b738bd2 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_snapshot.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_snapshot.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=csisnapshotcontrollers,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/562 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=csi-snapshot-controller,operatorOrdering=01 +// +openshift:file-pattern=0000_80_csi_snapshot_controller_operator_01_MARKERScrd.yaml // CSISnapshotController provides a means to configure an operator to manage the CSI snapshots. `cluster` is the canonical name. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_dns.go b/vendor/github.com/openshift/api/operator/v1/types_dns.go index 3d7cbb6c00..fb446ef73b 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_dns.go +++ b/vendor/github.com/openshift/api/operator/v1/types_dns.go @@ -14,7 +14,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_70,operatorName=dns,operatorOrdering=00 +// +openshift:file-pattern=0000_70_dns-operator_00MARKERS.crd.yaml // DNS manages the CoreDNS component to provide a name resolution service // for pods and services in the cluster. diff --git a/vendor/github.com/openshift/api/operator/v1/types_etcd.go b/vendor/github.com/openshift/api/operator/v1/types_etcd.go index a2ba126897..4d88f6c282 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_etcd.go +++ b/vendor/github.com/openshift/api/operator/v1/types_etcd.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=etcds,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/752 -// +openshift:file-pattern=cvoRunLevel=0000_12,operatorName=etcd,operatorOrdering=01 +// +openshift:file-pattern=0000_12_etcd-operator_01_configMARKERS.crd.yaml // Etcd provides information to configure an operator to manage etcd. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index 77f5ff7a10..154774dcd6 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -17,7 +17,7 @@ import ( // +kubebuilder:resource:path=ingresscontrollers,scope=Namespaced // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/616 // +openshift:capability=Ingress -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=ingress,operatorOrdering=00 +// +openshift:file-pattern=0000_50_ingress-operator_00-ingresscontrollerMARKERS.crd.yaml // IngressController describes a managed ingress controller for the cluster. The // controller can service OpenShift Route and Kubernetes Ingress resources. diff --git a/vendor/github.com/openshift/api/operator/v1/types_insights.go b/vendor/github.com/openshift/api/operator/v1/types_insights.go index 56e2b51c14..780902b5ae 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_insights.go +++ b/vendor/github.com/openshift/api/operator/v1/types_insights.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=insightsoperators,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1237 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=insights,operatorOrdering=00 +// +openshift:file-pattern=0000_50_insights-operator_00-insightsoperatorMARKERS.crd.yaml // // InsightsOperator holds cluster-wide information about the Insights Operator. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go b/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go index 5c9d43a2a2..ca19d7ef81 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_kubeapiserver.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=kubeapiservers,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_20,operatorName=kube-apiserver,operatorOrdering=01 +// +openshift:file-pattern=0000_20_kube-apiserver-operator_01_configMARKERS.crd.yaml // KubeAPIServer provides information to configure an operator to manage kube-apiserver. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_kubecontrollermanager.go b/vendor/github.com/openshift/api/operator/v1/types_kubecontrollermanager.go index 93ab209a0d..4b8b6b987f 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_kubecontrollermanager.go +++ b/vendor/github.com/openshift/api/operator/v1/types_kubecontrollermanager.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=kubecontrollermanagers,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_25,operatorName=kube-controller-manager,operatorOrdering=01 +// +openshift:file-pattern=0000_25_kube-controller-manager-operator_01_configMARKERS.crd.yaml // KubeControllerManager provides information to configure an operator to manage kube-controller-manager. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_kubestorageversionmigrator.go b/vendor/github.com/openshift/api/operator/v1/types_kubestorageversionmigrator.go index 470dc5097d..f952be6f8a 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_kubestorageversionmigrator.go +++ b/vendor/github.com/openshift/api/operator/v1/types_kubestorageversionmigrator.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=kubestorageversionmigrators,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/503 -// +openshift:file-pattern=cvoRunLevel=0000_40,operatorName=kube-storage-version-migrator,operatorOrdering=00 +// +openshift:file-pattern=0000_40_kube-storage-version-migrator-operator_00_configMARKERS.crd.yaml // KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go b/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go index 5afc154dcd..4c1bac5eac 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go +++ b/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=machineconfigurations,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1453 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 +// +openshift:file-pattern=0000_80_machine-config-operator_01_configMARKERS.crd.yaml // MachineConfiguration provides information to configure an operator to manage Machine Configuration. // @@ -46,25 +46,12 @@ type MachineConfigurationSpec struct { // +openshift:enable:FeatureGate=ManagedBootImages // +optional ManagedBootImages ManagedBootImages `json:"managedBootImages"` - - // nodeDisruptionPolicy allows an admin to set granular node disruption actions for - // MachineConfig-based updates, such as drains, service reloads, etc. Specifying this will allow - // for less downtime when doing small configuration updates to the cluster. This configuration - // has no effect on cluster upgrades which will still incur node disruption where required. - // +openshift:enable:FeatureGate=NodeDisruptionPolicy - // +optional - NodeDisruptionPolicy NodeDisruptionPolicyConfig `json:"nodeDisruptionPolicy"` } type MachineConfigurationStatus struct { - // TODO tombstone this field StaticPodOperatorStatus `json:",inline"` - // nodeDisruptionPolicyStatus status reflects what the latest cluster-validated policies are, - // and will be used by the Machine Config Daemon during future node updates. - // +openshift:enable:FeatureGate=NodeDisruptionPolicy - // +optional - NodeDisruptionPolicyStatus NodeDisruptionPolicyStatus `json:"nodeDisruptionPolicyStatus"` + // TODO(jkyros): This is where we can put additional bespoke status fields } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -171,295 +158,3 @@ const ( // This feature only supports MAPI machinesets at this time. MachineAPI MachineManagerMachineSetsAPIGroupType = "machine.openshift.io" ) - -type NodeDisruptionPolicyStatus struct { - // clusterPolicies is a merge of cluster default and user provided node disruption policies. - // +optional - ClusterPolicies NodeDisruptionPolicyClusterStatus `json:"clusterPolicies"` -} - -// NodeDisruptionPolicyConfig is the overall spec definition for files/units/sshkeys -type NodeDisruptionPolicyConfig struct { - // files is a list of MachineConfig file definitions and actions to take to changes on those paths - // This list supports a maximum of 50 entries. - // +optional - // +listType=map - // +listMapKey=path - // +kubebuilder:validation:MaxItems=50 - Files []NodeDisruptionPolicySpecFile `json:"files"` - // units is a list MachineConfig unit definitions and actions to take on changes to those services - // This list supports a maximum of 50 entries. - // +optional - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=50 - Units []NodeDisruptionPolicySpecUnit `json:"units"` - // sshkey maps to the ignition.sshkeys field in the MachineConfig object, definition an action for this - // will apply to all sshkey changes in the cluster - // +optional - SSHKey NodeDisruptionPolicySpecSSHKey `json:"sshkey"` -} - -// NodeDisruptionPolicyClusterStatus is the type for the status object, rendered by the controller as a -// merge of cluster defaults and user provided policies -type NodeDisruptionPolicyClusterStatus struct { - // files is a list of MachineConfig file definitions and actions to take to changes on those paths - // +optional - // +listType=map - // +listMapKey=path - // +kubebuilder:validation:MaxItems=100 - Files []NodeDisruptionPolicyStatusFile `json:"files,omitempty"` - // units is a list MachineConfig unit definitions and actions to take on changes to those services - // +optional - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=100 - Units []NodeDisruptionPolicyStatusUnit `json:"units,omitempty"` - // sshkey is the overall sshkey MachineConfig definition - // +optional - SSHKey NodeDisruptionPolicyStatusSSHKey `json:"sshkey,omitempty"` -} - -// NodeDisruptionPolicySpecFile is a file entry and corresponding actions to take and is used in the NodeDisruptionPolicyConfig object -type NodeDisruptionPolicySpecFile struct { - // path is the location of a file being managed through a MachineConfig. - // The Actions in the policy will apply to changes to the file at this path. - // +kubebuilder:validation:Required - Path string `json:"path"` - // actions represents the series of commands to be executed on changes to the file at - // the corresponding file path. Actions will be applied in the order that - // they are set in this list. If there are other incoming changes to other MachineConfig - // entries in the same update that require a reboot, the reboot will supercede these actions. - // Valid actions are Reboot, Drain, Reload, DaemonReload and None. - // The Reboot action and the None action cannot be used in conjunction with any of the other actions. - // This list supports a maximum of 10 entries. - // +kubebuilder:validation:Required - // +listType=atomic - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='Reboot') ? size(self) == 1 : true", message="Reboot action can only be specified standalone, as it will override any other actions" - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='None') ? size(self) == 1 : true", message="None action can only be specified standalone, as it will override any other actions" - Actions []NodeDisruptionPolicySpecAction `json:"actions"` -} - -// NodeDisruptionPolicyStatusFile is a file entry and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus object -type NodeDisruptionPolicyStatusFile struct { - // path is the location of a file being managed through a MachineConfig. - // The Actions in the policy will apply to changes to the file at this path. - // +kubebuilder:validation:Required - Path string `json:"path"` - // actions represents the series of commands to be executed on changes to the file at - // the corresponding file path. Actions will be applied in the order that - // they are set in this list. If there are other incoming changes to other MachineConfig - // entries in the same update that require a reboot, the reboot will supercede these actions. - // Valid actions are Reboot, Drain, Reload, DaemonReload and None. - // The Reboot action and the None action cannot be used in conjunction with any of the other actions. - // This list supports a maximum of 10 entries. - // +kubebuilder:validation:Required - // +listType=atomic - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='Reboot') ? size(self) == 1 : true", message="Reboot action can only be specified standalone, as it will override any other actions" - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='None') ? size(self) == 1 : true", message="None action can only be specified standalone, as it will override any other actions" - Actions []NodeDisruptionPolicyStatusAction `json:"actions"` -} - -// NodeDisruptionPolicySpecUnit is a systemd unit name and corresponding actions to take and is used in the NodeDisruptionPolicyConfig object -type NodeDisruptionPolicySpecUnit struct { - // name represents the service name of a systemd service managed through a MachineConfig - // Actions specified will be applied for changes to the named service. - // Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. - // ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". - // ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". - // +kubebuilder:validation:Required - Name NodeDisruptionPolicyServiceName `json:"name"` - - // actions represents the series of commands to be executed on changes to the file at - // the corresponding file path. Actions will be applied in the order that - // they are set in this list. If there are other incoming changes to other MachineConfig - // entries in the same update that require a reboot, the reboot will supercede these actions. - // Valid actions are Reboot, Drain, Reload, DaemonReload and None. - // The Reboot action and the None action cannot be used in conjunction with any of the other actions. - // This list supports a maximum of 10 entries. - // +kubebuilder:validation:Required - // +listType=atomic - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='Reboot') ? size(self) == 1 : true", message="Reboot action can only be specified standalone, as it will override any other actions" - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='None') ? size(self) == 1 : true", message="None action can only be specified standalone, as it will override any other actions" - Actions []NodeDisruptionPolicySpecAction `json:"actions"` -} - -// NodeDisruptionPolicyStatusUnit is a systemd unit name and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus object -type NodeDisruptionPolicyStatusUnit struct { - // name represents the service name of a systemd service managed through a MachineConfig - // Actions specified will be applied for changes to the named service. - // Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. - // ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". - // ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". - // +kubebuilder:validation:Required - Name NodeDisruptionPolicyServiceName `json:"name"` - - // actions represents the series of commands to be executed on changes to the file at - // the corresponding file path. Actions will be applied in the order that - // they are set in this list. If there are other incoming changes to other MachineConfig - // entries in the same update that require a reboot, the reboot will supercede these actions. - // Valid actions are Reboot, Drain, Reload, DaemonReload and None. - // The Reboot action and the None action cannot be used in conjunction with any of the other actions. - // This list supports a maximum of 10 entries. - // +kubebuilder:validation:Required - // +listType=atomic - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='Reboot') ? size(self) == 1 : true", message="Reboot action can only be specified standalone, as it will override any other actions" - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='None') ? size(self) == 1 : true", message="None action can only be specified standalone, as it will override any other actions" - Actions []NodeDisruptionPolicyStatusAction `json:"actions"` -} - -// NodeDisruptionPolicySpecSSHKey is actions to take for any SSHKey change and is used in the NodeDisruptionPolicyConfig object -type NodeDisruptionPolicySpecSSHKey struct { - // actions represents the series of commands to be executed on changes to the file at - // the corresponding file path. Actions will be applied in the order that - // they are set in this list. If there are other incoming changes to other MachineConfig - // entries in the same update that require a reboot, the reboot will supercede these actions. - // Valid actions are Reboot, Drain, Reload, DaemonReload and None. - // The Reboot action and the None action cannot be used in conjunction with any of the other actions. - // This list supports a maximum of 10 entries. - // +kubebuilder:validation:Required - // +listType=atomic - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='Reboot') ? size(self) == 1 : true", message="Reboot action can only be specified standalone, as it will override any other actions" - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='None') ? size(self) == 1 : true", message="None action can only be specified standalone, as it will override any other actions" - Actions []NodeDisruptionPolicySpecAction `json:"actions"` -} - -// NodeDisruptionPolicyStatusSSHKey is actions to take for any SSHKey change and is used in the NodeDisruptionPolicyClusterStatus object -type NodeDisruptionPolicyStatusSSHKey struct { - // actions represents the series of commands to be executed on changes to the file at - // the corresponding file path. Actions will be applied in the order that - // they are set in this list. If there are other incoming changes to other MachineConfig - // entries in the same update that require a reboot, the reboot will supercede these actions. - // Valid actions are Reboot, Drain, Reload, DaemonReload and None. - // The Reboot action and the None action cannot be used in conjunction with any of the other actions. - // This list supports a maximum of 10 entries. - // +kubebuilder:validation:Required - // +listType=atomic - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='Reboot') ? size(self) == 1 : true", message="Reboot action can only be specified standalone, as it will override any other actions" - // +kubebuilder:validation:XValidation:rule="self.exists(x, x.type=='None') ? size(self) == 1 : true", message="None action can only be specified standalone, as it will override any other actions" - Actions []NodeDisruptionPolicyStatusAction `json:"actions"` -} - -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Reload' ? has(self.reload) : !has(self.reload)",message="reload is required when type is Reload, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Restart' ? has(self.restart) : !has(self.restart)",message="restart is required when type is Restart, and forbidden otherwise" -// +union -type NodeDisruptionPolicySpecAction struct { - // type represents the commands that will be carried out if this NodeDisruptionPolicySpecActionType is executed - // Valid value are Reboot, Drain, Reload, Restart, DaemonReload, None and Special - // reload/restart requires a corresponding service target specified in the reload/restart field. - // Other values require no further configuration - // +unionDiscriminator - // +kubebuilder:validation:Required - Type NodeDisruptionPolicySpecActionType `json:"type"` - // reload specifies the service to reload, only valid if type is reload - // +optional - Reload *ReloadService `json:"reload,omitempty"` - // restart specifies the service to restart, only valid if type is restart - // +optional - Restart *RestartService `json:"restart,omitempty"` -} - -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Reload' ? has(self.reload) : !has(self.reload)",message="reload is required when type is Reload, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Restart' ? has(self.restart) : !has(self.restart)",message="restart is required when type is Restart, and forbidden otherwise" -// +union -type NodeDisruptionPolicyStatusAction struct { - // type represents the commands that will be carried out if this NodeDisruptionPolicyStatusActionType is executed - // Valid value are Reboot, Drain, Reload, Restart, DaemonReload, None and Special - // reload/restart requires a corresponding service target specified in the reload/restart field. - // Other values require no further configuration - // +unionDiscriminator - // +kubebuilder:validation:Required - Type NodeDisruptionPolicyStatusActionType `json:"type"` - // reload specifies the service to reload, only valid if type is reload - // +optional - Reload *ReloadService `json:"reload,omitempty"` - // restart specifies the service to restart, only valid if type is restart - // +optional - Restart *RestartService `json:"restart,omitempty"` -} - -// ReloadService allows the user to specify the services to be reloaded -type ReloadService struct { - // serviceName is the full name (e.g. crio.service) of the service to be reloaded - // Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. - // ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". - // ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". - // +kubebuilder:validation:Required - ServiceName NodeDisruptionPolicyServiceName `json:"serviceName"` -} - -// RestartService allows the user to specify the services to be restarted -type RestartService struct { - // serviceName is the full name (e.g. crio.service) of the service to be restarted - // Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. - // ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, ":", "-", "_", ".", and "\". - // ${SERVICETYPE} must be one of ".service", ".socket", ".device", ".mount", ".automount", ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" or ".scope". - // +kubebuilder:validation:Required - ServiceName NodeDisruptionPolicyServiceName `json:"serviceName"` -} - -// NodeDisruptionPolicySpecActionType is a string enum used in a NodeDisruptionPolicySpecAction object. They describe an action to be performed. -// +kubebuilder:validation:Enum:="Reboot";"Drain";"Reload";"Restart";"DaemonReload";"None" -type NodeDisruptionPolicySpecActionType string - -// +kubebuilder:validation:XValidation:rule=`self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$')`, message="Invalid ${SERVICETYPE} in service name. Expected format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\",\".snapshot\", \".slice\" or \".scope\"." -// +kubebuilder:validation:XValidation:rule=`self.matches('^[a-zA-Z0-9:._\\\\-]+\\..')`, message="Invalid ${NAME} in service name. Expected format is ${NAME}${SERVICETYPE}, where {NAME} must be atleast 1 character long and can only consist of alphabets, digits, \":\", \"-\", \"_\", \".\", and \"\\\"" -// +kubebuilder:validation:MaxLength=255 -type NodeDisruptionPolicyServiceName string - -const ( - // Reboot represents an action that will cause nodes to be rebooted. This is the default action by the MCO - // if a reboot policy is not found for a change/update being performed by the MCO. - RebootSpecAction NodeDisruptionPolicySpecActionType = "Reboot" - - // Drain represents an action that will cause nodes to be drained of their workloads. - DrainSpecAction NodeDisruptionPolicySpecActionType = "Drain" - - // Reload represents an action that will cause nodes to reload the service described by the Target field. - ReloadSpecAction NodeDisruptionPolicySpecActionType = "Reload" - - // Restart represents an action that will cause nodes to restart the service described by the Target field. - RestartSpecAction NodeDisruptionPolicySpecActionType = "Restart" - - // DaemonReload represents an action that TBD - DaemonReloadSpecAction NodeDisruptionPolicySpecActionType = "DaemonReload" - - // None represents an action that no handling is required by the MCO. - NoneSpecAction NodeDisruptionPolicySpecActionType = "None" -) - -// NodeDisruptionPolicyStatusActionType is a string enum used in a NodeDisruptionPolicyStatusAction object. They describe an action to be performed. -// The key difference of this object from NodeDisruptionPolicySpecActionType is that there is a additional SpecialStatusAction value in this enum. This will only be -// used by the MCO's controller to indicate some internal actions. They are not part of the NodeDisruptionPolicyConfig object and cannot be set by the user. -// +kubebuilder:validation:Enum:="Reboot";"Drain";"Reload";"Restart";"DaemonReload";"None";"Special" -type NodeDisruptionPolicyStatusActionType string - -const ( - // Reboot represents an action that will cause nodes to be rebooted. This is the default action by the MCO - // if a reboot policy is not found for a change/update being performed by the MCO. - RebootStatusAction NodeDisruptionPolicyStatusActionType = "Reboot" - - // Drain represents an action that will cause nodes to be drained of their workloads. - DrainStatusAction NodeDisruptionPolicyStatusActionType = "Drain" - - // Reload represents an action that will cause nodes to reload the service described by the Target field. - ReloadStatusAction NodeDisruptionPolicyStatusActionType = "Reload" - - // Restart represents an action that will cause nodes to restart the service described by the Target field. - RestartStatusAction NodeDisruptionPolicyStatusActionType = "Restart" - - // DaemonReload represents an action that TBD - DaemonReloadStatusAction NodeDisruptionPolicyStatusActionType = "DaemonReload" - - // None represents an action that no handling is required by the MCO. - NoneStatusAction NodeDisruptionPolicyStatusActionType = "None" - - // Special represents an action that is internal to the MCO, and is not allowed in user defined NodeDisruption policies. - SpecialStatusAction NodeDisruptionPolicyStatusActionType = "Special" -) diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index c81707b4c2..4007441b30 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -10,7 +10,7 @@ import ( // +kubebuilder:object:root=true // +kubebuilder:resource:path=networks,scope=Cluster // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_70,operatorName=network,operatorOrdering=01 +// +openshift:file-pattern=0000_70_cluster-network-operator_01MARKERS.crd.yaml // +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true // +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true diff --git a/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go b/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go index 3ae83e6948..c0835b6ac5 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_openshiftapiserver.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=openshiftapiservers,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_30,operatorName=openshift-apiserver,operatorOrdering=01 +// +openshift:file-pattern=0000_30_openshift-apiserver-operator_01_configMARKERS.crd.yaml // OpenShiftAPIServer provides information to configure an operator to manage openshift-apiserver. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_openshiftcontrollermanager.go b/vendor/github.com/openshift/api/operator/v1/types_openshiftcontrollermanager.go index 8e8929a903..48c2b52abd 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_openshiftcontrollermanager.go +++ b/vendor/github.com/openshift/api/operator/v1/types_openshiftcontrollermanager.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=openshiftcontrollermanagers,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=openshift-controller-manager,operatorOrdering=02 +// +openshift:file-pattern=0000_50_cluster-openshift-controller-manager-operator_02_configMARKERS.crd.yaml // OpenShiftControllerManager provides information to configure an operator to manage openshift-controller-manager. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_scheduler.go b/vendor/github.com/openshift/api/operator/v1/types_scheduler.go index 448c458c19..f91a9480d8 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_scheduler.go +++ b/vendor/github.com/openshift/api/operator/v1/types_scheduler.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=kubeschedulers,scope=Cluster,categories=coreoperators // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_25,operatorName=kube-scheduler,operatorOrdering=01 +// +openshift:file-pattern=0000_25_kube-scheduler-operator_01_configMARKERS.crd.yaml // KubeScheduler provides information to configure an operator to manage scheduler. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_serviceca.go b/vendor/github.com/openshift/api/operator/v1/types_serviceca.go index e4d8d1d7ad..9be7fe0f83 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_serviceca.go +++ b/vendor/github.com/openshift/api/operator/v1/types_serviceca.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=servicecas,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/475 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=service-ca,operatorOrdering=02 +// +openshift:file-pattern=0000_50_service-ca-operator_02_MARKERScrd.yaml // ServiceCA provides information to configure an operator to manage the service cert controllers // diff --git a/vendor/github.com/openshift/api/operator/v1/types_storage.go b/vendor/github.com/openshift/api/operator/v1/types_storage.go index aa48b0c84f..719b7eedec 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_storage.go +++ b/vendor/github.com/openshift/api/operator/v1/types_storage.go @@ -11,7 +11,7 @@ import ( // +kubebuilder:resource:path=storages,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/670 -// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=storage,operatorOrdering=01 +// +openshift:file-pattern=0000_50_cluster_storage_operator_01_MARKERScrd.yaml // Storage provides a means to configure an operator to manage the cluster storage operator. `cluster` is the canonical name. // diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml deleted file mode 100644 index 3a2d46d303..0000000000 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-CustomNoUpgrade.crd.yaml +++ /dev/null @@ -1,1294 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: CustomNoUpgrade - name: machineconfigurations.operator.openshift.io -spec: - group: operator.openshift.io - names: - kind: MachineConfiguration - listKind: MachineConfigurationList - plural: machineconfigurations - singular: machineconfiguration - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "MachineConfiguration provides information to configure an operator - to manage Machine Configuration. \n Compatibility level 1: Stable within - a major release for a minimum of 12 months or 3 minor releases (whichever - is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec is the specification of the desired behavior of the - Machine Config Operator - properties: - failedRevisionLimit: - description: failedRevisionLimit is the number of failed static pod - installer revisions to keep on disk and in the api -1 = unlimited, - 0 or unset = 5 (default) - format: int32 - type: integer - forceRedeploymentReason: - description: forceRedeploymentReason can be used to force the redeployment - of the operand by providing a unique string. This provides a mechanism - to kick a previously failed deployment and provide a reason why - you think it will work this time instead of failing again on the - same config. - type: string - logLevel: - default: Normal - description: "logLevel is an intent based logging for an overall component. - \ It does not give fine grained control, but it is a simple way - to manage coarse grained logging choices that operators have to - interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", - \"Trace\", \"TraceAll\". Defaults to \"Normal\"." - enum: - - "" - - Normal - - Debug - - Trace - - TraceAll - type: string - managedBootImages: - description: managedBootImages allows configuration for the management - of boot images for machine resources within the cluster. This configuration - allows users to select resources that should be updated to the latest - boot images during cluster upgrades, ensuring that new machines - always boot with the current cluster version's boot image. When - omitted, no boot images will be updated. - properties: - machineManagers: - description: machineManagers can be used to register machine management - resources for boot image updates. The Machine Config Operator - will watch for changes to this list. Only one entry is permitted - per type of machine management resource. - items: - description: MachineManager describes a target machine resource - that is registered for boot image updates. It stores identifying - information such as the resource type and the API Group of - the resource. It also provides granular control via the selection - field. - properties: - apiGroup: - description: apiGroup is name of the APIGroup that the machine - management resource belongs to. The only current valid - value is machine.openshift.io. machine.openshift.io means - that the machine manager will only register resources - that belong to OpenShift machine API group. - enum: - - machine.openshift.io - type: string - resource: - description: resource is the machine management resource's - type. The only current valid value is machinesets. machinesets - means that the machine manager will only register resources - of the kind MachineSet. - enum: - - machinesets - type: string - selection: - description: selection allows granular control of the machine - management resources that will be registered for boot - image updates. - properties: - mode: - description: mode determines how machine managers will - be selected for updates. Valid values are All and - Partial. All means that every resource matched by - the machine manager will be updated. Partial requires - specified selector(s) and allows customisation of - which resources matched by the machine manager will - be updated. - enum: - - All - - Partial - type: string - partial: - description: partial provides label selector(s) that - can be used to match machine management resources. - Only permitted when mode is set to "Partial". - properties: - machineResourceSelector: - description: machineResourceSelector is a label - selector that can be used to select machine resources - like MachineSets. