diff --git a/Gopkg.lock b/Gopkg.lock index 89a2300940..b62733c061 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -96,6 +96,17 @@ pruneopts = "NUT" revision = "39b18af02c4120960f517a3a4c2588fabb61d02c" +[[projects]] + digest = "1:e51434f97e46ce42b9f08ebb433e2416d0cb341f3cfb6c714ce12fbf57afab6b" + name = "github.com/containers/image" + packages = [ + "docker/reference", + "pkg/sysregistriesv2", + "types", + ] + pruneopts = "NUT" + revision = "1c10a197331c71709754037e2b7f7e7fc94c65cf" + [[projects]] digest = "1:490deff6409bd7c1e531e143c3adc5bf5e5ff39a7bad6a69f41d5efe95a7ec07" name = "github.com/containers/storage" @@ -404,6 +415,25 @@ revision = "4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd" version = "1.0.1" +[[projects]] + digest = "1:e0cc8395ea893c898ff5eb0850f4d9851c1f57c78c232304a026379a47a552d0" + name = "github.com/opencontainers/go-digest" + packages = ["."] + pruneopts = "NUT" + revision = "279bed98673dd5bef374d3b6e4b09e2af76183bf" + version = "v1.0.0-rc1" + +[[projects]] + digest = "1:11db38d694c130c800d0aefb502fb02519e514dc53d9804ce51d1ad25ec27db6" + name = "github.com/opencontainers/image-spec" + packages = [ + "specs-go", + "specs-go/v1", + ] + pruneopts = "NUT" + revision = "d60099175f88c47cd379c4738d158884749ed235" + version = "v1.0.1" + [[projects]] digest = "1:918dbd46ad099418ce9760291bb156ebf23d441aad4cb682dd9bf09e2d3c0c7b" name = "github.com/opencontainers/runc" @@ -421,20 +451,22 @@ [[projects]] branch = "master" - digest = "1:f5576684f0b7beec89acd50a6d2c994dc283f6b3f174bed169517ffed644bada" + digest = "1:7f57930803fe29a3ca6558775b81b0fc6492ebc91d3eef7a653ceb66356e1f22" name = "github.com/openshift/api" packages = ["config/v1"] pruneopts = "NUT" - revision = "4912e102a00fa8bb4bf27f83808dce6ef1b6887d" + revision = "58462523f67ade6127870c5862444d6ff7d36585" [[projects]] branch = "master" - digest = "1:4241aef3caf317fe26568856891fef34c6b0d33c04a6426c2f7336462e87bbdd" + digest = "1:2baea934e74e87b04304237c43e76b8125e73e54b24d983d6abec09b261ac857" name = "github.com/openshift/client-go" packages = [ "config/clientset/versioned", + "config/clientset/versioned/fake", "config/clientset/versioned/scheme", "config/clientset/versioned/typed/config/v1", + "config/clientset/versioned/typed/config/v1/fake", "config/informers/externalversions", "config/informers/externalversions/config", "config/informers/externalversions/config/v1", @@ -442,7 +474,7 @@ "config/listers/config/v1", ] pruneopts = "NUT" - revision = "43eeb8cff295868f3cd8faa3347bcfbdc9b2a9c0" + revision = "31ef839c86359881d2c312c4f0131febc6662400" [[projects]] digest = "1:f9c1fc8da2b44ba323ec3b338f0da9f375e26c787bc3a6ea241f9cb3f191cb62" @@ -1119,6 +1151,7 @@ "github.com/apparentlymart/go-cidr/cidr", "github.com/ashcrow/osrelease", "github.com/blang/semver", + "github.com/containers/image/pkg/sysregistriesv2", "github.com/containers/storage/pkg/config", "github.com/coreos/container-linux-config-transpiler/config", "github.com/coreos/container-linux-config-transpiler/config/types", @@ -1134,6 +1167,7 @@ "github.com/kubernetes-sigs/cri-o/pkg/config", "github.com/openshift/api/config/v1", "github.com/openshift/client-go/config/clientset/versioned", + "github.com/openshift/client-go/config/clientset/versioned/fake", "github.com/openshift/client-go/config/clientset/versioned/scheme", "github.com/openshift/client-go/config/informers/externalversions", "github.com/openshift/client-go/config/informers/externalversions/config/v1", diff --git a/Gopkg.toml b/Gopkg.toml index a0730bfbc0..116122a966 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -163,3 +163,7 @@ required = [ [[override]] name = "github.com/opencontainers/runtime-spec" revision = "29686dbc5559d93fb1ef402eeda3e35c38d75af4" + +[[constraint]] + name = "github.com/containers/image" + revision = "1c10a197331c71709754037e2b7f7e7fc94c65cf" diff --git a/cmd/machine-config-controller/start.go b/cmd/machine-config-controller/start.go index 5945d2cc39..e8646c867f 100644 --- a/cmd/machine-config-controller/start.go +++ b/cmd/machine-config-controller/start.go @@ -56,8 +56,10 @@ func runStartCmd(cmd *cobra.Command, args []string) { glog.Fatalf("error starting controllers: %v", err) } + // Start the shared factory informers that you need to use in your controller ctrlctx.InformerFactory.Start(ctrlctx.Stop) ctrlctx.KubeInformerFactory.Start(ctrlctx.Stop) + ctrlctx.ConfigInformerFactory.Start(ctrlctx.Stop) close(ctrlctx.InformersStarted) select {} @@ -120,8 +122,10 @@ func startControllers(ctx *common.ControllerContext) error { ctx.InformerFactory.Machineconfiguration().V1().MachineConfigPools(), ctx.InformerFactory.Machineconfiguration().V1().ControllerConfigs(), ctx.InformerFactory.Machineconfiguration().V1().ContainerRuntimeConfigs(), + ctx.ConfigInformerFactory.Config().V1().Images(), ctx.ClientBuilder.KubeClientOrDie("container-runtime-config-controller"), ctx.ClientBuilder.MachineConfigClientOrDie("container-runtime-config-controller"), + ctx.ClientBuilder.ConfigClientOrDie("container-runtime-config-controller"), ).Run(2, ctx.Stop) return nil diff --git a/manifests/machineconfigcontroller/clusterrole.yaml b/manifests/machineconfigcontroller/clusterrole.yaml index a59f70d49c..933dd7fd09 100644 --- a/manifests/machineconfigcontroller/clusterrole.yaml +++ b/manifests/machineconfigcontroller/clusterrole.yaml @@ -13,3 +13,6 @@ rules: - apiGroups: [""] resources: ["configmaps", "secrets"] verbs: ["*"] +- apiGroups: ["config.openshift.io"] + resources: ["images"] + verbs: ["*"] diff --git a/pkg/controller/container-runtime-config/container_runtime_config_controller.go b/pkg/controller/container-runtime-config/container_runtime_config_controller.go index ae4ccedf17..a2da32675c 100644 --- a/pkg/controller/container-runtime-config/container_runtime_config_controller.go +++ b/pkg/controller/container-runtime-config/container_runtime_config_controller.go @@ -25,6 +25,10 @@ import ( "k8s.io/client-go/util/retry" "k8s.io/client-go/util/workqueue" + apicfgv1 "github.com/openshift/api/config/v1" + configclientset "github.com/openshift/client-go/config/clientset/versioned" + cligoinformersv1 "github.com/openshift/client-go/config/informers/externalversions/config/v1" + cligolistersv1 "github.com/openshift/client-go/config/listers/config/v1" mcfgv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1" ctrlcommon "github.com/openshift/machine-config-operator/pkg/controller/common" mtmpl "github.com/openshift/machine-config-operator/pkg/controller/template" @@ -55,9 +59,11 @@ type Controller struct { templatesDir string client mcfgclientset.Interface + configClient configclientset.Interface eventRecorder record.EventRecorder syncHandler func(mcp string) error + syncImgHandler func(mcp string) error enqueueContainerRuntimeConfig func(*mcfgv1.ContainerRuntimeConfig) ccLister mcfglistersv1.ControllerConfigLister @@ -66,10 +72,14 @@ type Controller struct { mccrLister mcfglistersv1.ContainerRuntimeConfigLister mccrListerSynced cache.InformerSynced + imgLister cligolistersv1.ImageLister + imgListerSynced cache.InformerSynced + mcpLister mcfglistersv1.MachineConfigPoolLister mcpListerSynced cache.InformerSynced - queue workqueue.RateLimitingInterface + queue workqueue.RateLimitingInterface + imgQueue workqueue.RateLimitingInterface } // New returns a new container runtime config controller @@ -78,8 +88,10 @@ func New( mcpInformer mcfginformersv1.MachineConfigPoolInformer, ccInformer mcfginformersv1.ControllerConfigInformer, mcrInformer mcfginformersv1.ContainerRuntimeConfigInformer, + imgInformer cligoinformersv1.ImageInformer, kubeClient clientset.Interface, mcfgClient mcfgclientset.Interface, + configClient configclientset.Interface, ) *Controller { eventBroadcaster := record.NewBroadcaster() eventBroadcaster.StartLogging(glog.Infof) @@ -88,8 +100,10 @@ func New( ctrl := &Controller{ templatesDir: templatesDir, client: mcfgClient, + configClient: configClient, eventRecorder: eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "machineconfigcontroller-containerruntimeconfigcontroller"}), queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "machineconfigcontroller-containerruntimeconfigcontroller"), + imgQueue: workqueue.NewRateLimitingQueue(workqueue.DefaultControllerRateLimiter()), } mcrInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ @@ -98,7 +112,14 @@ func New( DeleteFunc: ctrl.deleteContainerRuntimeConfig, }) + imgInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ + AddFunc: ctrl.imageConfAdded, + UpdateFunc: ctrl.imageConfUpdated, + DeleteFunc: ctrl.imageConfDeleted, + }) + ctrl.syncHandler = ctrl.syncContainerRuntimeConfig + ctrl.syncImgHandler = ctrl.syncImageConfig ctrl.enqueueContainerRuntimeConfig = ctrl.enqueue ctrl.mcpLister = mcpInformer.Lister() @@ -110,6 +131,9 @@ func New( ctrl.mccrLister = mcrInformer.Lister() ctrl.mccrListerSynced = mcrInformer.Informer().HasSynced + ctrl.imgLister = imgInformer.Lister() + ctrl.imgListerSynced = imgInformer.Informer().HasSynced + return ctrl } @@ -117,11 +141,12 @@ func New( func (ctrl *Controller) Run(workers int, stopCh <-chan struct{}) { defer utilruntime.HandleCrash() defer ctrl.queue.ShutDown() + defer ctrl.imgQueue.ShutDown() glog.Info("Starting MachineConfigController-ContainerRuntimeConfigController") defer glog.Info("Shutting down MachineConfigController-ContainerRuntimeConfigController") - if !cache.WaitForCacheSync(stopCh, ctrl.mcpListerSynced, ctrl.mccrListerSynced, ctrl.ccListerSynced) { + if !cache.WaitForCacheSync(stopCh, ctrl.mcpListerSynced, ctrl.mccrListerSynced, ctrl.ccListerSynced, ctrl.imgListerSynced) { return } @@ -129,9 +154,24 @@ func (ctrl *Controller) Run(workers int, stopCh <-chan struct{}) { go wait.Until(ctrl.worker, time.Second, stopCh) } + // Just need one worker for the image config + go wait.Until(ctrl.imgWorker, time.Second, stopCh) + <-stopCh } +func (ctrl *Controller) imageConfAdded(obj interface{}) { + ctrl.imgQueue.Add("openshift-config") +} + +func (ctrl *Controller) imageConfUpdated(oldObj interface{}, newObj interface{}) { + ctrl.imgQueue.Add("openshift-config") +} + +func (ctrl *Controller) imageConfDeleted(obj interface{}) { + ctrl.imgQueue.Add("openshift-config") +} + func (ctrl *Controller) updateContainerRuntimeConfig(oldObj interface{}, newObj interface{}) { oldCtrCfg := oldObj.(*mcfgv1.ContainerRuntimeConfig) newCtrCfg := newObj.(*mcfgv1.ContainerRuntimeConfig) @@ -204,6 +244,11 @@ func (ctrl *Controller) worker() { } } +func (ctrl *Controller) imgWorker() { + for ctrl.processNextImgWorkItem() { + } +} + func (ctrl *Controller) processNextWorkItem() bool { key, quit := ctrl.queue.Get() if quit { @@ -217,6 +262,19 @@ func (ctrl *Controller) processNextWorkItem() bool { return true } +func (ctrl *Controller) processNextImgWorkItem() bool { + key, quit := ctrl.imgQueue.Get() + if quit { + return false + } + defer ctrl.imgQueue.Done(key) + + err := ctrl.syncImgHandler(key.(string)) + ctrl.handleImgErr(err, key) + + return true +} + func (ctrl *Controller) handleErr(err error, key interface{}) { if err == nil { ctrl.queue.Forget(key) @@ -235,27 +293,45 @@ func (ctrl *Controller) handleErr(err error, key interface{}) { ctrl.queue.AddAfter(key, 1*time.Minute) } +func (ctrl *Controller) handleImgErr(err error, key interface{}) { + if err == nil { + ctrl.imgQueue.Forget(key) + return + } + + if ctrl.imgQueue.NumRequeues(key) < maxRetries { + glog.V(2).Infof("Error syncing image config %v: %v", key, err) + ctrl.imgQueue.AddRateLimited(key) + return + } + + utilruntime.HandleError(err) + glog.V(2).Infof("Dropping image config %q out of the queue: %v", key, err) + ctrl.imgQueue.Forget(key) + ctrl.imgQueue.AddAfter(key, 1*time.Minute) +} + // generateOriginalContainerRuntimeConfigs returns rendered default storage, and crio config files -func (ctrl *Controller) generateOriginalContainerRuntimeConfigs(role string) (*ignv2_2types.File, *ignv2_2types.File, error) { +func (ctrl *Controller) generateOriginalContainerRuntimeConfigs(role string) (*ignv2_2types.File, *ignv2_2types.File, *ignv2_2types.File, error) { // Enumerate the controller config cc, err := ctrl.ccLister.List(labels.Everything()) if err != nil { - return nil, nil, fmt.Errorf("could not enumerate ControllerConfig %s", err) + return nil, nil, nil, fmt.Errorf("could not enumerate ControllerConfig %s", err) } if len(cc) == 0 { - return nil, nil, fmt.Errorf("controllerConfigList is empty") + return nil, nil, nil, fmt.Errorf("controllerConfigList is empty") } // Render the default templates tmplPath := filepath.Join(ctrl.templatesDir, role) rc := &mtmpl.RenderConfig{ControllerConfigSpec: &cc[0].Spec} generatedConfigs, err := mtmpl.GenerateMachineConfigsForRole(rc, role, tmplPath) if err != nil { - return nil, nil, fmt.Errorf("generateMachineConfigsforRole failed with error %s", err) + return nil, nil, nil, fmt.Errorf("generateMachineConfigsforRole failed with error %s", err) } // Find generated storage.config, and crio.config var ( - config, gmcStorageConfig, gmcCRIOConfig *ignv2_2types.File - errStorage, errCRIO error + config, gmcStorageConfig, gmcCRIOConfig, gmcRegistriesConfig *ignv2_2types.File + errStorage, errCRIO, errRegistries error ) // Find storage config for _, gmc := range generatedConfigs { @@ -273,11 +349,19 @@ func (ctrl *Controller) generateOriginalContainerRuntimeConfigs(role string) (*i break } } - if errStorage != nil || errCRIO != nil { - return nil, nil, fmt.Errorf("could not generate old container runtime configs: %v, %v", errStorage, errCRIO) + // Find Registries config + for _, gmc := range generatedConfigs { + config, errRegistries = findRegistriesConfig(gmc) + if errRegistries == nil { + gmcRegistriesConfig = config + break + } + } + if errStorage != nil || errCRIO != nil || errRegistries != nil { + return nil, nil, nil, fmt.Errorf("could not generate old container runtime configs: %v, %v, %v", errStorage, errCRIO, errRegistries) } - return gmcStorageConfig, gmcCRIOConfig, nil + return gmcStorageConfig, gmcCRIOConfig, gmcRegistriesConfig, nil } func (ctrl *Controller) syncStatusOnly(cfg *mcfgv1.ContainerRuntimeConfig, err error, args ...interface{}) error { @@ -349,7 +433,7 @@ func (ctrl *Controller) syncContainerRuntimeConfig(key string) error { for _, pool := range mcpPools { role := pool.Name // Get MachineConfig - managedKey := getManagedKey(pool, cfg) + managedKey := getManagedKeyCtrCfg(pool, cfg) if err := retry.RetryOnConflict(updateBackoff, func() error { mc, err := ctrl.client.Machineconfiguration().MachineConfigs().Get(managedKey, metav1.GetOptions{}) if err != nil && !errors.IsNotFound(err) { @@ -357,7 +441,7 @@ func (ctrl *Controller) syncContainerRuntimeConfig(key string) error { } isNotFound := errors.IsNotFound(err) // Generate the original ContainerRuntimeConfig - originalStorageIgn, originalCRIOIgn, err := ctrl.generateOriginalContainerRuntimeConfigs(role) + originalStorageIgn, originalCRIOIgn, _, err := ctrl.generateOriginalContainerRuntimeConfigs(role) if err != nil { return ctrl.syncStatusOnly(cfg, err, "could not generate origin ContainerRuntime Configs: %v", err) } @@ -426,6 +510,91 @@ func (ctrl *Controller) mergeConfigChanges(origFile *ignv2_2types.File, cfg *mcf return cfgTOML, ctrl.syncStatusOnly(cfg, nil) } +func (ctrl *Controller) syncImageConfig(key string) error { + startTime := time.Now() + glog.V(4).Infof("Started syncing ImageConfig %q (%v)", key, startTime) + defer func() { + glog.V(4).Infof("Finished syncing ImageConfig %q (%v)", key, time.Since(startTime)) + }() + + // Fetch the ImageConfig + imgcfg, err := ctrl.imgLister.Get("cluster") + if errors.IsNotFound(err) { + glog.V(2).Infof("ImageConfig doesn't exist or has been deleted") + fmt.Println("ImageConfig doesn't exist or has been deleted") + return nil + } + if err != nil { + return err + } + + // Deep-copy otherwise we are mutating our cache. + imgcfg = imgcfg.DeepCopy() + + // Find all the MachineConfig pools + mcpPools, err := ctrl.mcpLister.List(labels.Everything()) + if err != nil { + return err + } + for _, pool := range mcpPools { + role := pool.Name + // Get MachineConfig + managedKey := getManagedKeyReg(pool, imgcfg) + if err := retry.RetryOnConflict(updateBackoff, func() error { + mc, err := ctrl.client.Machineconfiguration().MachineConfigs().Get(managedKey, metav1.GetOptions{}) + if err != nil && !errors.IsNotFound(err) { + return fmt.Errorf("could not find MachineConfig: %v", err) + } + isNotFound := errors.IsNotFound(err) + // Generate the original registries config + _, _, originalRegistriesIgn, err := ctrl.generateOriginalContainerRuntimeConfigs(role) + if err != nil { + return fmt.Errorf("could not generate origin ContainerRuntime Configs: %v", err) + } + + var registriesTOML []byte + if imgcfg.Spec.RegistrySources.InsecureRegistries != nil || imgcfg.Spec.RegistrySources.BlockedRegistries != nil { + dataURL, err := dataurl.DecodeString(originalRegistriesIgn.Contents.Source) + if err != nil { + return fmt.Errorf("could not decode original registries config: %v", err) + } + registriesTOML, err = updateRegistriesConfig(dataURL.Data, imgcfg.Spec) + if err != nil { + return fmt.Errorf("could not update container runtime config with new changes: %v", err) + } + } + if isNotFound { + mc = mtmpl.MachineConfigFromIgnConfig(role, managedKey, &ignv2_2types.Config{}) + } + mc.Spec.Config = createNewRegistriesConfigIgnition(registriesTOML) + mc.ObjectMeta.Annotations = map[string]string{ + ctrlcommon.GeneratedByControllerVersionAnnotationKey: version.Version.String(), + } + mc.ObjectMeta.OwnerReferences = []metav1.OwnerReference{ + metav1.OwnerReference{ + APIVersion: apicfgv1.SchemeGroupVersion.String(), + Kind: "Image", + Name: imgcfg.Name, + UID: imgcfg.UID, + }, + } + // Create or Update, on conflict retry + if isNotFound { + _, err = ctrl.client.Machineconfiguration().MachineConfigs().Create(mc) + } else { + _, err = ctrl.client.Machineconfiguration().MachineConfigs().Update(mc) + } + + return err + }); err != nil { + return fmt.Errorf("could not Create/Update MachineConfig: %v", err) + } + glog.Infof("Applied ImageConfig cluster on MachineConfigPool %v", pool.Name) + } + + return nil +} + func (ctrl *Controller) popFinalizerFromContainerRuntimeConfig(ctrCfg *mcfgv1.ContainerRuntimeConfig) error { curJSON, err := json.Marshal(ctrCfg) if err != nil { diff --git a/pkg/controller/container-runtime-config/container_runtime_config_controller_test.go b/pkg/controller/container-runtime-config/container_runtime_config_controller_test.go index 8c316a66ac..d44be5074c 100644 --- a/pkg/controller/container-runtime-config/container_runtime_config_controller_test.go +++ b/pkg/controller/container-runtime-config/container_runtime_config_controller_test.go @@ -24,6 +24,9 @@ import ( "k8s.io/client-go/tools/record" ignv2_2types "github.com/coreos/ignition/config/v2_2/types" + apicfgv1 "github.com/openshift/api/config/v1" + fakeconfigv1client "github.com/openshift/client-go/config/clientset/versioned/fake" + configv1informer "github.com/openshift/client-go/config/informers/externalversions" mcfgv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1" "github.com/openshift/machine-config-operator/pkg/generated/clientset/versioned/fake" informers "github.com/openshift/machine-config-operator/pkg/generated/informers/externalversions" @@ -41,15 +44,18 @@ const ( type fixture struct { t *testing.T - client *fake.Clientset + client *fake.Clientset + imgClient *fakeconfigv1client.Clientset ccLister []*mcfgv1.ControllerConfig mcpLister []*mcfgv1.MachineConfigPool mccrLister []*mcfgv1.ContainerRuntimeConfig + imgLister []*apicfgv1.Image actions []core.Action - objects []runtime.Object + objects []runtime.Object + imgObjects []runtime.Object } func newFixture(t *testing.T) *fixture { @@ -109,19 +115,37 @@ func newContainerRuntimeConfig(name string, ctrconf *mcfgv1.ContainerRuntimeConf } } -func (f *fixture) newController() (*Controller, informers.SharedInformerFactory) { +func newImageConfig(name string, regconf *apicfgv1.RegistrySources) *apicfgv1.Image { + return &apicfgv1.Image{ + TypeMeta: metav1.TypeMeta{APIVersion: apicfgv1.SchemeGroupVersion.String()}, + ObjectMeta: metav1.ObjectMeta{Name: name, UID: types.UID(utilrand.String(5)), Generation: 1}, + Spec: apicfgv1.ImageSpec{ + RegistrySources: *regconf, + }, + } +} + +// func fakeConfigClient(objects ...runtime.Object) configv1client.Interface { +// return fakeconfigv1client.NewSimpleClientset(objects...) +// } + +func (f *fixture) newController() (*Controller, informers.SharedInformerFactory, configv1informer.SharedInformerFactory) { f.client = fake.NewSimpleClientset(f.objects...) + f.imgClient = fakeconfigv1client.NewSimpleClientset(f.imgObjects...) i := informers.NewSharedInformerFactory(f.client, noResyncPeriodFunc()) + ci := configv1informer.NewSharedInformerFactory(f.imgClient, noResyncPeriodFunc()) c := New(templateDir, i.Machineconfiguration().V1().MachineConfigPools(), i.Machineconfiguration().V1().ControllerConfigs(), i.Machineconfiguration().V1().ContainerRuntimeConfigs(), - k8sfake.NewSimpleClientset(), f.client) + ci.Config().V1().Images(), + k8sfake.NewSimpleClientset(), f.client, f.imgClient) c.mcpListerSynced = alwaysReady c.mccrListerSynced = alwaysReady c.ccListerSynced = alwaysReady + c.imgListerSynced = alwaysReady c.eventRecorder = &record.FakeRecorder{} for _, c := range f.ccLister { @@ -133,8 +157,11 @@ func (f *fixture) newController() (*Controller, informers.SharedInformerFactory) for _, c := range f.mccrLister { i.Machineconfiguration().V1().ContainerRuntimeConfigs().Informer().GetIndexer().Add(c) } + for _, c := range f.imgLister { + ci.Config().V1().Images().Informer().GetIndexer().Add(c) + } - return c, i + return c, i, ci } func (f *fixture) run(mcpname string) { @@ -146,14 +173,22 @@ func (f *fixture) runExpectError(mcpname string) { } func (f *fixture) runController(mcpname string, startInformers bool, expectError bool) { - c, i := f.newController() + c, i, ci := f.newController() if startInformers { stopCh := make(chan struct{}) defer close(stopCh) i.Start(stopCh) + ci.Start(stopCh) + } + + err := c.syncImgHandler(mcpname) + if !expectError && err != nil { + f.t.Errorf("error syncing image config: %v", err) + } else if expectError && err == nil { + f.t.Error("expected error syncing image config, got nil") } - err := c.syncHandler(mcpname) + err = c.syncHandler(mcpname) if !expectError && err != nil { f.t.Errorf("error syncing containerruntimeconfigs: %v", err) } else if expectError && err == nil { @@ -172,6 +207,7 @@ func (f *fixture) runController(mcpname string, startInformers bool, expectError expectedAction := f.actions[i] checkAction(expectedAction, action, f.t) } + if len(f.actions) > len(actions) { f.t.Errorf("%d additional expected actions:%+v", len(f.actions)-len(actions), f.actions[len(actions):]) } @@ -179,7 +215,7 @@ func (f *fixture) runController(mcpname string, startInformers bool, expectError // filterInformerActions filters list and watch actions for testing resources. // Since list and watch don't change resource state we can filter it to lower -// nose level in our tests. +// noise level in our tests. func filterInformerActions(actions []core.Action) []core.Action { ret := []core.Action{} for _, action := range actions { @@ -271,7 +307,7 @@ func TestContainerRuntimeConfigCreate(t *testing.T) { mcp := newMachineConfigPool("master", map[string]string{"custom-crio": "my-config"}, metav1.AddLabelToSelector(&metav1.LabelSelector{}, "node-role", "master"), "v0") mcp2 := newMachineConfigPool("worker", map[string]string{"custom-crio": "storage-config"}, metav1.AddLabelToSelector(&metav1.LabelSelector{}, "node-role", "worker"), "v0") ctrcfg1 := newContainerRuntimeConfig("set-log-level", &mcfgv1.ContainerRuntimeConfiguration{LogLevel: "debug", LogSizeMax: resource.MustParse("9k"), OverlaySize: resource.MustParse("3G")}, metav1.AddLabelToSelector(&metav1.LabelSelector{}, "custom-crio", "my-config")) - mcs := newMachineConfig(getManagedKey(mcp, ctrcfg1), map[string]string{"node-role": "master"}, "dummy://", []ignv2_2types.File{{}}) + mcs1 := newMachineConfig(getManagedKeyCtrCfg(mcp, ctrcfg1), map[string]string{"node-role": "master"}, "dummy://", []ignv2_2types.File{{}}) f.ccLister = append(f.ccLister, cc) f.mcpLister = append(f.mcpLister, mcp) @@ -279,10 +315,10 @@ func TestContainerRuntimeConfigCreate(t *testing.T) { f.mccrLister = append(f.mccrLister, ctrcfg1) f.objects = append(f.objects, ctrcfg1) - f.expectGetMachineConfigAction(mcs) + f.expectGetMachineConfigAction(mcs1) f.expectUpdateContainerRuntimeConfig(ctrcfg1) f.expectUpdateContainerRuntimeConfig(ctrcfg1) - f.expectCreateMachineConfigAction(mcs) + f.expectCreateMachineConfigAction(mcs1) f.expectPatchContainerRuntimeConfig(ctrcfg1, []uint8{0x7b, 0x22, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0x3a, 0x7b, 0x22, 0x66, 0x69, 0x6e, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x72, 0x73, 0x22, 0x3a, 0x5b, 0x22, 0x39, 0x39, 0x2d, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x2d, 0x73, 0x78, 0x32, 0x76, 0x72, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x22, 0x5d, 0x7d, 0x7d}) f.expectUpdateContainerRuntimeConfig(ctrcfg1) diff --git a/pkg/controller/container-runtime-config/helpers.go b/pkg/controller/container-runtime-config/helpers.go index 4caae93e58..5cbfdedf90 100644 --- a/pkg/controller/container-runtime-config/helpers.go +++ b/pkg/controller/container-runtime-config/helpers.go @@ -8,9 +8,11 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "github.com/BurntSushi/toml" + "github.com/containers/image/pkg/sysregistriesv2" storageconfig "github.com/containers/storage/pkg/config" ignv2_2types "github.com/coreos/ignition/config/v2_2/types" crioconfig "github.com/kubernetes-sigs/cri-o/pkg/config" + apicfgv1 "github.com/openshift/api/config/v1" mcfgv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1" "github.com/vincent-petithory/dataurl" @@ -18,10 +20,11 @@ import ( ) const ( - minLogSize = 8192 - minPidsLimit = 20 - crioConfigPath = "/etc/crio/crio.conf" - storageConfigPath = "/etc/containers/storage.conf" + minLogSize = 8192 + minPidsLimit = 20 + crioConfigPath = "/etc/crio/crio.conf" + storageConfigPath = "/etc/containers/storage.conf" + registriesConfigPath = "/etc/containers/registries.conf" ) // TOML-friendly explicit tables used for conversions. @@ -47,6 +50,12 @@ type tomlConfigCRIO struct { } `toml:"crio"` } +type tomlConfigRegistries struct { + Registries []sysregistriesv2.Registry `toml:"registry"` + // backwards compatability to sysregistries v1 + sysregistriesv2.V1TOMLConfig `toml:"registries"` +} + type updateConfig func(data []byte, internal *mcfgv1.ContainerRuntimeConfiguration) ([]byte, error) func createNewCtrRuntimeConfigIgnition(storageTOMLConfig, crioTOMLConfig []byte) ignv2_2types.Config { @@ -91,7 +100,30 @@ func createNewCtrRuntimeConfigIgnition(storageTOMLConfig, crioTOMLConfig []byte) } return tempIgnConfig +} +func createNewRegistriesConfigIgnition(registriesTOMLConfig []byte) ignv2_2types.Config { + var tempIgnConfig ignv2_2types.Config + mode := 0644 + // Create Registries ignition + if registriesTOMLConfig != nil { + regdu := dataurl.New(registriesTOMLConfig, "text/plain") + regdu.Encoding = dataurl.EncodingASCII + regTempFile := ignv2_2types.File{ + Node: ignv2_2types.Node{ + Filesystem: "root", + Path: registriesConfigPath, + }, + FileEmbedded1: ignv2_2types.FileEmbedded1{ + Mode: &mode, + Contents: ignv2_2types.FileContents{ + Source: regdu.String(), + }, + }, + } + tempIgnConfig.Storage.Files = append(tempIgnConfig.Storage.Files, regTempFile) + } + return tempIgnConfig } func findStorageConfig(mc *mcfgv1.MachineConfig) (*ignv2_2types.File, error) { @@ -112,10 +144,23 @@ func findCRIOConfig(mc *mcfgv1.MachineConfig) (*ignv2_2types.File, error) { return nil, fmt.Errorf("could not find CRI-O Config") } -func getManagedKey(pool *mcfgv1.MachineConfigPool, config *mcfgv1.ContainerRuntimeConfig) string { +func findRegistriesConfig(mc *mcfgv1.MachineConfig) (*ignv2_2types.File, error) { + for _, c := range mc.Spec.Config.Storage.Files { + if c.Path == registriesConfigPath { + return &c, nil + } + } + return nil, fmt.Errorf("could not find Registries Config") +} + +func getManagedKeyCtrCfg(pool *mcfgv1.MachineConfigPool, config *mcfgv1.ContainerRuntimeConfig) string { return fmt.Sprintf("99-%s-%s-containerruntime", pool.Name, pool.ObjectMeta.UID) } +func getManagedKeyReg(pool *mcfgv1.MachineConfigPool, config *apicfgv1.Image) string { + return fmt.Sprintf("99-%s-%s-registries", pool.Name, pool.ObjectMeta.UID) +} + func wrapErrorWithCondition(err error, args ...interface{}) mcfgv1.ContainerRuntimeConfigCondition { var condition *mcfgv1.ContainerRuntimeConfigCondition if err != nil { @@ -197,6 +242,28 @@ func updateCRIOConfig(data []byte, internal *mcfgv1.ContainerRuntimeConfiguratio return newData.Bytes(), nil } +func updateRegistriesConfig(data []byte, internal apicfgv1.ImageSpec) ([]byte, error) { + tomlConf := new(tomlConfigRegistries) + if _, err := toml.Decode(string(data), tomlConf); err != nil { + return nil, fmt.Errorf("error unmarshalling registries config: %v", err) + } + + if internal.RegistrySources.InsecureRegistries != nil { + tomlConf.Insecure = sysregistriesv2.V1TOMLregistries{Registries: internal.RegistrySources.InsecureRegistries} + } + if internal.RegistrySources.BlockedRegistries != nil { + tomlConf.Block = sysregistriesv2.V1TOMLregistries{Registries: internal.RegistrySources.BlockedRegistries} + } + + var newData bytes.Buffer + encoder := toml.NewEncoder(&newData) + if err := encoder.Encode(*tomlConf); err != nil { + return nil, err + } + + return newData.Bytes(), nil +} + // validateUserContainerRuntimeConfig ensures that the values set by the user are valid func validateUserContainerRuntimeConfig(cfg *mcfgv1.ContainerRuntimeConfig) error { if cfg.Spec.ContainerRuntimeConfig == nil { diff --git a/pkg/controller/template/test_data/templates/aws/master/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/aws/master/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/aws/master/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/aws/worker/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/aws/worker/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/aws/worker/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/libvirt/master/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/libvirt/master/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/libvirt/master/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/libvirt/worker/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/libvirt/worker/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/libvirt/worker/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/openstack/master/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/openstack/master/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/openstack/master/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/openstack/worker/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/openstack/worker/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/openstack/worker/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-containers-registries.conf deleted file mode 100644 index b981bb1015..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf new file mode 100644 index 0000000000..53c1015d88 --- /dev/null +++ b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf @@ -0,0 +1,6 @@ +contents: + source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A + verification: {} +filesystem: root +mode: 420 +path: /etc/containers/registries.conf diff --git a/pkg/operator/assets/bindata.go b/pkg/operator/assets/bindata.go index 35a7991ad4..7074d7ab63 100644 --- a/pkg/operator/assets/bindata.go +++ b/pkg/operator/assets/bindata.go @@ -337,6 +337,9 @@ rules: - apiGroups: [""] resources: ["configmaps", "secrets"] verbs: ["*"] +- apiGroups: ["config.openshift.io"] + resources: ["images"] + verbs: ["*"] `) func manifestsMachineconfigcontrollerClusterroleYamlBytes() ([]byte, error) { diff --git a/templates/master/00-master/_base/files/container-registries.yaml b/templates/master/01-master-container-runtime/_base/files/container-registries.yaml similarity index 66% rename from templates/master/00-master/_base/files/container-registries.yaml rename to templates/master/01-master-container-runtime/_base/files/container-registries.yaml index bedba48cd1..98f2bf7b8a 100644 --- a/templates/master/00-master/_base/files/container-registries.yaml +++ b/templates/master/01-master-container-runtime/_base/files/container-registries.yaml @@ -5,3 +5,9 @@ contents: inline: | [registries.search] registries = ['registry.access.redhat.com', 'docker.io'] + + [registries.insecure] + registries = [] + + [registries.block] + registries = [] diff --git a/templates/worker/00-worker/_base/files/container-registry.yaml b/templates/worker/01-worker-container-runtime/_base/files/container-registries.yaml similarity index 66% rename from templates/worker/00-worker/_base/files/container-registry.yaml rename to templates/worker/01-worker-container-runtime/_base/files/container-registries.yaml index bedba48cd1..98f2bf7b8a 100644 --- a/templates/worker/00-worker/_base/files/container-registry.yaml +++ b/templates/worker/01-worker-container-runtime/_base/files/container-registries.yaml @@ -5,3 +5,9 @@ contents: inline: | [registries.search] registries = ['registry.access.redhat.com', 'docker.io'] + + [registries.insecure] + registries = [] + + [registries.block] + registries = [] diff --git a/vendor/github.com/containers/image/LICENSE b/vendor/github.com/containers/image/LICENSE new file mode 100644 index 0000000000..9535635306 --- /dev/null +++ b/vendor/github.com/containers/image/LICENSE @@ -0,0 +1,189 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/containers/image/copy/fixtures/Hello.bz2 b/vendor/github.com/containers/image/copy/fixtures/Hello.bz2 new file mode 120000 index 0000000000..fc28d6c9ac --- /dev/null +++ b/vendor/github.com/containers/image/copy/fixtures/Hello.bz2 @@ -0,0 +1 @@ +../../pkg/compression/fixtures/Hello.bz2 \ No newline at end of file diff --git a/vendor/github.com/containers/image/copy/fixtures/Hello.gz b/vendor/github.com/containers/image/copy/fixtures/Hello.gz new file mode 120000 index 0000000000..08aa805fcc --- /dev/null +++ b/vendor/github.com/containers/image/copy/fixtures/Hello.gz @@ -0,0 +1 @@ +../../pkg/compression/fixtures/Hello.gz \ No newline at end of file diff --git a/vendor/github.com/containers/image/copy/fixtures/Hello.uncompressed b/vendor/github.com/containers/image/copy/fixtures/Hello.uncompressed new file mode 120000 index 0000000000..49b46625d8 --- /dev/null +++ b/vendor/github.com/containers/image/copy/fixtures/Hello.uncompressed @@ -0,0 +1 @@ +../../pkg/compression/fixtures/Hello.uncompressed \ No newline at end of file diff --git a/vendor/github.com/containers/image/copy/fixtures/Hello.xz b/vendor/github.com/containers/image/copy/fixtures/Hello.xz new file mode 120000 index 0000000000..77bcd85587 --- /dev/null +++ b/vendor/github.com/containers/image/copy/fixtures/Hello.xz @@ -0,0 +1 @@ +../../pkg/compression/fixtures/Hello.xz \ No newline at end of file diff --git a/vendor/github.com/containers/image/docker/reference/helpers.go b/vendor/github.com/containers/image/docker/reference/helpers.go new file mode 100644 index 0000000000..978df7eabb --- /dev/null +++ b/vendor/github.com/containers/image/docker/reference/helpers.go @@ -0,0 +1,42 @@ +package reference + +import "path" + +// IsNameOnly returns true if reference only contains a repo name. +func IsNameOnly(ref Named) bool { + if _, ok := ref.