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - machineResourceSelector - type: object - required: - - mode - type: object - x-kubernetes-validations: - - message: Partial is required when type is partial, and - forbidden otherwise - rule: 'has(self.mode) && self.mode == ''Partial'' ? has(self.partial) - : !has(self.partial)' - required: - - apiGroup - - resource - - selection - type: object - type: array - x-kubernetes-list-map-keys: - - resource - - apiGroup - x-kubernetes-list-type: map - type: object - managementState: - description: managementState indicates whether and how the operator - should manage the component - pattern: ^(Managed|Unmanaged|Force|Removed)$ - type: string - nodeDisruptionPolicy: - description: nodeDisruptionPolicy allows an admin to set granular - node disruption actions for MachineConfig-based updates, such as - drains, service reloads, etc. Specifying this will allow for less - downtime when doing small configuration updates to the cluster. - This configuration has no effect on cluster upgrades which will - still incur node disruption where required. - properties: - files: - description: files is a list of MachineConfig file definitions - and actions to take to changes on those paths This list supports - a maximum of 50 entries. - items: - description: NodeDisruptionPolicySpecFile is a file entry and - corresponding actions to take and is used in the NodeDisruptionPolicyConfig - object - properties: - actions: - description: actions represents the series of commands to - be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that they - are set in this list. If there are other incoming changes - to other MachineConfig entries in the same update that - require a reboot, the reboot will supercede these actions. - Valid actions are Reboot, Drain, Reload, DaemonReload - and None. The Reboot action and the None action cannot - be used in conjunction with any of the other actions. - This list supports a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicySpecActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) - : !has(self.reload)' - - message: restart is required when type is Restart, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' ? - has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) == - 1 : true' - path: - description: path is the location of a file being managed - through a MachineConfig. The Actions in the policy will - apply to changes to the file at this path. - type: string - required: - - actions - - path - type: object - maxItems: 50 - type: array - x-kubernetes-list-map-keys: - - path - x-kubernetes-list-type: map - sshkey: - description: sshkey maps to the ignition.sshkeys field in the - MachineConfig object, definition an action for this will apply - to all sshkey changes in the cluster - properties: - actions: - description: actions represents the series of commands to - be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that they - are set in this list. If there are other incoming changes - to other MachineConfig entries in the same update that require - a reboot, the reboot will supercede these actions. Valid - actions are Reboot, Drain, Reload, DaemonReload and None. - The Reboot action and the None action cannot be used in - conjunction with any of the other actions. This list supports - a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded Service - names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, where - ${SERVICETYPE} must be one of ".service", ".socket", - ".device", ".mount", ".automount", ".swap", - ".target", ".path", ".timer",".snapshot", ".slice" - or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted Service - names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, where - ${SERVICETYPE} must be one of ".service", ".socket", - ".device", ".mount", ".automount", ".swap", - ".target", ".path", ".timer",".snapshot", ".slice" - or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicySpecActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and forbidden - otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) - : !has(self.reload)' - - message: restart is required when type is Restart, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' ? has(self.restart) - : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) == - 1 : true' - - message: None action can only be specified standalone, as - it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) == - 1 : true' - required: - - actions - type: object - units: - description: units is a list MachineConfig unit definitions and - actions to take on changes to those services This list supports - a maximum of 50 entries. - items: - description: NodeDisruptionPolicySpecUnit is a systemd unit - name and corresponding actions to take and is used in the - NodeDisruptionPolicyConfig object - properties: - actions: - description: actions represents the series of commands to - be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that they - are set in this list. If there are other incoming changes - to other MachineConfig entries in the same update that - require a reboot, the reboot will supercede these actions. - Valid actions are Reboot, Drain, Reload, DaemonReload - and None. The Reboot action and the None action cannot - be used in conjunction with any of the other actions. - This list supports a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicySpecActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) - : !has(self.reload)' - - message: restart is required when type is Restart, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' ? - has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) == - 1 : true' - name: - description: name represents the service name of a systemd - service managed through a MachineConfig Actions specified - will be applied for changes to the named service. Service - names should be of the format ${NAME}${SERVICETYPE} and - can up to 255 characters long. ${NAME} must be atleast - 1 character long and can only consist of alphabets, digits, - ":", "-", "_", ".", and "\". ${SERVICETYPE} must be one - of ".service", ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" - or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. Expected - format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} - must be one of ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected format - is ${NAME}${SERVICETYPE}, where {NAME} must be atleast - 1 character long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - actions - - name - type: object - maxItems: 50 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - observedConfig: - description: observedConfig holds a sparse config that controller - has observed from the cluster state. It exists in spec because - it is an input to the level for the operator - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - operatorLogLevel: - default: Normal - description: "operatorLogLevel is an intent based logging for the - operator itself. It does not give fine grained control, but it - is a simple way to manage coarse grained logging choices that operators - have to interpret for themselves. \n Valid values are: \"Normal\", - \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." - enum: - - "" - - Normal - - Debug - - Trace - - TraceAll - type: string - succeededRevisionLimit: - description: succeededRevisionLimit is the number of successful static - pod installer revisions to keep on disk and in the api -1 = unlimited, - 0 or unset = 5 (default) - format: int32 - type: integer - unsupportedConfigOverrides: - description: unsupportedConfigOverrides overrides the final configuration - that was computed by the operator. Red Hat does not support the - use of this field. Misuse of this field could lead to unexpected - behavior or conflict with other configuration options. Seek guidance - from the Red Hat support before using this field. Use of this property - blocks cluster upgrades, it must be removed before upgrading your - cluster. - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - status: - description: status is the most recently observed status of the Machine - Config Operator - properties: - conditions: - description: conditions is a list of conditions and their status - items: - description: OperatorCondition is just the standard condition fields. - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - generations: - description: generations are used to determine when an item needs - to be reconciled or has changed in a way that needs a reaction. - items: - description: GenerationStatus keeps track of the generation for - a given resource so that decisions about forced updates can be - made. - properties: - group: - description: group is the group of the thing you're tracking - type: string - hash: - description: hash is an optional field set for resources without - generation that are content sensitive like secrets and configmaps - type: string - lastGeneration: - description: lastGeneration is the last generation of the workload - controller involved - format: int64 - type: integer - name: - description: name is the name of the thing you're tracking - type: string - namespace: - description: namespace is where the thing you're tracking is - type: string - resource: - description: resource is the resource type of the thing you're - tracking - type: string - type: object - type: array - x-kubernetes-list-type: atomic - latestAvailableRevision: - description: latestAvailableRevision is the deploymentID of the most - recent deployment - format: int32 - type: integer - latestAvailableRevisionReason: - description: latestAvailableRevisionReason describe the detailed reason - for the most recent deployment - type: string - nodeDisruptionPolicyStatus: - description: nodeDisruptionPolicyStatus status reflects what the latest - cluster-validated policies are, and will be used by the Machine - Config Daemon during future node updates. - properties: - clusterPolicies: - description: clusterPolicies is a merge of cluster default and - user provided node disruption policies. - properties: - files: - description: files is a list of MachineConfig file definitions - and actions to take to changes on those paths - items: - description: NodeDisruptionPolicyStatusFile is a file entry - and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus - object - properties: - actions: - description: actions represents the series of commands - to be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that - they are set in this list. If there are other incoming - changes to other MachineConfig entries in the same - update that require a reboot, the reboot will supercede - these actions. Valid actions are Reboot, Drain, Reload, - DaemonReload and None. The Reboot action and the None - action cannot be used in conjunction with any of the - other actions. This list supports a maximum of 10 - entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - reloaded Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to - restart, only valid if type is restart - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - restarted Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that - will be carried out if this NodeDisruptionPolicyStatusActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - - Special - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' - ? has(self.reload) : !has(self.reload)' - - message: restart is required when type is Restart, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' - ? has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) - == 1 : true' - path: - description: path is the location of a file being managed - through a MachineConfig. The Actions in the policy - will apply to changes to the file at this path. - type: string - required: - - actions - - path - type: object - maxItems: 100 - type: array - x-kubernetes-list-map-keys: - - path - x-kubernetes-list-type: map - sshkey: - description: sshkey is the overall sshkey MachineConfig definition - properties: - actions: - description: actions represents the series of commands - to be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that - they are set in this list. If there are other incoming - changes to other MachineConfig entries in the same update - that require a reboot, the reboot will supercede these - actions. Valid actions are Reboot, Drain, Reload, DaemonReload - and None. The Reboot action and the None action cannot - be used in conjunction with any of the other actions. - This list supports a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\". ${SERVICETYPE} must be one of - ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", - ".timer", ".snapshot", ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\". ${SERVICETYPE} must be one of - ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", - ".timer", ".snapshot", ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicyStatusActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - - Special - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? - has(self.reload) : !has(self.reload)' - - message: restart is required when type is Restart, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' - ? has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) - == 1 : true' - required: - - actions - type: object - units: - description: units is a list MachineConfig unit definitions - and actions to take on changes to those services - items: - description: NodeDisruptionPolicyStatusUnit is a systemd - unit name and corresponding actions to take and is used - in the NodeDisruptionPolicyClusterStatus object - properties: - actions: - description: actions represents the series of commands - to be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that - they are set in this list. If there are other incoming - changes to other MachineConfig entries in the same - update that require a reboot, the reboot will supercede - these actions. Valid actions are Reboot, Drain, Reload, - DaemonReload and None. The Reboot action and the None - action cannot be used in conjunction with any of the - other actions. This list supports a maximum of 10 - entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - reloaded Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to - restart, only valid if type is restart - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - restarted Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that - will be carried out if this NodeDisruptionPolicyStatusActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - - Special - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' - ? has(self.reload) : !has(self.reload)' - - message: restart is required when type is Restart, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' - ? has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) - == 1 : true' - name: - description: name represents the service name of a systemd - service managed through a MachineConfig Actions specified - will be applied for changes to the named service. - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\". ${SERVICETYPE} - must be one of ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", ".timer", - ".snapshot", ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. Expected - format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} - must be one of ".service", ".socket", ".device", - ".mount", ".automount", ".swap", ".target", ".path", - ".timer",".snapshot", ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - actions - - name - type: object - maxItems: 100 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: object - nodeStatuses: - description: nodeStatuses track the deployment values and errors across - individual nodes - items: - description: NodeStatus provides information about the current state - of a particular node managed by this operator. - properties: - currentRevision: - description: currentRevision is the generation of the most recently - successful deployment - format: int32 - type: integer - lastFailedCount: - description: lastFailedCount is how often the installer pod - of the last failed revision failed. - type: integer - lastFailedReason: - description: lastFailedReason is a machine readable failure - reason string. - type: string - lastFailedRevision: - description: lastFailedRevision is the generation of the deployment - we tried and failed to deploy. - format: int32 - type: integer - lastFailedRevisionErrors: - description: lastFailedRevisionErrors is a list of human readable - errors during the failed deployment referenced in lastFailedRevision. - items: - type: string - type: array - x-kubernetes-list-type: atomic - lastFailedTime: - description: lastFailedTime is the time the last failed revision - failed the last time. - format: date-time - type: string - lastFallbackCount: - description: lastFallbackCount is how often a fallback to a - previous revision happened. - type: integer - nodeName: - description: nodeName is the name of the node - type: string - targetRevision: - description: targetRevision is the generation of the deployment - we're trying to apply - format: int32 - type: integer - required: - - nodeName - type: object - type: array - x-kubernetes-list-map-keys: - - nodeName - x-kubernetes-list-type: map - observedGeneration: - description: observedGeneration is the last generation change you've - dealt with - format: int64 - type: integer - readyReplicas: - description: readyReplicas indicates how many replicas are ready and - at the desired state - format: int32 - type: integer - version: - description: version is the level this availability applies to - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml deleted file mode 100644 index c030d3c82b..0000000000 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-TechPreviewNoUpgrade.crd.yaml +++ /dev/null @@ -1,1294 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1453 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: TechPreviewNoUpgrade - name: machineconfigurations.operator.openshift.io -spec: - group: operator.openshift.io - names: - kind: MachineConfiguration - listKind: MachineConfigurationList - plural: machineconfigurations - singular: machineconfiguration - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: "MachineConfiguration provides information to configure an operator - to manage Machine Configuration. \n Compatibility level 1: Stable within - a major release for a minimum of 12 months or 3 minor releases (whichever - is longer)." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec is the specification of the desired behavior of the - Machine Config Operator - properties: - failedRevisionLimit: - description: failedRevisionLimit is the number of failed static pod - installer revisions to keep on disk and in the api -1 = unlimited, - 0 or unset = 5 (default) - format: int32 - type: integer - forceRedeploymentReason: - description: forceRedeploymentReason can be used to force the redeployment - of the operand by providing a unique string. This provides a mechanism - to kick a previously failed deployment and provide a reason why - you think it will work this time instead of failing again on the - same config. - type: string - logLevel: - default: Normal - description: "logLevel is an intent based logging for an overall component. - \ It does not give fine grained control, but it is a simple way - to manage coarse grained logging choices that operators have to - interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", - \"Trace\", \"TraceAll\". Defaults to \"Normal\"." - enum: - - "" - - Normal - - Debug - - Trace - - TraceAll - type: string - managedBootImages: - description: managedBootImages allows configuration for the management - of boot images for machine resources within the cluster. This configuration - allows users to select resources that should be updated to the latest - boot images during cluster upgrades, ensuring that new machines - always boot with the current cluster version's boot image. When - omitted, no boot images will be updated. - properties: - machineManagers: - description: machineManagers can be used to register machine management - resources for boot image updates. The Machine Config Operator - will watch for changes to this list. Only one entry is permitted - per type of machine management resource. - items: - description: MachineManager describes a target machine resource - that is registered for boot image updates. It stores identifying - information such as the resource type and the API Group of - the resource. It also provides granular control via the selection - field. - properties: - apiGroup: - description: apiGroup is name of the APIGroup that the machine - management resource belongs to. The only current valid - value is machine.openshift.io. machine.openshift.io means - that the machine manager will only register resources - that belong to OpenShift machine API group. - enum: - - machine.openshift.io - type: string - resource: - description: resource is the machine management resource's - type. The only current valid value is machinesets. machinesets - means that the machine manager will only register resources - of the kind MachineSet. - enum: - - machinesets - type: string - selection: - description: selection allows granular control of the machine - management resources that will be registered for boot - image updates. - properties: - mode: - description: mode determines how machine managers will - be selected for updates. Valid values are All and - Partial. All means that every resource matched by - the machine manager will be updated. Partial requires - specified selector(s) and allows customisation of - which resources matched by the machine manager will - be updated. - enum: - - All - - Partial - type: string - partial: - description: partial provides label selector(s) that - can be used to match machine management resources. - Only permitted when mode is set to "Partial". - properties: - machineResourceSelector: - description: machineResourceSelector is a label - selector that can be used to select machine resources - like MachineSets. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - machineResourceSelector - type: object - required: - - mode - type: object - x-kubernetes-validations: - - message: Partial is required when type is partial, and - forbidden otherwise - rule: 'has(self.mode) && self.mode == ''Partial'' ? has(self.partial) - : !has(self.partial)' - required: - - apiGroup - - resource - - selection - type: object - type: array - x-kubernetes-list-map-keys: - - resource - - apiGroup - x-kubernetes-list-type: map - type: object - managementState: - description: managementState indicates whether and how the operator - should manage the component - pattern: ^(Managed|Unmanaged|Force|Removed)$ - type: string - nodeDisruptionPolicy: - description: nodeDisruptionPolicy allows an admin to set granular - node disruption actions for MachineConfig-based updates, such as - drains, service reloads, etc. Specifying this will allow for less - downtime when doing small configuration updates to the cluster. - This configuration has no effect on cluster upgrades which will - still incur node disruption where required. - properties: - files: - description: files is a list of MachineConfig file definitions - and actions to take to changes on those paths This list supports - a maximum of 50 entries. - items: - description: NodeDisruptionPolicySpecFile is a file entry and - corresponding actions to take and is used in the NodeDisruptionPolicyConfig - object - properties: - actions: - description: actions represents the series of commands to - be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that they - are set in this list. If there are other incoming changes - to other MachineConfig entries in the same update that - require a reboot, the reboot will supercede these actions. - Valid actions are Reboot, Drain, Reload, DaemonReload - and None. The Reboot action and the None action cannot - be used in conjunction with any of the other actions. - This list supports a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicySpecActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) - : !has(self.reload)' - - message: restart is required when type is Restart, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' ? - has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) == - 1 : true' - path: - description: path is the location of a file being managed - through a MachineConfig. The Actions in the policy will - apply to changes to the file at this path. - type: string - required: - - actions - - path - type: object - maxItems: 50 - type: array - x-kubernetes-list-map-keys: - - path - x-kubernetes-list-type: map - sshkey: - description: sshkey maps to the ignition.sshkeys field in the - MachineConfig object, definition an action for this will apply - to all sshkey changes in the cluster - properties: - actions: - description: actions represents the series of commands to - be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that they - are set in this list. If there are other incoming changes - to other MachineConfig entries in the same update that require - a reboot, the reboot will supercede these actions. Valid - actions are Reboot, Drain, Reload, DaemonReload and None. - The Reboot action and the None action cannot be used in - conjunction with any of the other actions. This list supports - a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded Service - names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, where - ${SERVICETYPE} must be one of ".service", ".socket", - ".device", ".mount", ".automount", ".swap", - ".target", ".path", ".timer",".snapshot", ".slice" - or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted Service - names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, where - ${SERVICETYPE} must be one of ".service", ".socket", - ".device", ".mount", ".automount", ".swap", - ".target", ".path", ".timer",".snapshot", ".slice" - or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicySpecActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and forbidden - otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) - : !has(self.reload)' - - message: restart is required when type is Restart, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' ? has(self.restart) - : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) == - 1 : true' - - message: None action can only be specified standalone, as - it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) == - 1 : true' - required: - - actions - type: object - units: - description: units is a list MachineConfig unit definitions and - actions to take on changes to those services This list supports - a maximum of 50 entries. - items: - description: NodeDisruptionPolicySpecUnit is a systemd unit - name and corresponding actions to take and is used in the - NodeDisruptionPolicyConfig object - properties: - actions: - description: actions represents the series of commands to - be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that they - are set in this list. If there are other incoming changes - to other MachineConfig entries in the same update that - require a reboot, the reboot will supercede these actions. - Valid actions are Reboot, Drain, Reload, DaemonReload - and None. The Reboot action and the None action cannot - be used in conjunction with any of the other actions. - This list supports a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and - "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicySpecActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? has(self.reload) - : !has(self.reload)' - - message: restart is required when type is Restart, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' ? - has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) == - 1 : true' - name: - description: name represents the service name of a systemd - service managed through a MachineConfig Actions specified - will be applied for changes to the named service. Service - names should be of the format ${NAME}${SERVICETYPE} and - can up to 255 characters long. ${NAME} must be atleast - 1 character long and can only consist of alphabets, digits, - ":", "-", "_", ".", and "\". ${SERVICETYPE} must be one - of ".service", ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", ".slice" - or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. Expected - format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} - must be one of ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected format - is ${NAME}${SERVICETYPE}, where {NAME} must be atleast - 1 character long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - actions - - name - type: object - maxItems: 50 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - observedConfig: - description: observedConfig holds a sparse config that controller - has observed from the cluster state. It exists in spec because - it is an input to the level for the operator - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - operatorLogLevel: - default: Normal - description: "operatorLogLevel is an intent based logging for the - operator itself. It does not give fine grained control, but it - is a simple way to manage coarse grained logging choices that operators - have to interpret for themselves. \n Valid values are: \"Normal\", - \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." - enum: - - "" - - Normal - - Debug - - Trace - - TraceAll - type: string - succeededRevisionLimit: - description: succeededRevisionLimit is the number of successful static - pod installer revisions to keep on disk and in the api -1 = unlimited, - 0 or unset = 5 (default) - format: int32 - type: integer - unsupportedConfigOverrides: - description: unsupportedConfigOverrides overrides the final configuration - that was computed by the operator. Red Hat does not support the - use of this field. Misuse of this field could lead to unexpected - behavior or conflict with other configuration options. Seek guidance - from the Red Hat support before using this field. Use of this property - blocks cluster upgrades, it must be removed before upgrading your - cluster. - nullable: true - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - status: - description: status is the most recently observed status of the Machine - Config Operator - properties: - conditions: - description: conditions is a list of conditions and their status - items: - description: OperatorCondition is just the standard condition fields. - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - generations: - description: generations are used to determine when an item needs - to be reconciled or has changed in a way that needs a reaction. - items: - description: GenerationStatus keeps track of the generation for - a given resource so that decisions about forced updates can be - made. - properties: - group: - description: group is the group of the thing you're tracking - type: string - hash: - description: hash is an optional field set for resources without - generation that are content sensitive like secrets and configmaps - type: string - lastGeneration: - description: lastGeneration is the last generation of the workload - controller involved - format: int64 - type: integer - name: - description: name is the name of the thing you're tracking - type: string - namespace: - description: namespace is where the thing you're tracking is - type: string - resource: - description: resource is the resource type of the thing you're - tracking - type: string - type: object - type: array - x-kubernetes-list-type: atomic - latestAvailableRevision: - description: latestAvailableRevision is the deploymentID of the most - recent deployment - format: int32 - type: integer - latestAvailableRevisionReason: - description: latestAvailableRevisionReason describe the detailed reason - for the most recent deployment - type: string - nodeDisruptionPolicyStatus: - description: nodeDisruptionPolicyStatus status reflects what the latest - cluster-validated policies are, and will be used by the Machine - Config Daemon during future node updates. - properties: - clusterPolicies: - description: clusterPolicies is a merge of cluster default and - user provided node disruption policies. - properties: - files: - description: files is a list of MachineConfig file definitions - and actions to take to changes on those paths - items: - description: NodeDisruptionPolicyStatusFile is a file entry - and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus - object - properties: - actions: - description: actions represents the series of commands - to be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that - they are set in this list. If there are other incoming - changes to other MachineConfig entries in the same - update that require a reboot, the reboot will supercede - these actions. Valid actions are Reboot, Drain, Reload, - DaemonReload and None. The Reboot action and the None - action cannot be used in conjunction with any of the - other actions. This list supports a maximum of 10 - entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - reloaded Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to - restart, only valid if type is restart - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - restarted Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that - will be carried out if this NodeDisruptionPolicyStatusActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - - Special - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' - ? has(self.reload) : !has(self.reload)' - - message: restart is required when type is Restart, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' - ? has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) - == 1 : true' - path: - description: path is the location of a file being managed - through a MachineConfig. The Actions in the policy - will apply to changes to the file at this path. - type: string - required: - - actions - - path - type: object - maxItems: 100 - type: array - x-kubernetes-list-map-keys: - - path - x-kubernetes-list-type: map - sshkey: - description: sshkey is the overall sshkey MachineConfig definition - properties: - actions: - description: actions represents the series of commands - to be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that - they are set in this list. If there are other incoming - changes to other MachineConfig entries in the same update - that require a reboot, the reboot will supercede these - actions. Valid actions are Reboot, Drain, Reload, DaemonReload - and None. The Reboot action and the None action cannot - be used in conjunction with any of the other actions. - This list supports a maximum of 10 entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be reloaded - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\". ${SERVICETYPE} must be one of - ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", - ".timer", ".snapshot", ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to restart, - only valid if type is restart - properties: - serviceName: - description: serviceName is the full name (e.g. - crio.service) of the service to be restarted - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} - must be atleast 1 character long and can only - consist of alphabets, digits, ":", "-", "_", - ".", and "\". ${SERVICETYPE} must be one of - ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", - ".timer", ".snapshot", ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that will - be carried out if this NodeDisruptionPolicyStatusActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - - Special - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, and - forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' ? - has(self.reload) : !has(self.reload)' - - message: restart is required when type is Restart, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' - ? has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) - == 1 : true' - required: - - actions - type: object - units: - description: units is a list MachineConfig unit definitions - and actions to take on changes to those services - items: - description: NodeDisruptionPolicyStatusUnit is a systemd - unit name and corresponding actions to take and is used - in the NodeDisruptionPolicyClusterStatus object - properties: - actions: - description: actions represents the series of commands - to be executed on changes to the file at the corresponding - file path. Actions will be applied in the order that - they are set in this list. If there are other incoming - changes to other MachineConfig entries in the same - update that require a reboot, the reboot will supercede - these actions. Valid actions are Reboot, Drain, Reload, - DaemonReload and None. The Reboot action and the None - action cannot be used in conjunction with any of the - other actions. This list supports a maximum of 10 - entries. - items: - properties: - reload: - description: reload specifies the service to reload, - only valid if type is reload - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - reloaded Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - restart: - description: restart specifies the service to - restart, only valid if type is restart - properties: - serviceName: - description: serviceName is the full name - (e.g. crio.service) of the service to be - restarted Service names should be of the - format ${NAME}${SERVICETYPE} and can up - to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", - and "\". ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer", ".snapshot", - ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service - name. Expected format is ${NAME}${SERVICETYPE}, - where ${SERVICETYPE} must be one of ".service", - ".socket", ".device", ".mount", ".automount", - ".swap", ".target", ".path", ".timer",".snapshot", - ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. - Expected format is ${NAME}${SERVICETYPE}, - where {NAME} must be atleast 1 character - long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - serviceName - type: object - type: - description: type represents the commands that - will be carried out if this NodeDisruptionPolicyStatusActionType - is executed Valid value are Reboot, Drain, Reload, - Restart, DaemonReload, None and Special reload/restart - requires a corresponding service target specified - in the reload/restart field. Other values require - no further configuration - enum: - - Reboot - - Drain - - Reload - - Restart - - DaemonReload - - None - - Special - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: reload is required when type is Reload, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Reload'' - ? has(self.reload) : !has(self.reload)' - - message: restart is required when type is Restart, - and forbidden otherwise - rule: 'has(self.type) && self.type == ''Restart'' - ? has(self.restart) : !has(self.restart)' - maxItems: 10 - type: array - x-kubernetes-list-type: atomic - x-kubernetes-validations: - - message: Reboot action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''Reboot'') ? size(self) - == 1 : true' - - message: None action can only be specified standalone, - as it will override any other actions - rule: 'self.exists(x, x.type==''None'') ? size(self) - == 1 : true' - name: - description: name represents the service name of a systemd - service managed through a MachineConfig Actions specified - will be applied for changes to the named service. - Service names should be of the format ${NAME}${SERVICETYPE} - and can up to 255 characters long. ${NAME} must be - atleast 1 character long and can only consist of alphabets, - digits, ":", "-", "_", ".", and "\". ${SERVICETYPE} - must be one of ".service", ".socket", ".device", ".mount", - ".automount", ".swap", ".target", ".path", ".timer", - ".snapshot", ".slice" or ".scope". - maxLength: 255 - type: string - x-kubernetes-validations: - - message: Invalid ${SERVICETYPE} in service name. Expected - format is ${NAME}${SERVICETYPE}, where ${SERVICETYPE} - must be one of ".service", ".socket", ".device", - ".mount", ".automount", ".swap", ".target", ".path", - ".timer",".snapshot", ".slice" or ".scope". - rule: self.matches('\\.(service|socket|device|mount|automount|swap|target|path|timer|snapshot|slice|scope)$') - - message: Invalid ${NAME} in service name. Expected - format is ${NAME}${SERVICETYPE}, where {NAME} must - be atleast 1 character long and can only consist - of alphabets, digits, ":", "-", "_", ".", and "\" - rule: self.matches('^[a-zA-Z0-9:._\\\\-]+\\..') - required: - - actions - - name - type: object - maxItems: 100 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: object - nodeStatuses: - description: nodeStatuses track the deployment values and errors across - individual nodes - items: - description: NodeStatus provides information about the current state - of a particular node managed by this operator. - properties: - currentRevision: - description: currentRevision is the generation of the most recently - successful deployment - format: int32 - type: integer - lastFailedCount: - description: lastFailedCount is how often the installer pod - of the last failed revision failed. - type: integer - lastFailedReason: - description: lastFailedReason is a machine readable failure - reason string. - type: string - lastFailedRevision: - description: lastFailedRevision is the generation of the deployment - we tried and failed to deploy. - format: int32 - type: integer - lastFailedRevisionErrors: - description: lastFailedRevisionErrors is a list of human readable - errors during the failed deployment referenced in lastFailedRevision. - items: - type: string - type: array - x-kubernetes-list-type: atomic - lastFailedTime: - description: lastFailedTime is the time the last failed revision - failed the last time. - format: date-time - type: string - lastFallbackCount: - description: lastFallbackCount is how often a fallback to a - previous revision happened. - type: integer - nodeName: - description: nodeName is the name of the node - type: string - targetRevision: - description: targetRevision is the generation of the deployment - we're trying to apply - format: int32 - type: integer - required: - - nodeName - type: object - type: array - x-kubernetes-list-map-keys: - - nodeName - x-kubernetes-list-type: map - observedGeneration: - description: observedGeneration is the last generation change you've - dealt with - format: int64 - type: integer - readyReplicas: - description: readyReplicas indicates how many replicas are ready and - at the desired state - format: int32 - type: integer - version: - description: version is the level this availability applies to - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/doc.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/doc.go deleted file mode 100644 index 644e03c3c1..0000000000 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/doc.go +++ /dev/null @@ -1 +0,0 @@ -package operator_v1_crdmanifests diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index c98770feec..aa05f328d6 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -2936,7 +2936,6 @@ func (in *MachineConfigurationSpec) DeepCopyInto(out *MachineConfigurationSpec) *out = *in in.StaticPodOperatorSpec.DeepCopyInto(&out.StaticPodOperatorSpec) in.ManagedBootImages.DeepCopyInto(&out.ManagedBootImages) - in.NodeDisruptionPolicy.DeepCopyInto(&out.NodeDisruptionPolicy) return } @@ -2954,7 +2953,6 @@ func (in *MachineConfigurationSpec) DeepCopy() *MachineConfigurationSpec { func (in *MachineConfigurationStatus) DeepCopyInto(out *MachineConfigurationStatus) { *out = *in in.StaticPodOperatorStatus.DeepCopyInto(&out.StaticPodOperatorStatus) - in.NodeDisruptionPolicyStatus.DeepCopyInto(&out.NodeDisruptionPolicyStatus) return } @@ -3273,275 +3271,6 @@ func (in *NetworkStatus) DeepCopy() *NetworkStatus { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyClusterStatus) DeepCopyInto(out *NodeDisruptionPolicyClusterStatus) { - *out = *in - if in.Files != nil { - in, out := &in.Files, &out.Files - *out = make([]NodeDisruptionPolicyStatusFile, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Units != nil { - in, out := &in.Units, &out.Units - *out = make([]NodeDisruptionPolicyStatusUnit, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - in.SSHKey.DeepCopyInto(&out.SSHKey) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyClusterStatus. -func (in *NodeDisruptionPolicyClusterStatus) DeepCopy() *NodeDisruptionPolicyClusterStatus { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyClusterStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyConfig) DeepCopyInto(out *NodeDisruptionPolicyConfig) { - *out = *in - if in.Files != nil { - in, out := &in.Files, &out.Files - *out = make([]NodeDisruptionPolicySpecFile, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Units != nil { - in, out := &in.Units, &out.Units - *out = make([]NodeDisruptionPolicySpecUnit, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - in.SSHKey.DeepCopyInto(&out.SSHKey) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyConfig. -func (in *NodeDisruptionPolicyConfig) DeepCopy() *NodeDisruptionPolicyConfig { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicySpecAction) DeepCopyInto(out *NodeDisruptionPolicySpecAction) { - *out = *in - if in.Reload != nil { - in, out := &in.Reload, &out.Reload - *out = new(ReloadService) - **out = **in - } - if in.Restart != nil { - in, out := &in.Restart, &out.Restart - *out = new(RestartService) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicySpecAction. -func (in *NodeDisruptionPolicySpecAction) DeepCopy() *NodeDisruptionPolicySpecAction { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicySpecAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicySpecFile) DeepCopyInto(out *NodeDisruptionPolicySpecFile) { - *out = *in - if in.Actions != nil { - in, out := &in.Actions, &out.Actions - *out = make([]NodeDisruptionPolicySpecAction, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicySpecFile. -func (in *NodeDisruptionPolicySpecFile) DeepCopy() *NodeDisruptionPolicySpecFile { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicySpecFile) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicySpecSSHKey) DeepCopyInto(out *NodeDisruptionPolicySpecSSHKey) { - *out = *in - if in.Actions != nil { - in, out := &in.Actions, &out.Actions - *out = make([]NodeDisruptionPolicySpecAction, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicySpecSSHKey. -func (in *NodeDisruptionPolicySpecSSHKey) DeepCopy() *NodeDisruptionPolicySpecSSHKey { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicySpecSSHKey) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicySpecUnit) DeepCopyInto(out *NodeDisruptionPolicySpecUnit) { - *out = *in - if in.Actions != nil { - in, out := &in.Actions, &out.Actions - *out = make([]NodeDisruptionPolicySpecAction, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicySpecUnit. -func (in *NodeDisruptionPolicySpecUnit) DeepCopy() *NodeDisruptionPolicySpecUnit { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicySpecUnit) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyStatus) DeepCopyInto(out *NodeDisruptionPolicyStatus) { - *out = *in - in.ClusterPolicies.DeepCopyInto(&out.ClusterPolicies) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyStatus. -func (in *NodeDisruptionPolicyStatus) DeepCopy() *NodeDisruptionPolicyStatus { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyStatusAction) DeepCopyInto(out *NodeDisruptionPolicyStatusAction) { - *out = *in - if in.Reload != nil { - in, out := &in.Reload, &out.Reload - *out = new(ReloadService) - **out = **in - } - if in.Restart != nil { - in, out := &in.Restart, &out.Restart - *out = new(RestartService) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyStatusAction. -func (in *NodeDisruptionPolicyStatusAction) DeepCopy() *NodeDisruptionPolicyStatusAction { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyStatusAction) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyStatusFile) DeepCopyInto(out *NodeDisruptionPolicyStatusFile) { - *out = *in - if in.Actions != nil { - in, out := &in.Actions, &out.Actions - *out = make([]NodeDisruptionPolicyStatusAction, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyStatusFile. -func (in *NodeDisruptionPolicyStatusFile) DeepCopy() *NodeDisruptionPolicyStatusFile { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyStatusFile) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyStatusSSHKey) DeepCopyInto(out *NodeDisruptionPolicyStatusSSHKey) { - *out = *in - if in.Actions != nil { - in, out := &in.Actions, &out.Actions - *out = make([]NodeDisruptionPolicyStatusAction, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyStatusSSHKey. -func (in *NodeDisruptionPolicyStatusSSHKey) DeepCopy() *NodeDisruptionPolicyStatusSSHKey { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyStatusSSHKey) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeDisruptionPolicyStatusUnit) DeepCopyInto(out *NodeDisruptionPolicyStatusUnit) { - *out = *in - if in.Actions != nil { - in, out := &in.Actions, &out.Actions - *out = make([]NodeDisruptionPolicyStatusAction, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeDisruptionPolicyStatusUnit. -func (in *NodeDisruptionPolicyStatusUnit) DeepCopy() *NodeDisruptionPolicyStatusUnit { - if in == nil { - return nil - } - out := new(NodeDisruptionPolicyStatusUnit) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodePlacement) DeepCopyInto(out *NodePlacement) { *out = *in @@ -4218,22 +3947,6 @@ func (in *QuickStarts) DeepCopy() *QuickStarts { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReloadService) DeepCopyInto(out *ReloadService) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReloadService. -func (in *ReloadService) DeepCopy() *ReloadService { - if in == nil { - return nil - } - out := new(ReloadService) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ResourceAttributesAccessReview) DeepCopyInto(out *ResourceAttributesAccessReview) { *out = *in @@ -4260,22 +3973,6 @@ func (in *ResourceAttributesAccessReview) DeepCopy() *ResourceAttributesAccessRe return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RestartService) DeepCopyInto(out *RestartService) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RestartService. -func (in *RestartService) DeepCopy() *RestartService { - if in == nil { - return nil - } - out := new(RestartService) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RouteAdmissionPolicy) DeepCopyInto(out *RouteAdmissionPolicy) { *out = *in diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index c118163875..010b65616d 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -7,9 +7,6 @@ authentications.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: authentication - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: Authentication @@ -17,7 +14,8 @@ authentications.operator.openshift.io: PluralName: authentications PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_cluster-authentication-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -28,9 +26,6 @@ csisnapshotcontrollers.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: csi-snapshot-controller - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" GroupName: operator.openshift.io HasStatus: true KindName: CSISnapshotController @@ -38,7 +33,8 @@ csisnapshotcontrollers.operator.openshift.io: PluralName: csisnapshotcontrollers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_80_csi_snapshot_controller_operator_01_MARKERScrd.yaml TopLevelFeatureGates: [] Version: v1 @@ -49,9 +45,6 @@ cloudcredentials.operator.openshift.io: Capability: CloudCredential Category: "" FeatureGates: [] - FilenameOperatorName: cloud-credential - FilenameOperatorOrdering: "00" - FilenameRunLevel: "0000_40" GroupName: operator.openshift.io HasStatus: true KindName: CloudCredential @@ -59,7 +52,8 @@ cloudcredentials.operator.openshift.io: PluralName: cloudcredentials PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_40_cloud-credential-operator_00_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -70,9 +64,6 @@ clustercsidrivers.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: csi-driver - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_90" GroupName: operator.openshift.io HasStatus: true KindName: ClusterCSIDriver @@ -80,7 +71,8 @@ clustercsidrivers.operator.openshift.io: PluralName: clustercsidrivers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_90_cluster_csi_driver_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -91,9 +83,6 @@ configs.operator.openshift.io: Capability: "" Category: coreoperators FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" GroupName: operator.openshift.io HasStatus: true KindName: Config @@ -101,7 +90,8 @@ configs.operator.openshift.io: PluralName: configs PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_10_config-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -112,9 +102,6 @@ consoles.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: console - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: Console @@ -122,7 +109,8 @@ consoles.operator.openshift.io: PluralName: consoles PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 00_console-operatorMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -133,9 +121,6 @@ dnses.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: dns - FilenameOperatorOrdering: "00" - FilenameRunLevel: "0000_70" GroupName: operator.openshift.io HasStatus: true KindName: DNS @@ -143,7 +128,8 @@ dnses.operator.openshift.io: PluralName: dnses PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_70_dns-operator_00MARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -155,9 +141,6 @@ etcds.operator.openshift.io: Category: coreoperators FeatureGates: - HardwareSpeed - FilenameOperatorName: etcd - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_12" GroupName: operator.openshift.io HasStatus: true KindName: Etcd @@ -165,7 +148,8 @@ etcds.operator.openshift.io: PluralName: etcds PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_12_etcd-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -176,9 +160,6 @@ ingresscontrollers.operator.openshift.io: Capability: Ingress Category: "" FeatureGates: [] - FilenameOperatorName: ingress - FilenameOperatorOrdering: "00" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: IngressController @@ -186,7 +167,8 @@ ingresscontrollers.operator.openshift.io: PluralName: ingresscontrollers PrinterColumns: [] Scope: Namespaced - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_ingress-operator_00-ingresscontrollerMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -197,9 +179,6 @@ insightsoperators.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: insights - FilenameOperatorOrdering: "00" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: InsightsOperator @@ -207,7 +186,8 @@ insightsoperators.operator.openshift.io: PluralName: insightsoperators PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_insights-operator_00-insightsoperatorMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -218,9 +198,6 @@ kubeapiservers.operator.openshift.io: Capability: "" Category: coreoperators FeatureGates: [] - FilenameOperatorName: kube-apiserver - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_20" GroupName: operator.openshift.io HasStatus: true KindName: KubeAPIServer @@ -228,7 +205,8 @@ kubeapiservers.operator.openshift.io: PluralName: kubeapiservers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_20_kube-apiserver-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -239,9 +217,6 @@ kubecontrollermanagers.operator.openshift.io: Capability: "" Category: coreoperators FeatureGates: [] - FilenameOperatorName: kube-controller-manager - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_25" GroupName: operator.openshift.io HasStatus: true KindName: KubeControllerManager @@ -249,7 +224,8 @@ kubecontrollermanagers.operator.openshift.io: PluralName: kubecontrollermanagers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_25_kube-controller-manager-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -260,9 +236,6 @@ kubeschedulers.operator.openshift.io: Capability: "" Category: coreoperators FeatureGates: [] - FilenameOperatorName: kube-scheduler - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_25" GroupName: operator.openshift.io HasStatus: true KindName: KubeScheduler @@ -270,7 +243,8 @@ kubeschedulers.operator.openshift.io: PluralName: kubeschedulers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_25_kube-scheduler-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -281,9 +255,6 @@ kubestorageversionmigrators.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: kube-storage-version-migrator - FilenameOperatorOrdering: "00" - FilenameRunLevel: "0000_40" GroupName: operator.openshift.io HasStatus: true KindName: KubeStorageVersionMigrator @@ -291,7 +262,8 @@ kubestorageversionmigrators.operator.openshift.io: PluralName: kubestorageversionmigrators PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_40_kube-storage-version-migrator-operator_00_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -303,10 +275,6 @@ machineconfigurations.operator.openshift.io: Category: "" FeatureGates: - ManagedBootImages - - NodeDisruptionPolicy - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" GroupName: operator.openshift.io HasStatus: true KindName: MachineConfiguration @@ -314,7 +282,8 @@ machineconfigurations.operator.openshift.io: PluralName: machineconfigurations PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_80_machine-config-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -328,9 +297,6 @@ networks.operator.openshift.io: Category: "" FeatureGates: - NetworkLiveMigration - FilenameOperatorName: network - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_70" GroupName: operator.openshift.io HasStatus: false KindName: Network @@ -338,7 +304,8 @@ networks.operator.openshift.io: PluralName: networks PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_70_cluster-network-operator_01MARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -349,9 +316,6 @@ openshiftapiservers.operator.openshift.io: Capability: "" Category: coreoperators FeatureGates: [] - FilenameOperatorName: openshift-apiserver - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_30" GroupName: operator.openshift.io HasStatus: true KindName: OpenShiftAPIServer @@ -359,7 +323,8 @@ openshiftapiservers.operator.openshift.io: PluralName: openshiftapiservers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_30_openshift-apiserver-operator_01_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -370,9 +335,6 @@ openshiftcontrollermanagers.operator.openshift.io: Capability: "" Category: coreoperators FeatureGates: [] - FilenameOperatorName: openshift-controller-manager - FilenameOperatorOrdering: "02" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: OpenShiftControllerManager @@ -380,7 +342,8 @@ openshiftcontrollermanagers.operator.openshift.io: PluralName: openshiftcontrollermanagers PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_cluster-openshift-controller-manager-operator_02_configMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 @@ -391,9 +354,6 @@ servicecas.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: service-ca - FilenameOperatorOrdering: "02" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: ServiceCA @@ -401,7 +361,8 @@ servicecas.operator.openshift.io: PluralName: servicecas PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_service-ca-operator_02_MARKERScrd.yaml TopLevelFeatureGates: [] Version: v1 @@ -412,9 +373,6 @@ storages.operator.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: storage - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: Storage @@ -422,7 +380,8 @@ storages.operator.openshift.io: PluralName: storages PrinterColumns: [] Scope: Cluster - ShortNames: null + ShortName: "" + TargetFilenamePattern: 0000_50_cluster_storage_operator_01_MARKERScrd.yaml TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 6d9197407d..1ff3042672 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -1275,22 +1275,13 @@ func (MachineConfigurationList) SwaggerDoc() map[string]string { } var map_MachineConfigurationSpec = map[string]string{ - "managedBootImages": "managedBootImages allows configuration for the management of boot images for machine resources within the cluster. This configuration allows users to select resources that should be updated to the latest boot images during cluster upgrades, ensuring that new machines always boot with the current cluster version's boot image. When omitted, no boot images will be updated.", - "nodeDisruptionPolicy": "nodeDisruptionPolicy allows an admin to set granular node disruption actions for MachineConfig-based updates, such as drains, service reloads, etc. Specifying this will allow for less downtime when doing small configuration updates to the cluster. This configuration has no effect on cluster upgrades which will still incur node disruption where required.", + "managedBootImages": "managedBootImages allows configuration for the management of boot images for machine resources within the cluster. This configuration allows users to select resources that should be updated to the latest boot images during cluster upgrades, ensuring that new machines always boot with the current cluster version's boot image. When omitted, no boot images will be updated.", } func (MachineConfigurationSpec) SwaggerDoc() map[string]string { return map_MachineConfigurationSpec } -var map_MachineConfigurationStatus = map[string]string{ - "nodeDisruptionPolicyStatus": "nodeDisruptionPolicyStatus status reflects what the latest cluster-validated policies are, and will be used by the Machine Config Daemon during future node updates.", -} - -func (MachineConfigurationStatus) SwaggerDoc() map[string]string { - return map_MachineConfigurationStatus -} - var map_MachineManager = map[string]string{ "": "MachineManager describes a target machine resource that is registered for boot image updates. It stores identifying information such as the resource type and the API Group of the resource. It also provides granular control via the selection field.", "resource": "resource is the machine management resource's type. The only current valid value is machinesets. machinesets means that the machine manager will only register resources of the kind MachineSet.", @@ -1319,114 +1310,6 @@ func (ManagedBootImages) SwaggerDoc() map[string]string { return map_ManagedBootImages } -var map_NodeDisruptionPolicyClusterStatus = map[string]string{ - "": "NodeDisruptionPolicyClusterStatus is the type for the status object, rendered by the controller as a merge of cluster defaults and user provided policies", - "files": "files is a list of MachineConfig file definitions and actions to take to changes on those paths", - "units": "units is a list MachineConfig unit definitions and actions to take on changes to those services", - "sshkey": "sshkey is the overall sshkey MachineConfig definition", -} - -func (NodeDisruptionPolicyClusterStatus) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyClusterStatus -} - -var map_NodeDisruptionPolicyConfig = map[string]string{ - "": "NodeDisruptionPolicyConfig is the overall spec definition for files/units/sshkeys", - "files": "files is a list of MachineConfig file definitions and actions to take to changes on those paths This list supports a maximum of 50 entries.", - "units": "units is a list MachineConfig unit definitions and actions to take on changes to those services This list supports a maximum of 50 entries.", - "sshkey": "sshkey maps to the ignition.sshkeys field in the MachineConfig object, definition an action for this will apply to all sshkey changes in the cluster", -} - -func (NodeDisruptionPolicyConfig) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyConfig -} - -var map_NodeDisruptionPolicySpecAction = map[string]string{ - "type": "type represents the commands that will be carried out if this NodeDisruptionPolicySpecActionType is executed Valid value are Reboot, Drain, Reload, Restart, DaemonReload, None and Special reload/restart requires a corresponding service target specified in the reload/restart field. Other values require no further configuration", - "reload": "reload specifies the service to reload, only valid if type is reload", - "restart": "restart specifies the service to restart, only valid if type is restart", -} - -func (NodeDisruptionPolicySpecAction) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicySpecAction -} - -var map_NodeDisruptionPolicySpecFile = map[string]string{ - "": "NodeDisruptionPolicySpecFile is a file entry and corresponding actions to take and is used in the NodeDisruptionPolicyConfig object", - "path": "path is the location of a file being managed through a MachineConfig. The Actions in the policy will apply to changes to the file at this path.", - "actions": "actions represents the series of commands to be executed on changes to the file at the corresponding file path. Actions will be applied in the order that they are set in this list. If there are other incoming changes to other MachineConfig entries in the same update that require a reboot, the reboot will supercede these actions. Valid actions are Reboot, Drain, Reload, DaemonReload and None. The Reboot action and the None action cannot be used in conjunction with any of the other actions. This list supports a maximum of 10 entries.", -} - -func (NodeDisruptionPolicySpecFile) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicySpecFile -} - -var map_NodeDisruptionPolicySpecSSHKey = map[string]string{ - "": "NodeDisruptionPolicySpecSSHKey is actions to take for any SSHKey change and is used in the NodeDisruptionPolicyConfig object", - "actions": "actions represents the series of commands to be executed on changes to the file at the corresponding file path. Actions will be applied in the order that they are set in this list. If there are other incoming changes to other MachineConfig entries in the same update that require a reboot, the reboot will supercede these actions. Valid actions are Reboot, Drain, Reload, DaemonReload and None. The Reboot action and the None action cannot be used in conjunction with any of the other actions. This list supports a maximum of 10 entries.", -} - -func (NodeDisruptionPolicySpecSSHKey) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicySpecSSHKey -} - -var map_NodeDisruptionPolicySpecUnit = map[string]string{ - "": "NodeDisruptionPolicySpecUnit is a systemd unit name and corresponding actions to take and is used in the NodeDisruptionPolicyConfig object", - "name": "name represents the service name of a systemd service managed through a MachineConfig Actions specified will be applied for changes to the named service. Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, \":\", \"-\", \"_\", \".\", and \"\". ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\", \".snapshot\", \".slice\" or \".scope\".", - "actions": "actions represents the series of commands to be executed on changes to the file at the corresponding file path. Actions will be applied in the order that they are set in this list. If there are other incoming changes to other MachineConfig entries in the same update that require a reboot, the reboot will supercede these actions. Valid actions are Reboot, Drain, Reload, DaemonReload and None. The Reboot action and the None action cannot be used in conjunction with any of the other actions. This list supports a maximum of 10 entries.", -} - -func (NodeDisruptionPolicySpecUnit) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicySpecUnit -} - -var map_NodeDisruptionPolicyStatus = map[string]string{ - "clusterPolicies": "clusterPolicies is a merge of cluster default and user provided node disruption policies.", -} - -func (NodeDisruptionPolicyStatus) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyStatus -} - -var map_NodeDisruptionPolicyStatusAction = map[string]string{ - "type": "type represents the commands that will be carried out if this NodeDisruptionPolicyStatusActionType is executed Valid value are Reboot, Drain, Reload, Restart, DaemonReload, None and Special reload/restart requires a corresponding service target specified in the reload/restart field. Other values require no further configuration", - "reload": "reload specifies the service to reload, only valid if type is reload", - "restart": "restart specifies the service to restart, only valid if type is restart", -} - -func (NodeDisruptionPolicyStatusAction) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyStatusAction -} - -var map_NodeDisruptionPolicyStatusFile = map[string]string{ - "": "NodeDisruptionPolicyStatusFile is a file entry and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus object", - "path": "path is the location of a file being managed through a MachineConfig. The Actions in the policy will apply to changes to the file at this path.", - "actions": "actions represents the series of commands to be executed on changes to the file at the corresponding file path. Actions will be applied in the order that they are set in this list. If there are other incoming changes to other MachineConfig entries in the same update that require a reboot, the reboot will supercede these actions. Valid actions are Reboot, Drain, Reload, DaemonReload and None. The Reboot action and the None action cannot be used in conjunction with any of the other actions. This list supports a maximum of 10 entries.", -} - -func (NodeDisruptionPolicyStatusFile) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyStatusFile -} - -var map_NodeDisruptionPolicyStatusSSHKey = map[string]string{ - "": "NodeDisruptionPolicyStatusSSHKey is actions to take for any SSHKey change and is used in the NodeDisruptionPolicyClusterStatus object", - "actions": "actions represents the series of commands to be executed on changes to the file at the corresponding file path. Actions will be applied in the order that they are set in this list. If there are other incoming changes to other MachineConfig entries in the same update that require a reboot, the reboot will supercede these actions. Valid actions are Reboot, Drain, Reload, DaemonReload and None. The Reboot action and the None action cannot be used in conjunction with any of the other actions. This list supports a maximum of 10 entries.", -} - -func (NodeDisruptionPolicyStatusSSHKey) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyStatusSSHKey -} - -var map_NodeDisruptionPolicyStatusUnit = map[string]string{ - "": "NodeDisruptionPolicyStatusUnit is a systemd unit name and corresponding actions to take and is used in the NodeDisruptionPolicyClusterStatus object", - "name": "name represents the service name of a systemd service managed through a MachineConfig Actions specified will be applied for changes to the named service. Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, \":\", \"-\", \"_\", \".\", and \"\". ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\", \".snapshot\", \".slice\" or \".scope\".", - "actions": "actions represents the series of commands to be executed on changes to the file at the corresponding file path. Actions will be applied in the order that they are set in this list. If there are other incoming changes to other MachineConfig entries in the same update that require a reboot, the reboot will supercede these actions. Valid actions are Reboot, Drain, Reload, DaemonReload and None. The Reboot action and the None action cannot be used in conjunction with any of the other actions. This list supports a maximum of 10 entries.", -} - -func (NodeDisruptionPolicyStatusUnit) SwaggerDoc() map[string]string { - return map_NodeDisruptionPolicyStatusUnit -} - var map_PartialSelector = map[string]string{ "": "PartialSelector provides label selector(s) that can be used to match machine management resources.", "machineResourceSelector": "machineResourceSelector is a label selector that can be used to select machine resources like MachineSets.", @@ -1436,24 +1319,6 @@ func (PartialSelector) SwaggerDoc() map[string]string { return map_PartialSelector } -var map_ReloadService = map[string]string{ - "": "ReloadService allows the user to specify the services to be reloaded", - "serviceName": "serviceName is the full name (e.g. crio.service) of the service to be reloaded Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, \":\", \"-\", \"_\", \".\", and \"\". ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\", \".snapshot\", \".slice\" or \".scope\".", -} - -func (ReloadService) SwaggerDoc() map[string]string { - return map_ReloadService -} - -var map_RestartService = map[string]string{ - "": "RestartService allows the user to specify the services to be restarted", - "serviceName": "serviceName is the full name (e.g. crio.service) of the service to be restarted Service names should be of the format ${NAME}${SERVICETYPE} and can up to 255 characters long. ${NAME} must be atleast 1 character long and can only consist of alphabets, digits, \":\", \"-\", \"_\", \".\", and \"\". ${SERVICETYPE} must be one of \".service\", \".socket\", \".device\", \".mount\", \".automount\", \".swap\", \".target\", \".path\", \".timer\", \".snapshot\", \".slice\" or \".scope\".", -} - -func (RestartService) SwaggerDoc() map[string]string { - return map_RestartService -} - var map_AdditionalNetworkDefinition = map[string]string{ "": "AdditionalNetworkDefinition configures an extra network that is available but not created by default. Instead, pods must request them by name. type must be specified, along with exactly one \"Config\" that matches the type.", "type": "type is the type of network The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan", diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_etcd_01_etcdbackups-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_01_etcdbackup-TechPreviewNoUpgrade.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_etcd_01_etcdbackups-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/operator/v1alpha1/0000_10_01_etcdbackup-TechPreviewNoUpgrade.crd.yaml index 8a6fa92ac0..a9e1edaeb9 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_etcd_01_etcdbackups-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_01_etcdbackup-TechPreviewNoUpgrade.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1482 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagecontentsourcepolicies.crd.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagecontentsourcepolicies.crd.yaml rename to vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml index c01b9003ea..6d1e24ac9b 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagecontentsourcepolicies.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/470 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_operator-lifecycle-manager_01_olms-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_olm-CustomNoUpgrade.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_operator-lifecycle-manager_01_olms-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_olm-CustomNoUpgrade.crd.yaml index 905b0e4780..12210c487c 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_operator-lifecycle-manager_01_olms-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_olm-CustomNoUpgrade.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1504 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_operator-lifecycle-manager_01_olms-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_olm-TechPreviewNoUpgrade.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_operator-lifecycle-manager_01_olms-TechPreviewNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_olm-TechPreviewNoUpgrade.crd.yaml index f20dc135f5..deccc29814 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_operator-lifecycle-manager_01_olms-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_olm-TechPreviewNoUpgrade.crd.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/1504 - api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/custom.etcdbackup.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/custom.etcdbackup.testsuite.yaml deleted file mode 100644 index 3caa57b6da..0000000000 --- a/vendor/github.com/openshift/api/operator/v1alpha1/custom.etcdbackup.testsuite.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this -name: "[Custom] EtcdBackup" -crd: 0000_10_etcd_01_etcdbackups-CustomNoUpgrade.crd.yaml -tests: - onCreate: - - name: Should be able to create an EtcdBackup with a valid spec - initial: | - apiVersion: operator.openshift.io/v1alpha1 - kind: EtcdBackup - spec: - pvcName: etcdbackup-pvc - expected: | - apiVersion: operator.openshift.io/v1alpha1 - kind: EtcdBackup - spec: - pvcName: etcdbackup-pvc - - name: Should be able to create an EtcdBackup without the pvcName specified - initial: | - apiVersion: operator.openshift.io/v1alpha1 - kind: EtcdBackup - spec: {} - expected: | - apiVersion: operator.openshift.io/v1alpha1 - kind: EtcdBackup - spec: {} - onUpdate: - - name: pvcName is immutable once set - initial: | - apiVersion: operator.openshift.io/v1alpha1 - kind: EtcdBackup - spec: - pvcName: etcdbackup-pvc - updated: | - apiVersion: operator.openshift.io/v1alpha1 - kind: EtcdBackup - spec: - pvcName: updated-etcdbackup-pvc - expectedError: "spec.pvcName: Invalid value: \"string\": pvcName is immutable once set" diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/custom.olm.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/custom.olm.testsuite.yaml index 3240e95a74..233e73d18a 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/custom.olm.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/custom.olm.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Custom] OLM" -crd: 0000_10_operator-lifecycle-manager_01_olms-CustomNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_olm-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal OLM diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/stable.imagecontentsourcepolicy.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/stable.imagecontentsourcepolicy.testsuite.yaml index 0de171e1b5..24267570a3 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/stable.imagecontentsourcepolicy.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/stable.imagecontentsourcepolicy.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ImageContentSourcePolicy" -crd: 0000_10_config-operator_01_imagecontentsourcepolicies.crd.yaml +crd: 0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml tests: onCreate: - name: Should be able to create a minimal ImageContentSourcePolicy diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.etcdbackup.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.etcdbackup.testsuite.yaml index ce746ee409..10d8551892 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.etcdbackup.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.etcdbackup.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[TechPreview] EtcdBackup" -crd: 0000_10_etcd_01_etcdbackups-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_01_etcdbackup-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create an EtcdBackup with a valid spec diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.olm.testsuite.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.olm.testsuite.yaml index 8778f6b177..99c85fe01c 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.olm.testsuite.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/techpreview.olm.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Tech Preview] OLM" -crd: 0000_10_operator-lifecycle-manager_01_olms-TechPreviewNoUpgrade.crd.yaml +crd: 0000_10_config-operator_01_olm-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal OLM diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/types_etcdbackup.go b/vendor/github.com/openshift/api/operator/v1alpha1/types_etcdbackup.go index 2654f57008..b1d73306c5 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/types_etcdbackup.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/types_etcdbackup.go @@ -6,18 +6,13 @@ import ( // +genclient // +genclient:nonNamespaced +// +kubebuilder:resource:scope=Cluster // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // // # EtcdBackup provides configuration options and status for a one-time backup attempt of the etcd cluster // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. // +openshift:compatibility-gen:level=4 -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=etcdbackups,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1482 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=etcd,operatorOrdering=01 -// +openshift:enable:FeatureGate=AutomatedEtcdBackup type EtcdBackup struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/types_image_content_source_policy.go b/vendor/github.com/openshift/api/operator/v1alpha1/types_image_content_source_policy.go index 6e14720dd3..1a101cad6a 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/types_image_content_source_policy.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/types_image_content_source_policy.go @@ -10,11 +10,6 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // When multiple policies are defined, the outcome of the behavior is defined on each field. // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=imagecontentsourcepolicies,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 // +openshift:compatibility-gen:level=4 type ImageContentSourcePolicy struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go b/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go index f29385b9fa..8f20690ae6 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go @@ -14,12 +14,6 @@ import ( // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. // +openshift:compatibility-gen:level=4 -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=olms,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1504 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=operator-lifecycle-manager,operatorOrdering=01 -// +openshift:enable:FeatureGate=NewOLM // +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="olm is a singleton, .metadata.name must be 'cluster'" type OLM struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/doc.go b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/doc.go deleted file mode 100644 index 67c195f2fb..0000000000 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/doc.go +++ /dev/null @@ -1 +0,0 @@ -package operator_v1alpha1_crdmanifests diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 2b6cbef275..0000000000 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,67 +0,0 @@ -etcdbackups.operator.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1482 - CRDName: etcdbackups.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: - - AutomatedEtcdBackup - FilenameOperatorName: etcd - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: operator.openshift.io - HasStatus: true - KindName: EtcdBackup - Labels: {} - PluralName: etcdbackups - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - AutomatedEtcdBackup - Version: v1alpha1 - -imagecontentsourcepolicies.operator.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/470 - CRDName: imagecontentsourcepolicies.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: operator.openshift.io - HasStatus: true - KindName: ImageContentSourcePolicy - Labels: {} - PluralName: imagecontentsourcepolicies - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1alpha1 - -olms.operator.