(NamedTagged); ok { + return false + } + if _, ok := ref.(Canonical); ok { + return false + } + return true +} + +// FamiliarName returns the familiar name string +// for the given named, familiarizing if needed. +func FamiliarName(ref Named) string { + if nn, ok := ref.(normalizedNamed); ok { + return nn.Familiar().Name() + } + return ref.Name() +} + +// FamiliarString returns the familiar string representation +// for the given reference, familiarizing if needed. +func FamiliarString(ref Reference) string { + if nn, ok := ref.(normalizedNamed); ok { + return nn.Familiar().String() + } + return ref.String() +} + +// FamiliarMatch reports whether ref matches the specified pattern. +// See https://godoc.org/path#Match for supported patterns. +func FamiliarMatch(pattern string, ref Reference) (bool, error) { + matched, err := path.Match(pattern, FamiliarString(ref)) + if namedRef, isNamed := ref.(Named); isNamed && !matched { + matched, _ = path.Match(pattern, FamiliarName(namedRef)) + } + return matched, err +} diff --git a/vendor/github.com/containers/image/docker/reference/normalize.go b/vendor/github.com/containers/image/docker/reference/normalize.go new file mode 100644 index 0000000000..fcc436a395 --- /dev/null +++ b/vendor/github.com/containers/image/docker/reference/normalize.go @@ -0,0 +1,152 @@ +package reference + +import ( + "errors" + "fmt" + "strings" + + "github.com/opencontainers/go-digest" +) + +var ( + legacyDefaultDomain = "index.docker.io" + defaultDomain = "docker.io" + officialRepoName = "library" + defaultTag = "latest" +) + +// normalizedNamed represents a name which has been +// normalized and has a familiar form. A familiar name +// is what is used in Docker UI. An example normalized +// name is "docker.io/library/ubuntu" and corresponding +// familiar name of "ubuntu". +type normalizedNamed interface { + Named + Familiar() Named +} + +// ParseNormalizedNamed parses a string into a named reference +// transforming a familiar name from Docker UI to a fully +// qualified reference. If the value may be an identifier +// use ParseAnyReference. +func ParseNormalizedNamed(s string) (Named, error) { + if ok := anchoredIdentifierRegexp.MatchString(s); ok { + return nil, fmt.Errorf("invalid repository name (%s), cannot specify 64-byte hexadecimal strings", s) + } + domain, remainder := splitDockerDomain(s) + var remoteName string + if tagSep := strings.IndexRune(remainder, ':'); tagSep > -1 { + remoteName = remainder[:tagSep] + } else { + remoteName = remainder + } + if strings.ToLower(remoteName) != remoteName { + return nil, errors.New("invalid reference format: repository name must be lowercase") + } + + ref, err := Parse(domain + "/" + remainder) + if err != nil { + return nil, err + } + named, isNamed := ref.(Named) + if !isNamed { + return nil, fmt.Errorf("reference %s has no name", ref.String()) + } + return named, nil +} + +// splitDockerDomain splits a repository name to domain and remotename string. +// If no valid domain is found, the default domain is used. Repository name +// needs to be already validated before. +func splitDockerDomain(name string) (domain, remainder string) { + i := strings.IndexRune(name, '/') + if i == -1 || (!strings.ContainsAny(name[:i], ".:") && name[:i] != "localhost") { + domain, remainder = defaultDomain, name + } else { + domain, remainder = name[:i], name[i+1:] + } + if domain == legacyDefaultDomain { + domain = defaultDomain + } + if domain == defaultDomain && !strings.ContainsRune(remainder, '/') { + remainder = officialRepoName + "/" + remainder + } + return +} + +// familiarizeName returns a shortened version of the name familiar +// to to the Docker UI. Familiar names have the default domain +// "docker.io" and "library/" repository prefix removed. +// For example, "docker.io/library/redis" will have the familiar +// name "redis" and "docker.io/dmcgowan/myapp" will be "dmcgowan/myapp". +// Returns a familiarized named only reference. +func familiarizeName(named namedRepository) repository { + repo := repository{ + domain: named.Domain(), + path: named.Path(), + } + + if repo.domain == defaultDomain { + repo.domain = "" + // Handle official repositories which have the pattern "library/" + if split := strings.Split(repo.path, "/"); len(split) == 2 && split[0] == officialRepoName { + repo.path = split[1] + } + } + return repo +} + +func (r reference) Familiar() Named { + return reference{ + namedRepository: familiarizeName(r.namedRepository), + tag: r.tag, + digest: r.digest, + } +} + +func (r repository) Familiar() Named { + return familiarizeName(r) +} + +func (t taggedReference) Familiar() Named { + return taggedReference{ + namedRepository: familiarizeName(t.namedRepository), + tag: t.tag, + } +} + +func (c canonicalReference) Familiar() Named { + return canonicalReference{ + namedRepository: familiarizeName(c.namedRepository), + digest: c.digest, + } +} + +// TagNameOnly adds the default tag "latest" to a reference if it only has +// a repo name. +func TagNameOnly(ref Named) Named { + if IsNameOnly(ref) { + namedTagged, err := WithTag(ref, defaultTag) + if err != nil { + // Default tag must be valid, to create a NamedTagged + // type with non-validated input the WithTag function + // should be used instead + panic(err) + } + return namedTagged + } + return ref +} + +// ParseAnyReference parses a reference string as a possible identifier, +// full digest, or familiar name. +func ParseAnyReference(ref string) (Reference, error) { + if ok := anchoredIdentifierRegexp.MatchString(ref); ok { + return digestReference("sha256:" + ref), nil + } + if dgst, err := digest.Parse(ref); err == nil { + return digestReference(dgst), nil + } + + return ParseNormalizedNamed(ref) +} diff --git a/vendor/github.com/containers/image/docker/reference/reference.go b/vendor/github.com/containers/image/docker/reference/reference.go new file mode 100644 index 0000000000..fd3510e9ee --- /dev/null +++ b/vendor/github.com/containers/image/docker/reference/reference.go @@ -0,0 +1,433 @@ +// Package reference provides a general type to represent any way of referencing images within the registry. +// Its main purpose is to abstract tags and digests (content-addressable hash). +// +// Grammar +// +// reference := name [ ":" tag ] [ "@" digest ] +// name := [domain '/'] path-component ['/' path-component]* +// domain := domain-component ['.' domain-component]* [':' port-number] +// domain-component := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/ +// port-number := /[0-9]+/ +// path-component := alpha-numeric [separator alpha-numeric]* +// alpha-numeric := /[a-z0-9]+/ +// separator := /[_.]|__|[-]*/ +// +// tag := /[\w][\w.-]{0,127}/ +// +// digest := digest-algorithm ":" digest-hex +// digest-algorithm := digest-algorithm-component [ digest-algorithm-separator digest-algorithm-component ] +// digest-algorithm-separator := /[+.-_]/ +// digest-algorithm-component := /[A-Za-z][A-Za-z0-9]*/ +// digest-hex := /[0-9a-fA-F]{32,}/ ; At least 128 bit digest value +// +// identifier := /[a-f0-9]{64}/ +// short-identifier := /[a-f0-9]{6,64}/ +package reference + +import ( + "errors" + "fmt" + "strings" + + "github.com/opencontainers/go-digest" +) + +const ( + // NameTotalLengthMax is the maximum total number of characters in a repository name. + NameTotalLengthMax = 255 +) + +var ( + // ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference. + ErrReferenceInvalidFormat = errors.New("invalid reference format") + + // ErrTagInvalidFormat represents an error while trying to parse a string as a tag. + ErrTagInvalidFormat = errors.New("invalid tag format") + + // ErrDigestInvalidFormat represents an error while trying to parse a string as a tag. + ErrDigestInvalidFormat = errors.New("invalid digest format") + + // ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters. + ErrNameContainsUppercase = errors.New("repository name must be lowercase") + + // ErrNameEmpty is returned for empty, invalid repository names. + ErrNameEmpty = errors.New("repository name must have at least one component") + + // ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax. + ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", NameTotalLengthMax) + + // ErrNameNotCanonical is returned when a name is not canonical. + ErrNameNotCanonical = errors.New("repository name must be canonical") +) + +// Reference is an opaque object reference identifier that may include +// modifiers such as a hostname, name, tag, and digest. +type Reference interface { + // String returns the full reference + String() string +} + +// Field provides a wrapper type for resolving correct reference types when +// working with encoding. +type Field struct { + reference Reference +} + +// AsField wraps a reference in a Field for encoding. +func AsField(reference Reference) Field { + return Field{reference} +} + +// Reference unwraps the reference type from the field to +// return the Reference object. This object should be +// of the appropriate type to further check for different +// reference types. +func (f Field) Reference() Reference { + return f.reference +} + +// MarshalText serializes the field to byte text which +// is the string of the reference. +func (f Field) MarshalText() (p []byte, err error) { + return []byte(f.reference.String()), nil +} + +// UnmarshalText parses text bytes by invoking the +// reference parser to ensure the appropriately +// typed reference object is wrapped by field. +func (f *Field) UnmarshalText(p []byte) error { + r, err := Parse(string(p)) + if err != nil { + return err + } + + f.reference = r + return nil +} + +// Named is an object with a full name +type Named interface { + Reference + Name() string +} + +// Tagged is an object which has a tag +type Tagged interface { + Reference + Tag() string +} + +// NamedTagged is an object including a name and tag. +type NamedTagged interface { + Named + Tag() string +} + +// Digested is an object which has a digest +// in which it can be referenced by +type Digested interface { + Reference + Digest() digest.Digest +} + +// Canonical reference is an object with a fully unique +// name including a name with domain and digest +type Canonical interface { + Named + Digest() digest.Digest +} + +// namedRepository is a reference to a repository with a name. +// A namedRepository has both domain and path components. +type namedRepository interface { + Named + Domain() string + Path() string +} + +// Domain returns the domain part of the Named reference +func Domain(named Named) string { + if r, ok := named.(namedRepository); ok { + return r.Domain() + } + domain, _ := splitDomain(named.Name()) + return domain +} + +// Path returns the name without the domain part of the Named reference +func Path(named Named) (name string) { + if r, ok := named.(namedRepository); ok { + return r.Path() + } + _, path := splitDomain(named.Name()) + return path +} + +func splitDomain(name string) (string, string) { + match := anchoredNameRegexp.FindStringSubmatch(name) + if len(match) != 3 { + return "", name + } + return match[1], match[2] +} + +// SplitHostname splits a named reference into a +// hostname and name string. If no valid hostname is +// found, the hostname is empty and the full value +// is returned as name +// DEPRECATED: Use Domain or Path +func SplitHostname(named Named) (string, string) { + if r, ok := named.(namedRepository); ok { + return r.Domain(), r.Path() + } + return splitDomain(named.Name()) +} + +// Parse parses s and returns a syntactically valid Reference. +// If an error was encountered it is returned, along with a nil Reference. +// NOTE: Parse will not handle short digests. +func Parse(s string) (Reference, error) { + matches := ReferenceRegexp.FindStringSubmatch(s) + if matches == nil { + if s == "" { + return nil, ErrNameEmpty + } + if ReferenceRegexp.FindStringSubmatch(strings.ToLower(s)) != nil { + return nil, ErrNameContainsUppercase + } + return nil, ErrReferenceInvalidFormat + } + + if len(matches[1]) > NameTotalLengthMax { + return nil, ErrNameTooLong + } + + var repo repository + + nameMatch := anchoredNameRegexp.FindStringSubmatch(matches[1]) + if nameMatch != nil && len(nameMatch) == 3 { + repo.domain = nameMatch[1] + repo.path = nameMatch[2] + } else { + repo.domain = "" + repo.path = matches[1] + } + + ref := reference{ + namedRepository: repo, + tag: matches[2], + } + if matches[3] != "" { + var err error + ref.digest, err = digest.Parse(matches[3]) + if err != nil { + return nil, err + } + } + + r := getBestReferenceType(ref) + if r == nil { + return nil, ErrNameEmpty + } + + return r, nil +} + +// ParseNamed parses s and returns a syntactically valid reference implementing +// the Named interface. The reference must have a name and be in the canonical +// form, otherwise an error is returned. +// If an error was encountered it is returned, along with a nil Reference. +// NOTE: ParseNamed will not handle short digests. +func ParseNamed(s string) (Named, error) { + named, err := ParseNormalizedNamed(s) + if err != nil { + return nil, err + } + if named.String() != s { + return nil, ErrNameNotCanonical + } + return named, nil +} + +// WithName returns a named object representing the given string. If the input +// is invalid ErrReferenceInvalidFormat will be returned. +func WithName(name string) (Named, error) { + if len(name) > NameTotalLengthMax { + return nil, ErrNameTooLong + } + + match := anchoredNameRegexp.FindStringSubmatch(name) + if match == nil || len(match) != 3 { + return nil, ErrReferenceInvalidFormat + } + return repository{ + domain: match[1], + path: match[2], + }, nil +} + +// WithTag combines the name from "name" and the tag from "tag" to form a +// reference incorporating both the name and the tag. +func WithTag(name Named, tag string) (NamedTagged, error) { + if !anchoredTagRegexp.MatchString(tag) { + return nil, ErrTagInvalidFormat + } + var repo repository + if r, ok := name.(namedRepository); ok { + repo.domain = r.Domain() + repo.path = r.Path() + } else { + repo.path = name.Name() + } + if canonical, ok := name.(Canonical); ok { + return reference{ + namedRepository: repo, + tag: tag, + digest: canonical.Digest(), + }, nil + } + return taggedReference{ + namedRepository: repo, + tag: tag, + }, nil +} + +// WithDigest combines the name from "name" and the digest from "digest" to form +// a reference incorporating both the name and the digest. +func WithDigest(name Named, digest digest.Digest) (Canonical, error) { + if !anchoredDigestRegexp.MatchString(digest.String()) { + return nil, ErrDigestInvalidFormat + } + var repo repository + if r, ok := name.(namedRepository); ok { + repo.domain = r.Domain() + repo.path = r.Path() + } else { + repo.path = name.Name() + } + if tagged, ok := name.(Tagged); ok { + return reference{ + namedRepository: repo, + tag: tagged.Tag(), + digest: digest, + }, nil + } + return canonicalReference{ + namedRepository: repo, + digest: digest, + }, nil +} + +// TrimNamed removes any tag or digest from the named reference. +func TrimNamed(ref Named) Named { + domain, path := SplitHostname(ref) + return repository{ + domain: domain, + path: path, + } +} + +func getBestReferenceType(ref reference) Reference { + if ref.Name() == "" { + // Allow digest only references + if ref.digest != "" { + return digestReference(ref.digest) + } + return nil + } + if ref.tag == "" { + if ref.digest != "" { + return canonicalReference{ + namedRepository: ref.namedRepository, + digest: ref.digest, + } + } + return ref.namedRepository + } + if ref.digest == "" { + return taggedReference{ + namedRepository: ref.namedRepository, + tag: ref.tag, + } + } + + return ref +} + +type reference struct { + namedRepository + tag string + digest digest.Digest +} + +func (r reference) String() string { + return r.Name() + ":" + r.tag + "@" + r.digest.String() +} + +func (r reference) Tag() string { + return r.tag +} + +func (r reference) Digest() digest.Digest { + return r.digest +} + +type repository struct { + domain string + path string +} + +func (r repository) String() string { + return r.Name() +} + +func (r repository) Name() string { + if r.domain == "" { + return r.path + } + return r.domain + "/" + r.path +} + +func (r repository) Domain() string { + return r.domain +} + +func (r repository) Path() string { + return r.path +} + +type digestReference digest.Digest + +func (d digestReference) String() string { + return digest.Digest(d).String() +} + +func (d digestReference) Digest() digest.Digest { + return digest.Digest(d) +} + +type taggedReference struct { + namedRepository + tag string +} + +func (t taggedReference) String() string { + return t.Name() + ":" + t.tag +} + +func (t taggedReference) Tag() string { + return t.tag +} + +type canonicalReference struct { + namedRepository + digest digest.Digest +} + +func (c canonicalReference) String() string { + return c.Name() + "@" + c.digest.String() +} + +func (c canonicalReference) Digest() digest.Digest { + return c.digest +} diff --git a/vendor/github.com/containers/image/docker/reference/regexp.go b/vendor/github.com/containers/image/docker/reference/regexp.go new file mode 100644 index 0000000000..405e995db9 --- /dev/null +++ b/vendor/github.com/containers/image/docker/reference/regexp.go @@ -0,0 +1,143 @@ +package reference + +import "regexp" + +var ( + // alphaNumericRegexp defines the alpha numeric atom, typically a + // component of names. This only allows lower case characters and digits. + alphaNumericRegexp = match(`[a-z0-9]+`) + + // separatorRegexp defines the separators allowed to be embedded in name + // components. This allow one period, one or two underscore and multiple + // dashes. + separatorRegexp = match(`(?:[._]|__|[-]*)`) + + // nameComponentRegexp restricts registry path component names to start + // with at least one letter or number, with following parts able to be + // separated by one period, one or two underscore and multiple dashes. + nameComponentRegexp = expression( + alphaNumericRegexp, + optional(repeated(separatorRegexp, alphaNumericRegexp))) + + // domainComponentRegexp restricts the registry domain component of a + // repository name to start with a component as defined by domainRegexp + // and followed by an optional port. + domainComponentRegexp = match(`(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])`) + + // domainRegexp defines the structure of potential domain components + // that may be part of image names. This is purposely a subset of what is + // allowed by DNS to ensure backwards compatibility with Docker image + // names. + domainRegexp = expression( + domainComponentRegexp, + optional(repeated(literal(`.