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1504 - CRDName: olms.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: - - NewOLM - FilenameOperatorName: operator-lifecycle-manager - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: operator.openshift.io - HasStatus: true - KindName: OLM - Labels: {} - PluralName: olms - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - NewOLM - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml new file mode 100644 index 0000000000..6528f1a11d --- /dev/null +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml @@ -0,0 +1,262 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/639 + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: podnetworkconnectivitychecks.controlplane.operator.openshift.io +spec: + group: controlplane.operator.openshift.io + names: + kind: PodNetworkConnectivityCheck + listKind: PodNetworkConnectivityCheckList + plural: podnetworkconnectivitychecks + singular: podnetworkconnectivitycheck + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: "PodNetworkConnectivityCheck \n Compatibility level 4: No compatibility + is provided, the API can change at any point for any reason. These capabilities + should not be used by applications needing long term support." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the source and target of the connectivity check + properties: + sourcePod: + description: SourcePod names the pod from which the condition will + be checked + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + targetEndpoint: + description: EndpointAddress to check. A TCP address of the form host:port. + Note that if host is a DNS name, then the check would fail if the + DNS name cannot be resolved. Specify an IP address for host to bypass + DNS name lookup. + pattern: ^\S+:\d*$ + type: string + tlsClientCert: + description: TLSClientCert, if specified, references a kubernetes.io/tls + type secret with 'tls.crt' and 'tls.key' entries containing an optional + TLS client certificate and key to be used when checking endpoints + that require a client certificate in order to gracefully preform + the scan without causing excessive logging in the endpoint process. + The secret must exist in the same namespace as this resource. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + required: + - sourcePod + - targetEndpoint + type: object + status: + description: Status contains the observed status of the connectivity check + properties: + conditions: + description: Conditions summarize the status of the check + items: + description: PodNetworkConnectivityCheckCondition represents the + overall status of the pod network connectivity. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + nullable: true + type: string + message: + description: Message indicating details about last transition + in a human readable format. + type: string + reason: + description: Reason for the condition's last status transition + in a machine readable format. + type: string + status: + description: Status of the condition + type: string + type: + description: Type of the condition + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failures: + description: Failures contains logs of unsuccessful check actions + items: + description: LogEntry records events + properties: + latency: + description: Latency records how long the action mentioned in + the entry took. + nullable: true + type: string + message: + description: Message explaining status in a human readable format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates a + success or failure. + type: boolean + time: + description: Start time of check action. + format: date-time + nullable: true + type: string + required: + - success + - time + type: object + type: array + outages: + description: Outages contains logs of time periods of outages + items: + description: OutageEntry records time period of an outage + properties: + end: + description: End of outage detected + format: date-time + nullable: true + type: string + endLogs: + description: EndLogs contains log entries related to the end + of this outage. Should contain the success entry that resolved + the outage and possibly a few of the failure log entries that + preceded it. + items: + description: LogEntry records events + properties: + latency: + description: Latency records how long the action mentioned + in the entry took. + nullable: true + type: string + message: + description: Message explaining status in a human readable + format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates + a success or failure. + type: boolean + time: + description: Start time of check action. + format: date-time + nullable: true + type: string + required: + - success + - time + type: object + type: array + message: + description: Message summarizes outage details in a human readable + format. + type: string + start: + description: Start of outage detected + format: date-time + nullable: true + type: string + startLogs: + description: StartLogs contains log entries related to the start + of this outage. Should contain the original failure, any entries + where the failure mode changed. + items: + description: LogEntry records events + properties: + latency: + description: Latency records how long the action mentioned + in the entry took. + nullable: true + type: string + message: + description: Message explaining status in a human readable + format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates + a success or failure. + type: boolean + time: + description: Start time of check action. + format: date-time + nullable: true + type: string + required: + - success + - time + type: object + type: array + required: + - start + type: object + type: array + successes: + description: Successes contains logs successful check actions + items: + description: LogEntry records events + properties: + latency: + description: Latency records how long the action mentioned in + the entry took. + nullable: true + type: string + message: + description: Message explaining status in a human readable format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates a + success or failure. + type: boolean + time: + description: Start time of check action. + format: date-time + nullable: true + type: string + required: + - success + - time + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/stable.podnetworkconnectivitycheck.testsuite.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/stable.podnetworkconnectivitycheck.testsuite.yaml index 36c80d5d33..2db10295c9 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/stable.podnetworkconnectivitycheck.testsuite.yaml +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/stable.podnetworkconnectivitycheck.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] PodNetworkConnectivityCheck" -crd: 0000_10_network_01_podnetworkconnectivitychecks.crd.yaml +crd: 0000_10-pod-network-connectivity-check.crd.yaml tests: onCreate: - name: Should be able to create a minimal PodNetworkConnectivityCheck diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go index beccf6c11b..daaa8a33f0 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/types_conditioncheck.go @@ -12,13 +12,7 @@ import ( // PodNetworkConnectivityCheck // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=podnetworkconnectivitychecks,scope=Namespaced // +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/639 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=network,operatorOrdering=01 -// +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true -// +kubebuilder:metadata:annotations=include.release.openshift.io/single-node-developer=true // +openshift:compatibility-gen:level=4 type PodNetworkConnectivityCheck struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 009ddfcc9b..0000000000 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,23 +0,0 @@ -podnetworkconnectivitychecks.controlplane.operator.openshift.io: - Annotations: - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - ApprovedPRNumber: https://github.com/openshift/api/pull/639 - CRDName: podnetworkconnectivitychecks.controlplane.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: network - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: controlplane.operator.openshift.io - HasStatus: true - KindName: PodNetworkConnectivityCheck - Labels: {} - PluralName: podnetworkconnectivitychecks - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: [] - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml new file mode 100644 index 0000000000..11f3e28abb --- /dev/null +++ b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml @@ -0,0 +1,252 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/470 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: clusterresourcequotas.quota.openshift.io +spec: + group: quota.openshift.io + names: + kind: ClusterResourceQuota + listKind: ClusterResourceQuotaList + plural: clusterresourcequotas + singular: clusterresourcequota + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "ClusterResourceQuota mirrors ResourceQuota at a cluster scope. + \ This object is easily convertible to synthetic ResourceQuota object to + allow quota evaluation re-use. \n Compatibility level 1: Stable within a + major release for a minimum of 12 months or 3 minor releases (whichever + is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired quota + properties: + quota: + description: Quota defines the desired quota + properties: + hard: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'hard is the set of desired hard limits for each + named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + type: object + scopeSelector: + description: scopeSelector is also a collection of filters like + scopes that must match each object tracked by a quota but expressed + using ScopeSelectorOperator in combination with possible values. + For a resource to match, both scopes AND scopeSelector (if specified + in spec), must be matched. + properties: + matchExpressions: + description: A list of scope selector requirements by scope + of the resources. + items: + description: A scoped-resource selector requirement is a + selector that contains values, a scope name, and an operator + that relates the scope name and values. + properties: + operator: + description: Represents a scope's relationship to a + set of values. Valid operators are In, NotIn, Exists, + DoesNotExist. + type: string + scopeName: + description: The name of the scope that the selector + applies to. + type: string + values: + description: An array of string values. If the operator + is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - operator + - scopeName + type: object + type: array + type: object + x-kubernetes-map-type: atomic + scopes: + description: A collection of filters that must match each object + tracked by a quota. If not specified, the quota matches all + objects. + items: + description: A ResourceQuotaScope defines a filter that must + match each object tracked by a quota + type: string + type: array + type: object + selector: + description: Selector is the selector used to match projects. It should + only select active projects on the scale of dozens (though it can + select many more less active projects). These projects will contend + on object creation through this resource. + properties: + annotations: + additionalProperties: + type: string + description: AnnotationSelector is used to select projects by + annotation. + nullable: true + type: object + labels: + description: LabelSelector is used to select projects by label. + nullable: true + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + required: + - quota + - selector + type: object + status: + description: Status defines the actual enforced quota and its current + usage + properties: + namespaces: + description: Namespaces slices the usage by project. This division + allows for quick resolution of deletion reconciliation inside of + a single project without requiring a recalculation across all projects. This + can be used to pull the deltas for a given project. + items: + description: ResourceQuotaStatusByNamespace gives status for a particular + project + properties: + namespace: + description: Namespace the project this status applies to + type: string + status: + description: Status indicates how many resources have been consumed + by this project + properties: + hard: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Hard is the set of enforced hard limits for + each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + type: object + used: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Used is the current observed total usage of + the resource in the namespace. + type: object + type: object + required: + - namespace + - status + type: object + nullable: true + type: array + total: + description: Total defines the actual enforced quota and its current + usage across all projects + properties: + hard: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Hard is the set of enforced hard limits for each + named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + type: object + used: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Used is the current observed total usage of the resource + in the namespace. + type: object + type: object + required: + - total + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/quota/v1/generated.proto b/vendor/github.com/openshift/api/quota/v1/generated.proto index a72b97c884..70983e82d0 100644 --- a/vendor/github.com/openshift/api/quota/v1/generated.proto +++ b/vendor/github.com/openshift/api/quota/v1/generated.proto @@ -47,11 +47,6 @@ message AppliedClusterResourceQuotaList { // synthetic ResourceQuota object to allow quota evaluation re-use. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterresourcequotas,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 // +openshift:compatibility-gen:level=1 message ClusterResourceQuota { // metadata is the standard object's metadata. diff --git a/vendor/github.com/openshift/api/quota/v1/stable.clusterresourcequota.testsuite.yaml b/vendor/github.com/openshift/api/quota/v1/stable.clusterresourcequota.testsuite.yaml index 8f386857f5..cfcba0aed4 100644 --- a/vendor/github.com/openshift/api/quota/v1/stable.clusterresourcequota.testsuite.yaml +++ b/vendor/github.com/openshift/api/quota/v1/stable.clusterresourcequota.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] ClusterResourceQuota" -crd: 0000_03_config-operator_01_clusterresourcequotas.crd.yaml +crd: 0000_03_quota-openshift_01_clusterresourcequota.crd.yaml tests: onCreate: - name: Should be able to create a minimal ClusterResourceQuota diff --git a/vendor/github.com/openshift/api/quota/v1/types.go b/vendor/github.com/openshift/api/quota/v1/types.go index de918711be..9742331f75 100644 --- a/vendor/github.com/openshift/api/quota/v1/types.go +++ b/vendor/github.com/openshift/api/quota/v1/types.go @@ -13,11 +13,6 @@ import ( // synthetic ResourceQuota object to allow quota evaluation re-use. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterresourcequotas,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 // +openshift:compatibility-gen:level=1 type ClusterResourceQuota struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 50caedde1c..0000000000 --- a/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,21 +0,0 @@ -clusterresourcequotas.quota.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/470 - CRDName: clusterresourcequotas.quota.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" - GroupName: quota.openshift.io - HasStatus: true - KindName: ClusterResourceQuota - Labels: {} - PluralName: clusterresourcequotas - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/route/v1/custom.route.testsuite.yaml b/vendor/github.com/openshift/api/route/v1/custom.route.testsuite.yaml index b9f527dfc6..4a8042fc1b 100644 --- a/vendor/github.com/openshift/api/route/v1/custom.route.testsuite.yaml +++ b/vendor/github.com/openshift/api/route/v1/custom.route.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: '[CustomNoUpgrade] Route' -crd: routes-CustomNoUpgrade.crd.yaml +crd: route-CustomNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal Route diff --git a/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..ef90971381 --- /dev/null +++ b/vendor/github.com/openshift/api/route/v1/route-CustomNoUpgrade.crd.yaml @@ -0,0 +1,676 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1228 + api.openshift.io/merged-by-featuregates: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: routes.route.openshift.io +spec: + group: route.openshift.io + names: + kind: Route + listKind: RouteList + plural: routes + singular: route + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.ingress[0].host + name: Host + type: string + - jsonPath: .status.ingress[0].conditions[?(@.type=="Admitted")].status + name: Admitted + type: string + - jsonPath: .spec.to.name + name: Service + type: string + - jsonPath: .spec.tls.type + name: TLS + type: string + name: v1 + schema: + openAPIV3Schema: + description: "A route allows developers to expose services through an HTTP(S) + aware load balancing and proxy layer via a public DNS entry. The route may + further specify TLS options and a certificate, or specify a public CNAME + that the router should also accept for HTTP and HTTPS traffic. An administrator + typically configures their router to be visible outside the cluster firewall, + and may also add additional security, caching, or traffic controls on the + service content. Routers usually talk directly to the service endpoints. + \n Once a route is created, the `host` field may not be changed. Generally, + routers use the oldest route with a given host when resolving conflicts. + \n Routers are subject to additional customization and may support additional + controls via the annotations field. \n Because administrators may configure + multiple routers, the route status field is used to return information to + clients about the names and states of the route under each router. If a + client chooses a duplicate name, for instance, the route status conditions + are used to indicate the route cannot be chosen. \n To enable HTTP/2 ALPN + on a route it requires a custom (non-wildcard) certificate. This prevents + connection coalescing by clients, notably web browsers. We do not support + HTTP/2 ALPN on routes that use the default certificate because of the risk + of connection re-use/coalescing. Routes that do not have their own custom + certificate will not be HTTP/2 ALPN-enabled on either the frontend or the + backend. \n Compatibility level 1: Stable within a major release for a minimum + of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + allOf: + - anyOf: + - properties: + path: + maxLength: 0 + - properties: + tls: + enum: + - null + - not: + properties: + tls: + properties: + termination: + enum: + - passthrough + - anyOf: + - not: + properties: + host: + maxLength: 0 + - not: + properties: + wildcardPolicy: + enum: + - Subdomain + description: spec is the desired state of the route + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional backends + to be assigned to the route. Only the Service kind is allowed, and + it will be defaulted to Service. Use the weight field in RouteTargetReference + object to specify relative preference. + items: + description: RouteTargetReference specifies the target that resolve + into endpoints. Only the 'Service' kind is allowed. Use 'weight' + field to emphasize one over others. + properties: + kind: + default: Service + description: The kind of target that the route is referring + to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being referred + to. e.g. name of the service + minLength: 1 + type: string + weight: + default: 100 + description: weight as an integer between 0 and 256, default + 100, that specifies the target's relative weight against other + target reference objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + required: + - kind + - name + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. Optional. + If not specified a route name will typically be automatically chosen. + Must follow DNS952 subdomain conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + httpHeaders: + description: httpHeaders defines policy for HTTP headers. + properties: + actions: + description: 'actions specifies options for modifying headers + and their values. Note that this option only applies to cleartext + HTTP connections and to secure HTTP connections for which the + ingress controller terminates encryption (that is, edge-terminated + or reencrypt connections). Headers cannot be modified for TLS + passthrough connections. Setting the HSTS (`Strict-Transport-Security`) + header is not supported via actions. `Strict-Transport-Security` + may only be configured using the "haproxy.router.openshift.io/hsts_header" + route annotation, and only in accordance with the policy specified + in Ingress.Spec.RequiredHSTSPolicies. In case of HTTP request + headers, the actions specified in spec.httpHeaders.actions on + the Route will be executed after the actions specified in the + IngressController''s spec.httpHeaders.actions field. In case + of HTTP response headers, the actions specified in spec.httpHeaders.actions + on the IngressController will be executed after the actions + specified in the Route''s spec.httpHeaders.actions field. The + headers set via this API will not appear in access logs. Any + actions defined here are applied after any actions related to + the following other fields: cache-control, spec.clientTLS, spec.httpHeaders.forwardedHeaderPolicy, + spec.httpHeaders.uniqueId, and spec.httpHeaders.headerNameCaseAdjustments. + The following header names are reserved and may not be modified + via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. + Note that the total size of all net added headers *after* interpolating + dynamic values must not exceed the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. Please refer to the documentation + for that API field for more details.' + properties: + request: + description: 'request is a list of HTTP request headers to + modify. Currently, actions may define to either `Set` or + `Delete` headers values. Actions defined here will modify + the request headers of all requests made through a route. + These actions are applied to a specific Route defined within + a cluster i.e. connections made through a route. Currently, + actions may define to either `Set` or `Delete` headers values. + Route actions will be executed after IngressController actions + for request headers. Actions are applied in sequence as + defined in this list. A maximum of 20 request header actions + may be configured. You can use this field to specify HTTP + request headers that should be set or deleted when forwarding + connections from the client to your application. Sample + fetchers allowed are "req.hdr" and "ssl_c_der". Converters + allowed are "lower" and "base64". Example header values: + "%[req.hdr(X-target),lower]", "%{+Q}[ssl_c_der,base64]". + Any request header configuration applied directly via a + Route resource using this API will override header configuration + for a header of the same name applied via spec.httpHeaders.actions + on the IngressController or route annotation. Note: This + field cannot be used if your route uses TLS passthrough.' + items: + description: RouteHTTPHeader specifies configuration for + setting or deleting an HTTP header. + properties: + action: + description: action specifies actions to perform on + headers, such as setting or deleting headers. + properties: + set: + description: 'set defines the HTTP header that should + be set: added if it doesn''t exist or replaced + if it does. This field is required when type is + Set and forbidden otherwise.' + properties: + value: + description: value specifies a header value. + Dynamic values can be added. The value will + be interpreted as an HAProxy format string + as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise + must be a valid HTTP header value as defined + in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + The value of this field must be no more than + 16384 characters in length. Note that the + total size of all net added headers *after* + interpolating dynamic values must not exceed + the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. + maxLength: 16384 + minLength: 1 + type: string + required: + - value + type: object + type: + description: type defines the type of the action + to be applied on the header. Possible values are + Set or Delete. Set allows you to set HTTP request + and response headers. Delete allows you to delete + HTTP request and response headers. + enum: + - Set + - Delete + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: set is required when type is Set, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) + : !has(self.set)' + name: + description: 'name specifies the name of a header on + which to perform an action. Its value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + The name must consist only of alphanumeric and the + following special characters, "-!#$%&''*+.^_`". The + following header names are reserved and may not be + modified via this API: Strict-Transport-Security, + Proxy, Cookie, Set-Cookie. It must be no more than + 255 characters in length. Header name must be unique.' + maxLength: 255 + minLength: 1 + pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + x-kubernetes-validations: + - message: strict-transport-security header may not + be modified via header actions + rule: self.lowerAscii() != 'strict-transport-security' + - message: proxy header may not be modified via header + actions + rule: self.lowerAscii() != 'proxy' + - message: cookie header may not be modified via header + actions + rule: self.lowerAscii() != 'cookie' + - message: set-cookie header may not be modified via + header actions + rule: self.lowerAscii() != 'set-cookie' + required: + - action + - name + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: Either the header value provided is not in correct + format or the sample fetcher/converter specified is not + allowed. The dynamic header value will be interpreted + as an HAProxy format string as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise must be + a valid HTTP header value as defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + Sample fetchers allowed are req.hdr, ssl_c_der. Converters + allowed are lower, base64. + rule: self.all(key, key.action.type == "Delete" || (has(key.action.set) + && key.action.set.value.matches('^(?:%(?:%|(?:\\{[-+]?[QXE](?:,[-+]?[QXE])*\\})?\\[(?:req\\.hdr\\([0-9A-Za-z-]+\\)|ssl_c_der)(?:,(?:lower|base64))*\\])|[^%[:cntrl:]])+$'))) + response: + description: 'response is a list of HTTP response headers + to modify. Currently, actions may define to either `Set` + or `Delete` headers values. Actions defined here will modify + the response headers of all requests made through a route. + These actions are applied to a specific Route defined within + a cluster i.e. connections made through a route. Route actions + will be executed before IngressController actions for response + headers. Actions are applied in sequence as defined in this + list. A maximum of 20 response header actions may be configured. + You can use this field to specify HTTP response headers + that should be set or deleted when forwarding responses + from your application to the client. Sample fetchers allowed + are "res.hdr" and "ssl_c_der". Converters allowed are "lower" + and "base64". Example header values: "%[res.hdr(X-target),lower]", + "%{+Q}[ssl_c_der,base64]". Note: This field cannot be used + if your route uses TLS passthrough.' + items: + description: RouteHTTPHeader specifies configuration for + setting or deleting an HTTP header. + properties: + action: + description: action specifies actions to perform on + headers, such as setting or deleting headers. + properties: + set: + description: 'set defines the HTTP header that should + be set: added if it doesn''t exist or replaced + if it does. This field is required when type is + Set and forbidden otherwise.' + properties: + value: + description: value specifies a header value. + Dynamic values can be added. The value will + be interpreted as an HAProxy format string + as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise + must be a valid HTTP header value as defined + in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + The value of this field must be no more than + 16384 characters in length. Note that the + total size of all net added headers *after* + interpolating dynamic values must not exceed + the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. + maxLength: 16384 + minLength: 1 + type: string + required: + - value + type: object + type: + description: type defines the type of the action + to be applied on the header. Possible values are + Set or Delete. Set allows you to set HTTP request + and response headers. Delete allows you to delete + HTTP request and response headers. + enum: + - Set + - Delete + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: set is required when type is Set, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) + : !has(self.set)' + name: + description: 'name specifies the name of a header on + which to perform an action. Its value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + The name must consist only of alphanumeric and the + following special characters, "-!#$%&''*+.^_`". The + following header names are reserved and may not be + modified via this API: Strict-Transport-Security, + Proxy, Cookie, Set-Cookie. It must be no more than + 255 characters in length. Header name must be unique.' + maxLength: 255 + minLength: 1 + pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + x-kubernetes-validations: + - message: strict-transport-security header may not + be modified via header actions + rule: self.lowerAscii() != 'strict-transport-security' + - message: proxy header may not be modified via header + actions + rule: self.lowerAscii() != 'proxy' + - message: cookie header may not be modified via header + actions + rule: self.lowerAscii() != 'cookie' + - message: set-cookie header may not be modified via + header actions + rule: self.lowerAscii() != 'set-cookie' + required: + - action + - name + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: Either the header value provided is not in correct + format or the sample fetcher/converter specified is not + allowed. The dynamic header value will be interpreted + as an HAProxy format string as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise must be + a valid HTTP header value as defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + Sample fetchers allowed are res.hdr, ssl_c_der. Converters + allowed are lower, base64. + rule: self.all(key, key.action.type == "Delete" || (has(key.action.set) + && key.action.set.value.matches('^(?:%(?:%|(?:\\{[-+]?[QXE](?:,[-+]?[QXE])*\\})?\\[(?:res\\.hdr\\([0-9A-Za-z-]+\\)|ssl_c_der)(?:,(?:lower|base64))*\\])|[^%[:cntrl:]])+$'))) + type: object + type: object + path: + description: path that the router watches for, to route traffic for + to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the router. Most + routers will use all endpoints exposed by the service by default + - set this value to instruct routers which port to use. + properties: + targetPort: + allOf: + - not: + enum: + - 0 + - not: + enum: + - "" + anyOf: null + description: The target port on pods selected by the service this + route points to. If this is a string, it will be looked up as + a named port in the target endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested within + the ingress controller's domain (as a subdomain). If host is set + this field is ignored. An ingress controller may choose to ignore + this suggested name, in which case the controller will report the + assigned name in the status.ingress array or refuse to admit the + route. If this value is set and the server does not support this + field host will be populated automatically. Otherwise host is left + empty. The field may have multiple parts separated by a dot, but + not all ingress controllers may honor the request. This field may + not be changed after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically receives + the router subdomain `apps.mycluster.com` to have a full hostname + `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + allOf: + - anyOf: + - properties: + caCertificate: + maxLength: 0 + certificate: + maxLength: 0 + destinationCACertificate: + maxLength: 0 + key: + maxLength: 0 + - not: + properties: + termination: + enum: + - passthrough + - anyOf: + - properties: + destinationCACertificate: + maxLength: 0 + - not: + properties: + termination: + enum: + - edge + description: The tls field provides the ability to configure certificates + and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority certificate + contents + type: string + certificate: + description: certificate provides certificate contents. This should + be a single serving certificate, not a certificate chain. Do + not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents of + the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers + use it for health checks on the secure connection. If this field + is not specified, the router may provide its own destination + CA and perform hostname validation using the short service name + (service.namespace.svc), which allows infrastructure generated + certificates to automatically verify. + type: string + externalCertificate: + description: externalCertificate provides certificate contents + as a secret reference. This should be a single serving certificate, + not a certificate chain. Do not include a CA certificate. The + secret referenced should be present in the same namespace as + that of the Route. Forbidden when `certificate` is set. + properties: + name: + description: 'name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates the desired + behavior for insecure connections to a route. While each router + may make its own decisions on which ports to expose, this is + normally port 80. \n * Allow - traffic is sent to the server + on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect + - clients are redirected to the secure port." + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. \n * edge + - TLS termination is done by the router and http is used to + communicate with the backend (default) * passthrough - Traffic + is sent straight to the destination without the router providing + TLS termination * reencrypt - TLS termination is done by the + router and https is used to communicate with the backend \n + Note: passthrough termination is incompatible with httpHeader + actions" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: cannot have both spec.tls.certificate and spec.tls.externalCertificate + rule: '!(has(self.certificate) && has(self.externalCertificate))' + - message: 'cannot have both spec.tls.termination: passthrough and + spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + description: to is an object the route should use as the primary backend. + Only the Service kind is allowed, and it will be defaulted to Service. + If the weight field (0-256 default 100) is set to zero, no traffic + will be sent to this backend. + properties: + kind: + default: Service + description: The kind of target that the route is referring to. + Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being referred + to. e.g. name of the service + minLength: 1 + type: string + weight: + default: 100 + description: weight as an integer between 0 and 256, default 100, + that specifies the target's relative weight against other target + reference objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + required: + - kind + - name + type: object + wildcardPolicy: + default: None + description: Wildcard policy if any for the route. Currently only + 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + required: + - to + type: object + x-kubernetes-validations: + - message: header actions are not permitted when tls termination is passthrough. + rule: '!has(self.tls) || self.tls.termination != ''passthrough'' || + !has(self.httpHeaders)' + status: + description: status is the current state of the route + properties: + ingress: + description: ingress describes the places where the route may be exposed. + The list of ingress points may contain duplicate Host or RouterName + values. Routes are considered live once they are `Ready` + items: + description: RouteIngress holds information about the places where + a route is exposed. + properties: + conditions: + description: Conditions is the state of the route, may be empty. + items: + description: RouteIngressCondition contains details for the + current condition of this route on a particular router. + properties: + lastTransitionTime: + description: RFC 3339 date and time when this condition + last transitioned + format: date-time + type: string + message: + description: Human readable message indicating details + about last transition. + type: string + reason: + description: (brief) reason for the condition's last transition, + and is usually a machine and human readable constant + type: string + status: + description: Status is the status of the condition. Can + be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. Currently + only Admitted or UnservableInFutureVersions. + type: string + required: + - status + - type + type: object + type: array + host: + description: Host is the host string under which the route is + exposed; this value is required + type: string + routerCanonicalHostname: + description: CanonicalHostname is the external host name for + the router that can be used as a CNAME for the host requested + for this route. This value is optional and may not be set + in all cases. + type: string + routerName: + description: Name is a name chosen by the router to identify + itself; this value is required + type: string + wildcardPolicy: + description: Wildcard policy is the wildcard policy that was + allowed where this route is exposed. + type: string + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/route/v1/route-Default.crd.yaml b/vendor/github.com/openshift/api/route/v1/route-Default.crd.yaml new file mode 100644 index 0000000000..9005728b9f --- /dev/null +++ b/vendor/github.com/openshift/api/route/v1/route-Default.crd.yaml @@ -0,0 +1,662 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1228 + api.openshift.io/merged-by-featuregates: "true" + release.openshift.io/feature-set: Default + name: routes.route.openshift.io +spec: + group: route.openshift.io + names: + kind: Route + listKind: RouteList + plural: routes + singular: route + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.ingress[0].host + name: Host + type: string + - jsonPath: .status.ingress[0].conditions[?(@.type=="Admitted")].status + name: Admitted + type: string + - jsonPath: .spec.to.name + name: Service + type: string + - jsonPath: .spec.tls.type + name: TLS + type: string + name: v1 + schema: + openAPIV3Schema: + description: "A route allows developers to expose services through an HTTP(S) + aware load balancing and proxy layer via a public DNS entry. The route may + further specify TLS options and a certificate, or specify a public CNAME + that the router should also accept for HTTP and HTTPS traffic. An administrator + typically configures their router to be visible outside the cluster firewall, + and may also add additional security, caching, or traffic controls on the + service content. Routers usually talk directly to the service endpoints. + \n Once a route is created, the `host` field may not be changed. Generally, + routers use the oldest route with a given host when resolving conflicts. + \n Routers are subject to additional customization and may support additional + controls via the annotations field. \n Because administrators may configure + multiple routers, the route status field is used to return information to + clients about the names and states of the route under each router. If a + client chooses a duplicate name, for instance, the route status conditions + are used to indicate the route cannot be chosen. \n To enable HTTP/2 ALPN + on a route it requires a custom (non-wildcard) certificate. This prevents + connection coalescing by clients, notably web browsers. We do not support + HTTP/2 ALPN on routes that use the default certificate because of the risk + of connection re-use/coalescing. Routes that do not have their own custom + certificate will not be HTTP/2 ALPN-enabled on either the frontend or the + backend. \n Compatibility level 1: Stable within a major release for a minimum + of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + allOf: + - anyOf: + - properties: + path: + maxLength: 0 + - properties: + tls: + enum: + - null + - not: + properties: + tls: + properties: + termination: + enum: + - passthrough + - anyOf: + - not: + properties: + host: + maxLength: 0 + - not: + properties: + wildcardPolicy: + enum: + - Subdomain + description: spec is the desired state of the route + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional backends + to be assigned to the route. Only the Service kind is allowed, and + it will be defaulted to Service. Use the weight field in RouteTargetReference + object to specify relative preference. + items: + description: RouteTargetReference specifies the target that resolve + into endpoints. Only the 'Service' kind is allowed. Use 'weight' + field to emphasize one over others. + properties: + kind: + default: Service + description: The kind of target that the route is referring + to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being referred + to. e.g. name of the service + minLength: 1 + type: string + weight: + default: 100 + description: weight as an integer between 0 and 256, default + 100, that specifies the target's relative weight against other + target reference objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + required: + - kind + - name + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. Optional. + If not specified a route name will typically be automatically chosen. + Must follow DNS952 subdomain conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + httpHeaders: + description: httpHeaders defines policy for HTTP headers. + properties: + actions: + description: 'actions specifies options for modifying headers + and their values. Note that this option only applies to cleartext + HTTP connections and to secure HTTP connections for which the + ingress controller terminates encryption (that is, edge-terminated + or reencrypt connections). Headers cannot be modified for TLS + passthrough connections. Setting the HSTS (`Strict-Transport-Security`) + header is not supported via actions. `Strict-Transport-Security` + may only be configured using the "haproxy.router.openshift.io/hsts_header" + route annotation, and only in accordance with the policy specified + in Ingress.Spec.RequiredHSTSPolicies. In case of HTTP request + headers, the actions specified in spec.httpHeaders.actions on + the Route will be executed after the actions specified in the + IngressController''s spec.httpHeaders.actions field. In case + of HTTP response headers, the actions specified in spec.httpHeaders.actions + on the IngressController will be executed after the actions + specified in the Route''s spec.httpHeaders.actions field. The + headers set via this API will not appear in access logs. Any + actions defined here are applied after any actions related to + the following other fields: cache-control, spec.clientTLS, spec.httpHeaders.forwardedHeaderPolicy, + spec.httpHeaders.uniqueId, and spec.httpHeaders.headerNameCaseAdjustments. + The following header names are reserved and may not be modified + via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. + Note that the total size of all net added headers *after* interpolating + dynamic values must not exceed the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. Please refer to the documentation + for that API field for more details.' + properties: + request: + description: 'request is a list of HTTP request headers to + modify. Currently, actions may define to either `Set` or + `Delete` headers values. Actions defined here will modify + the request headers of all requests made through a route. + These actions are applied to a specific Route defined within + a cluster i.e. connections made through a route. Currently, + actions may define to either `Set` or `Delete` headers values. + Route actions will be executed after IngressController actions + for request headers. Actions are applied in sequence as + defined in this list. A maximum of 20 request header actions + may be configured. You can use this field to specify HTTP + request headers that should be set or deleted when forwarding + connections from the client to your application. Sample + fetchers allowed are "req.hdr" and "ssl_c_der". Converters + allowed are "lower" and "base64". Example header values: + "%[req.hdr(X-target),lower]", "%{+Q}[ssl_c_der,base64]". + Any request header configuration applied directly via a + Route resource using this API will override header configuration + for a header of the same name applied via spec.httpHeaders.actions + on the IngressController or route annotation. Note: This + field cannot be used if your route uses TLS passthrough.' + items: + description: RouteHTTPHeader specifies configuration for + setting or deleting an HTTP header. + properties: + action: + description: action specifies actions to perform on + headers, such as setting or deleting headers. + properties: + set: + description: 'set defines the HTTP header that should + be set: added if it doesn''t exist or replaced + if it does. This field is required when type is + Set and forbidden otherwise.' + properties: + value: + description: value specifies a header value. + Dynamic values can be added. The value will + be interpreted as an HAProxy format string + as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise + must be a valid HTTP header value as defined + in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + The value of this field must be no more than + 16384 characters in length. Note that the + total size of all net added headers *after* + interpolating dynamic values must not exceed + the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. + maxLength: 16384 + minLength: 1 + type: string + required: + - value + type: object + type: + description: type defines the type of the action + to be applied on the header. Possible values are + Set or Delete. Set allows you to set HTTP request + and response headers. Delete allows you to delete + HTTP request and response headers. + enum: + - Set + - Delete + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: set is required when type is Set, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) + : !has(self.set)' + name: + description: 'name specifies the name of a header on + which to perform an action. Its value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + The name must consist only of alphanumeric and the + following special characters, "-!#$%&''*+.^_`". The + following header names are reserved and may not be + modified via this API: Strict-Transport-Security, + Proxy, Cookie, Set-Cookie. It must be no more than + 255 characters in length. Header name must be unique.' + maxLength: 255 + minLength: 1 + pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + x-kubernetes-validations: + - message: strict-transport-security header may not + be modified via header actions + rule: self.lowerAscii() != 'strict-transport-security' + - message: proxy header may not be modified via header + actions + rule: self.lowerAscii() != 'proxy' + - message: cookie header may not be modified via header + actions + rule: self.lowerAscii() != 'cookie' + - message: set-cookie header may not be modified via + header actions + rule: self.lowerAscii() != 'set-cookie' + required: + - action + - name + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: Either the header value provided is not in correct + format or the sample fetcher/converter specified is not + allowed. The dynamic header value will be interpreted + as an HAProxy format string as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise must be + a valid HTTP header value as defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + Sample fetchers allowed are req.hdr, ssl_c_der. Converters + allowed are lower, base64. + rule: self.all(key, key.action.type == "Delete" || (has(key.action.set) + && key.action.set.value.matches('^(?:%(?:%|(?:\\{[-+]?[QXE](?:,[-+]?[QXE])*\\})?\\[(?:req\\.hdr\\([0-9A-Za-z-]+\\)|ssl_c_der)(?:,(?:lower|base64))*\\])|[^%[:cntrl:]])+$'))) + response: + description: 'response is a list of HTTP response headers + to modify. Currently, actions may define to either `Set` + or `Delete` headers values. Actions defined here will modify + the response headers of all requests made through a route. + These actions are applied to a specific Route defined within + a cluster i.e. connections made through a route. Route actions + will be executed before IngressController actions for response + headers. Actions are applied in sequence as defined in this + list. A maximum of 20 response header actions may be configured. + You can use this field to specify HTTP response headers + that should be set or deleted when forwarding responses + from your application to the client. Sample fetchers allowed + are "res.hdr" and "ssl_c_der". Converters allowed are "lower" + and "base64". Example header values: "%[res.hdr(X-target),lower]", + "%{+Q}[ssl_c_der,base64]". Note: This field cannot be used + if your route uses TLS passthrough.' + items: + description: RouteHTTPHeader specifies configuration for + setting or deleting an HTTP header. + properties: + action: + description: action specifies actions to perform on + headers, such as setting or deleting headers. + properties: + set: + description: 'set defines the HTTP header that should + be set: added if it doesn''t exist or replaced + if it does. This field is required when type is + Set and forbidden otherwise.' + properties: + value: + description: value specifies a header value. + Dynamic values can be added. The value will + be interpreted as an HAProxy format string + as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise + must be a valid HTTP header value as defined + in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + The value of this field must be no more than + 16384 characters in length. Note that the + total size of all net added headers *after* + interpolating dynamic values must not exceed + the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. + maxLength: 16384 + minLength: 1 + type: string + required: + - value + type: object + type: + description: type defines the type of the action + to be applied on the header. Possible values are + Set or Delete. Set allows you to set HTTP request + and response headers. Delete allows you to delete + HTTP request and response headers. + enum: + - Set + - Delete + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: set is required when type is Set, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) + : !has(self.set)' + name: + description: 'name specifies the name of a header on + which to perform an action. Its value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + The name must consist only of alphanumeric and the + following special characters, "-!#$%&''*+.^_`". The + following header names are reserved and may not be + modified via this API: Strict-Transport-Security, + Proxy, Cookie, Set-Cookie. It must be no more than + 255 characters in length. Header name must be unique.' + maxLength: 255 + minLength: 1 + pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + x-kubernetes-validations: + - message: strict-transport-security header may not + be modified via header actions + rule: self.lowerAscii() != 'strict-transport-security' + - message: proxy header may not be modified via header + actions + rule: self.lowerAscii() != 'proxy' + - message: cookie header may not be modified via header + actions + rule: self.lowerAscii() != 'cookie' + - message: set-cookie header may not be modified via + header actions + rule: self.lowerAscii() != 'set-cookie' + required: + - action + - name + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: Either the header value provided is not in correct + format or the sample fetcher/converter specified is not + allowed. The dynamic header value will be interpreted + as an HAProxy format string as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise must be + a valid HTTP header value as defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + Sample fetchers allowed are res.hdr, ssl_c_der. Converters + allowed are lower, base64. + rule: self.all(key, key.action.type == "Delete" || (has(key.action.set) + && key.action.set.value.matches('^(?:%(?:%|(?:\\{[-+]?[QXE](?:,[-+]?[QXE])*\\})?\\[(?:res\\.hdr\\([0-9A-Za-z-]+\\)|ssl_c_der)(?:,(?:lower|base64))*\\])|[^%[:cntrl:]])+$'))) + type: object + type: object + path: + description: path that the router watches for, to route traffic for + to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the router. Most + routers will use all endpoints exposed by the service by default + - set this value to instruct routers which port to use. + properties: + targetPort: + allOf: + - not: + enum: + - 0 + - not: + enum: + - "" + anyOf: null + description: The target port on pods selected by the service this + route points to. If this is a string, it will be looked up as + a named port in the target endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested within + the ingress controller's domain (as a subdomain). If host is set + this field is ignored. An ingress controller may choose to ignore + this suggested name, in which case the controller will report the + assigned name in the status.ingress array or refuse to admit the + route. If this value is set and the server does not support this + field host will be populated automatically. Otherwise host is left + empty. The field may have multiple parts separated by a dot, but + not all ingress controllers may honor the request. This field may + not be changed after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically receives + the router subdomain `apps.mycluster.com` to have a full hostname + `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + allOf: + - anyOf: + - properties: + caCertificate: + maxLength: 0 + certificate: + maxLength: 0 + destinationCACertificate: + maxLength: 0 + key: + maxLength: 0 + - not: + properties: + termination: + enum: + - passthrough + - anyOf: + - properties: + destinationCACertificate: + maxLength: 0 + - not: + properties: + termination: + enum: + - edge + description: The tls field provides the ability to configure certificates + and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority certificate + contents + type: string + certificate: + description: certificate provides certificate contents. This should + be a single serving certificate, not a certificate chain. Do + not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents of + the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers + use it for health checks on the secure connection. If this field + is not specified, the router may provide its own destination + CA and perform hostname validation using the short service name + (service.namespace.svc), which allows infrastructure generated + certificates to automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates the desired + behavior for insecure connections to a route. While each router + may make its own decisions on which ports to expose, this is + normally port 80. \n * Allow - traffic is sent to the server + on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect + - clients are redirected to the secure port." + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. \n * edge + - TLS termination is done by the router and http is used to + communicate with the backend (default) * passthrough - Traffic + is sent straight to the destination without the router providing + TLS termination * reencrypt - TLS termination is done by the + router and https is used to communicate with the backend \n + Note: passthrough termination is incompatible with httpHeader + actions" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough and + spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + description: to is an object the route should use as the primary backend. + Only the Service kind is allowed, and it will be defaulted to Service. + If the weight field (0-256 default 100) is set to zero, no traffic + will be sent to this backend. + properties: + kind: + default: Service + description: The kind of target that the route is referring to. + Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being referred + to. e.g. name of the service + minLength: 1 + type: string + weight: + default: 100 + description: weight as an integer between 0 and 256, default 100, + that specifies the target's relative weight against other target + reference objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + required: + - kind + - name + type: object + wildcardPolicy: + default: None + description: Wildcard policy if any for the route. Currently only + 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + required: + - to + type: object + x-kubernetes-validations: + - message: header actions are not permitted when tls termination is passthrough. + rule: '!has(self.tls) || self.tls.termination != ''passthrough'' || + !has(self.httpHeaders)' + status: + description: status is the current state of the route + properties: + ingress: + description: ingress describes the places where the route may be exposed. + The list of ingress points may contain duplicate Host or RouterName + values. Routes are considered live once they are `Ready` + items: + description: RouteIngress holds information about the places where + a route is exposed. + properties: + conditions: + description: Conditions is the state of the route, may be empty. + items: + description: RouteIngressCondition contains details for the + current condition of this route on a particular router. + properties: + lastTransitionTime: + description: RFC 3339 date and time when this condition + last transitioned + format: date-time + type: string + message: + description: Human readable message indicating details + about last transition. + type: string + reason: + description: (brief) reason for the condition's last transition, + and is usually a machine and human readable constant + type: string + status: + description: Status is the status of the condition. Can + be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. Currently + only Admitted or UnservableInFutureVersions. + type: string + required: + - status + - type + type: object + type: array + host: + description: Host is the host string under which the route is + exposed; this value is required + type: string + routerCanonicalHostname: + description: CanonicalHostname is the external host name for + the router that can be used as a CNAME for the host requested + for this route. This value is optional and may not be set + in all cases. + type: string + routerName: + description: Name is a name chosen by the router to identify + itself; this value is required + type: string + wildcardPolicy: + description: Wildcard policy is the wildcard policy that was + allowed where this route is exposed. + type: string + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..fbe277e5b2 --- /dev/null +++ b/vendor/github.com/openshift/api/route/v1/route-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,676 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/1228 + api.openshift.io/merged-by-featuregates: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: routes.route.openshift.io +spec: + group: route.openshift.io + names: + kind: Route + listKind: RouteList + plural: routes + singular: route + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.ingress[0].host + name: Host + type: string + - jsonPath: .status.ingress[0].conditions[?(@.type=="Admitted")].status + name: Admitted + type: string + - jsonPath: .spec.to.name + name: Service + type: string + - jsonPath: .spec.tls.type + name: TLS + type: string + name: v1 + schema: + openAPIV3Schema: + description: "A route allows developers to expose services through an HTTP(S) + aware load balancing and proxy layer via a public DNS entry. The route may + further specify TLS options and a certificate, or specify a public CNAME + that the router should also accept for HTTP and HTTPS traffic. An administrator + typically configures their router to be visible outside the cluster firewall, + and may also add additional security, caching, or traffic controls on the + service content. Routers usually talk directly to the service endpoints. + \n Once a route is created, the `host` field may not be changed. Generally, + routers use the oldest route with a given host when resolving conflicts. + \n Routers are subject to additional customization and may support additional + controls via the annotations field. \n Because administrators may configure + multiple routers, the route status field is used to return information to + clients about the names and states of the route under each router. If a + client chooses a duplicate name, for instance, the route status conditions + are used to indicate the route cannot be chosen. \n To enable HTTP/2 ALPN + on a route it requires a custom (non-wildcard) certificate. This prevents + connection coalescing by clients, notably web browsers. We do not support + HTTP/2 ALPN on routes that use the default certificate because of the risk + of connection re-use/coalescing. Routes that do not have their own custom + certificate will not be HTTP/2 ALPN-enabled on either the frontend or the + backend. \n Compatibility level 1: Stable within a major release for a minimum + of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + allOf: + - anyOf: + - properties: + path: + maxLength: 0 + - properties: + tls: + enum: + - null + - not: + properties: + tls: + properties: + termination: + enum: + - passthrough + - anyOf: + - not: + properties: + host: + maxLength: 0 + - not: + properties: + wildcardPolicy: + enum: + - Subdomain + description: spec is the desired state of the route + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional backends + to be assigned to the route. Only the Service kind is allowed, and + it will be defaulted to Service. Use the weight field in RouteTargetReference + object to specify relative preference. + items: + description: RouteTargetReference specifies the target that resolve + into endpoints. Only the 'Service' kind is allowed. Use 'weight' + field to emphasize one over others. + properties: + kind: + default: Service + description: The kind of target that the route is referring + to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being referred + to. e.g. name of the service + minLength: 1 + type: string + weight: + default: 100 + description: weight as an integer between 0 and 256, default + 100, that specifies the target's relative weight against other + target reference objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + required: + - kind + - name + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. Optional. + If not specified a route name will typically be automatically chosen. + Must follow DNS952 subdomain conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + httpHeaders: + description: httpHeaders defines policy for HTTP headers. + properties: + actions: + description: 'actions specifies options for modifying headers + and their values. Note that this option only applies to cleartext + HTTP connections and to secure HTTP connections for which the + ingress controller terminates encryption (that is, edge-terminated + or reencrypt connections). Headers cannot be modified for TLS + passthrough connections. Setting the HSTS (`Strict-Transport-Security`) + header is not supported via actions. `Strict-Transport-Security` + may only be configured using the "haproxy.router.openshift.io/hsts_header" + route annotation, and only in accordance with the policy specified + in Ingress.Spec.RequiredHSTSPolicies. In case of HTTP request + headers, the actions specified in spec.httpHeaders.actions on + the Route will be executed after the actions specified in the + IngressController''s spec.httpHeaders.actions field. In case + of HTTP response headers, the actions specified in spec.httpHeaders.actions + on the IngressController will be executed after the actions + specified in the Route''s spec.httpHeaders.actions field. The + headers set via this API will not appear in access logs. Any + actions defined here are applied after any actions related to + the following other fields: cache-control, spec.clientTLS, spec.httpHeaders.forwardedHeaderPolicy, + spec.httpHeaders.uniqueId, and spec.httpHeaders.headerNameCaseAdjustments. + The following header names are reserved and may not be modified + via this API: Strict-Transport-Security, Proxy, Cookie, Set-Cookie. + Note that the total size of all net added headers *after* interpolating + dynamic values must not exceed the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. Please refer to the documentation + for that API field for more details.' + properties: + request: + description: 'request is a list of HTTP request headers to + modify. Currently, actions may define to either `Set` or + `Delete` headers values. Actions defined here will modify + the request headers of all requests made through a route. + These actions are applied to a specific Route defined within + a cluster i.e. connections made through a route. Currently, + actions may define to either `Set` or `Delete` headers values. + Route actions will be executed after IngressController actions + for request headers. Actions are applied in sequence as + defined in this list. A maximum of 20 request header actions + may be configured. You can use this field to specify HTTP + request headers that should be set or deleted when forwarding + connections from the client to your application. Sample + fetchers allowed are "req.hdr" and "ssl_c_der". Converters + allowed are "lower" and "base64". Example header values: + "%[req.hdr(X-target),lower]", "%{+Q}[ssl_c_der,base64]". + Any request header configuration applied directly via a + Route resource using this API will override header configuration + for a header of the same name applied via spec.httpHeaders.actions + on the IngressController or route annotation. Note: This + field cannot be used if your route uses TLS passthrough.' + items: + description: RouteHTTPHeader specifies configuration for + setting or deleting an HTTP header. + properties: + action: + description: action specifies actions to perform on + headers, such as setting or deleting headers. + properties: + set: + description: 'set defines the HTTP header that should + be set: added if it doesn''t exist or replaced + if it does. This field is required when type is + Set and forbidden otherwise.' + properties: + value: + description: value specifies a header value. + Dynamic values can be added. The value will + be interpreted as an HAProxy format string + as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise + must be a valid HTTP header value as defined + in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + The value of this field must be no more than + 16384 characters in length. Note that the + total size of all net added headers *after* + interpolating dynamic values must not exceed + the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. + maxLength: 16384 + minLength: 1 + type: string + required: + - value + type: object + type: + description: type defines the type of the action + to be applied on the header. Possible values are + Set or Delete. Set allows you to set HTTP request + and response headers. Delete allows you to delete + HTTP request and response headers. + enum: + - Set + - Delete + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: set is required when type is Set, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) + : !has(self.set)' + name: + description: 'name specifies the name of a header on + which to perform an action. Its value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + The name must consist only of alphanumeric and the + following special characters, "-!#$%&''*+.^_`". The + following header names are reserved and may not be + modified via this API: Strict-Transport-Security, + Proxy, Cookie, Set-Cookie. It must be no more than + 255 characters in length. Header name must be unique.' + maxLength: 255 + minLength: 1 + pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + x-kubernetes-validations: + - message: strict-transport-security header may not + be modified via header actions + rule: self.lowerAscii() != 'strict-transport-security' + - message: proxy header may not be modified via header + actions + rule: self.lowerAscii() != 'proxy' + - message: cookie header may not be modified via header + actions + rule: self.lowerAscii() != 'cookie' + - message: set-cookie header may not be modified via + header actions + rule: self.lowerAscii() != 'set-cookie' + required: + - action + - name + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: Either the header value provided is not in correct + format or the sample fetcher/converter specified is not + allowed. The dynamic header value will be interpreted + as an HAProxy format string as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise must be + a valid HTTP header value as defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + Sample fetchers allowed are req.hdr, ssl_c_der. Converters + allowed are lower, base64. + rule: self.all(key, key.action.type == "Delete" || (has(key.action.set) + && key.action.set.value.matches('^(?:%(?:%|(?:\\{[-+]?[QXE](?:,[-+]?[QXE])*\\})?\\[(?:req\\.hdr\\([0-9A-Za-z-]+\\)|ssl_c_der)(?:,(?:lower|base64))*\\])|[^%[:cntrl:]])+$'))) + response: + description: 'response is a list of HTTP response headers + to modify. Currently, actions may define to either `Set` + or `Delete` headers values. Actions defined here will modify + the response headers of all requests made through a route. + These actions are applied to a specific Route defined within + a cluster i.e. connections made through a route. Route actions + will be executed before IngressController actions for response + headers. Actions are applied in sequence as defined in this + list. A maximum of 20 response header actions may be configured. + You can use this field to specify HTTP response headers + that should be set or deleted when forwarding responses + from your application to the client. Sample fetchers allowed + are "res.hdr" and "ssl_c_der". Converters allowed are "lower" + and "base64". Example header values: "%[res.hdr(X-target),lower]", + "%{+Q}[ssl_c_der,base64]". Note: This field cannot be used + if your route uses TLS passthrough.' + items: + description: RouteHTTPHeader specifies configuration for + setting or deleting an HTTP header. + properties: + action: + description: action specifies actions to perform on + headers, such as setting or deleting headers. + properties: + set: + description: 'set defines the HTTP header that should + be set: added if it doesn''t exist or replaced + if it does. This field is required when type is + Set and forbidden otherwise.' + properties: + value: + description: value specifies a header value. + Dynamic values can be added. The value will + be interpreted as an HAProxy format string + as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise + must be a valid HTTP header value as defined + in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + The value of this field must be no more than + 16384 characters in length. Note that the + total size of all net added headers *after* + interpolating dynamic values must not exceed + the value of spec.tuningOptions.headerBufferMaxRewriteBytes + on the IngressController. + maxLength: 16384 + minLength: 1 + type: string + required: + - value + type: object + type: + description: type defines the type of the action + to be applied on the header. Possible values are + Set or Delete. Set allows you to set HTTP request + and response headers. Delete allows you to delete + HTTP request and response headers. + enum: + - Set + - Delete + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: set is required when type is Set, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''Set'' ? has(self.set) + : !has(self.set)' + name: + description: 'name specifies the name of a header on + which to perform an action. Its value must be a valid + HTTP header name as defined in RFC 2616 section 4.2. + The name must consist only of alphanumeric and the + following special characters, "-!#$%&''*+.^_`". The + following header names are reserved and may not be + modified via this API: Strict-Transport-Security, + Proxy, Cookie, Set-Cookie. It must be no more than + 255 characters in length. Header name must be unique.' + maxLength: 255 + minLength: 1 + pattern: ^[-!#$%&'*+.0-9A-Z^_`a-z|~]+$ + type: string + x-kubernetes-validations: + - message: strict-transport-security header may not + be modified via header actions + rule: self.lowerAscii() != 'strict-transport-security' + - message: proxy header may not be modified via header + actions + rule: self.lowerAscii() != 'proxy' + - message: cookie header may not be modified via header + actions + rule: self.lowerAscii() != 'cookie' + - message: set-cookie header may not be modified via + header actions + rule: self.lowerAscii() != 'set-cookie' + required: + - action + - name + type: object + maxItems: 20 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + x-kubernetes-validations: + - message: Either the header value provided is not in correct + format or the sample fetcher/converter specified is not + allowed. The dynamic header value will be interpreted + as an HAProxy format string as defined in http://cbonte.github.io/haproxy-dconv/2.6/configuration.html#8.2.6 + and may use HAProxy's %[] syntax and otherwise must be + a valid HTTP header value as defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2. + Sample fetchers allowed are res.hdr, ssl_c_der. Converters + allowed are lower, base64. + rule: self.all(key, key.action.type == "Delete" || (has(key.action.set) + && key.action.set.value.matches('^(?:%(?:%|(?:\\{[-+]?[QXE](?:,[-+]?[QXE])*\\})?\\[(?:res\\.hdr\\([0-9A-Za-z-]+\\)|ssl_c_der)(?:,(?:lower|base64))*\\])|[^%[:cntrl:]])+$'))) + type: object + type: object + path: + description: path that the router watches for, to route traffic for + to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the router. Most + routers will use all endpoints exposed by the service by default + - set this value to instruct routers which port to use. + properties: + targetPort: + allOf: + - not: + enum: + - 0 + - not: + enum: + - "" + anyOf: null + description: The target port on pods selected by the service this + route points to. If this is a string, it will be looked up as + a named port in the target endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested within + the ingress controller's domain (as a subdomain). If host is set + this field is ignored. An ingress controller may choose to ignore + this suggested name, in which case the controller will report the + assigned name in the status.ingress array or refuse to admit the + route. If this value is set and the server does not support this + field host will be populated automatically. Otherwise host is left + empty. The field may have multiple parts separated by a dot, but + not all ingress controllers may honor the request. This field may + not be changed after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically receives + the router subdomain `apps.mycluster.com` to have a full hostname + `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + allOf: + - anyOf: + - properties: + caCertificate: + maxLength: 0 + certificate: + maxLength: 0 + destinationCACertificate: + maxLength: 0 + key: + maxLength: 0 + - not: + properties: + termination: + enum: + - passthrough + - anyOf: + - properties: + destinationCACertificate: + maxLength: 0 + - not: + properties: + termination: + enum: + - edge + description: The tls field provides the ability to configure certificates + and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority certificate + contents + type: string + certificate: + description: certificate provides certificate contents. This should + be a single serving certificate, not a certificate chain. Do + not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents of + the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers + use it for health checks on the secure connection. If this field + is not specified, the router may provide its own destination + CA and perform hostname validation using the short service name + (service.namespace.svc), which allows infrastructure generated + certificates to automatically verify. + type: string + externalCertificate: + description: externalCertificate provides certificate contents + as a secret reference. This should be a single serving certificate, + not a certificate chain. Do not include a CA certificate. The + secret referenced should be present in the same namespace as + that of the Route. Forbidden when `certificate` is set. + properties: + name: + description: 'name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: object + x-kubernetes-map-type: atomic + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates the desired + behavior for insecure connections to a route. While each router + may make its own decisions on which ports to expose, this is + normally port 80. \n * Allow - traffic is sent to the server + on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect + - clients are redirected to the secure port." + enum: + - Allow + - None + - Redirect + - "" + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. \n * edge + - TLS termination is done by the router and http is used to + communicate with the backend (default) * passthrough - Traffic + is sent straight to the destination without the router providing + TLS termination * reencrypt - TLS termination is done by the + router and https is used to communicate with the backend \n + Note: passthrough termination is incompatible with httpHeader + actions" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + x-kubernetes-validations: + - message: cannot have both spec.tls.certificate and spec.tls.externalCertificate + rule: '!