`), domainComponentRegexp)), + optional(literal(`:`), match(`[0-9]+`))) + + // TagRegexp matches valid tag names. From docker/docker:graph/tags.go. + TagRegexp = match(`[\w][\w.-]{0,127}`) + + // anchoredTagRegexp matches valid tag names, anchored at the start and + // end of the matched string. + anchoredTagRegexp = anchored(TagRegexp) + + // DigestRegexp matches valid digests. + DigestRegexp = match(`[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}`) + + // anchoredDigestRegexp matches valid digests, anchored at the start and + // end of the matched string. + anchoredDigestRegexp = anchored(DigestRegexp) + + // NameRegexp is the format for the name component of references. The + // regexp has capturing groups for the domain and name part omitting + // the separating forward slash from either. + NameRegexp = expression( + optional(domainRegexp, literal(`/`)), + nameComponentRegexp, + optional(repeated(literal(`/`), nameComponentRegexp))) + + // anchoredNameRegexp is used to parse a name value, capturing the + // domain and trailing components. + anchoredNameRegexp = anchored( + optional(capture(domainRegexp), literal(`/`)), + capture(nameComponentRegexp, + optional(repeated(literal(`/`), nameComponentRegexp)))) + + // ReferenceRegexp is the full supported format of a reference. The regexp + // is anchored and has capturing groups for name, tag, and digest + // components. + ReferenceRegexp = anchored(capture(NameRegexp), + optional(literal(":"), capture(TagRegexp)), + optional(literal("@"), capture(DigestRegexp))) + + // IdentifierRegexp is the format for string identifier used as a + // content addressable identifier using sha256. These identifiers + // are like digests without the algorithm, since sha256 is used. + IdentifierRegexp = match(`([a-f0-9]{64})`) + + // ShortIdentifierRegexp is the format used to represent a prefix + // of an identifier. A prefix may be used to match a sha256 identifier + // within a list of trusted identifiers. + ShortIdentifierRegexp = match(`([a-f0-9]{6,64})`) + + // anchoredIdentifierRegexp is used to check or match an + // identifier value, anchored at start and end of string. + anchoredIdentifierRegexp = anchored(IdentifierRegexp) + + // anchoredShortIdentifierRegexp is used to check if a value + // is a possible identifier prefix, anchored at start and end + // of string. + anchoredShortIdentifierRegexp = anchored(ShortIdentifierRegexp) +) + +// match compiles the string to a regular expression. +var match = regexp.MustCompile + +// literal compiles s into a literal regular expression, escaping any regexp +// reserved characters. +func literal(s string) *regexp.Regexp { + re := match(regexp.QuoteMeta(s)) + + if _, complete := re.LiteralPrefix(); !complete { + panic("must be a literal") + } + + return re +} + +// expression defines a full expression, where each regular expression must +// follow the previous. +func expression(res ...*regexp.Regexp) *regexp.Regexp { + var s string + for _, re := range res { + s += re.String() + } + + return match(s) +} + +// optional wraps the expression in a non-capturing group and makes the +// production optional. +func optional(res ...*regexp.Regexp) *regexp.Regexp { + return match(group(expression(res...)).String() + `?`) +} + +// repeated wraps the regexp in a non-capturing group to get one or more +// matches. +func repeated(res ...*regexp.Regexp) *regexp.Regexp { + return match(group(expression(res...)).String() + `+`) +} + +// group wraps the regexp in a non-capturing group. +func group(res ...*regexp.Regexp) *regexp.Regexp { + return match(`(?:` + expression(res...).String() + `)`) +} + +// capture wraps the expression in a capturing group. +func capture(res ...*regexp.Regexp) *regexp.Regexp { + return match(`(` + expression(res...).String() + `)`) +} + +// anchored anchors the regular expression by adding start and end delimiters. +func anchored(res ...*regexp.Regexp) *regexp.Regexp { + return match(`^` + expression(res...).String() + `$`) +} diff --git a/vendor/github.com/containers/image/manifest/fixtures/schema2-to-schema1-by-docker.json b/vendor/github.com/containers/image/manifest/fixtures/schema2-to-schema1-by-docker.json new file mode 120000 index 0000000000..79e638a3ab --- /dev/null +++ b/vendor/github.com/containers/image/manifest/fixtures/schema2-to-schema1-by-docker.json @@ -0,0 +1 @@ +../../image/fixtures/schema2-to-schema1-by-docker.json \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/sysregistriesv2/system_registries_v2.go b/vendor/github.com/containers/image/pkg/sysregistriesv2/system_registries_v2.go new file mode 100644 index 0000000000..3d0bb0df28 --- /dev/null +++ b/vendor/github.com/containers/image/pkg/sysregistriesv2/system_registries_v2.go @@ -0,0 +1,399 @@ +package sysregistriesv2 + +import ( + "fmt" + "io/ioutil" + "os" + "path/filepath" + "strings" + "sync" + + "github.com/BurntSushi/toml" + "github.com/containers/image/types" +) + +// systemRegistriesConfPath is the path to the system-wide registry +// configuration file and is used to add/subtract potential registries for +// obtaining images. You can override this at build time with +// -ldflags '-X github.com/containers/image/sysregistries.systemRegistriesConfPath=$your_path' +var systemRegistriesConfPath = builtinRegistriesConfPath + +// builtinRegistriesConfPath is the path to the registry configuration file. +// DO NOT change this, instead see systemRegistriesConfPath above. +const builtinRegistriesConfPath = "/etc/containers/registries.conf" + +// Mirror represents a mirror. Mirrors can be used as pull-through caches for +// registries. +type Mirror struct { + // The mirror's URL. + URL string `toml:"url"` + // If true, certs verification will be skipped and HTTP (non-TLS) + // connections will be allowed. + Insecure bool `toml:"insecure"` +} + +// Registry represents a registry. +type Registry struct { + // Serializable registry URL. + URL string `toml:"url"` + // The registry's mirrors. + Mirrors []Mirror `toml:"mirror"` + // If true, pulling from the registry will be blocked. + Blocked bool `toml:"blocked"` + // If true, certs verification will be skipped and HTTP (non-TLS) + // connections will be allowed. + Insecure bool `toml:"insecure"` + // If true, the registry can be used when pulling an unqualified image. + Search bool `toml:"unqualified-search"` + // Prefix is used for matching images, and to translate one namespace to + // another. If `Prefix="example.com/bar"`, `URL="example.com/foo/bar"` + // and we pull from "example.com/bar/myimage:latest", the image will + // effectively be pulled from "example.com/foo/bar/myimage:latest". + // If no Prefix is specified, it defaults to the specified URL. + Prefix string `toml:"prefix"` +} + +// V1TOMLregistries is for backwards compatibility to sysregistries v1 +type V1TOMLregistries struct { + Registries []string `toml:"registries"` +} + +// V1TOMLConfig is for backwards compatibility to sysregistries v1 +type V1TOMLConfig struct { + Search V1TOMLregistries `toml:"search"` + Insecure V1TOMLregistries `toml:"insecure"` + Block V1TOMLregistries `toml:"block"` +} + +// tomlConfig is the data type used to unmarshal the toml config. +type tomlConfig struct { + Registries []Registry `toml:"registry"` + // backwards compatability to sysregistries v1 + V1TOMLConfig `toml:"registries"` +} + +// InvalidRegistries represents an invalid registry configurations. An example +// is when "registry.com" is defined multiple times in the configuration but +// with conflicting security settings. +type InvalidRegistries struct { + s string +} + +// Error returns the error string. +func (e *InvalidRegistries) Error() string { + return e.s +} + +// parseURL parses the input string, performs some sanity checks and returns +// the sanitized input string. An error is returned if the input string is +// empty or if contains an "http{s,}://" prefix. +func parseURL(input string) (string, error) { + trimmed := strings.TrimRight(input, "/") + + if trimmed == "" { + return "", &InvalidRegistries{s: "invalid URL: cannot be empty"} + } + + if strings.HasPrefix(trimmed, "http://") || strings.HasPrefix(trimmed, "https://") { + msg := fmt.Sprintf("invalid URL '%s': URI schemes are not supported", input) + return "", &InvalidRegistries{s: msg} + } + + return trimmed, nil +} + +// getV1Registries transforms v1 registries in the config into an array of v2 +// registries of type Registry. +func getV1Registries(config *tomlConfig) ([]Registry, error) { + regMap := make(map[string]*Registry) + // We must preserve the order of config.V1Registries.Search.Registries at least. The order of the + // other registries is not really important, but make it deterministic (the same for the same config file) + // to minimize behavior inconsistency and not contribute to difficult-to-reproduce situations. + registryOrder := []string{} + + getRegistry := func(url string) (*Registry, error) { // Note: _pointer_ to a long-lived object + var err error + url, err = parseURL(url) + if err != nil { + return nil, err + } + reg, exists := regMap[url] + if !exists { + reg = &Registry{ + URL: url, + Mirrors: []Mirror{}, + Prefix: url, + } + regMap[url] = reg + registryOrder = append(registryOrder, url) + } + return reg, nil + } + + // Note: config.V1Registries.Search needs to be processed first to ensure registryOrder is populated in the right order + // if one of the search registries is also in one of the other lists. + for _, search := range config.V1TOMLConfig.Search.Registries { + reg, err := getRegistry(search) + if err != nil { + return nil, err + } + reg.Search = true + } + for _, blocked := range config.V1TOMLConfig.Block.Registries { + reg, err := getRegistry(blocked) + if err != nil { + return nil, err + } + reg.Blocked = true + } + for _, insecure := range config.V1TOMLConfig.Insecure.Registries { + reg, err := getRegistry(insecure) + if err != nil { + return nil, err + } + reg.Insecure = true + } + + registries := []Registry{} + for _, url := range registryOrder { + reg := regMap[url] + registries = append(registries, *reg) + } + return registries, nil +} + +// postProcessRegistries checks the consistency of all registries (e.g., set +// the Prefix to URL if not set) and applies conflict checks. It returns an +// array of cleaned registries and error in case of conflicts. +func postProcessRegistries(regs []Registry) ([]Registry, error) { + var registries []Registry + regMap := make(map[string][]Registry) + + for _, reg := range regs { + var err error + + // make sure URL and Prefix are valid + reg.URL, err = parseURL(reg.URL) + if err != nil { + return nil, err + } + + if reg.Prefix == "" { + reg.Prefix = reg.URL + } else { + reg.Prefix, err = parseURL(reg.Prefix) + if err != nil { + return nil, err + } + } + + // make sure mirrors are valid + for _, mir := range reg.Mirrors { + mir.URL, err = parseURL(mir.URL) + if err != nil { + return nil, err + } + } + registries = append(registries, reg) + regMap[reg.URL] = append(regMap[reg.URL], reg) + } + + // Given a registry can be mentioned multiple times (e.g., to have + // multiple prefixes backed by different mirrors), we need to make sure + // there are no conflicts among them. + // + // Note: we need to iterate over the registries array to ensure a + // deterministic behavior which is not guaranteed by maps. + for _, reg := range registries { + others, _ := regMap[reg.URL] + for _, other := range others { + if reg.Insecure != other.Insecure { + msg := fmt.Sprintf("registry '%s' is defined multiple times with conflicting 'insecure' setting", reg.URL) + + return nil, &InvalidRegistries{s: msg} + } + if reg.Blocked != other.Blocked { + msg := fmt.Sprintf("registry '%s' is defined multiple times with conflicting 'blocked' setting", reg.URL) + return nil, &InvalidRegistries{s: msg} + } + } + } + + return registries, nil +} + +// getConfigPath returns the system-registries config path if specified. +// Otherwise, systemRegistriesConfPath is returned. +func getConfigPath(ctx *types.SystemContext) string { + confPath := systemRegistriesConfPath + if ctx != nil { + if ctx.SystemRegistriesConfPath != "" { + confPath = ctx.SystemRegistriesConfPath + } else if ctx.RootForImplicitAbsolutePaths != "" { + confPath = filepath.Join(ctx.RootForImplicitAbsolutePaths, systemRegistriesConfPath) + } + } + return confPath +} + +// configMutex is used to synchronize concurrent accesses to configCache. +var configMutex = sync.Mutex{} + +// configCache caches already loaded configs with config paths as keys and is +// used to avoid redudantly parsing configs. Concurrent accesses to the cache +// are synchronized via configMutex. +var configCache = make(map[string][]Registry) + +// InvalidateCache invalidates the registry cache. This function is meant to be +// used for long-running processes that need to reload potential changes made to +// the cached registry config files. +func InvalidateCache() { + configMutex.Lock() + defer configMutex.Unlock() + configCache = make(map[string][]Registry) +} + +// GetRegistries loads and returns the registries specified in the config. +// Note the parsed content of registry config files is cached. For reloading, +// use `InvalidateCache` and re-call `GetRegistries`. +func GetRegistries(ctx *types.SystemContext) ([]Registry, error) { + configPath := getConfigPath(ctx) + + configMutex.Lock() + defer configMutex.Unlock() + // if the config has already been loaded, return the cached registries + if registries, inCache := configCache[configPath]; inCache { + return registries, nil + } + + // load the config + config, err := loadRegistryConf(configPath) + if err != nil { + // Return an empty []Registry if we use the default config, + // which implies that the config path of the SystemContext + // isn't set. Note: if ctx.SystemRegistriesConfPath points to + // the default config, we will still return an error. + if os.IsNotExist(err) && (ctx == nil || ctx.SystemRegistriesConfPath == "") { + return []Registry{}, nil + } + return nil, err + } + + registries := config.Registries + + // backwards compatibility for v1 configs + v1Registries, err := getV1Registries(config) + if err != nil { + return nil, err + } + if len(v1Registries) > 0 { + if len(registries) > 0 { + return nil, &InvalidRegistries{s: "mixing sysregistry v1/v2 is not supported"} + } + registries = v1Registries + } + + registries, err = postProcessRegistries(registries) + if err != nil { + return nil, err + } + + // populate the cache + configCache[configPath] = registries + + return registries, err +} + +// FindUnqualifiedSearchRegistries returns all registries that are configured +// for unqualified image search (i.e., with Registry.Search == true). +func FindUnqualifiedSearchRegistries(ctx *types.SystemContext) ([]Registry, error) { + registries, err := GetRegistries(ctx) + if err != nil { + return nil, err + } + + unqualified := []Registry{} + for _, reg := range registries { + if reg.Search { + unqualified = append(unqualified, reg) + } + } + return unqualified, nil +} + +// refMatchesPrefix returns true iff ref, +// which is a registry, repository namespace, repository or image reference (as formatted by +// reference.Domain(), reference.Named.Name() or reference.Reference.String() +// — note that this requires the name to start with an explicit hostname!), +// matches a Registry.Prefix value. +// (This is split from the caller primarily to make testing easier.) +func refMatchesPrefix(ref, prefix string) bool { + switch { + case len(ref) < len(prefix): + return false + case len(ref) == len(prefix): + return ref == prefix + case len(ref) > len(prefix): + if !strings.HasPrefix(ref, prefix) { + return false + } + c := ref[len(prefix)] + // This allows "example.com:5000" to match "example.com", + // which is unintended; that will get fixed eventually, DON'T RELY + // ON THE CURRENT BEHAVIOR. + return c == ':' || c == '/' || c == '@' + default: + panic("Internal error: impossible comparison outcome") + } +} + +// FindRegistry returns the Registry with the longest prefix for ref, +// which is a registry, repository namespace repository or image reference (as formatted by +// reference.Domain(), reference.Named.Name() or reference.Reference.String() +// — note that this requires the name to start with an explicit hostname!). +// If no Registry prefixes the image, nil is returned. +func FindRegistry(ctx *types.SystemContext, ref string) (*Registry, error) { + registries, err := GetRegistries(ctx) + if err != nil { + return nil, err + } + + reg := Registry{} + prefixLen := 0 + for _, r := range registries { + if refMatchesPrefix(ref, r.Prefix) { + length := len(r.Prefix) + if length > prefixLen { + reg = r + prefixLen = length + } + } + } + if prefixLen != 0 { + return ®, nil + } + return nil, nil +} + +// Reads the global registry file from the filesystem. Returns a byte array. +func readRegistryConf(configPath string) ([]byte, error) { + configBytes, err := ioutil.ReadFile(configPath) + return configBytes, err +} + +// Used in unittests to parse custom configs without a types.SystemContext. +var readConf = readRegistryConf + +// Loads the registry configuration file from the filesystem and then unmarshals +// it. Returns the unmarshalled object. +func loadRegistryConf(configPath string) (*tomlConfig, error) { + config := &tomlConfig{} + + configBytes, err := readConf(configPath) + if err != nil { + return nil, err + } + + err = toml.Unmarshal(configBytes, &config) + return config, err +} diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/missing-cert/client-cert-1.key b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/missing-cert/client-cert-1.key new file mode 120000 index 0000000000..c8cf88db8a --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/missing-cert/client-cert-1.key @@ -0,0 +1 @@ +../full/client-cert-1.key \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/missing-key/client-cert-1.cert b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/missing-key/client-cert-1.cert new file mode 120000 index 0000000000..2c62e46111 --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/missing-key/client-cert-1.cert @@ -0,0 +1 @@ +../full/client-cert-1.cert \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-ca/unreadable.crt b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-ca/unreadable.crt new file mode 120000 index 0000000000..4cd6460f62 --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-ca/unreadable.crt @@ -0,0 +1 @@ +/this/does/not/exist \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-cert/client-cert-1.cert b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-cert/client-cert-1.cert new file mode 120000 index 0000000000..4cd6460f62 --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-cert/client-cert-1.cert @@ -0,0 +1 @@ +/this/does/not/exist \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-cert/client-cert-1.key b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-cert/client-cert-1.key new file mode 120000 index 0000000000..c8cf88db8a --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-cert/client-cert-1.key @@ -0,0 +1 @@ +../full/client-cert-1.key \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-key/client-cert-1.cert b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-key/client-cert-1.cert new file mode 120000 index 0000000000..2c62e46111 --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-key/client-cert-1.cert @@ -0,0 +1 @@ +../full/client-cert-1.cert \ No newline at end of file diff --git a/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-key/client-cert-1.key b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-key/client-cert-1.key new file mode 120000 index 0000000000..4cd6460f62 --- /dev/null +++ b/vendor/github.com/containers/image/pkg/tlsclientconfig/testdata/unreadable-key/client-cert-1.key @@ -0,0 +1 @@ +/this/does/not/exist \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-manifest-digest-error/manifest.json b/vendor/github.com/containers/image/signature/fixtures/dir-img-manifest-digest-error/manifest.json new file mode 120000 index 0000000000..3dee14b4a8 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-manifest-digest-error/manifest.json @@ -0,0 +1 @@ +../v2s1-invalid-signatures.manifest.json \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-manifest-digest-error/signature-1 b/vendor/github.com/containers/image/signature/fixtures/dir-img-manifest-digest-error/signature-1 new file mode 120000 index 0000000000..f010fd4c41 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-manifest-digest-error/signature-1 @@ -0,0 +1 @@ +../dir-img-valid/signature-1 \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/manifest.json b/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/manifest.json new file mode 120000 index 0000000000..ff7d2ffadf --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/manifest.json @@ -0,0 +1 @@ +../dir-img-valid/manifest.json \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/signature-1 b/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/signature-1 new file mode 120000 index 0000000000..b27cdc4585 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/signature-1 @@ -0,0 +1 @@ +../invalid-blob.signature \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/signature-2 b/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/signature-2 new file mode 120000 index 0000000000..f010fd4c41 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-mixed/signature-2 @@ -0,0 +1 @@ +../dir-img-valid/signature-1 \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-modified-manifest/signature-1 b/vendor/github.com/containers/image/signature/fixtures/dir-img-modified-manifest/signature-1 new file mode 120000 index 0000000000..f010fd4c41 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-modified-manifest/signature-1 @@ -0,0 +1 @@ +../dir-img-valid/signature-1 \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-no-manifest/signature-1 b/vendor/github.com/containers/image/signature/fixtures/dir-img-no-manifest/signature-1 new file mode 120000 index 0000000000..f010fd4c41 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-no-manifest/signature-1 @@ -0,0 +1 @@ +../dir-img-valid/signature-1 \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-unsigned/manifest.json b/vendor/github.com/containers/image/signature/fixtures/dir-img-unsigned/manifest.json new file mode 120000 index 0000000000..ff7d2ffadf --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-unsigned/manifest.json @@ -0,0 +1 @@ +../dir-img-valid/manifest.json \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-valid-2/manifest.json b/vendor/github.com/containers/image/signature/fixtures/dir-img-valid-2/manifest.json new file mode 120000 index 0000000000..ff7d2ffadf --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-valid-2/manifest.json @@ -0,0 +1 @@ +../dir-img-valid/manifest.json \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-valid-2/signature-1 b/vendor/github.com/containers/image/signature/fixtures/dir-img-valid-2/signature-1 new file mode 120000 index 0000000000..f010fd4c41 --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-valid-2/signature-1 @@ -0,0 +1 @@ +../dir-img-valid/signature-1 \ No newline at end of file diff --git a/vendor/github.com/containers/image/signature/fixtures/dir-img-valid/manifest.json b/vendor/github.com/containers/image/signature/fixtures/dir-img-valid/manifest.json new file mode 120000 index 0000000000..c5bd25431f --- /dev/null +++ b/vendor/github.com/containers/image/signature/fixtures/dir-img-valid/manifest.json @@ -0,0 +1 @@ +../image.manifest.json \ No newline at end of file diff --git a/vendor/github.com/containers/image/types/types.go b/vendor/github.com/containers/image/types/types.go new file mode 100644 index 0000000000..9fdab2314a --- /dev/null +++ b/vendor/github.com/containers/image/types/types.go @@ -0,0 +1,519 @@ +package types + +import ( + "context" + "io" + "time" + + "github.com/containers/image/docker/reference" + "github.com/opencontainers/go-digest" + "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ImageTransport is a top-level namespace for ways to to store/load an image. +// It should generally correspond to ImageSource/ImageDestination implementations. +// +// Note that ImageTransport is based on "ways the users refer to image storage", not necessarily on the underlying physical transport. +// For example, all Docker References would be used within a single "docker" transport, regardless of whether the images are pulled over HTTP or HTTPS +// (or, even, IPv4 or IPv6). +// +// OTOH all images using the same transport should (apart from versions of the image format), be interoperable. +// For example, several different ImageTransport implementations may be based on local filesystem paths, +// but using completely different formats for the contents of that path (a single tar file, a directory containing tarballs, a fully expanded container filesystem, ...) +// +// See also transports.KnownTransports. +type ImageTransport interface { + // Name returns the name of the transport, which must be unique among other transports. + Name() string + // ParseReference converts a string, which should not start with the ImageTransport.Name prefix, into an ImageReference. + ParseReference(reference string) (ImageReference, error) + // ValidatePolicyConfigurationScope checks that scope is a valid name for a signature.PolicyTransportScopes keys + // (i.e. a valid PolicyConfigurationIdentity() or PolicyConfigurationNamespaces() return value). + // It is acceptable to allow an invalid value which will never be matched, it can "only" cause user confusion. + // scope passed to this function will not be "", that value is always allowed. + ValidatePolicyConfigurationScope(scope string) error +} + +// ImageReference is an abstracted way to refer to an image location, namespaced within an ImageTransport. +// +// The object should preferably be immutable after creation, with any parsing/state-dependent resolving happening +// within an ImageTransport.ParseReference() or equivalent API creating the reference object. +// That's also why the various identification/formatting methods of this type do not support returning errors. +// +// WARNING: While this design freezes the content of the reference within this process, it can not freeze the outside +// world: paths may be replaced by symlinks elsewhere, HTTP APIs may start returning different results, and so on. +type ImageReference interface { + Transport() ImageTransport + // StringWithinTransport returns a string representation of the reference, which MUST be such that + // reference.Transport().ParseReference(reference.StringWithinTransport()) returns an equivalent reference. + // NOTE: The returned string is not promised to be equal to the original input to ParseReference; + // e.g. default attribute values omitted by the user may be filled in in the return value, or vice versa. + // WARNING: Do not use the return value in the UI to describe an image, it does not contain the Transport().Name() prefix; + // instead, see transports.ImageName(). + StringWithinTransport() string + + // DockerReference returns a Docker reference associated with this reference + // (fully explicit, i.e. !reference.IsNameOnly, but reflecting user intent, + // not e.g. after redirect or alias processing), or nil if unknown/not applicable. + DockerReference() reference.Named + + // PolicyConfigurationIdentity returns a string representation of the reference, suitable for policy lookup. + // This MUST reflect user intent, not e.g. after processing of third-party redirects or aliases; + // The value SHOULD be fully explicit about its semantics, with no hidden defaults, AND canonical + // (i.e. various references with exactly the same semantics should return the same configuration identity) + // It is fine for the return value to be equal to StringWithinTransport(), and it is desirable but + // not required/guaranteed that it will be a valid input to Transport().ParseReference(). + // Returns "" if configuration identities for these references are not supported. + PolicyConfigurationIdentity() string + + // PolicyConfigurationNamespaces returns a list of other policy configuration namespaces to search + // for if explicit configuration for PolicyConfigurationIdentity() is not set. The list will be processed + // in order, terminating on first match, and an implicit "" is always checked at the end. + // It is STRONGLY recommended for the first element, if any, to be a prefix of PolicyConfigurationIdentity(), + // and each following element to be a prefix of the element preceding it. + PolicyConfigurationNamespaces() []string + + // NewImage returns a types.ImageCloser for this reference, possibly specialized for this ImageTransport. + // The caller must call .Close() on the returned ImageCloser. + // NOTE: If any kind of signature verification should happen, build an UnparsedImage from the value returned by NewImageSource, + // verify that UnparsedImage, and convert it into a real Image via image.FromUnparsedImage. + // WARNING: This may not do the right thing for a manifest list, see image.FromSource for details. + NewImage(ctx context.Context, sys *SystemContext) (ImageCloser, error) + // NewImageSource returns a types.ImageSource for this reference. + // The caller must call .Close() on the returned ImageSource. + NewImageSource(ctx context.Context, sys *SystemContext) (ImageSource, error) + // NewImageDestination returns a types.ImageDestination for this reference. + // The caller must call .Close() on the returned ImageDestination. + NewImageDestination(ctx context.Context, sys *SystemContext) (ImageDestination, error) + + // DeleteImage deletes the named image from the registry, if supported. + DeleteImage(ctx context.Context, sys *SystemContext) error +} + +// BlobInfo collects known information about a blob (layer/config). +// In some situations, some fields may be unknown, in others they may be mandatory; documenting an “unknown” value here does not override that. +type BlobInfo struct { + Digest digest.Digest // "" if unknown. + Size int64 // -1 if unknown + URLs []string + Annotations map[string]string + MediaType string +} + +// BICTransportScope encapsulates transport-dependent representation of a “scope” where blobs are or are not present. +// BlobInfocache.RecordKnownLocations / BlobInfocache.CandidateLocations record data aboud blobs keyed by (scope, digest). +// The scope will typically be similar to an ImageReference, or a superset of it within which blobs are reusable. +// +// NOTE: The contents of this structure may be recorded in a persistent file, possibly shared across different +// tools which use different versions of the transport. Allow for reasonable backward/forward compatibility, +// at least by not failing hard when encountering unknown data. +type BICTransportScope struct { + Opaque string +} + +// BICLocationReference encapsulates transport-dependent representation of a blob location within a BICTransportScope. +// Each transport can store arbitrary data using BlobInfoCache.RecordKnownLocation, and ImageDestination.TryReusingBlob +// can look it up using BlobInfoCache.CandidateLocations. +// +// NOTE: The contents of this structure may be recorded in a persistent file, possibly shared across different +// tools which use different versions of the transport. Allow for reasonable backward/forward compatibility, +// at least by not failing hard when encountering unknown data. +type BICLocationReference struct { + Opaque string +} + +// BICReplacementCandidate is an item returned by BlobInfoCache.CandidateLocations. +type BICReplacementCandidate struct { + Digest digest.Digest + Location BICLocationReference +} + +// BlobInfoCache records data useful for reusing blobs, or substituing equivalent ones, to avoid unnecessary blob copies. +// +// It records two kinds of data: +// - Sets of corresponding digest vs. uncompressed digest ("DiffID") pairs: +// One of the two digests is known to be uncompressed, and a single uncompressed digest may correspond to more than one compressed digest. +// This allows matching compressed layer blobs to existing local uncompressed layers (to avoid unnecessary download and decompresssion), +// or uncompressed layer blobs to existing remote compressed layers (to avoid unnecessary compression and upload)/ +// +// It is allowed to record an (uncompressed digest, the same uncompressed digest) correspondence, to express that the digest is known +// to be uncompressed (i.e. that a conversion from schema1 does not have to decompress the blob to compute a DiffID value). +// +// This mapping is primarily maintained in generic copy.Image code, but transports may want to contribute more data points if they independently +// compress/decompress blobs for their own purposes. +// +// - Known blob locations, managed by individual transports: +// The transports call RecordKnownLocation when encountering a blob that could possibly be reused (typically in GetBlob/PutBlob/TryReusingBlob), +// recording transport-specific information that allows the transport to reuse the blob in the future; +// then, TryReusingBlob implementations can call CandidateLocations to look up previously recorded blob locations that could be reused. +// +// Each transport defines its own “scopes” within which blob reuse is possible (e.g. in, the docker/distribution case, blobs +// can be directly reused within a registry, or mounted across registries within a registry server.) +// +// None of the