(has(self.certificate) && has(self.externalCertificate))' + - message: 'cannot have both spec.tls.termination: passthrough and + spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' + to: + description: to is an object the route should use as the primary backend. + Only the Service kind is allowed, and it will be defaulted to Service. + If the weight field (0-256 default 100) is set to zero, no traffic + will be sent to this backend. + properties: + kind: + default: Service + description: The kind of target that the route is referring to. + Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being referred + to. e.g. name of the service + minLength: 1 + type: string + weight: + default: 100 + description: weight as an integer between 0 and 256, default 100, + that specifies the target's relative weight against other target + reference objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + required: + - kind + - name + type: object + wildcardPolicy: + default: None + description: Wildcard policy if any for the route. Currently only + 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + required: + - to + type: object + x-kubernetes-validations: + - message: header actions are not permitted when tls termination is passthrough. + rule: '!has(self.tls) || self.tls.termination != ''passthrough'' || + !has(self.httpHeaders)' + status: + description: status is the current state of the route + properties: + ingress: + description: ingress describes the places where the route may be exposed. + The list of ingress points may contain duplicate Host or RouterName + values. Routes are considered live once they are `Ready` + items: + description: RouteIngress holds information about the places where + a route is exposed. + properties: + conditions: + description: Conditions is the state of the route, may be empty. + items: + description: RouteIngressCondition contains details for the + current condition of this route on a particular router. + properties: + lastTransitionTime: + description: RFC 3339 date and time when this condition + last transitioned + format: date-time + type: string + message: + description: Human readable message indicating details + about last transition. + type: string + reason: + description: (brief) reason for the condition's last transition, + and is usually a machine and human readable constant + type: string + status: + description: Status is the status of the condition. Can + be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. Currently + only Admitted or UnservableInFutureVersions. + type: string + required: + - status + - type + type: object + type: array + host: + description: Host is the host string under which the route is + exposed; this value is required + type: string + routerCanonicalHostname: + description: CanonicalHostname is the external host name for + the router that can be used as a CNAME for the host requested + for this route. This value is optional and may not be set + in all cases. + type: string + routerName: + description: Name is a name chosen by the router to identify + itself; this value is required + type: string + wildcardPolicy: + description: Wildcard policy is the wildcard policy that was + allowed where this route is exposed. + type: string + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml b/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml index 0dcbf8942e..017981ec9b 100644 --- a/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml +++ b/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Route" -crd: routes-Default.crd.yaml +crd: route-Default.crd.yaml tests: onCreate: - name: Should be able to create a minimal Route diff --git a/vendor/github.com/openshift/api/route/v1/techpreview.route.testsuite.yaml b/vendor/github.com/openshift/api/route/v1/techpreview.route.testsuite.yaml index 89011a4805..0f0cdd11b4 100644 --- a/vendor/github.com/openshift/api/route/v1/techpreview.route.testsuite.yaml +++ b/vendor/github.com/openshift/api/route/v1/techpreview.route.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: '[TechPreview] Route' -crd: routes-TechPreviewNoUpgrade.crd.yaml +crd: route-TechPreviewNoUpgrade.crd.yaml tests: onCreate: - name: Should be able to create a minimal Route diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index cd5e5eced4..dc598d21fd 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -12,6 +12,7 @@ import ( // +kubebuilder:subresource:status // +kubebuilder:resource:path=routes,scope=Namespaced // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1228 +// +openshift:file-pattern=routeMARKERS.crd.yaml // +kubebuilder:printcolumn:name=Host,JSONPath=.status.ingress[0].host,type=string // +kubebuilder:printcolumn:name=Admitted,JSONPath=.status.ingress[0].conditions[?(@.type=="Admitted")].status,type=string // +kubebuilder:printcolumn:name=Service,JSONPath=.spec.to.name,type=string diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml index aced0855f4..bd3761aede 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml @@ -6,9 +6,6 @@ routes.route.openshift.io: Category: "" FeatureGates: - ExternalRouteCertificate - FilenameOperatorName: "" - FilenameOperatorOrdering: "" - FilenameRunLevel: "" GroupName: route.openshift.io HasStatus: true KindName: Route @@ -28,7 +25,8 @@ routes.route.openshift.io: name: TLS type: string Scope: Namespaced - ShortNames: null + ShortName: "" + TargetFilenamePattern: routeMARKERS.crd.yaml TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/samples/v1/00_samplesconfig.crd.yaml b/vendor/github.com/openshift/api/samples/v1/00_samplesconfig.crd.yaml new file mode 100644 index 0000000000..cf20688599 --- /dev/null +++ b/vendor/github.com/openshift/api/samples/v1/00_samplesconfig.crd.yaml @@ -0,0 +1,212 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/513 + description: Extension for configuring openshif samples operator. + displayName: ConfigsSamples + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: configs.samples.operator.openshift.io +spec: + group: samples.operator.openshift.io + names: + kind: Config + listKind: ConfigList + plural: configs + singular: config + preserveUnknownFields: false + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "Config contains the configuration and detailed condition status + for the Samples Operator. \n Compatibility level 1: Stable within a major + release for a minimum of 12 months or 3 minor releases (whichever is longer)." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConfigSpec contains the desired configuration and state for + the Samples Operator, controlling various behavior around the imagestreams + and templates it creates/updates in the openshift namespace. + properties: + architectures: + description: architectures determine which hardware architecture(s) + to install, where x86_64, ppc64le, and s390x are the only supported + choices currently. + items: + type: string + type: array + managementState: + description: managementState is top level on/off type of switch for + all operators. When "Managed", this operator processes config and + manipulates the samples accordingly. When "Unmanaged", this operator + ignores any updates to the resources it watches. When "Removed", + it reacts that same wasy as it does if the Config object is deleted, + meaning any ImageStreams or Templates it manages (i.e. it honors + the skipped lists) and the registry secret are deleted, along with + the ConfigMap in the operator's namespace that represents the last + config used to manipulate the samples, + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + samplesRegistry: + description: samplesRegistry allows for the specification of which + registry is accessed by the ImageStreams for their image content. Defaults + on the content in https://github.com/openshift/library that are + pulled into this github repository, but based on our pulling only + ocp content it typically defaults to registry.redhat.io. + type: string + skippedHelmCharts: + description: skippedHelmCharts specifies names of helm charts that + should NOT be managed. Admins can use this to allow them to delete + content they don’t want. They will still have to MANUALLY DELETE + the content but the operator will not recreate(or update) anything + listed here. Few examples of the name of helmcharts which can be + skipped are 'redhat-redhat-perl-imagestreams','redhat-redhat-nodejs-imagestreams','redhat-nginx-imagestreams', + 'redhat-redhat-ruby-imagestreams','redhat-redhat-python-imagestreams','redhat-redhat-php-imagestreams', + 'redhat-httpd-imagestreams','redhat-redhat-dotnet-imagestreams'. + Rest of the names can be obtained from openshift console --> helmcharts + -->installed helmcharts. This will display the list of all the 12 + helmcharts(of imagestreams)being installed by Samples Operator. + The skippedHelmCharts must be a valid Kubernetes resource name. + May contain only lowercase alphanumeric characters, hyphens and + periods, and each period separated segment must begin and end with + an alphanumeric character. It must be non-empty and at most 253 + characters in length + items: + description: HelmChartName is a string alias that is used to represent + the name of a helm chart. + maxLength: 253 + minLength: 1 + type: string + maxItems: 16 + type: array + x-kubernetes-list-type: set + x-kubernetes-validations: + - message: skippedHelmCharts must be a valid Kubernetes resource name. + May contain only lowercase alphanumeric characters, hyphens and + periods, and each period separated segment must begin and end + with an alphanumeric character + rule: self.all(x, x.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')) + skippedImagestreams: + description: skippedImagestreams specifies names of image streams + that should NOT be created/updated. Admins can use this to allow + them to delete content they don’t want. They will still have to + manually delete the content but the operator will not recreate(or + update) anything listed here. + items: + type: string + type: array + skippedTemplates: + description: skippedTemplates specifies names of templates that should + NOT be created/updated. Admins can use this to allow them to delete + content they don’t want. They will still have to manually delete + the content but the operator will not recreate(or update) anything + listed here. + items: + type: string + type: array + type: object + status: + description: ConfigStatus contains the actual configuration in effect, + as well as various details that describe the state of the Samples Operator. + properties: + architectures: + description: architectures determine which hardware architecture(s) + to install, where x86_64 and ppc64le are the supported choices. + items: + type: string + type: array + conditions: + description: conditions represents the available maintenance status + of the sample imagestreams and templates. + items: + description: ConfigCondition captures various conditions of the + Config as entries are processed. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + format: date-time + type: string + lastUpdateTime: + description: lastUpdateTime is the last time this condition + was updated. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. + type: string + reason: + description: reason is what caused the condition's last transition. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type of condition. + type: string + required: + - status + - type + type: object + type: array + managementState: + description: managementState reflects the current operational status + of the on/off switch for the operator. This operator compares the + ManagementState as part of determining that we are turning the operator + back on (i.e. "Managed") when it was previously "Unmanaged". + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + samplesRegistry: + description: samplesRegistry allows for the specification of which + registry is accessed by the ImageStreams for their image content. Defaults + on the content in https://github.com/openshift/library that are + pulled into this github repository, but based on our pulling only + ocp content it typically defaults to registry.redhat.io. + type: string + skippedImagestreams: + description: skippedImagestreams specifies names of image streams + that should NOT be created/updated. Admins can use this to allow + them to delete content they don’t want. They will still have to + manually delete the content but the operator will not recreate(or + update) anything listed here. + items: + type: string + type: array + skippedTemplates: + description: skippedTemplates specifies names of templates that should + NOT be created/updated. Admins can use this to allow them to delete + content they don’t want. They will still have to manually delete + the content but the operator will not recreate(or update) anything + listed here. + items: + type: string + type: array + version: + description: version is the value of the operator's payload based + version indicator when it was last successfully processed + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/samples/v1/generated.proto b/vendor/github.com/openshift/api/samples/v1/generated.proto index 28bbf75126..3df9f19f99 100644 --- a/vendor/github.com/openshift/api/samples/v1/generated.proto +++ b/vendor/github.com/openshift/api/samples/v1/generated.proto @@ -17,14 +17,6 @@ option go_package = "github.com/openshift/api/samples/v1"; // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:path=configs,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/513 -// +openshift:file-pattern=operatorOrdering=00 -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift samples operator." -// +kubebuilder:metadata:annotations="displayName=ConfigsSamples" message Config { // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata diff --git a/vendor/github.com/openshift/api/samples/v1/stable.config.testsuite.yaml b/vendor/github.com/openshift/api/samples/v1/stable.config.testsuite.yaml index 7f18fb52bf..c83d640ee1 100644 --- a/vendor/github.com/openshift/api/samples/v1/stable.config.testsuite.yaml +++ b/vendor/github.com/openshift/api/samples/v1/stable.config.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] Config" -crd: 00_configs.crd.yaml +crd: 00_samplesconfig.crd.yaml tests: onCreate: - name: Should be able to create a minimal Config diff --git a/vendor/github.com/openshift/api/samples/v1/types_config.go b/vendor/github.com/openshift/api/samples/v1/types_config.go index c4bf380439..b16da46ce1 100644 --- a/vendor/github.com/openshift/api/samples/v1/types_config.go +++ b/vendor/github.com/openshift/api/samples/v1/types_config.go @@ -14,14 +14,6 @@ import ( // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 -// +kubebuilder:object:root=true -// +kubebuilder:subresource:status -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:path=configs,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/513 -// +openshift:file-pattern=operatorOrdering=00 -// +kubebuilder:metadata:annotations="description=Extension for configuring openshift samples operator." -// +kubebuilder:metadata:annotations="displayName=ConfigsSamples" type Config struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/samples/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/samples/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 87bf27b519..0000000000 --- a/vendor/github.com/openshift/api/samples/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,23 +0,0 @@ -configs.samples.operator.openshift.io: - Annotations: - description: Extension for configuring openshift samples operator. - displayName: ConfigsSamples - ApprovedPRNumber: https://github.com/openshift/api/pull/513 - CRDName: configs.samples.operator.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "00" - FilenameRunLevel: "" - GroupName: samples.operator.openshift.io - HasStatus: true - KindName: Config - Labels: {} - PluralName: configs - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml b/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml new file mode 100644 index 0000000000..a533efbc15 --- /dev/null +++ b/vendor/github.com/openshift/api/security/v1/0000_03_security-openshift_01_scc.crd.yaml @@ -0,0 +1,365 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/470 + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + include.release.openshift.io/single-node-developer: "true" + name: securitycontextconstraints.security.openshift.io +spec: + group: security.openshift.io + names: + kind: SecurityContextConstraints + listKind: SecurityContextConstraintsList + plural: securitycontextconstraints + singular: securitycontextconstraints + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Determines if a container can request to be run as privileged + jsonPath: .allowPrivilegedContainer + name: Priv + type: string + - description: A list of capabilities that can be requested to add to the container + jsonPath: .allowedCapabilities + name: Caps + type: string + - description: Strategy that will dictate what labels will be set in the SecurityContext + jsonPath: .seLinuxContext.type + name: SELinux + type: string + - description: Strategy that will dictate what RunAsUser is used in the SecurityContext + jsonPath: .runAsUser.type + name: RunAsUser + type: string + - description: Strategy that will dictate what fs group is used by the SecurityContext + jsonPath: .fsGroup.type + name: FSGroup + type: string + - description: Strategy that will dictate what supplemental groups are used by + the SecurityContext + jsonPath: .supplementalGroups.type + name: SupGroup + type: string + - description: Sort order of SCCs + jsonPath: .priority + name: Priority + type: string + - description: Force containers to run with a read only root file system + jsonPath: .readOnlyRootFilesystem + name: ReadOnlyRootFS + type: string + - description: White list of allowed volume plugins + jsonPath: .volumes + name: Volumes + type: string + name: v1 + schema: + openAPIV3Schema: + description: "SecurityContextConstraints governs the ability to make requests + that affect the SecurityContext that will be applied to a container. For + historical reasons SCC was exposed under the core Kubernetes API group. + That exposure is deprecated and will be removed in a future release - users + should instead use the security.openshift.io group to manage SecurityContextConstraints. + \n Compatibility level 1: Stable within a major release for a minimum of + 12 months or 3 minor releases (whichever is longer)." + properties: + allowHostDirVolumePlugin: + description: AllowHostDirVolumePlugin determines if the policy allow containers + to use the HostDir volume plugin + type: boolean + allowHostIPC: + description: AllowHostIPC determines if the policy allows host ipc in + the containers. + type: boolean + allowHostNetwork: + description: AllowHostNetwork determines if the policy allows the use + of HostNetwork in the pod spec. + type: boolean + allowHostPID: + description: AllowHostPID determines if the policy allows host pid in + the containers. + type: boolean + allowHostPorts: + description: AllowHostPorts determines if the policy allows host ports + in the containers. + type: boolean + allowPrivilegeEscalation: + description: AllowPrivilegeEscalation determines if a pod can request + to allow privilege escalation. If unspecified, defaults to true. + nullable: true + type: boolean + allowPrivilegedContainer: + description: AllowPrivilegedContainer determines if a container can request + to be run as privileged. + type: boolean + allowedCapabilities: + description: AllowedCapabilities is a list of capabilities that can be + requested to add to the container. Capabilities in this field maybe + added at the pod author's discretion. You must not list a capability + in both AllowedCapabilities and RequiredDropCapabilities. To allow all + capabilities you may use '*'. + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + type: array + allowedFlexVolumes: + description: AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty + or nil indicates that all Flexvolumes may be used. This parameter is + effective only when the usage of the Flexvolumes is allowed in the "Volumes" + field. + items: + description: AllowedFlexVolume represents a single Flexvolume that is + allowed to be used. + properties: + driver: + description: Driver is the name of the Flexvolume driver. + type: string + required: + - driver + type: object + nullable: true + type: array + allowedUnsafeSysctls: + description: "AllowedUnsafeSysctls is a list of explicitly allowed unsafe + sysctls, defaults to none. Each entry is either a plain sysctl name + or ends in \"*\" in which case it is considered as a prefix of allowed + sysctls. Single * means all unsafe sysctls are allowed. Kubelet has + to whitelist all allowed unsafe sysctls explicitly to avoid rejection. + \n Examples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. + \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc." + items: + type: string + nullable: true + type: array + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + defaultAddCapabilities: + description: DefaultAddCapabilities is the default set of capabilities + that will be added to the container unless the pod spec specifically + drops the capability. You may not list a capabiility in both DefaultAddCapabilities + and RequiredDropCapabilities. + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + type: array + defaultAllowPrivilegeEscalation: + description: DefaultAllowPrivilegeEscalation controls the default setting + for whether a process can gain more privileges than its parent process. + nullable: true + type: boolean + forbiddenSysctls: + description: "ForbiddenSysctls is a list of explicitly forbidden sysctls, + defaults to none. Each entry is either a plain sysctl name or ends in + \"*\" in which case it is considered as a prefix of forbidden sysctls. + Single * means all sysctls are forbidden. \n Examples: e.g. \"foo/*\" + forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", + \"foo.baz\", etc." + items: + type: string + nullable: true + type: array + fsGroup: + description: FSGroup is the strategy that will dictate what fs group is + used by the SecurityContext. + nullable: true + properties: + ranges: + description: Ranges are the allowed ranges of fs groups. If you would + like to force a single fs group then supply a single range with + the same start and end. + items: + description: 'IDRange provides a min/max of an allowed range of + IDs. TODO: this could be reused for UIDs.' + properties: + max: + description: Max is the end of the range, inclusive. + format: int64 + type: integer + min: + description: Min is the start of the range, inclusive. + format: int64 + type: integer + type: object + type: array + type: + description: Type is the strategy that will dictate what FSGroup is + used in the SecurityContext. + type: string + type: object + groups: + description: The groups that have permission to use this security context + constraints + items: + type: string + nullable: true + type: array + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + priority: + description: Priority influences the sort order of SCCs when evaluating + which SCCs to try first for a given pod request based on access in the + Users and Groups fields. The higher the int, the higher priority. An + unset value is considered a 0 priority. If scores for multiple SCCs + are equal they will be sorted from most restrictive to least restrictive. + If both priorities and restrictions are equal the SCCs will be sorted + by name. + format: int32 + nullable: true + type: integer + readOnlyRootFilesystem: + description: ReadOnlyRootFilesystem when set to true will force containers + to run with a read only root file system. If the container specifically + requests to run with a non-read only root file system the SCC should + deny the pod. If set to false the container may run with a read only + root file system if it wishes but it will not be forced to. + type: boolean + requiredDropCapabilities: + description: RequiredDropCapabilities are the capabilities that will be + dropped from the container. These are required to be dropped and cannot + be added. + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + type: array + runAsUser: + description: RunAsUser is the strategy that will dictate what RunAsUser + is used in the SecurityContext. + nullable: true + properties: + type: + description: Type is the strategy that will dictate what RunAsUser + is used in the SecurityContext. + type: string + uid: + description: UID is the user id that containers must run as. Required + for the MustRunAs strategy if not using namespace/service account + allocated uids. + format: int64 + type: integer + uidRangeMax: + description: UIDRangeMax defines the max value for a strategy that + allocates by range. + format: int64 + type: integer + uidRangeMin: + description: UIDRangeMin defines the min value for a strategy that + allocates by range. + format: int64 + type: integer + type: object + seLinuxContext: + description: SELinuxContext is the strategy that will dictate what labels + will be set in the SecurityContext. + nullable: true + properties: + seLinuxOptions: + description: seLinuxOptions required to run as; required for MustRunAs + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + type: object + type: + description: Type is the strategy that will dictate what SELinux context + is used in the SecurityContext. + type: string + type: object + seccompProfiles: + description: "SeccompProfiles lists the allowed profiles that may be set + for the pod or container's seccomp annotations. An unset (nil) or empty + value means that no profiles may be specifid by the pod or container.\tThe + wildcard '*' may be used to allow all profiles. When used to generate + a value for a pod the first non-wildcard profile will be used as the + default." + items: + type: string + nullable: true + type: array + supplementalGroups: + description: SupplementalGroups is the strategy that will dictate what + supplemental groups are used by the SecurityContext. + nullable: true + properties: + ranges: + description: Ranges are the allowed ranges of supplemental groups. If + you would like to force a single supplemental group then supply + a single range with the same start and end. + items: + description: 'IDRange provides a min/max of an allowed range of + IDs. TODO: this could be reused for UIDs.' + properties: + max: + description: Max is the end of the range, inclusive. + format: int64 + type: integer + min: + description: Min is the start of the range, inclusive. + format: int64 + type: integer + type: object + type: array + type: + description: Type is the strategy that will dictate what supplemental + groups is used in the SecurityContext. + type: string + type: object + users: + description: The users who have permissions to use this security context + constraints + items: + type: string + nullable: true + type: array + volumes: + description: Volumes is a white list of allowed volume plugins. FSType + corresponds directly with the field names of a VolumeSource (azureFile, + configMap, emptyDir). To allow all volumes you may use "*". To allow + no volumes, set to ["none"]. + items: + description: FS Type gives strong typing to different file systems that + are used by volumes. + type: string + nullable: true + type: array + required: + - allowHostDirVolumePlugin + - allowHostIPC + - allowHostNetwork + - allowHostPID + - allowHostPorts + - allowPrivilegedContainer + - allowedCapabilities + - defaultAddCapabilities + - priority + - readOnlyRootFilesystem + - requiredDropCapabilities + - volumes + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/security/v1/generated.proto b/vendor/github.com/openshift/api/security/v1/generated.proto index c6d60915d3..d842079a01 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.proto +++ b/vendor/github.com/openshift/api/security/v1/generated.proto @@ -195,19 +195,15 @@ message SELinuxContextStrategyOptions { // SecurityContextConstraints. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=securitycontextconstraints,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 -// +kubebuilder:printcolumn:name="Priv",type=string,JSONPath=.allowPrivilegedContainer,description="Determines if a container can request to be run as privileged" -// +kubebuilder:printcolumn:name="Caps",type=string,JSONPath=.allowedCapabilities,description="A list of capabilities that can be requested to add to the container" -// +kubebuilder:printcolumn:name="SELinux",type=string,JSONPath=.seLinuxContext.type,description="Strategy that will dictate what labels will be set in the SecurityContext" -// +kubebuilder:printcolumn:name="RunAsUser",type=string,JSONPath=.runAsUser.type,description="Strategy that will dictate what RunAsUser is used in the SecurityContext" -// +kubebuilder:printcolumn:name="FSGroup",type=string,JSONPath=.fsGroup.type,description="Strategy that will dictate what fs group is used by the SecurityContext" -// +kubebuilder:printcolumn:name="SupGroup",type=string,JSONPath=.supplementalGroups.type,description="Strategy that will dictate what supplemental groups are used by the SecurityContext" -// +kubebuilder:printcolumn:name="Priority",type=string,JSONPath=.priority,description="Sort order of SCCs" -// +kubebuilder:printcolumn:name="ReadOnlyRootFS",type=string,JSONPath=.readOnlyRootFilesystem,description="Force containers to run with a read only root file system" -// +kubebuilder:printcolumn:name="Volumes",type=string,JSONPath=.volumes,description="White list of allowed volume plugins" +// +kubebuilder:printcolumn:name="Priv",type=string,JSONPath=`.allowPrivilegedContainer`,description="Determines if a container can request to be run as privileged" +// +kubebuilder:printcolumn:name="Caps",type=string,JSONPath=`.allowedCapabilities`,description="A list of capabilities that can be requested to add to the container" +// +kubebuilder:printcolumn:name="SELinux",type=string,JSONPath=`.seLinuxContext.type`,description="Strategy that will dictate what labels will be set in the SecurityContext" +// +kubebuilder:printcolumn:name="RunAsUser",type=string,JSONPath=`.runAsUser.type`,description="Strategy that will dictate what RunAsUser is used in the SecurityContext" +// +kubebuilder:printcolumn:name="FSGroup",type=string,JSONPath=`.fsGroup.type`,description="Strategy that will dictate what fs group is used by the SecurityContext" +// +kubebuilder:printcolumn:name="SupGroup",type=string,JSONPath=`.supplementalGroups.type`,description="Strategy that will dictate what supplemental groups are used by the SecurityContext" +// +kubebuilder:printcolumn:name="Priority",type=string,JSONPath=`.priority`,description="Sort order of SCCs" +// +kubebuilder:printcolumn:name="ReadOnlyRootFS",type=string,JSONPath=`.readOnlyRootFilesystem`,description="Force containers to run with a read only root file system" +// +kubebuilder:printcolumn:name="Volumes",type=string,JSONPath=`.volumes`,description="White list of allowed volume plugins" // +kubebuilder:singular=securitycontextconstraint // +openshift:compatibility-gen:level=1 message SecurityContextConstraints { diff --git a/vendor/github.com/openshift/api/security/v1/stable.securitycontextconstraints.testsuite.yaml b/vendor/github.com/openshift/api/security/v1/stable.securitycontextconstraints.testsuite.yaml index 89a565d595..d663b94c26 100644 --- a/vendor/github.com/openshift/api/security/v1/stable.securitycontextconstraints.testsuite.yaml +++ b/vendor/github.com/openshift/api/security/v1/stable.securitycontextconstraints.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] SecurityContextConstraints" -crd: 0000_03_config-operator_01_securitycontextconstraints.crd.yaml +crd: 0000_03_security-openshift_01_scc.crd.yaml tests: onCreate: - name: Should be able to create a minimal SecurityContextConstraints diff --git a/vendor/github.com/openshift/api/security/v1/types.go b/vendor/github.com/openshift/api/security/v1/types.go index b57da30581..3e208210c4 100644 --- a/vendor/github.com/openshift/api/security/v1/types.go +++ b/vendor/github.com/openshift/api/security/v1/types.go @@ -22,19 +22,15 @@ var AllowAllCapabilities corev1.Capability = "*" // SecurityContextConstraints. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=securitycontextconstraints,scope=Cluster -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 -// +kubebuilder:printcolumn:name="Priv",type=string,JSONPath=.allowPrivilegedContainer,description="Determines if a container can request to be run as privileged" -// +kubebuilder:printcolumn:name="Caps",type=string,JSONPath=.allowedCapabilities,description="A list of capabilities that can be requested to add to the container" -// +kubebuilder:printcolumn:name="SELinux",type=string,JSONPath=.seLinuxContext.type,description="Strategy that will dictate what labels will be set in the SecurityContext" -// +kubebuilder:printcolumn:name="RunAsUser",type=string,JSONPath=.runAsUser.type,description="Strategy that will dictate what RunAsUser is used in the SecurityContext" -// +kubebuilder:printcolumn:name="FSGroup",type=string,JSONPath=.fsGroup.type,description="Strategy that will dictate what fs group is used by the SecurityContext" -// +kubebuilder:printcolumn:name="SupGroup",type=string,JSONPath=.supplementalGroups.type,description="Strategy that will dictate what supplemental groups are used by the SecurityContext" -// +kubebuilder:printcolumn:name="Priority",type=string,JSONPath=.priority,description="Sort order of SCCs" -// +kubebuilder:printcolumn:name="ReadOnlyRootFS",type=string,JSONPath=.readOnlyRootFilesystem,description="Force containers to run with a read only root file system" -// +kubebuilder:printcolumn:name="Volumes",type=string,JSONPath=.volumes,description="White list of allowed volume plugins" +// +kubebuilder:printcolumn:name="Priv",type=string,JSONPath=`.allowPrivilegedContainer`,description="Determines if a container can request to be run as privileged" +// +kubebuilder:printcolumn:name="Caps",type=string,JSONPath=`.allowedCapabilities`,description="A list of capabilities that can be requested to add to the container" +// +kubebuilder:printcolumn:name="SELinux",type=string,JSONPath=`.seLinuxContext.type`,description="Strategy that will dictate what labels will be set in the SecurityContext" +// +kubebuilder:printcolumn:name="RunAsUser",type=string,JSONPath=`.runAsUser.type`,description="Strategy that will dictate what RunAsUser is used in the SecurityContext" +// +kubebuilder:printcolumn:name="FSGroup",type=string,JSONPath=`.fsGroup.type`,description="Strategy that will dictate what fs group is used by the SecurityContext" +// +kubebuilder:printcolumn:name="SupGroup",type=string,JSONPath=`.supplementalGroups.type`,description="Strategy that will dictate what supplemental groups are used by the SecurityContext" +// +kubebuilder:printcolumn:name="Priority",type=string,JSONPath=`.priority`,description="Sort order of SCCs" +// +kubebuilder:printcolumn:name="ReadOnlyRootFS",type=string,JSONPath=`.readOnlyRootFilesystem`,description="Force containers to run with a read only root file system" +// +kubebuilder:printcolumn:name="Volumes",type=string,JSONPath=`.volumes`,description="White list of allowed volume plugins" // +kubebuilder:singular=securitycontextconstraint // +openshift:compatibility-gen:level=1 type SecurityContextConstraints struct { diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index ea3967ab28..0000000000 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,58 +0,0 @@ -securitycontextconstraints.security.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/470 - CRDName: securitycontextconstraints.security.