methods return an error indication: errors when neither reading from, nor writing to, the cache, should be fatal; +// users of the cahce should just fall back to copying the blobs the usual way. +type BlobInfoCache interface { + // UncompressedDigest returns an uncompressed digest corresponding to anyDigest. + // May return anyDigest if it is known to be uncompressed. + // Returns "" if nothing is known about the digest (it may be compressed or uncompressed). + UncompressedDigest(anyDigest digest.Digest) digest.Digest + // RecordDigestUncompressedPair records that the uncompressed version of anyDigest is uncompressed. + // It’s allowed for anyDigest == uncompressed. + // WARNING: Only call this for LOCALLY VERIFIED data; don’t record a digest pair just because some remote author claims so (e.g. + // because a manifest/config pair exists); otherwise the cache could be poisoned and allow substituting unexpected blobs. + // (Eventually, the DiffIDs in image config could detect the substitution, but that may be too late, and not all image formats contain that data.) + RecordDigestUncompressedPair(anyDigest digest.Digest, uncompressed digest.Digest) + + // RecordKnownLocation records that a blob with the specified digest exists within the specified (transport, scope) scope, + // and can be reused given the opaque location data. + RecordKnownLocation(transport ImageTransport, scope BICTransportScope, digest digest.Digest, location BICLocationReference) + // CandidateLocations returns a prioritized, limited, number of blobs and their locations that could possibly be reused + // within the specified (transport scope) (if they still exist, which is not guaranteed). + // + // If !canSubstitute, the returned cadidates will match the submitted digest exactly; if canSubstitute, + // data from previous RecordDigestUncompressedPair calls is used to also look up variants of the blob which have the same + // uncompressed digest. + CandidateLocations(transport ImageTransport, scope BICTransportScope, digest digest.Digest, canSubstitute bool) []BICReplacementCandidate +} + +// ImageSource is a service, possibly remote (= slow), to download components of a single image or a named image set (manifest list). +// This is primarily useful for copying images around; for examining their properties, Image (below) +// is usually more useful. +// Each ImageSource should eventually be closed by calling Close(). +// +// WARNING: Various methods which return an object identified by digest generally do not +// validate that the returned data actually matches that digest; this is the caller’s responsibility. +type ImageSource interface { + // Reference returns the reference used to set up this source, _as specified by the user_ + // (not as the image itself, or its underlying storage, claims). This can be used e.g. to determine which public keys are trusted for this image. + Reference() ImageReference + // Close removes resources associated with an initialized ImageSource, if any. + Close() error + // GetManifest returns the image's manifest along with its MIME type (which may be empty when it can't be determined but the manifest is available). + // It may use a remote (= slow) service. + // If instanceDigest is not nil, it contains a digest of the specific manifest instance to retrieve (when the primary manifest is a manifest list); + // this never happens if the primary manifest is not a manifest list (e.g. if the source never returns manifest lists). + GetManifest(ctx context.Context, instanceDigest *digest.Digest) ([]byte, string, error) + // GetBlob returns a stream for the specified blob, and the blob’s size (or -1 if unknown). + // The Digest field in BlobInfo is guaranteed to be provided, Size may be -1 and MediaType may be optionally provided. + // May update BlobInfoCache, preferably after it knows for certain that a blob truly exists at a specific location. + GetBlob(context.Context, BlobInfo, BlobInfoCache) (io.ReadCloser, int64, error) + // HasThreadSafeGetBlob indicates whether GetBlob can be executed concurrently. + HasThreadSafeGetBlob() bool + // GetSignatures returns the image's signatures. It may use a remote (= slow) service. + // If instanceDigest is not nil, it contains a digest of the specific manifest instance to retrieve signatures for + // (when the primary manifest is a manifest list); this never happens if the primary manifest is not a manifest list + // (e.g. if the source never returns manifest lists). + GetSignatures(ctx context.Context, instanceDigest *digest.Digest) ([][]byte, error) + // LayerInfosForCopy returns either nil (meaning the values in the manifest are fine), or updated values for the layer blobsums that are listed in the image's manifest. + // The Digest field is guaranteed to be provided; Size may be -1. + // WARNING: The list may contain duplicates, and they are semantically relevant. + LayerInfosForCopy(ctx context.Context) ([]BlobInfo, error) +} + +// LayerCompression indicates if layers must be compressed, decompressed or preserved +type LayerCompression int + +const ( + // PreserveOriginal indicates the layer must be preserved, ie + // no compression or decompression. + PreserveOriginal LayerCompression = iota + // Decompress indicates the layer must be decompressed + Decompress + // Compress indicates the layer must be compressed + Compress +) + +// ImageDestination is a service, possibly remote (= slow), to store components of a single image. +// +// There is a specific required order for some of the calls: +// TryReusingBlob/PutBlob on the various blobs, if any, MUST be called before PutManifest (manifest references blobs, which may be created or compressed only at push time) +// PutSignatures, if called, MUST be called after PutManifest (signatures reference manifest contents) +// Finally, Commit MUST be called if the caller wants the image, as formed by the components saved above, to persist. +// +// Each ImageDestination should eventually be closed by calling Close(). +type ImageDestination interface { + // Reference returns the reference used to set up this destination. Note that this should directly correspond to user's intent, + // e.g. it should use the public hostname instead of the result of resolving CNAMEs or following redirects. + Reference() ImageReference + // Close removes resources associated with an initialized ImageDestination, if any. + Close() error + + // SupportedManifestMIMETypes tells which manifest mime types the destination supports + // If an empty slice or nil it's returned, then any mime type can be tried to upload + SupportedManifestMIMETypes() []string + // SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures. + // Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil. + SupportsSignatures(ctx context.Context) error + // DesiredLayerCompression indicates the kind of compression to apply on layers + DesiredLayerCompression() LayerCompression + // AcceptsForeignLayerURLs returns false iff foreign layers in manifest should be actually + // uploaded to the image destination, true otherwise. + AcceptsForeignLayerURLs() bool + // MustMatchRuntimeOS returns true iff the destination can store only images targeted for the current runtime OS. False otherwise. + MustMatchRuntimeOS() bool + // IgnoresEmbeddedDockerReference() returns true iff the destination does not care about Image.EmbeddedDockerReferenceConflicts(), + // and would prefer to receive an unmodified manifest instead of one modified for the destination. + // Does not make a difference if Reference().DockerReference() is nil. + IgnoresEmbeddedDockerReference() bool + + // PutBlob writes contents of stream and returns data representing the result. + // inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it. + // inputInfo.Size is the expected length of stream, if known. + // inputInfo.MediaType describes the blob format, if known. + // May update cache. + // WARNING: The contents of stream are being verified on the fly. Until stream.Read() returns io.EOF, the contents of the data SHOULD NOT be available + // to any other readers for download using the supplied digest. + // If stream.Read() at any time, ESPECIALLY at end of input, returns an error, PutBlob MUST 1) fail, and 2) delete any data stored so far. + PutBlob(ctx context.Context, stream io.Reader, inputInfo BlobInfo, cache BlobInfoCache, isConfig bool) (BlobInfo, error) + // HasThreadSafePutBlob indicates whether PutBlob can be executed concurrently. + HasThreadSafePutBlob() bool + // TryReusingBlob checks whether the transport already contains, or can efficiently reuse, a blob, and if so, applies it to the current destination + // (e.g. if the blob is a filesystem layer, this signifies that the changes it describes need to be applied again when composing a filesystem tree). + // info.Digest must not be empty. + // If canSubstitute, TryReusingBlob can use an equivalent equivalent of the desired blob; in that case the returned info may not match the input. + // If the blob has been succesfully reused, returns (true, info, nil); info must contain at least a digest and size. + // If the transport can not reuse the requested blob, TryReusingBlob returns (false, {}, nil); it returns a non-nil error only on an unexpected failure. + // May use and/or update cache. + TryReusingBlob(ctx context.Context, info BlobInfo, cache BlobInfoCache, canSubstitute bool) (bool, BlobInfo, error) + // PutManifest writes manifest to the destination. + // FIXME? This should also receive a MIME type if known, to differentiate between schema versions. + // If the destination is in principle available, refuses this manifest type (e.g. it does not recognize the schema), + // but may accept a different manifest type, the returned error must be an ManifestTypeRejectedError. + PutManifest(ctx context.Context, manifest []byte) error + PutSignatures(ctx context.Context, signatures [][]byte) error + // Commit marks the process of storing the image as successful and asks for the image to be persisted. + // WARNING: This does not have any transactional semantics: + // - Uploaded data MAY be visible to others before Commit() is called + // - Uploaded data MAY be removed or MAY remain around if Close() is called without Commit() (i.e. rollback is allowed but not guaranteed) + Commit(ctx context.Context) error +} + +// ManifestTypeRejectedError is returned by ImageDestination.PutManifest if the destination is in principle available, +// refuses specifically this manifest type, but may accept a different manifest type. +type ManifestTypeRejectedError struct { // We only use a struct to allow a type assertion, without limiting the contents of the error otherwise. + Err error +} + +func (e ManifestTypeRejectedError) Error() string { + return e.Err.Error() +} + +// UnparsedImage is an Image-to-be; until it is verified and accepted, it only caries its identity and caches manifest and signature blobs. +// Thus, an UnparsedImage can be created from an ImageSource simply by fetching blobs without interpreting them, +// allowing cryptographic signature verification to happen first, before even fetching the manifest, or parsing anything else. +// This also makes the UnparsedImage→Image conversion an explicitly visible step. +// +// An UnparsedImage is a pair of (ImageSource, instance digest); it can represent either a manifest list or a single image instance. +// +// The UnparsedImage must not be used after the underlying ImageSource is Close()d. +type UnparsedImage interface { + // Reference returns the reference used to set up this source, _as specified by the user_ + // (not as the image itself, or its underlying storage, claims). This can be used e.g. to determine which public keys are trusted for this image. + Reference() ImageReference + // Manifest is like ImageSource.GetManifest, but the result is cached; it is OK to call this however often you need. + Manifest(ctx context.Context) ([]byte, string, error) + // Signatures is like ImageSource.GetSignatures, but the result is cached; it is OK to call this however often you need. + Signatures(ctx context.Context) ([][]byte, error) +} + +// Image is the primary API for inspecting properties of images. +// An Image is based on a pair of (ImageSource, instance digest); it can represent either a manifest list or a single image instance. +// +// The Image must not be used after the underlying ImageSource is Close()d. +type Image interface { + // Note that Reference may return nil in the return value of UpdatedImage! + UnparsedImage + // ConfigInfo returns a complete BlobInfo for the separate config object, or a BlobInfo{Digest:""} if there isn't a separate object. + // Note that the config object may not exist in the underlying storage in the return value of UpdatedImage! Use ConfigBlob() below. + ConfigInfo() BlobInfo + // ConfigBlob returns the blob described by ConfigInfo, if ConfigInfo().Digest != ""; nil otherwise. + // The result is cached; it is OK to call this however often you need. + ConfigBlob(context.Context) ([]byte, error) + // OCIConfig returns the image configuration as per OCI v1 image-spec. Information about + // layers in the resulting configuration isn't guaranteed to be returned to due how + // old image manifests work (docker v2s1 especially). + OCIConfig(context.Context) (*v1.Image, error) + // LayerInfos returns a list of BlobInfos of layers referenced by this image, in order (the root layer first, and then successive layered layers). + // The Digest field is guaranteed to be provided, Size may be -1 and MediaType may be optionally provided. + // WARNING: The list may contain duplicates, and they are semantically relevant. + LayerInfos() []BlobInfo + // LayerInfosForCopy returns either nil (meaning the values in the manifest are fine), or updated values for the layer blobsums that are listed in the image's manifest. + // The Digest field is guaranteed to be provided, Size may be -1 and MediaType may be optionally provided. + // WARNING: The list may contain duplicates, and they are semantically relevant. + LayerInfosForCopy(context.Context) ([]BlobInfo, error) + // EmbeddedDockerReferenceConflicts whether a Docker reference embedded in the manifest, if any, conflicts with destination ref. + // It returns false if the manifest does not embed a Docker reference. + // (This embedding unfortunately happens for Docker schema1, please do not add support for this in any new formats.) + EmbeddedDockerReferenceConflicts(ref reference.Named) bool + // Inspect returns various information for (skopeo inspect) parsed from the manifest and configuration. + Inspect(context.Context) (*ImageInspectInfo, error) + // UpdatedImageNeedsLayerDiffIDs returns true iff UpdatedImage(options) needs InformationOnly.LayerDiffIDs. + // This is a horribly specific interface, but computing InformationOnly.LayerDiffIDs can be very expensive to compute + // (most importantly it forces us to download the full layers even if they are already present at the destination). + UpdatedImageNeedsLayerDiffIDs(options ManifestUpdateOptions) bool + // UpdatedImage returns a types.Image modified according to options. + // Everything in options.InformationOnly should be provided, other fields should be set only if a modification is desired. + // This does not change the state of the original Image object. + UpdatedImage(ctx context.Context, options ManifestUpdateOptions) (Image, error) + // Size returns an approximation of the amount of disk space which is consumed by the image in its current + // location. If the size is not known, -1 will be returned. + Size() (int64, error) +} + +// ImageCloser is an Image with a Close() method which must be called by the user. +// This is returned by ImageReference.NewImage, which transparently instantiates a types.ImageSource, +// to ensure that the ImageSource is closed. +type ImageCloser interface { + Image + // Close removes resources associated with an initialized ImageCloser. + Close() error +} + +// ManifestUpdateOptions is a way to pass named optional arguments to Image.UpdatedManifest +type ManifestUpdateOptions struct { + LayerInfos []BlobInfo // Complete BlobInfos (size+digest+urls+annotations) which should replace the originals, in order (the root layer first, and then successive layered layers). BlobInfos' MediaType fields are ignored. + EmbeddedDockerReference reference.Named + ManifestMIMEType string + // The values below are NOT requests to modify the image; they provide optional context which may or may not be used. + InformationOnly ManifestUpdateInformation +} + +// ManifestUpdateInformation is a component of ManifestUpdateOptions, named here +// only to make writing struct literals possible. +type ManifestUpdateInformation struct { + Destination ImageDestination // and yes, UpdatedManifest may write to Destination (see the schema2 → schema1 conversion logic in image/docker_schema2.go) + LayerInfos []BlobInfo // Complete BlobInfos (size+digest) which have been uploaded, in order (the root layer first, and then successive layered layers) + LayerDiffIDs []digest.Digest // Digest values for the _uncompressed_ contents of the blobs which have been uploaded, in the same order. +} + +// ImageInspectInfo is a set of metadata describing Docker images, primarily their manifest and configuration. +// The Tag field is a legacy field which is here just for the Docker v2s1 manifest. It won't be supported +// for other manifest types. +type ImageInspectInfo struct { + Tag string + Created *time.Time + DockerVersion string + Labels map[string]string + Architecture string + Os string + Layers []string +} + +// DockerAuthConfig contains authorization information for connecting to a registry. +type DockerAuthConfig struct { + Username string + Password string +} + +// OptionalBool is a boolean with an additional undefined value, which is meant +// to be used in the context of user input to distinguish between a +// user-specified value and a default value. +type OptionalBool byte + +const ( + // OptionalBoolUndefined indicates that the OptionalBoolean hasn't been written. + OptionalBoolUndefined OptionalBool = iota + // OptionalBoolTrue represents the boolean true. + OptionalBoolTrue + // OptionalBoolFalse represents the boolean false. + OptionalBoolFalse +) + +// NewOptionalBool converts the input bool into either OptionalBoolTrue or +// OptionalBoolFalse. The function is meant to avoid boilerplate code of users. +func NewOptionalBool(b bool) OptionalBool { + o := OptionalBoolFalse + if b == true { + o = OptionalBoolTrue + } + return o +} + +// SystemContext allows parameterizing access to implicitly-accessed resources, +// like configuration files in /etc and users' login state in their home directory. +// Various components can share the same field only if their semantics is exactly +// the same; if in doubt, add a new field. +// It is always OK to pass nil instead of a SystemContext. +type SystemContext struct { + // If not "", prefixed to any absolute paths used by default by the library (e.g. in /etc/). + // Not used for any of the more specific path overrides available in this struct. + // Not used for any paths specified by users in config files (even if the location of the config file _was_ affected by it). + // NOTE: If this is set, environment-variable overrides of paths are ignored (to keep the semantics simple: to create an /etc replacement, just set RootForImplicitAbsolutePaths . + // and there is no need to worry about the environment.) + // NOTE: This does NOT affect paths starting by $HOME. + RootForImplicitAbsolutePaths string + + // === Global configuration overrides === + // If not "", overrides the system's default path for signature.Policy configuration. + SignaturePolicyPath string + // If not "", overrides the system's default path for registries.d (Docker signature storage configuration) + RegistriesDirPath string + // Path to the system-wide registries configuration file + SystemRegistriesConfPath string + // If not "", overrides the default path for the authentication file + AuthFilePath string + // If not "", overrides the use of platform.GOARCH when choosing an image or verifying architecture match. + ArchitectureChoice string + // If not "", overrides the use of platform.GOOS when choosing an image or verifying OS match. + OSChoice string + // If not "", overrides the system's default directory containing a blob info cache. + BlobInfoCacheDir string + + // Additional tags when creating or copying a docker-archive. + DockerArchiveAdditionalTags []reference.NamedTagged + + // === OCI.Transport overrides === + // If not "", a directory containing a CA certificate (ending with ".crt"), + // a client certificate (ending with ".cert") and a client ceritificate key + // (ending with ".key") used when downloading OCI image layers. + OCICertPath string + // Allow downloading OCI image layers over HTTP, or HTTPS with failed TLS verification. Note that this does not affect other TLS connections. + OCIInsecureSkipTLSVerify bool + // If not "", use a shared directory for storing blobs rather than within OCI layouts + OCISharedBlobDirPath string + // Allow UnCompress image layer for OCI image layer + OCIAcceptUncompressedLayers bool + + // === docker.Transport overrides === + // If not "", a directory containing a CA certificate (ending with ".crt"), + // a client certificate (ending with ".cert") and a client ceritificate key + // (ending with ".key") used when talking to a Docker Registry. + DockerCertPath string + // If not "", overrides the system’s default path for a directory containing host[:port] subdirectories with the same structure as DockerCertPath above. + // Ignored if DockerCertPath is non-empty. + DockerPerHostCertDirPath string + // Allow contacting docker registries over HTTP, or HTTPS with failed TLS verification. Note that this does not affect other TLS connections. + DockerInsecureSkipTLSVerify OptionalBool + // if nil, the library tries to parse ~/.docker/config.json to retrieve credentials + DockerAuthConfig *DockerAuthConfig + // if not "", an User-Agent header is added to each request when contacting a registry. + DockerRegistryUserAgent string + // if true, a V1 ping attempt isn't done to give users a better error. Default is false. + // Note that this field is used mainly to integrate containers/image into projectatomic/docker + // in order to not break any existing docker's integration tests. + DockerDisableV1Ping bool + // Directory to use for OSTree temporary files + OSTreeTmpDirPath string + + // === docker/daemon.Transport overrides === + // A directory containing a CA certificate (ending with ".crt"), + // a client certificate (ending with ".cert") and a client certificate key + // (ending with ".key") used when talking to a Docker daemon. + DockerDaemonCertPath string + // The hostname or IP to the Docker daemon. If not set (aka ""), client.DefaultDockerHost is assumed. + DockerDaemonHost string + // Used to skip TLS verification, off by default. To take effect DockerDaemonCertPath needs to be specified as well. + DockerDaemonInsecureSkipTLSVerify bool + + // === dir.Transport overrides === + // DirForceCompress compresses the image layers if set to true + DirForceCompress bool +} + +// ProgressProperties is used to pass information from the copy code to a monitor which +// can use the real-time information to produce output or react to changes. +type ProgressProperties struct { + Artifact BlobInfo + Offset uint64 +} diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE.code b/vendor/github.com/opencontainers/go-digest/LICENSE.code new file mode 100644 index 0000000000..0ea3ff81e3 --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/LICENSE.code @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2016 Docker, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE.docs b/vendor/github.com/opencontainers/go-digest/LICENSE.docs new file mode 100644 index 0000000000..e26cd4fc8e --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/LICENSE.docs @@ -0,0 +1,425 @@ +Attribution-ShareAlike 4.0 International + +======================================================================= + +Creative Commons Corporation ("Creative Commons") is not a law firm and +does not provide legal services or legal advice. Distribution of +Creative Commons public licenses does not create a lawyer-client or +other relationship. Creative Commons makes its licenses and related +information available on an "as-is" basis. Creative Commons gives no +warranties regarding its licenses, any material licensed under their +terms and conditions, or any related information. Creative Commons +disclaims all liability for damages resulting from their use to the +fullest extent possible. + +Using Creative Commons Public Licenses + +Creative Commons public licenses provide a standard set of terms and +conditions that creators and other rights holders may use to share +original works of authorship and other material subject to copyright +and certain other rights specified in the public license below. The +following considerations are for informational purposes only, are not +exhaustive, and do not form part of our licenses. + + Considerations for licensors: Our public licenses are + intended for use by those authorized to give the public + permission to use material in ways otherwise restricted by + copyright and certain other rights. Our licenses are + irrevocable. Licensors should read and understand the terms + and conditions of the license they choose before applying it. + Licensors should also secure all rights necessary before + applying our licenses so that the public can reuse the + material as expected. Licensors should clearly mark any + material not subject to the license. This includes other CC- + licensed material, or material used under an exception or + limitation to copyright. More considerations for licensors: + wiki.creativecommons.org/Considerations_for_licensors + + Considerations for the public: By using one of our public + licenses, a licensor grants the public permission to use the + licensed material under specified terms and conditions. If + the licensor's permission is not necessary for any reason--for + example, because of any applicable exception or limitation to + copyright--then that use is not regulated by the license. Our + licenses grant only permissions under copyright and certain + other rights that a licensor has authority to grant. Use of + the licensed material may still be restricted for other + reasons, including because others have copyright or other + rights in the material. A licensor may make special requests, + such as asking that all changes be marked or described. + Although not required by our licenses, you are encouraged to + respect those requests where reasonable. More_considerations + for the public: + wiki.creativecommons.org/Considerations_for_licensees + +======================================================================= + +Creative Commons Attribution-ShareAlike 4.0 International Public +License + +By exercising the Licensed Rights (defined below), You accept and agree +to be bound by the terms and conditions of this Creative Commons +Attribution-ShareAlike 4.0 International Public License ("Public +License"). To the extent this Public License may be interpreted as a +contract, You are granted the Licensed Rights in consideration of Your +acceptance of these terms and conditions, and the Licensor grants You +such rights in consideration of benefits the Licensor receives from +making the Licensed Material available under these terms and +conditions. + + +Section 1 -- Definitions. + + a. Adapted Material means material subject to Copyright and Similar + Rights that is derived from or based upon the Licensed Material + and in which the Licensed Material is translated, altered, + arranged, transformed, or otherwise modified in a manner requiring + permission under the Copyright and Similar Rights held by the + Licensor. For purposes of this Public License, where the Licensed + Material is a musical work, performance, or sound recording, + Adapted Material is always produced where the Licensed Material is + synched in timed relation with a moving image. + + b. Adapter's License means the license You apply to Your Copyright + and Similar Rights in Your contributions to Adapted Material in + accordance with the terms and conditions of this Public License. + + c. BY-SA Compatible License means a license listed at + creativecommons.org/compatiblelicenses, approved by Creative + Commons as essentially the equivalent of this Public License. + + d. Copyright and Similar Rights means copyright and/or similar rights + closely related to copyright including, without limitation, + performance, broadcast, sound recording, and Sui Generis Database + Rights, without regard to how the rights are labeled or + categorized. For purposes of this Public License, the rights + specified in Section 2(b)(1)-(2) are not Copyright and Similar + Rights. + + e. Effective Technological Measures means those measures that, in the + absence of proper authority, may not be circumvented under laws + fulfilling obligations under Article 11 of the WIPO Copyright + Treaty adopted on December 20, 1996, and/or similar international + agreements. + + f. Exceptions and Limitations means fair use, fair dealing, and/or + any other exception or limitation to Copyright and Similar Rights + that applies to Your use of the Licensed Material. + + g. License Elements means the license attributes listed in the name + of a Creative Commons Public License. The License Elements of this + Public License are Attribution and ShareAlike. + + h. Licensed Material means the artistic or literary work, database, + or other material to which the Licensor applied this Public + License. + + i. Licensed Rights means the rights granted to You subject to the + terms and conditions of this Public License, which are limited to + all Copyright and Similar Rights that apply to Your use of the + Licensed Material and that the Licensor has authority to license. + + j. Licensor means the individual(s) or entity(ies) granting rights + under this Public License. + + k. Share means to provide material to the public by any means or + process that requires permission under the Licensed Rights, such + as reproduction, public display, public performance, distribution, + dissemination, communication, or importation, and to make material + available to the public including in ways that members of the + public may access the material from a place and at a time + individually chosen by them. + + l. Sui Generis Database Rights means rights other than copyright + resulting from Directive 96/9/EC of the European Parliament and of + the Council of 11 March 1996 on the legal protection of databases, + as amended and/or succeeded, as well as other essentially + equivalent rights anywhere in the world. + + m. You means the individual or entity exercising the Licensed Rights + under this Public License. Your has a corresponding meaning. + + +Section 2 -- Scope. + + a. License grant. + + 1. Subject to the terms and conditions of this Public License, + the Licensor hereby grants You a worldwide, royalty-free, + non-sublicensable, non-exclusive, irrevocable license to + exercise the Licensed Rights in the Licensed Material to: + + a. reproduce and Share the Licensed Material, in whole or + in part; and + + b. produce, reproduce, and Share Adapted Material. + + 2. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public + License does not apply, and You do not need to comply with + its terms and conditions. + + 3. Term. The term of this Public License is specified in Section + 6(a). + + 4. Media and formats; technical modifications allowed. The + Licensor authorizes You to exercise the Licensed Rights in + all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The + Licensor waives and/or agrees not to assert any right or + authority to forbid You from making technical modifications + necessary to exercise the Licensed Rights, including + technical modifications necessary to circumvent Effective + Technological Measures. For purposes of this Public License, + simply making modifications authorized by this Section 2(a) + (4) never produces Adapted Material. + + 5. Downstream recipients. + + a. Offer from the Licensor -- Licensed Material. Every + recipient of the Licensed Material automatically + receives an offer from the Licensor to exercise the + Licensed Rights under the terms and conditions of this + Public License. + + b. Additional offer from the Licensor -- Adapted Material. + Every recipient of Adapted Material from You + automatically receives an offer from the Licensor to + exercise the Licensed Rights in the Adapted Material + under the conditions of the Adapter's License You apply. + + c. No downstream restrictions. You may not offer or impose + any additional or different terms or conditions on, or + apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the + Licensed Rights by any recipient of the Licensed + Material. + + 6. No endorsement. Nothing in this Public License constitutes or + may be construed as permission to assert or imply that You + are, or that Your use of the Licensed Material is, connected + with, or sponsored, endorsed, or granted official status by, + the Licensor or others designated to receive attribution as + provided in Section 3(a)(1)(A)(i). + + b. Other rights. + + 1. Moral rights, such as the right of integrity, are not + licensed under this Public License, nor are publicity, + privacy, and/or other similar personality rights; however, to + the extent possible, the Licensor waives and/or agrees not to + assert any such rights held by the Licensor to the limited + extent necessary to allow You to exercise the Licensed + Rights, but not otherwise. + + 2. Patent and trademark rights are not licensed under this + Public License. + + 3. To the extent possible, the Licensor waives any right to + collect royalties from You for the exercise of the Licensed + Rights, whether directly or through a collecting society + under any voluntary or waivable statutory or compulsory + licensing scheme. In all other cases the Licensor expressly + reserves any right to collect such royalties. + + +Section 3 -- License Conditions. + +Your exercise of the Licensed Rights is expressly made subject to the +following conditions. + + a. Attribution. + + 1. If You Share the Licensed Material (including in modified + form), You must: + + a. retain the following if it is supplied by the Licensor + with the Licensed Material: + + i. identification of the creator(s) of the Licensed + Material and any others designated to receive + attribution, in any reasonable manner requested by + the Licensor (including by pseudonym if + designated); + + ii. a copyright notice; + + iii. a notice that refers to this Public License; + + iv. a notice that refers to the disclaimer of + warranties; + + v. a URI or hyperlink to the Licensed Material to the + extent reasonably practicable; + + b. indicate if You modified the Licensed Material