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" - GroupName: security.openshift.io - HasStatus: false - KindName: SecurityContextConstraints - Labels: {} - PluralName: securitycontextconstraints - PrinterColumns: - - description: Determines if a container can request to be run as privileged - jsonPath: .allowPrivilegedContainer - name: Priv - type: string - - description: A list of capabilities that can be requested to add to the container - jsonPath: .allowedCapabilities - name: Caps - type: string - - description: Strategy that will dictate what labels will be set in the SecurityContext - jsonPath: .seLinuxContext.type - name: SELinux - type: string - - description: Strategy that will dictate what RunAsUser is used in the SecurityContext - jsonPath: .runAsUser.type - name: RunAsUser - type: string - - description: Strategy that will dictate what fs group is used by the SecurityContext - jsonPath: .fsGroup.type - name: FSGroup - type: string - - description: Strategy that will dictate what supplemental groups are used by the - SecurityContext - jsonPath: .supplementalGroups.type - name: SupGroup - type: string - - description: Sort order of SCCs - jsonPath: .priority - name: Priority - type: string - - description: Force containers to run with a read only root file system - jsonPath: .readOnlyRootFilesystem - name: ReadOnlyRootFS - type: string - - description: White list of allowed volume plugins - jsonPath: .volumes - name: Volumes - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1 - diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/sharedresource/v1alpha1/0000_10_sharedconfigmap.crd.yaml similarity index 62% rename from vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/sharedresource/v1alpha1/0000_10_sharedconfigmap.crd.yaml index 21ba1f8fd1..5a4cab65b8 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/0000_10_sharedconfigmap.crd.yaml @@ -2,31 +2,39 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1713 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: CustomNoUpgrade - labels: - openshift.io/operator-managed: "" - name: pinnedimagesets.machineconfiguration.openshift.io + api-approved.openshift.io: https://github.com/openshift/api/pull/979 + description: Extension for sharing ConfigMaps across Namespaces + displayName: SharedConfigMap + name: sharedconfigmaps.sharedresource.openshift.io spec: - group: machineconfiguration.openshift.io + group: sharedresource.openshift.io names: - kind: PinnedImageSet - listKind: PinnedImageSetList - plural: pinnedimagesets - singular: pinnedimageset + kind: SharedConfigMap + listKind: SharedConfigMapList + plural: sharedconfigmaps + singular: sharedconfigmap scope: Cluster versions: - name: v1alpha1 schema: openAPIV3Schema: - description: "PinnedImageSet describes a set of images that should be pinned - by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools. - \n Compatibility level 4: No compatibility is provided, the API can change - at any point for any reason. These capabilities should not be used by applications + description: "SharedConfigMap allows a ConfigMap to be shared across namespaces. + Pods can mount the shared ConfigMap by adding a CSI volume to the pod specification + using the \"csi.sharedresource.openshift.io\" CSI driver and a reference + to the SharedConfigMap in the volume attributes: \n spec: volumes: - name: + shared-configmap csi: driver: csi.sharedresource.openshift.io volumeAttributes: + sharedConfigMap: my-share \n For the mount to be successful, the pod's service + account must be granted permission to 'use' the named SharedConfigMap object + within its namespace with an appropriate Role and RoleBinding. For compactness, + here are example `oc` invocations for creating such Role and RoleBinding + objects. \n `oc create role shared-resource-my-share --verb=use --resource=sharedconfigmaps.sharedresource.openshift.io + --resource-name=my-share` `oc create rolebinding shared-resource-my-share + --role=shared-resource-my-share --serviceaccount=my-namespace:default` \n + Shared resource objects, in this case ConfigMaps, have default permissions + of list, get, and watch for system authenticated users. \n Compatibility + level 4: No compatibility is provided, the API can change at any point for + any reason. These capabilities should not be used by applications needing + long term support. These capabilities should not be used by applications needing long term support." properties: apiVersion: @@ -42,50 +50,36 @@ spec: metadata: type: object spec: - description: spec describes the configuration of this pinned image set. + description: spec is the specification of the desired shared configmap properties: - pinnedImages: - description: "pinnedImages is a list of OCI Image referenced by digest - that should be pinned and pre-loaded by the nodes of a MachineConfigPool. - Translates into a new file inside the /etc/crio/crio.conf.d directory - with content similar to this: \n pinned_images = [ \"quay.io/openshift-release-dev/ocp-release@sha256:...\", - \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\", - ... ] \n These image references should all be by digest, tags aren't - allowed." - items: - properties: - name: - description: "name is an OCI Image referenced by digest. \n - The format of the image ref is: host[:port][/namespace]/name@sha256:" - maxLength: 447 - minLength: 1 - type: string - x-kubernetes-validations: - - message: the OCI Image reference must end with a valid '@sha256:' - suffix, where '' is 64 characters long - rule: self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$') - - message: the OCI Image name should follow the host[:port][/namespace]/name - format, resembling a valid URL without the scheme - rule: self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$') - required: - - name - type: object - maxItems: 500 - minItems: 1 - type: array - x-kubernetes-list-map-keys: + configMapRef: + description: configMapRef is a reference to the ConfigMap to share + properties: + name: + description: name represents the name of the ConfigMap that is + being referenced. + type: string + namespace: + description: namespace represents the namespace where the referenced + ConfigMap is located. + type: string + required: - name - x-kubernetes-list-type: map + - namespace + type: object + description: + description: description is a user readable explanation of what the + backing resource provides. + type: string required: - - pinnedImages + - configMapRef type: object status: - description: status describes the last observed state of this pinned image - set. + description: status is the observed status of the shared configmap properties: conditions: - description: conditions represent the observations of a pinned image - set's current state. + description: conditions represents any observations made on this particular + shared resource by the underlying CSI driver or Share controller. items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct @@ -153,12 +147,7 @@ spec: - type type: object type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map type: object - required: - - spec type: object served: true storage: true diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_etcd_01_etcdbackups-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/sharedresource/v1alpha1/0000_10_sharedsecret.crd.yaml similarity index 67% rename from vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_etcd_01_etcdbackups-CustomNoUpgrade.crd.yaml rename to vendor/github.com/openshift/api/sharedresource/v1alpha1/0000_10_sharedsecret.crd.yaml index 6c19f17a6d..da46fb0fcf 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests/0000_10_etcd_01_etcdbackups-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/0000_10_sharedsecret.crd.yaml @@ -2,30 +2,40 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1482 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - include.release.openshift.io/single-node-developer: "true" - release.openshift.io/feature-set: CustomNoUpgrade - name: etcdbackups.operator.openshift.io + api-approved.openshift.io: https://github.com/openshift/api/pull/979 + description: Extension for sharing Secrets across Namespaces + displayName: SharedSecret + name: sharedsecrets.sharedresource.openshift.io spec: - group: operator.openshift.io + group: sharedresource.openshift.io names: - kind: EtcdBackup - listKind: EtcdBackupList - plural: etcdbackups - singular: etcdbackup + kind: SharedSecret + listKind: SharedSecretList + plural: sharedsecrets + singular: sharedsecret scope: Cluster versions: - name: v1alpha1 schema: openAPIV3Schema: - description: "# EtcdBackup provides configuration options and status for a - one-time backup attempt of the etcd cluster \n Compatibility level 4: No - compatibility is provided, the API can change at any point for any reason. - These capabilities should not be used by applications needing long term - support." + description: "SharedSecret allows a Secret to be shared across namespaces. + Pods can mount the shared Secret by adding a CSI volume to the pod specification + using the \"csi.sharedresource.openshift.io\" CSI driver and a reference + to the SharedSecret in the volume attributes: \n spec: volumes: - name: + shared-secret csi: driver: csi.sharedresource.openshift.io volumeAttributes: + sharedSecret: my-share \n For the mount to be successful, the pod's service + account must be granted permission to 'use' the named SharedSecret object + within its namespace with an appropriate Role and RoleBinding. For compactness, + here are example `oc` invocations for creating such Role and RoleBinding + objects. \n `oc create role shared-resource-my-share --verb=use --resource=sharedsecrets.sharedresource.openshift.io + --resource-name=my-share` `oc create rolebinding shared-resource-my-share + --role=shared-resource-my-share --serviceaccount=my-namespace:default` \n + Shared resource objects, in this case Secrets, have default permissions + of list, get, and watch for system authenticated users. \n Compatibility + level 4: No compatibility is provided, the API can change at any point for + any reason. These capabilities should not be used by applications needing + long term support. These capabilities should not be used by applications + needing long term support." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -40,45 +50,36 @@ spec: metadata: type: object spec: - description: spec holds user settable values for configuration + description: spec is the specification of the desired shared secret properties: - pvcName: - description: PVCName specifies the name of the PersistentVolumeClaim - (PVC) which binds a PersistentVolume where the etcd backup file - would be saved The PVC itself must always be created in the "openshift-etcd" - namespace If the PVC is left unspecified "" then the platform will - choose a reasonable default location to save the backup. In the - future this would be backups saved across the control-plane master - nodes. + description: + description: description is a user readable explanation of what the + backing resource provides. type: string - x-kubernetes-validations: - - message: pvcName is immutable once set - rule: self == oldSelf - type: object - status: - description: status holds observed values from the cluster. They may not - be overridden. - properties: - backupJob: - description: backupJob is the reference to the Job that executes the - backup. Optional + secretRef: + description: secretRef is a reference to the Secret to share properties: name: - description: name is the name of the Job. Required + description: name represents the name of the Secret that is being + referenced. type: string namespace: - description: namespace is the namespace of the Job. this is always - expected to be "openshift-etcd" since the user provided PVC - is also required to be in "openshift-etcd" Required - pattern: ^openshift-etcd$ + description: namespace represents the namespace where the referenced + Secret is located. type: string required: - name - namespace type: object + required: + - secretRef + type: object + status: + description: status is the observed status of the shared secret + properties: conditions: - description: conditions provide details on the status of the etcd - backup job. + description: conditions represents any observations made on this particular + shared resource by the underlying CSI driver or Share controller. items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct @@ -146,12 +147,7 @@ spec: - type type: object type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map type: object - required: - - spec type: object served: true storage: true diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedconfigmap.testsuite.yaml b/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedconfigmap.testsuite.yaml index 27aae464cf..dc26d6aca3 100644 --- a/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedconfigmap.testsuite.yaml +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedconfigmap.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] SharedConfigMap" -crd: sharedconfigmaps.crd.yaml +crd: 0000_10_sharedconfigmap.crd.yaml tests: onCreate: - name: Should be able to create a minimal SharedConfigMap diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedsecret.testsuite.yaml b/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedsecret.testsuite.yaml index b932af9827..14da75b1f2 100644 --- a/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedsecret.testsuite.yaml +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/stable.sharedsecret.testsuite.yaml @@ -1,6 +1,6 @@ apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this name: "[Stable] SharedSecret" -crd: sharedsecrets.crd.yaml +crd: 0000_10_sharedsecret.crd.yaml tests: onCreate: - name: Should be able to create a minimal SharedSecret diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_configmap.go b/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_configmap.go index 1eea47d02d..8ffd0b412b 100644 --- a/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_configmap.go +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_configmap.go @@ -29,14 +29,9 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. // These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=sharedconfigmaps,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/979 -// +kubebuilder:metadata:annotations="description=Extension for sharing ConfigMaps across Namespaces" -// +kubebuilder:metadata:annotations="displayName=SharedConfigMap" // +k8s:openapi-gen=true // +openshift:compatibility-gen:level=4 +// +kubebuilder:subresource:status type SharedConfigMap struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_secret.go b/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_secret.go index 654106bce6..6a6fb2246e 100644 --- a/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_secret.go +++ b/vendor/github.com/openshift/api/sharedresource/v1alpha1/types_shared_secret.go @@ -30,12 +30,8 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. // These capabilities should not be used by applications needing long term support. // +openshift:compatibility-gen:level=4 -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=sharedsecrets,scope=Cluster // +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/979 -// +kubebuilder:metadata:annotations="description=Extension for sharing Secrets across Namespaces" -// +kubebuilder:metadata:annotations="displayName=SharedSecret" +// type SharedSecret struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/sharedresource/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/sharedresource/v1alpha1/zz_generated.featuregated-crd-manifests.yaml deleted file mode 100644 index 874f1831e8..0000000000 --- a/vendor/github.com/openshift/api/sharedresource/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ /dev/null @@ -1,46 +0,0 @@ -sharedconfigmaps.sharedresource.openshift.io: - Annotations: - description: Extension for sharing ConfigMaps across Namespaces - displayName: SharedConfigMap - ApprovedPRNumber: https://github.com/openshift/api/pull/979 - CRDName: sharedconfigmaps.sharedresource.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "" - FilenameRunLevel: "" - GroupName: sharedresource.openshift.io - HasStatus: true - KindName: SharedConfigMap - Labels: {} - PluralName: sharedconfigmaps - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1alpha1 - -sharedsecrets.sharedresource.openshift.io: - Annotations: - description: Extension for sharing Secrets across Namespaces - displayName: SharedSecret - ApprovedPRNumber: https://github.com/openshift/api/pull/979 - CRDName: sharedsecrets.sharedresource.openshift.io - Capability: "" - Category: "" - FeatureGates: [] - FilenameOperatorName: "" - FilenameOperatorOrdering: "" - FilenameRunLevel: "" - GroupName: sharedresource.openshift.io - HasStatus: true - KindName: SharedSecret - Labels: {} - PluralName: sharedsecrets - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: [] - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go index 2c9cac1834..fe3397900a 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go @@ -152,41 +152,6 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec - map: - fields: - - name: pinnedImages - type: - list: - elementType: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef - elementRelationship: associative - keys: - - name - name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition map: fields: diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolspec.go index 78f4c4aa14..9bef4e0171 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolspec.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolspec.go @@ -15,7 +15,6 @@ type MachineConfigPoolSpecApplyConfiguration struct { Paused *bool `json:"paused,omitempty"` MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty"` Configuration *MachineConfigPoolStatusConfigurationApplyConfiguration `json:"configuration,omitempty"` - PinnedImageSets []PinnedImageSetRefApplyConfiguration `json:"pinnedImageSets,omitempty"` } // MachineConfigPoolSpecApplyConfiguration constructs an declarative configuration of the MachineConfigPoolSpec type for use with @@ -63,16 +62,3 @@ func (b *MachineConfigPoolSpecApplyConfiguration) WithConfiguration(value *Machi b.Configuration = value return b } - -// WithPinnedImageSets adds the given value to the PinnedImageSets field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the PinnedImageSets field. -func (b *MachineConfigPoolSpecApplyConfiguration) WithPinnedImageSets(values ...*PinnedImageSetRefApplyConfiguration) *MachineConfigPoolSpecApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithPinnedImageSets") - } - b.PinnedImageSets = append(b.PinnedImageSets, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/pinnedimagesetref.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/pinnedimagesetref.go deleted file mode 100644 index 087694af2b..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/pinnedimagesetref.go +++ /dev/null @@ -1,23 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// PinnedImageSetRefApplyConfiguration represents an declarative configuration of the PinnedImageSetRef type for use -// with apply. -type PinnedImageSetRefApplyConfiguration struct { - Name *string `json:"name,omitempty"` -} - -// PinnedImageSetRefApplyConfiguration constructs an declarative configuration of the PinnedImageSetRef type for use with -// apply. -func PinnedImageSetRef() *PinnedImageSetRefApplyConfiguration { - return &PinnedImageSetRefApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageSetRefApplyConfiguration) WithName(value string) *PinnedImageSetRefApplyConfiguration { - b.Name = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go deleted file mode 100644 index b4e91da005..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go +++ /dev/null @@ -1,23 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PinnedImageRefApplyConfiguration represents an declarative configuration of the PinnedImageRef type for use -// with apply. -type PinnedImageRefApplyConfiguration struct { - Name *string `json:"name,omitempty"` -} - -// PinnedImageRefApplyConfiguration constructs an declarative configuration of the PinnedImageRef type for use with -// apply. -func PinnedImageRef() *PinnedImageRefApplyConfiguration { - return &PinnedImageRefApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageRefApplyConfiguration) WithName(value string) *PinnedImageRefApplyConfiguration { - b.Name = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 98bc7131fd..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,231 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// PinnedImageSetApplyConfiguration represents an declarative configuration of the PinnedImageSet type for use -// with apply. -type PinnedImageSetApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *PinnedImageSetSpecApplyConfiguration `json:"spec,omitempty"` -} - -// PinnedImageSet constructs an declarative configuration of the PinnedImageSet type for use with -// apply. -func PinnedImageSet(name string) *PinnedImageSetApplyConfiguration { - b := &PinnedImageSetApplyConfiguration{} - b.WithName(name) - b.WithKind("PinnedImageSet") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b -} - -// ExtractPinnedImageSet extracts the applied configuration owned by fieldManager from -// pinnedImageSet. If no managedFields are found in pinnedImageSet for fieldManager, a -// PinnedImageSetApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// pinnedImageSet must be a unmodified PinnedImageSet API object that was retrieved from the Kubernetes API. -// ExtractPinnedImageSet provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -// Experimental! -func ExtractPinnedImageSet(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string) (*PinnedImageSetApplyConfiguration, error) { - return extractPinnedImageSet(pinnedImageSet, fieldManager, "") -} - -// ExtractPinnedImageSetStatus is the same as ExtractPinnedImageSet except -// that it extracts the status subresource applied configuration. -// Experimental! -func ExtractPinnedImageSetStatus(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string) (*PinnedImageSetApplyConfiguration, error) { - return extractPinnedImageSet(pinnedImageSet, fieldManager, "status") -} - -func extractPinnedImageSet(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string, subresource string) (*PinnedImageSetApplyConfiguration, error) { - b := &PinnedImageSetApplyConfiguration{} - err := managedfields.ExtractInto(pinnedImageSet, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(pinnedImageSet.Name) - - b.WithKind("PinnedImageSet") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b, nil -} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithKind(value string) *PinnedImageSetApplyConfiguration { - b.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithAPIVersion(value string) *PinnedImageSetApplyConfiguration { - b.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithName(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithGenerateName(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithNamespace(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithUID(value types.UID) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithResourceVersion(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithGeneration(value int64) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithCreationTimestamp(value metav1.Time) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *PinnedImageSetApplyConfiguration) WithLabels(entries map[string]string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.Labels == nil && len(entries) > 0 { - b.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *PinnedImageSetApplyConfiguration) WithAnnotations(entries map[string]string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.Annotations == nil && len(entries) > 0 { - b.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *PinnedImageSetApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.OwnerReferences = append(b.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *PinnedImageSetApplyConfiguration) WithFinalizers(values ...string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.Finalizers = append(b.Finalizers, values[i]) - } - return b -} - -func (b *PinnedImageSetApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithSpec(value *PinnedImageSetSpecApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.Spec = value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go deleted file mode 100644 index 4ef6775c65..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go +++ /dev/null @@ -1,28 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PinnedImageSetSpecApplyConfiguration represents an declarative configuration of the PinnedImageSetSpec type for use -// with apply. -type PinnedImageSetSpecApplyConfiguration struct { - PinnedImages []PinnedImageRefApplyConfiguration `json:"pinnedImages,omitempty"` -} - -// PinnedImageSetSpecApplyConfiguration constructs an declarative configuration of the PinnedImageSetSpec type for use with -// apply. -func PinnedImageSetSpec() *PinnedImageSetSpecApplyConfiguration { - return &PinnedImageSetSpecApplyConfiguration{} -} - -// WithPinnedImages adds the given value to the PinnedImages field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the PinnedImages field. -func (b *PinnedImageSetSpecApplyConfiguration) WithPinnedImages(values ...*PinnedImageRefApplyConfiguration) *PinnedImageSetSpecApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithPinnedImages") - } - b.PinnedImages = append(b.PinnedImages, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go index 485570fd98..425ee2c28f 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go @@ -16,10 +16,6 @@ func (c *FakeMachineconfigurationV1alpha1) MachineConfigNodes() v1alpha1.Machine return &FakeMachineConfigNodes{c} } -func (c *FakeMachineconfigurationV1alpha1) PinnedImageSets() v1alpha1.PinnedImageSetInterface { - return &FakePinnedImageSets{c} -} - // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeMachineconfigurationV1alpha1) RESTClient() rest.Interface { diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go deleted file mode 100644 index 8daf15a235..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go +++ /dev/null @@ -1,129 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - json "encoding/json" - "fmt" - - v1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - machineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakePinnedImageSets implements PinnedImageSetInterface -type FakePinnedImageSets struct { - Fake *FakeMachineconfigurationV1alpha1 -} - -var pinnedimagesetsResource = v1alpha1.SchemeGroupVersion.WithResource("pinnedimagesets") - -var pinnedimagesetsKind = v1alpha1.SchemeGroupVersion.WithKind("PinnedImageSet") - -// Get takes name of the pinnedImageSet, and returns the corresponding pinnedImageSet object, and an error if there is any. -func (c *FakePinnedImageSets) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PinnedImageSet, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(pinnedimagesetsResource, name), &v1alpha1.PinnedImageSet{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.PinnedImageSet), err -} - -// List takes label and field selectors, and returns the list of PinnedImageSets that match those selectors. -func (c *FakePinnedImageSets) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PinnedImageSetList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(pinnedimagesetsResource, pinnedimagesetsKind, opts), &v1alpha1.PinnedImageSetList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.PinnedImageSetList{ListMeta: obj.(*v1alpha1.PinnedImageSetList).ListMeta} - for _, item := range obj.(*v1alpha1.PinnedImageSetList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested pinnedImageSets. -func (c *FakePinnedImageSets) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(pinnedimagesetsResource, opts)) -} - -// Create takes the representation of a pinnedImageSet and creates it. Returns the server's representation of the pinnedImageSet, and an error, if there is any. -func (c *FakePinnedImageSets) Create(ctx context.Context, pinnedImageSet *v1alpha1.PinnedImageSet, opts v1.CreateOptions) (result *v1alpha1.PinnedImageSet, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(pinnedimagesetsResource, pinnedImageSet), &v1alpha1.PinnedImageSet{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.PinnedImageSet), err -} - -// Update takes the representation of a pinnedImageSet and updates it. Returns the server's representation of the pinnedImageSet, and an error, if there is any. -func (c *FakePinnedImageSets) Update(ctx context.Context, pinnedImageSet *v1alpha1.PinnedImageSet, opts v1.UpdateOptions) (result *v1alpha1.PinnedImageSet, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(pinnedimagesetsResource, pinnedImageSet), &v1alpha1.PinnedImageSet{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.PinnedImageSet), err -} - -// Delete takes name of the pinnedImageSet and deletes it. Returns an error if one occurs. -func (c *FakePinnedImageSets) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteActionWithOptions(pinnedimagesetsResource, name, opts), &v1alpha1.PinnedImageSet{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakePinnedImageSets) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(pinnedimagesetsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.PinnedImageSetList{}) - return err -} - -// Patch applies the patch and returns the patched pinnedImageSet. -func (c *FakePinnedImageSets) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnedImageSet, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(pinnedimagesetsResource, name, pt, data, subresources...), &v1alpha1.PinnedImageSet{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.PinnedImageSet), err -} - -// Apply takes the given apply declarative configuration, applies it and returns the applied pinnedImageSet. -func (c *FakePinnedImageSets) Apply(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.PinnedImageSet, err error) { - if pinnedImageSet == nil { - return nil, fmt.Errorf("pinnedImageSet provided to Apply must not be nil") - } - data, err := json.Marshal(pinnedImageSet) - if err != nil { - return nil, err - } - name := pinnedImageSet.Name - if name == nil { - return nil, fmt.Errorf("pinnedImageSet.Name must be provided to Apply") - } - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(pinnedimagesetsResource, *name, types.ApplyPatchType, data), &v1alpha1.PinnedImageSet{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.PinnedImageSet), err -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go index f73dfece1f..37de120197 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go @@ -3,5 +3,3 @@ package v1alpha1 type MachineConfigNodeExpansion interface{} - -type PinnedImageSetExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go index 866d96b95d..1b717606f3 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go @@ -13,7 +13,6 @@ import ( type MachineconfigurationV1alpha1Interface interface { RESTClient() rest.Interface MachineConfigNodesGetter - PinnedImageSetsGetter } // MachineconfigurationV1alpha1Client is used to interact with features provided by the machineconfiguration.openshift.io group. @@ -25,10 +24,6 @@ func (c *MachineconfigurationV1alpha1Client) MachineConfigNodes() MachineConfigN return newMachineConfigNodes(c) } -func (c *MachineconfigurationV1alpha1Client) PinnedImageSets() PinnedImageSetInterface { - return newPinnedImageSets(c) -} - // NewForConfig creates a new MachineconfigurationV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index a31d428fac..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,181 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - json "encoding/json" - "fmt" - "time" - - v1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - machineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// PinnedImageSetsGetter has a method to return a PinnedImageSetInterface. -// A group's client should implement this interface. -type PinnedImageSetsGetter interface { - PinnedImageSets() PinnedImageSetInterface -} - -// PinnedImageSetInterface has methods to work with PinnedImageSet resources. -type PinnedImageSetInterface interface { - Create(ctx context.Context, pinnedImageSet *v1alpha1.PinnedImageSet, opts v1.CreateOptions) (*v1alpha1.PinnedImageSet, error) - Update(ctx context.Context, pinnedImageSet *v1alpha1.PinnedImageSet, opts v1.UpdateOptions) (*v1alpha1.PinnedImageSet, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.PinnedImageSet, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.PinnedImageSetList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnedImageSet, err error) - Apply(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.PinnedImageSet, err error) - PinnedImageSetExpansion -} - -// pinnedImageSets implements PinnedImageSetInterface -type pinnedImageSets struct { - client rest.Interface -} - -// newPinnedImageSets returns a PinnedImageSets -func newPinnedImageSets(c *MachineconfigurationV1alpha1Client) *pinnedImageSets { - return &pinnedImageSets{ - client: c.RESTClient(), - } -} - -// Get takes name of the pinnedImageSet, and returns the corresponding pinnedImageSet object, and an error if there is any. -func (c *pinnedImageSets) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PinnedImageSet, err error) { - result = &v1alpha1.PinnedImageSet{} - err = c.client.Get(). - Resource("pinnedimagesets"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of PinnedImageSets that match those selectors. -func (c *pinnedImageSets) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PinnedImageSetList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.PinnedImageSetList{} - err = c.client.Get(). - Resource("pinnedimagesets"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested pinnedImageSets. -func (c *pinnedImageSets) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("pinnedimagesets"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a pinnedImageSet and creates it. Returns the server's representation of the pinnedImageSet, and an error, if there is any. -func (c *pinnedImageSets) Create(ctx context.Context, pinnedImageSet *v1alpha1.PinnedImageSet, opts v1.CreateOptions) (result *v1alpha1.PinnedImageSet, err error) { - result = &v1alpha1.PinnedImageSet{} - err = c.client.Post(). - Resource("pinnedimagesets"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(pinnedImageSet). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a pinnedImageSet and updates it. Returns the server's representation of the pinnedImageSet, and an error, if there is any. -func (c *pinnedImageSets) Update(ctx context.Context, pinnedImageSet *v1alpha1.PinnedImageSet, opts v1.UpdateOptions) (result *v1alpha1.PinnedImageSet, err error) { - result = &v1alpha1.PinnedImageSet{} - err = c.client.Put(). - Resource("pinnedimagesets"). - Name(pinnedImageSet.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(pinnedImageSet). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the pinnedImageSet and deletes it. Returns an error if one occurs. -func (c *pinnedImageSets) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("pinnedimagesets"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *pinnedImageSets) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("pinnedimagesets"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched pinnedImageSet. -func (c *pinnedImageSets) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnedImageSet, err error) { - result = &v1alpha1.PinnedImageSet{} - err = c.client.Patch(pt). - Resource("pinnedimagesets"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} - -// Apply takes the given apply declarative configuration, applies it and returns the applied pinnedImageSet. -func (c *pinnedImageSets) Apply(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.PinnedImageSet, err error) { - if pinnedImageSet == nil { - return nil, fmt.Errorf("pinnedImageSet provided to Apply must not be nil") - } - patchOpts := opts.ToPatchOptions() - data, err := json.Marshal(pinnedImageSet) - if err != nil { - return nil, err - } - name := pinnedImageSet.Name - if name == nil { - return nil, fmt.Errorf("pinnedImageSet.Name must be provided to Apply") - } - result = &v1alpha1.PinnedImageSet{} - err = c.client.Patch(types.ApplyPatchType). - Resource("pinnedimagesets"). - Name(*name). - VersionedParams(&patchOpts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go index 658ba65d58..ce9d5374b0 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go @@ -52,8 +52,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=machineconfiguration.openshift.io, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("machineconfignodes"): return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1alpha1().MachineConfigNodes().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("pinnedimagesets"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1alpha1().PinnedImageSets().Informer()}, nil } diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go index 201e84b1c6..89a69c9099 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go @@ -10,8 +10,6 @@ import ( type Interface interface { // MachineConfigNodes returns a MachineConfigNodeInformer. MachineConfigNodes() MachineConfigNodeInformer - // PinnedImageSets returns a PinnedImageSetInformer. - PinnedImageSets() PinnedImageSetInformer } type version struct { @@ -29,8 +27,3 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) MachineConfigNodes() MachineConfigNodeInformer { return &machineConfigNodeInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } - -// PinnedImageSets returns a PinnedImageSetInformer. -func (v *version) PinnedImageSets() PinnedImageSetInformer { - return &pinnedImageSetInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 9282f98958..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,73 +0,0 @@ -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - versioned "github.com/openshift/client-go/machineconfiguration/clientset/versioned" - internalinterfaces "github.com/openshift/client-go/machineconfiguration/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// PinnedImageSetInformer provides access to a shared informer and lister for -// PinnedImageSets. -type PinnedImageSetInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.PinnedImageSetLister -} - -type pinnedImageSetInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewPinnedImageSetInformer constructs a new informer for PinnedImageSet type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewPinnedImageSetInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredPinnedImageSetInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredPinnedImageSetInformer constructs a new informer for PinnedImageSet type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredPinnedImageSetInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().PinnedImageSets().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().PinnedImageSets().Watch(context.TODO(), options) - }, - }, - &machineconfigurationv1alpha1.PinnedImageSet{}, - resyncPeriod, - indexers, - ) -} - -func (f *pinnedImageSetInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredPinnedImageSetInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *pinnedImageSetInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&machineconfigurationv1alpha1.PinnedImageSet{}, f.defaultInformer) -} - -func (f *pinnedImageSetInformer) Lister() v1alpha1.PinnedImageSetLister { - return v1alpha1.NewPinnedImageSetLister(f.Informer().GetIndexer()) -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go index 7e1f91c1c1..4a0ca00a01 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go @@ -5,7 +5,3 @@ package v1alpha1 // MachineConfigNodeListerExpansion allows custom methods to be added to // MachineConfigNodeLister. type MachineConfigNodeListerExpansion interface{} - -// PinnedImageSetListerExpansion allows custom methods to be added to -// PinnedImageSetLister. -type PinnedImageSetListerExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 84a09a8522..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,52 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// PinnedImageSetLister helps list PinnedImageSets. -// All objects returned here must be treated as read-only. -type PinnedImageSetLister interface { - // List lists all PinnedImageSets in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.PinnedImageSet, err error) - // Get retrieves the PinnedImageSet from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.PinnedImageSet, error) - PinnedImageSetListerExpansion -} - -// pinnedImageSetLister implements the PinnedImageSetLister interface. -type pinnedImageSetLister struct { - indexer cache.Indexer -} - -// NewPinnedImageSetLister returns a new PinnedImageSetLister. -func NewPinnedImageSetLister(indexer cache.Indexer) PinnedImageSetLister { - return &pinnedImageSetLister{indexer: indexer} -} - -// List lists all PinnedImageSets in the indexer. -func (s *pinnedImageSetLister) List(selector labels.Selector) (ret []*v1alpha1.PinnedImageSet, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.PinnedImageSet)) - }) - return ret, err -} - -// Get retrieves the PinnedImageSet from the index for a given name. -func (s *pinnedImageSetLister) Get(name string) (*v1alpha1.PinnedImageSet, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("pinnedimageset"), name) - } - return obj.(*v1alpha1.PinnedImageSet), nil -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go index 23462480a6..900c47c231 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go @@ -285,9 +285,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -414,9 +412,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -503,9 +499,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -579,9 +573,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -658,9 +650,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -802,9 +792,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -1137,9 +1125,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: controlPlaneHardwareSpeed type: scalar: string @@ -1161,9 +1147,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName + elementRelationship: atomic - name: observedGeneration type: scalar: numeric @@ -1773,9 +1757,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: gatherStatus type: namedType: com.github.openshift.api.operator.v1.GatherStatus @@ -1873,9 +1855,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -1893,9 +1873,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName + elementRelationship: atomic - name: observedGeneration type: scalar: numeric @@ -1976,9 +1954,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -1996,9 +1972,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName + elementRelationship: atomic - name: observedGeneration type: scalar: numeric @@ -2069,9 +2043,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -2089,9 +2061,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName + elementRelationship: atomic - name: observedGeneration type: scalar: numeric @@ -2152,9 +2122,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -2263,18 +2231,10 @@ var schemaYAML = typed.YAMLObject(`types: - name: logLevel type: scalar: string - - name: managedBootImages - type: - namedType: com.github.openshift.api.operator.v1.ManagedBootImages - default: {} - name: managementState type: scalar: string default: "" - - name: nodeDisruptionPolicy - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig - default: {} - name: observedConfig type: namedType: __untyped_atomic_ @@ -2297,9 +2257,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -2312,18 +2270,12 @@ var schemaYAML = typed.YAMLObject(`types: - name: latestAvailableRevisionReason type: scalar: string - - name: nodeDisruptionPolicyStatus - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus - default: {} - name: nodeStatuses type: list: elementType: namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName + elementRelationship: atomic - name: observedGeneration type: scalar: numeric @@ -2334,48 +2286,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.MachineManager - map: - fields: - - name: apiGroup - type: - scalar: string - default: "" - - name: resource - type: - scalar: string - default: "" - - name: selection - type: - namedType: com.github.openshift.api.operator.v1.MachineManagerSelector - default: {} -- name: com.github.openshift.api.operator.v1.MachineManagerSelector - map: - fields: - - name: mode - type: - scalar: string - default: "" - - name: partial - type: - namedType: com.github.openshift.api.operator.v1.PartialSelector - unions: - - discriminator: mode - fields: - - fieldName: partial - discriminatorValue: Partial -- name: com.github.openshift.api.operator.v1.ManagedBootImages - map: - fields: - - name: machineManagers - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.MachineManager - elementRelationship: associative - keys: - - resource - - apiGroup - name: com.github.openshift.api.operator.v1.NetFlowConfig map: fields: @@ -2495,9 +2405,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -2514,169 +2422,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus - map: - fields: - - name: files - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile - elementRelationship: associative - keys: - - path - - name: sshkey - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey - default: {} - - name: units - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig - map: - fields: - - name: files - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile - elementRelationship: associative - keys: - - path - - name: sshkey - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey - default: {} - - name: units - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - map: - fields: - - name: reload - type: - namedType: com.github.openshift.api.operator.v1.ReloadService - - name: restart - type: - namedType: com.github.openshift.api.operator.v1.RestartService - - name: type - type: - scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: reload - discriminatorValue: Reload - - fieldName: restart - discriminatorValue: Restart -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - elementRelationship: atomic - - name: path - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - elementRelationship: atomic - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus - map: - fields: - - name: clusterPolicies - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus - default: {} -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - map: - fields: - - name: reload - type: - namedType: com.github.openshift.api.operator.v1.ReloadService - - name: restart - type: - namedType: com.github.openshift.api.operator.v1.RestartService - - name: type - type: - scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: reload - discriminatorValue: Reload - - fieldName: restart - discriminatorValue: Restart -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - elementRelationship: atomic - - name: path - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - elementRelationship: atomic - - name: name - type: - scalar: string - default: "" - name: com.github.openshift.api.operator.v1.NodePlacement map: fields: @@ -2819,9 +2564,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -2891,9 +2634,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -2950,12 +2691,6 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.PartialSelector - map: - fields: - - name: machineResourceSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - name: com.github.openshift.api.operator.v1.Perspective map: fields: @@ -3087,13 +2822,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.ReloadService - map: - fields: - - name: serviceName - type: - scalar: string - default: "" - name: com.github.openshift.api.operator.v1.ResourceAttributesAccessReview map: fields: @@ -3109,13 +2837,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: io.k8s.api.authorization.v1.ResourceAttributes elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.RestartService - map: - fields: - - name: serviceName - type: - scalar: string - default: "" - name: com.github.openshift.api.operator.v1.RouteAdmissionPolicy map: fields: @@ -3211,9 +2932,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -3280,9 +2999,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -3349,9 +3066,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -3500,9 +3215,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: @@ -3707,9 +3420,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: generations type: list: diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationspec.go index c86b116b4d..4ca52827eb 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationspec.go @@ -11,8 +11,6 @@ import ( // with apply. type MachineConfigurationSpecApplyConfiguration struct { StaticPodOperatorSpecApplyConfiguration `json:",inline"` - ManagedBootImages *ManagedBootImagesApplyConfiguration `json:"managedBootImages,omitempty"` - NodeDisruptionPolicy *NodeDisruptionPolicyConfigApplyConfiguration `json:"nodeDisruptionPolicy,omitempty"` } // MachineConfigurationSpecApplyConfiguration constructs an declarative configuration of the MachineConfigurationSpec type for use with @@ -84,19 +82,3 @@ func (b *MachineConfigurationSpecApplyConfiguration) WithSucceededRevisionLimit( b.SucceededRevisionLimit = &value return b } - -// WithManagedBootImages sets the ManagedBootImages field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ManagedBootImages field is set to the value of the last call. -func (b *MachineConfigurationSpecApplyConfiguration) WithManagedBootImages(value *ManagedBootImagesApplyConfiguration) *MachineConfigurationSpecApplyConfiguration { - b.ManagedBootImages = value - return b -} - -// WithNodeDisruptionPolicy sets the NodeDisruptionPolicy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the NodeDisruptionPolicy field is set to the value of the last call. -func (b *MachineConfigurationSpecApplyConfiguration) WithNodeDisruptionPolicy(value *NodeDisruptionPolicyConfigApplyConfiguration) *MachineConfigurationSpecApplyConfiguration { - b.NodeDisruptionPolicy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationstatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationstatus.go index b822970c42..5740627b4b 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationstatus.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machineconfigurationstatus.go @@ -6,7 +6,6 @@ package v1 // with apply. type MachineConfigurationStatusApplyConfiguration struct { StaticPodOperatorStatusApplyConfiguration `json:",inline"` - NodeDisruptionPolicyStatus *NodeDisruptionPolicyStatusApplyConfiguration `json:"nodeDisruptionPolicyStatus,omitempty"` } // MachineConfigurationStatusApplyConfiguration constructs an declarative configuration of the MachineConfigurationStatus type for use with @@ -93,11 +92,3 @@ func (b *MachineConfigurationStatusApplyConfiguration) WithNodeStatuses(values . } return b } - -// WithNodeDisruptionPolicyStatus sets the NodeDisruptionPolicyStatus field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the NodeDisruptionPolicyStatus field is set to the value of the last call. -func (b *MachineConfigurationStatusApplyConfiguration) WithNodeDisruptionPolicyStatus(value *NodeDisruptionPolicyStatusApplyConfiguration) *MachineConfigurationStatusApplyConfiguration { - b.NodeDisruptionPolicyStatus = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machinemanager.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machinemanager.go deleted file mode 100644 index d5df7be5b9..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machinemanager.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// MachineManagerApplyConfiguration represents an declarative configuration of the MachineManager type for use -// with apply. -type MachineManagerApplyConfiguration struct { - Resource *v1.MachineManagerMachineSetsResourceType `json:"resource,omitempty"` - APIGroup *v1.MachineManagerMachineSetsAPIGroupType `json:"apiGroup,omitempty"` - Selection *MachineManagerSelectorApplyConfiguration `json:"selection,omitempty"` -} - -// MachineManagerApplyConfiguration constructs an declarative configuration of the MachineManager type for use with -// apply. -func MachineManager() *MachineManagerApplyConfiguration { - return &MachineManagerApplyConfiguration{} -} - -// WithResource sets the Resource field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Resource field is set to the value of the last call. -func (b *MachineManagerApplyConfiguration) WithResource(value v1.MachineManagerMachineSetsResourceType) *MachineManagerApplyConfiguration { - b.Resource = &value - return b -} - -// WithAPIGroup sets the APIGroup field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIGroup field is set to the value of the last call. -func (b *MachineManagerApplyConfiguration) WithAPIGroup(value v1.MachineManagerMachineSetsAPIGroupType) *MachineManagerApplyConfiguration { - b.APIGroup = &value - return b -} - -// WithSelection sets the Selection field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Selection field is set to the value of the last call. -func (b *MachineManagerApplyConfiguration) WithSelection(value *MachineManagerSelectorApplyConfiguration) *MachineManagerApplyConfiguration { - b.Selection = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machinemanagerselector.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machinemanagerselector.go deleted file mode 100644 index 3bf14dc0a3..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/machinemanagerselector.go +++ /dev/null @@ -1,36 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// MachineManagerSelectorApplyConfiguration represents an declarative configuration of the MachineManagerSelector type for use -// with apply. -type MachineManagerSelectorApplyConfiguration struct { - Mode *v1.MachineManagerSelectorMode `json:"mode,omitempty"` - Partial *PartialSelectorApplyConfiguration `json:"partial,omitempty"` -} - -// MachineManagerSelectorApplyConfiguration constructs an declarative configuration of the MachineManagerSelector type for use with -// apply. -func MachineManagerSelector() *MachineManagerSelectorApplyConfiguration { - return &MachineManagerSelectorApplyConfiguration{} -} - -// WithMode sets the Mode field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Mode field is set to the value of the last call. -func (b *MachineManagerSelectorApplyConfiguration) WithMode(value v1.MachineManagerSelectorMode) *MachineManagerSelectorApplyConfiguration { - b.Mode = &value - return b -} - -// WithPartial sets the Partial field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Partial field is set to the value of the last call. -func (b *MachineManagerSelectorApplyConfiguration) WithPartial(value *PartialSelectorApplyConfiguration) *MachineManagerSelectorApplyConfiguration { - b.Partial = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/managedbootimages.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/managedbootimages.go deleted file mode 100644 index 44ca06ad23..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/managedbootimages.go +++ /dev/null @@ -1,28 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// ManagedBootImagesApplyConfiguration represents an declarative configuration of the ManagedBootImages type for use -// with apply. -type ManagedBootImagesApplyConfiguration struct { - MachineManagers []MachineManagerApplyConfiguration `json:"machineManagers,omitempty"` -} - -// ManagedBootImagesApplyConfiguration constructs an declarative configuration of the ManagedBootImages type for use with -// apply. -func ManagedBootImages() *ManagedBootImagesApplyConfiguration { - return &ManagedBootImagesApplyConfiguration{} -} - -// WithMachineManagers adds the given value to the MachineManagers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the MachineManagers field. -func (b *ManagedBootImagesApplyConfiguration) WithMachineManagers(values ...*MachineManagerApplyConfiguration) *ManagedBootImagesApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithMachineManagers") - } - b.MachineManagers = append(b.MachineManagers, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyclusterstatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyclusterstatus.go deleted file mode 100644 index c4f02072dd..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyclusterstatus.go +++ /dev/null @@ -1,51 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicyClusterStatusApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyClusterStatus type for use -// with apply. -type NodeDisruptionPolicyClusterStatusApplyConfiguration struct { - Files []NodeDisruptionPolicyStatusFileApplyConfiguration `json:"files,omitempty"` - Units []NodeDisruptionPolicyStatusUnitApplyConfiguration `json:"units,omitempty"` - SSHKey *NodeDisruptionPolicyStatusSSHKeyApplyConfiguration `json:"sshkey,omitempty"` -} - -// NodeDisruptionPolicyClusterStatusApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyClusterStatus type for use with -// apply. -func NodeDisruptionPolicyClusterStatus() *NodeDisruptionPolicyClusterStatusApplyConfiguration { - return &NodeDisruptionPolicyClusterStatusApplyConfiguration{} -} - -// WithFiles adds the given value to the Files field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Files field. -func (b *NodeDisruptionPolicyClusterStatusApplyConfiguration) WithFiles(values ...*NodeDisruptionPolicyStatusFileApplyConfiguration) *NodeDisruptionPolicyClusterStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithFiles") - } - b.Files = append(b.Files, *values[i]) - } - return b -} - -// WithUnits adds the given value to the Units field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Units field. -func (b *NodeDisruptionPolicyClusterStatusApplyConfiguration) WithUnits(values ...*NodeDisruptionPolicyStatusUnitApplyConfiguration) *NodeDisruptionPolicyClusterStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithUnits") - } - b.Units = append(b.Units, *values[i]) - } - return b -} - -// WithSSHKey sets the SSHKey field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SSHKey field is set to the value of the last call. -func (b *NodeDisruptionPolicyClusterStatusApplyConfiguration) WithSSHKey(value *NodeDisruptionPolicyStatusSSHKeyApplyConfiguration) *NodeDisruptionPolicyClusterStatusApplyConfiguration { - b.SSHKey = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyconfig.go deleted file mode 100644 index d081a231fa..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyconfig.go +++ /dev/null @@ -1,51 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicyConfigApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyConfig type for use -// with apply. -type NodeDisruptionPolicyConfigApplyConfiguration struct { - Files []NodeDisruptionPolicySpecFileApplyConfiguration `json:"files,omitempty"` - Units []NodeDisruptionPolicySpecUnitApplyConfiguration `json:"units,omitempty"` - SSHKey *NodeDisruptionPolicySpecSSHKeyApplyConfiguration `json:"sshkey,omitempty"` -} - -// NodeDisruptionPolicyConfigApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyConfig type for use with -// apply. -func NodeDisruptionPolicyConfig() *NodeDisruptionPolicyConfigApplyConfiguration { - return &NodeDisruptionPolicyConfigApplyConfiguration{} -} - -// WithFiles adds the given value to the Files field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Files field. -func (b *NodeDisruptionPolicyConfigApplyConfiguration) WithFiles(values ...*NodeDisruptionPolicySpecFileApplyConfiguration) *NodeDisruptionPolicyConfigApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithFiles") - } - b.Files = append(b.Files, *values[i]) - } - return b -} - -// WithUnits adds the given value to the Units field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Units field. -func (b *NodeDisruptionPolicyConfigApplyConfiguration) WithUnits(values ...*NodeDisruptionPolicySpecUnitApplyConfiguration) *NodeDisruptionPolicyConfigApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithUnits") - } - b.Units = append(b.Units, *values[i]) - } - return b -} - -// WithSSHKey sets the SSHKey field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SSHKey field is set to the value of the last call. -func (b *NodeDisruptionPolicyConfigApplyConfiguration) WithSSHKey(value *NodeDisruptionPolicySpecSSHKeyApplyConfiguration) *NodeDisruptionPolicyConfigApplyConfiguration { - b.SSHKey = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecaction.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecaction.go deleted file mode 100644 index d22613bc2a..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecaction.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// NodeDisruptionPolicySpecActionApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicySpecAction type for use -// with apply. -type NodeDisruptionPolicySpecActionApplyConfiguration struct { - Type *v1.NodeDisruptionPolicySpecActionType `json:"type,omitempty"` - Reload *ReloadServiceApplyConfiguration `json:"reload,omitempty"` - Restart *RestartServiceApplyConfiguration `json:"restart,omitempty"` -} - -// NodeDisruptionPolicySpecActionApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicySpecAction type for use with -// apply. -func NodeDisruptionPolicySpecAction() *NodeDisruptionPolicySpecActionApplyConfiguration { - return &NodeDisruptionPolicySpecActionApplyConfiguration{} -} - -// WithType sets the Type field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Type field is set to the value of the last call. -func (b *NodeDisruptionPolicySpecActionApplyConfiguration) WithType(value v1.NodeDisruptionPolicySpecActionType) *NodeDisruptionPolicySpecActionApplyConfiguration { - b.Type = &value - return b -} - -// WithReload sets the Reload field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Reload field is set to the value of the last call. -func (b *NodeDisruptionPolicySpecActionApplyConfiguration) WithReload(value *ReloadServiceApplyConfiguration) *NodeDisruptionPolicySpecActionApplyConfiguration { - b.Reload = value - return b -} - -// WithRestart sets the Restart field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Restart field is set to the value of the last call. -func (b *NodeDisruptionPolicySpecActionApplyConfiguration) WithRestart(value *RestartServiceApplyConfiguration) *NodeDisruptionPolicySpecActionApplyConfiguration { - b.Restart = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecfile.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecfile.go deleted file mode 100644 index c6dfbe44d0..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecfile.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicySpecFileApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicySpecFile type for use -// with apply. -type NodeDisruptionPolicySpecFileApplyConfiguration struct { - Path *string `json:"path,omitempty"` - Actions []NodeDisruptionPolicySpecActionApplyConfiguration `json:"actions,omitempty"` -} - -// NodeDisruptionPolicySpecFileApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicySpecFile type for use with -// apply. -func NodeDisruptionPolicySpecFile() *NodeDisruptionPolicySpecFileApplyConfiguration { - return &NodeDisruptionPolicySpecFileApplyConfiguration{} -} - -// WithPath sets the Path field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Path field is set to the value of the last call. -func (b *NodeDisruptionPolicySpecFileApplyConfiguration) WithPath(value string) *NodeDisruptionPolicySpecFileApplyConfiguration { - b.Path = &value - return b -} - -// WithActions adds the given value to the Actions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Actions field. -func (b *NodeDisruptionPolicySpecFileApplyConfiguration) WithActions(values ...*NodeDisruptionPolicySpecActionApplyConfiguration) *NodeDisruptionPolicySpecFileApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithActions") - } - b.Actions = append(b.Actions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecsshkey.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecsshkey.go deleted file mode 100644 index 4f4198eafa..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecsshkey.go +++ /dev/null @@ -1,28 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicySpecSSHKeyApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicySpecSSHKey type for use -// with apply. -type NodeDisruptionPolicySpecSSHKeyApplyConfiguration struct { - Actions []NodeDisruptionPolicySpecActionApplyConfiguration `json:"actions,omitempty"` -} - -// NodeDisruptionPolicySpecSSHKeyApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicySpecSSHKey type for use with -// apply. -func NodeDisruptionPolicySpecSSHKey() *NodeDisruptionPolicySpecSSHKeyApplyConfiguration { - return &NodeDisruptionPolicySpecSSHKeyApplyConfiguration{} -} - -// WithActions adds the given value to the Actions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Actions field. -func (b *NodeDisruptionPolicySpecSSHKeyApplyConfiguration) WithActions(values ...*NodeDisruptionPolicySpecActionApplyConfiguration) *NodeDisruptionPolicySpecSSHKeyApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithActions") - } - b.Actions = append(b.Actions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecunit.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecunit.go deleted file mode 100644 index 2e8859e91a..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicyspecunit.go +++ /dev/null @@ -1,41 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// NodeDisruptionPolicySpecUnitApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicySpecUnit type for use -// with apply. -type NodeDisruptionPolicySpecUnitApplyConfiguration struct { - Name *v1.NodeDisruptionPolicyServiceName `json:"name,omitempty"` - Actions []NodeDisruptionPolicySpecActionApplyConfiguration `json:"actions,omitempty"` -} - -// NodeDisruptionPolicySpecUnitApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicySpecUnit type for use with -// apply. -func NodeDisruptionPolicySpecUnit() *NodeDisruptionPolicySpecUnitApplyConfiguration { - return &NodeDisruptionPolicySpecUnitApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *NodeDisruptionPolicySpecUnitApplyConfiguration) WithName(value v1.NodeDisruptionPolicyServiceName) *NodeDisruptionPolicySpecUnitApplyConfiguration { - b.Name = &value - return b -} - -// WithActions adds the given value to the Actions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Actions field. -func (b *NodeDisruptionPolicySpecUnitApplyConfiguration) WithActions(values ...*NodeDisruptionPolicySpecActionApplyConfiguration) *NodeDisruptionPolicySpecUnitApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithActions") - } - b.Actions = append(b.Actions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatus.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatus.go deleted file mode 100644 index c0fddc55bb..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatus.go +++ /dev/null @@ -1,23 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicyStatusApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyStatus type for use -// with apply. -type NodeDisruptionPolicyStatusApplyConfiguration struct { - ClusterPolicies *NodeDisruptionPolicyClusterStatusApplyConfiguration `json:"clusterPolicies,omitempty"` -} - -// NodeDisruptionPolicyStatusApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyStatus type for use with -// apply. -func NodeDisruptionPolicyStatus() *NodeDisruptionPolicyStatusApplyConfiguration { - return &NodeDisruptionPolicyStatusApplyConfiguration{} -} - -// WithClusterPolicies sets the ClusterPolicies field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ClusterPolicies field is set to the value of the last call. -func (b *NodeDisruptionPolicyStatusApplyConfiguration) WithClusterPolicies(value *NodeDisruptionPolicyClusterStatusApplyConfiguration) *NodeDisruptionPolicyStatusApplyConfiguration { - b.ClusterPolicies = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusaction.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusaction.go deleted file mode 100644 index a97f47c38a..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusaction.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// NodeDisruptionPolicyStatusActionApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyStatusAction type for use -// with apply. -type NodeDisruptionPolicyStatusActionApplyConfiguration struct { - Type *v1.NodeDisruptionPolicyStatusActionType `json:"type,omitempty"` - Reload *ReloadServiceApplyConfiguration `json:"reload,omitempty"` - Restart *RestartServiceApplyConfiguration `json:"restart,omitempty"` -} - -// NodeDisruptionPolicyStatusActionApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyStatusAction type for use with -// apply. -func NodeDisruptionPolicyStatusAction() *NodeDisruptionPolicyStatusActionApplyConfiguration { - return &NodeDisruptionPolicyStatusActionApplyConfiguration{} -} - -// WithType sets the Type field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Type field is set to the value of the last call. -func (b *NodeDisruptionPolicyStatusActionApplyConfiguration) WithType(value v1.NodeDisruptionPolicyStatusActionType) *NodeDisruptionPolicyStatusActionApplyConfiguration { - b.Type = &value - return b -} - -// WithReload sets the Reload field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Reload field is set to the value of the last call. -func (b *NodeDisruptionPolicyStatusActionApplyConfiguration) WithReload(value *ReloadServiceApplyConfiguration) *NodeDisruptionPolicyStatusActionApplyConfiguration { - b.Reload = value - return b -} - -// WithRestart sets the Restart field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Restart field is set to the value of the last call. -func (b *NodeDisruptionPolicyStatusActionApplyConfiguration) WithRestart(value *RestartServiceApplyConfiguration) *NodeDisruptionPolicyStatusActionApplyConfiguration { - b.Restart = value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusfile.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusfile.go deleted file mode 100644 index 3ddc30cf19..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusfile.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicyStatusFileApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyStatusFile type for use -// with apply. -type NodeDisruptionPolicyStatusFileApplyConfiguration struct { - Path *string `json:"path,omitempty"` - Actions []NodeDisruptionPolicyStatusActionApplyConfiguration `json:"actions,omitempty"` -} - -// NodeDisruptionPolicyStatusFileApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyStatusFile type for use with -// apply. -func NodeDisruptionPolicyStatusFile() *NodeDisruptionPolicyStatusFileApplyConfiguration { - return &NodeDisruptionPolicyStatusFileApplyConfiguration{} -} - -// WithPath sets the Path field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Path field is set to the value of the last call. -func (b *NodeDisruptionPolicyStatusFileApplyConfiguration) WithPath(value string) *NodeDisruptionPolicyStatusFileApplyConfiguration { - b.Path = &value - return b -} - -// WithActions adds the given value to the Actions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Actions field. -func (b *NodeDisruptionPolicyStatusFileApplyConfiguration) WithActions(values ...*NodeDisruptionPolicyStatusActionApplyConfiguration) *NodeDisruptionPolicyStatusFileApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithActions") - } - b.Actions = append(b.Actions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatussshkey.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatussshkey.go deleted file mode 100644 index 3c29be9c4c..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatussshkey.go +++ /dev/null @@ -1,28 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// NodeDisruptionPolicyStatusSSHKeyApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyStatusSSHKey type for use -// with apply. -type NodeDisruptionPolicyStatusSSHKeyApplyConfiguration struct { - Actions []NodeDisruptionPolicyStatusActionApplyConfiguration `json:"actions,omitempty"` -} - -// NodeDisruptionPolicyStatusSSHKeyApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyStatusSSHKey type for use with -// apply. -func NodeDisruptionPolicyStatusSSHKey() *NodeDisruptionPolicyStatusSSHKeyApplyConfiguration { - return &NodeDisruptionPolicyStatusSSHKeyApplyConfiguration{} -} - -// WithActions adds the given value to the Actions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Actions field. -func (b *NodeDisruptionPolicyStatusSSHKeyApplyConfiguration) WithActions(values ...*NodeDisruptionPolicyStatusActionApplyConfiguration) *NodeDisruptionPolicyStatusSSHKeyApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithActions") - } - b.Actions = append(b.Actions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusunit.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusunit.go deleted file mode 100644 index dec525c253..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nodedisruptionpolicystatusunit.go +++ /dev/null @@ -1,41 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// NodeDisruptionPolicyStatusUnitApplyConfiguration represents an declarative configuration of the NodeDisruptionPolicyStatusUnit type for use -// with apply. -type NodeDisruptionPolicyStatusUnitApplyConfiguration struct { - Name *v1.NodeDisruptionPolicyServiceName `json:"name,omitempty"` - Actions []NodeDisruptionPolicyStatusActionApplyConfiguration `json:"actions,omitempty"` -} - -// NodeDisruptionPolicyStatusUnitApplyConfiguration constructs an declarative configuration of the NodeDisruptionPolicyStatusUnit type for use with -// apply. -func NodeDisruptionPolicyStatusUnit() *NodeDisruptionPolicyStatusUnitApplyConfiguration { - return &NodeDisruptionPolicyStatusUnitApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *NodeDisruptionPolicyStatusUnitApplyConfiguration) WithName(value v1.NodeDisruptionPolicyServiceName) *NodeDisruptionPolicyStatusUnitApplyConfiguration { - b.Name = &value - return b -} - -// WithActions adds the given value to the Actions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Actions field. -func (b *NodeDisruptionPolicyStatusUnitApplyConfiguration) WithActions(values ...*NodeDisruptionPolicyStatusActionApplyConfiguration) *NodeDisruptionPolicyStatusUnitApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithActions") - } - b.Actions = append(b.Actions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/partialselector.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/partialselector.go deleted file mode 100644 index ea7b7ffbe3..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/partialselector.go +++ /dev/null @@ -1,27 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// PartialSelectorApplyConfiguration represents an declarative configuration of the PartialSelector type for use -// with apply. -type PartialSelectorApplyConfiguration struct { - MachineResourceSelector *v1.LabelSelector `json:"machineResourceSelector,omitempty"` -} - -// PartialSelectorApplyConfiguration constructs an declarative configuration of the PartialSelector type for use with -// apply. -func PartialSelector() *PartialSelectorApplyConfiguration { - return &PartialSelectorApplyConfiguration{} -} - -// WithMachineResourceSelector sets the MachineResourceSelector field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the MachineResourceSelector field is set to the value of the last call. -func (b *PartialSelectorApplyConfiguration) WithMachineResourceSelector(value v1.LabelSelector) *PartialSelectorApplyConfiguration { - b.MachineResourceSelector = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/reloadservice.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/reloadservice.go deleted file mode 100644 index 22eee62c29..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/reloadservice.go +++ /dev/null @@ -1,27 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// ReloadServiceApplyConfiguration represents an declarative configuration of the ReloadService type for use -// with apply. -type ReloadServiceApplyConfiguration struct { - ServiceName *v1.NodeDisruptionPolicyServiceName `json:"serviceName,omitempty"` -} - -// ReloadServiceApplyConfiguration constructs an declarative configuration of the ReloadService type for use with -// apply. -func ReloadService() *ReloadServiceApplyConfiguration { - return &ReloadServiceApplyConfiguration{} -} - -// WithServiceName sets the ServiceName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ServiceName field is set to the value of the last call. -func (b *ReloadServiceApplyConfiguration) WithServiceName(value v1.NodeDisruptionPolicyServiceName) *ReloadServiceApplyConfiguration { - b.ServiceName = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/restartservice.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/restartservice.go deleted file mode 100644 index c4fcd5f04e..0000000000 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/restartservice.go +++ /dev/null @@ -1,27 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - v1 "github.com/openshift/api/operator/v1" -) - -// RestartServiceApplyConfiguration represents an declarative configuration of the RestartService type for use -// with apply. -type RestartServiceApplyConfiguration struct { - ServiceName *v1.NodeDisruptionPolicyServiceName `json:"serviceName,omitempty"` -} - -// RestartServiceApplyConfiguration constructs an declarative configuration of the RestartService type for use with -// apply. -func RestartService() *RestartServiceApplyConfiguration { - return &RestartServiceApplyConfiguration{} -} - -// WithServiceName sets the ServiceName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ServiceName field is set to the value of the last call. -func (b *RestartServiceApplyConfiguration) WithServiceName(value v1.NodeDisruptionPolicyServiceName) *RestartServiceApplyConfiguration { - b.ServiceName = &value - return b -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 5e710487a8..0041dd78e4 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -815,7 +815,7 @@ github.com/opencontainers/runc/libcontainer/user # github.com/opencontainers/runtime-spec v1.1.0 ## explicit github.com/opencontainers/runtime-spec/specs-go -# github.com/openshift/api v0.0.0-20240326194138-93d19f9f5581 +# github.com/openshift/api v0.0.0-20240311132450-dcd6ab38a0f7 ## explicit; go 1.21 github.com/openshift/api github.com/openshift/api/annotations @@ -831,7 +831,6 @@ github.com/openshift/api/cloudnetwork github.com/openshift/api/cloudnetwork/v1 github.com/openshift/api/config github.com/openshift/api/config/v1 -github.com/openshift/api/config/v1/zz_generated.crd-manifests github.com/openshift/api/config/v1alpha1 github.com/openshift/api/console github.com/openshift/api/console/v1 @@ -852,9 +851,7 @@ github.com/openshift/api/machine/v1 github.com/openshift/api/machine/v1alpha1 github.com/openshift/api/machine/v1beta1 github.com/openshift/api/machineconfiguration/v1 -github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests github.com/openshift/api/machineconfiguration/v1alpha1 -github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests github.com/openshift/api/monitoring github.com/openshift/api/monitoring/v1alpha1 github.com/openshift/api/network @@ -868,9 +865,7 @@ github.com/openshift/api/openshiftcontrolplane github.com/openshift/api/openshiftcontrolplane/v1 github.com/openshift/api/operator github.com/openshift/api/operator/v1 -github.com/openshift/api/operator/v1/zz_generated.crd-manifests github.com/openshift/api/operator/v1alpha1 -github.com/openshift/api/operator/v1alpha1/zz_generated.crd-manifests github.com/openshift/api/operatorcontrolplane github.com/openshift/api/operatorcontrolplane/v1alpha1 github.com/openshift/api/osin @@ -894,7 +889,7 @@ github.com/openshift/api/template github.com/openshift/api/template/v1 github.com/openshift/api/user github.com/openshift/api/user/v1 -# github.com/openshift/client-go v0.0.0-20240325151210-66398bfc44e1 +# github.com/openshift/client-go v0.0.0-20240312121557-60dd5f9fbf8d ## explicit; go 1.21 github.com/openshift/client-go/build/applyconfigurations/build/v1 github.com/openshift/client-go/build/applyconfigurations/internal