and + retain an indication of any previous modifications; and + + c. indicate the Licensed Material is licensed under this + Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + 2. You may satisfy the conditions in Section 3(a)(1) in any + reasonable manner based on the medium, means, and context in + which You Share the Licensed Material. For example, it may be + reasonable to satisfy the conditions by providing a URI or + hyperlink to a resource that includes the required + information. + + 3. If requested by the Licensor, You must remove any of the + information required by Section 3(a)(1)(A) to the extent + reasonably practicable. + + b. ShareAlike. + + In addition to the conditions in Section 3(a), if You Share + Adapted Material You produce, the following conditions also apply. + + 1. The Adapter's License You apply must be a Creative Commons + license with the same License Elements, this version or + later, or a BY-SA Compatible License. + + 2. You must include the text of, or the URI or hyperlink to, the + Adapter's License You apply. You may satisfy this condition + in any reasonable manner based on the medium, means, and + context in which You Share Adapted Material. + + 3. You may not offer or impose any additional or different terms + or conditions on, or apply any Effective Technological + Measures to, Adapted Material that restrict exercise of the + rights granted under the Adapter's License You apply. + + +Section 4 -- Sui Generis Database Rights. + +Where the Licensed Rights include Sui Generis Database Rights that +apply to Your use of the Licensed Material: + + a. for the avoidance of doubt, Section 2(a)(1) grants You the right + to extract, reuse, reproduce, and Share all or a substantial + portion of the contents of the database; + + b. if You include all or a substantial portion of the database + contents in a database in which You have Sui Generis Database + Rights, then the database in which You have Sui Generis Database + Rights (but not its individual contents) is Adapted Material, + + including for purposes of Section 3(b); and + c. You must comply with the conditions in Section 3(a) if You Share + all or a substantial portion of the contents of the database. + +For the avoidance of doubt, this Section 4 supplements and does not +replace Your obligations under this Public License where the Licensed +Rights include other Copyright and Similar Rights. + + +Section 5 -- Disclaimer of Warranties and Limitation of Liability. + + a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE + EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS + AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF + ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, + IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, + WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR + PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, + ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT + KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT + ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. + + b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE + TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, + NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, + INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, + COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR + USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN + ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR + DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR + IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. + + c. The disclaimer of warranties and limitation of liability provided + above shall be interpreted in a manner that, to the extent + possible, most closely approximates an absolute disclaimer and + waiver of all liability. + + +Section 6 -- Term and Termination. + + a. This Public License applies for the term of the Copyright and + Similar Rights licensed here. However, if You fail to comply with + this Public License, then Your rights under this Public License + terminate automatically. + + b. Where Your right to use the Licensed Material has terminated under + Section 6(a), it reinstates: + + 1. automatically as of the date the violation is cured, provided + it is cured within 30 days of Your discovery of the + violation; or + + 2. upon express reinstatement by the Licensor. + + For the avoidance of doubt, this Section 6(b) does not affect any + right the Licensor may have to seek remedies for Your violations + of this Public License. + + c. For the avoidance of doubt, the Licensor may also offer the + Licensed Material under separate terms or conditions or stop + distributing the Licensed Material at any time; however, doing so + will not terminate this Public License. + + d. Sections 1, 5, 6, 7, and 8 survive termination of this Public + License. + + +Section 7 -- Other Terms and Conditions. + + a. The Licensor shall not be bound by any additional or different + terms or conditions communicated by You unless expressly agreed. + + b. Any arrangements, understandings, or agreements regarding the + Licensed Material not stated herein are separate from and + independent of the terms and conditions of this Public License. + + +Section 8 -- Interpretation. + + a. For the avoidance of doubt, this Public License does not, and + shall not be interpreted to, reduce, limit, restrict, or impose + conditions on any use of the Licensed Material that could lawfully + be made without permission under this Public License. + + b. To the extent possible, if any provision of this Public License is + deemed unenforceable, it shall be automatically reformed to the + minimum extent necessary to make it enforceable. If the provision + cannot be reformed, it shall be severed from this Public License + without affecting the enforceability of the remaining terms and + conditions. + + c. No term or condition of this Public License will be waived and no + failure to comply consented to unless expressly agreed to by the + Licensor. + + d. Nothing in this Public License constitutes or may be interpreted + as a limitation upon, or waiver of, any privileges and immunities + that apply to the Licensor or You, including from the legal + processes of any jurisdiction or authority. + + +======================================================================= + +Creative Commons is not a party to its public licenses. +Notwithstanding, Creative Commons may elect to apply one of its public +licenses to material it publishes and in those instances will be +considered the "Licensor." Except for the limited purpose of indicating +that material is shared under a Creative Commons public license or as +otherwise permitted by the Creative Commons policies published at +creativecommons.org/policies, Creative Commons does not authorize the +use of the trademark "Creative Commons" or any other trademark or logo +of Creative Commons without its prior written consent including, +without limitation, in connection with any unauthorized modifications +to any of its public licenses or any other arrangements, +understandings, or agreements concerning use of licensed material. For +the avoidance of doubt, this paragraph does not form part of the public +licenses. + +Creative Commons may be contacted at creativecommons.org. diff --git a/vendor/github.com/opencontainers/go-digest/algorithm.go b/vendor/github.com/opencontainers/go-digest/algorithm.go new file mode 100644 index 0000000000..8813bd26f1 --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/algorithm.go @@ -0,0 +1,192 @@ +// Copyright 2017 Docker, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package digest + +import ( + "crypto" + "fmt" + "hash" + "io" + "regexp" +) + +// Algorithm identifies and implementation of a digester by an identifier. +// Note the that this defines both the hash algorithm used and the string +// encoding. +type Algorithm string + +// supported digest types +const ( + SHA256 Algorithm = "sha256" // sha256 with hex encoding (lower case only) + SHA384 Algorithm = "sha384" // sha384 with hex encoding (lower case only) + SHA512 Algorithm = "sha512" // sha512 with hex encoding (lower case only) + + // Canonical is the primary digest algorithm used with the distribution + // project. Other digests may be used but this one is the primary storage + // digest. + Canonical = SHA256 +) + +var ( + // TODO(stevvooe): Follow the pattern of the standard crypto package for + // registration of digests. Effectively, we are a registerable set and + // common symbol access. + + // algorithms maps values to hash.Hash implementations. Other algorithms + // may be available but they cannot be calculated by the digest package. + algorithms = map[Algorithm]crypto.Hash{ + SHA256: crypto.SHA256, + SHA384: crypto.SHA384, + SHA512: crypto.SHA512, + } + + // anchoredEncodedRegexps contains anchored regular expressions for hex-encoded digests. + // Note that /A-F/ disallowed. + anchoredEncodedRegexps = map[Algorithm]*regexp.Regexp{ + SHA256: regexp.MustCompile(`^[a-f0-9]{64}$`), + SHA384: regexp.MustCompile(`^[a-f0-9]{96}$`), + SHA512: regexp.MustCompile(`^[a-f0-9]{128}$`), + } +) + +// Available returns true if the digest type is available for use. If this +// returns false, Digester and Hash will return nil. +func (a Algorithm) Available() bool { + h, ok := algorithms[a] + if !ok { + return false + } + + // check availability of the hash, as well + return h.Available() +} + +func (a Algorithm) String() string { + return string(a) +} + +// Size returns number of bytes returned by the hash. +func (a Algorithm) Size() int { + h, ok := algorithms[a] + if !ok { + return 0 + } + return h.Size() +} + +// Set implemented to allow use of Algorithm as a command line flag. +func (a *Algorithm) Set(value string) error { + if value == "" { + *a = Canonical + } else { + // just do a type conversion, support is queried with Available. + *a = Algorithm(value) + } + + if !a.Available() { + return ErrDigestUnsupported + } + + return nil +} + +// Digester returns a new digester for the specified algorithm. If the algorithm +// does not have a digester implementation, nil will be returned. This can be +// checked by calling Available before calling Digester. +func (a Algorithm) Digester() Digester { + return &digester{ + alg: a, + hash: a.Hash(), + } +} + +// Hash returns a new hash as used by the algorithm. If not available, the +// method will panic. Check Algorithm.Available() before calling. +func (a Algorithm) Hash() hash.Hash { + if !a.Available() { + // Empty algorithm string is invalid + if a == "" { + panic(fmt.Sprintf("empty digest algorithm, validate before calling Algorithm.Hash()")) + } + + // NOTE(stevvooe): A missing hash is usually a programming error that + // must be resolved at compile time. We don't import in the digest + // package to allow users to choose their hash implementation (such as + // when using stevvooe/resumable or a hardware accelerated package). + // + // Applications that may want to resolve the hash at runtime should + // call Algorithm.Available before call Algorithm.Hash(). + panic(fmt.Sprintf("%v not available (make sure it is imported)", a)) + } + + return algorithms[a].New() +} + +// Encode encodes the raw bytes of a digest, typically from a hash.Hash, into +// the encoded portion of the digest. +func (a Algorithm) Encode(d []byte) string { + // TODO(stevvooe): Currently, all algorithms use a hex encoding. When we + // add support for back registration, we can modify this accordingly. + return fmt.Sprintf("%x", d) +} + +// FromReader returns the digest of the reader using the algorithm. +func (a Algorithm) FromReader(rd io.Reader) (Digest, error) { + digester := a.Digester() + + if _, err := io.Copy(digester.Hash(), rd); err != nil { + return "", err + } + + return digester.Digest(), nil +} + +// FromBytes digests the input and returns a Digest. +func (a Algorithm) FromBytes(p []byte) Digest { + digester := a.Digester() + + if _, err := digester.Hash().Write(p); err != nil { + // Writes to a Hash should never fail. None of the existing + // hash implementations in the stdlib or hashes vendored + // here can return errors from Write. Having a panic in this + // condition instead of having FromBytes return an error value + // avoids unnecessary error handling paths in all callers. + panic("write to hash function returned error: " + err.Error()) + } + + return digester.Digest() +} + +// FromString digests the string input and returns a Digest. +func (a Algorithm) FromString(s string) Digest { + return a.FromBytes([]byte(s)) +} + +// Validate validates the encoded portion string +func (a Algorithm) Validate(encoded string) error { + r, ok := anchoredEncodedRegexps[a] + if !ok { + return ErrDigestUnsupported + } + // Digests much always be hex-encoded, ensuring that their hex portion will + // always be size*2 + if a.Size()*2 != len(encoded) { + return ErrDigestInvalidLength + } + if r.MatchString(encoded) { + return nil + } + return ErrDigestInvalidFormat +} diff --git a/vendor/github.com/opencontainers/go-digest/digest.go b/vendor/github.com/opencontainers/go-digest/digest.go new file mode 100644 index 0000000000..ad398cba2f --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/digest.go @@ -0,0 +1,156 @@ +// Copyright 2017 Docker, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package digest + +import ( + "fmt" + "hash" + "io" + "regexp" + "strings" +) + +// Digest allows simple protection of hex formatted digest strings, prefixed +// by their algorithm. Strings of type Digest have some guarantee of being in +// the correct format and it provides quick access to the components of a +// digest string. +// +// The following is an example of the contents of Digest types: +// +// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc +// +// This allows to abstract the digest behind this type and work only in those +// terms. +type Digest string + +// NewDigest returns a Digest from alg and a hash.Hash object. +func NewDigest(alg Algorithm, h hash.Hash) Digest { + return NewDigestFromBytes(alg, h.Sum(nil)) +} + +// NewDigestFromBytes returns a new digest from the byte contents of p. +// Typically, this can come from hash.Hash.Sum(...) or xxx.SumXXX(...) +// functions. This is also useful for rebuilding digests from binary +// serializations. +func NewDigestFromBytes(alg Algorithm, p []byte) Digest { + return NewDigestFromEncoded(alg, alg.Encode(p)) +} + +// NewDigestFromHex is deprecated. Please use NewDigestFromEncoded. +func NewDigestFromHex(alg, hex string) Digest { + return NewDigestFromEncoded(Algorithm(alg), hex) +} + +// NewDigestFromEncoded returns a Digest from alg and the encoded digest. +func NewDigestFromEncoded(alg Algorithm, encoded string) Digest { + return Digest(fmt.Sprintf("%s:%s", alg, encoded)) +} + +// DigestRegexp matches valid digest types. +var DigestRegexp = regexp.MustCompile(`[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+`) + +// DigestRegexpAnchored matches valid digest types, anchored to the start and end of the match. +var DigestRegexpAnchored = regexp.MustCompile(`^` + DigestRegexp.String() + `$`) + +var ( + // ErrDigestInvalidFormat returned when digest format invalid. + ErrDigestInvalidFormat = fmt.Errorf("invalid checksum digest format") + + // ErrDigestInvalidLength returned when digest has invalid length. + ErrDigestInvalidLength = fmt.Errorf("invalid checksum digest length") + + // ErrDigestUnsupported returned when the digest algorithm is unsupported. + ErrDigestUnsupported = fmt.Errorf("unsupported digest algorithm") +) + +// Parse parses s and returns the validated digest object. An error will +// be returned if the format is invalid. +func Parse(s string) (Digest, error) { + d := Digest(s) + return d, d.Validate() +} + +// FromReader consumes the content of rd until io.EOF, returning canonical digest. +func FromReader(rd io.Reader) (Digest, error) { + return Canonical.FromReader(rd) +} + +// FromBytes digests the input and returns a Digest. +func FromBytes(p []byte) Digest { + return Canonical.FromBytes(p) +} + +// FromString digests the input and returns a Digest. +func FromString(s string) Digest { + return Canonical.FromString(s) +} + +// Validate checks that the contents of d is a valid digest, returning an +// error if not. +func (d Digest) Validate() error { + s := string(d) + i := strings.Index(s, ":") + if i <= 0 || i+1 == len(s) { + return ErrDigestInvalidFormat + } + algorithm, encoded := Algorithm(s[:i]), s[i+1:] + if !algorithm.Available() { + if !DigestRegexpAnchored.MatchString(s) { + return ErrDigestInvalidFormat + } + return ErrDigestUnsupported + } + return algorithm.Validate(encoded) +} + +// Algorithm returns the algorithm portion of the digest. This will panic if +// the underlying digest is not in a valid format. +func (d Digest) Algorithm() Algorithm { + return Algorithm(d[:d.sepIndex()]) +} + +// Verifier returns a writer object that can be used to verify a stream of +// content against the digest. If the digest is invalid, the method will panic. +func (d Digest) Verifier() Verifier { + return hashVerifier{ + hash: d.Algorithm().Hash(), + digest: d, + } +} + +// Encoded returns the encoded portion of the digest. This will panic if the +// underlying digest is not in a valid format. +func (d Digest) Encoded() string { + return string(d[d.sepIndex()+1:]) +} + +// Hex is deprecated. Please use Digest.Encoded. +func (d Digest) Hex() string { + return d.Encoded() +} + +func (d Digest) String() string { + return string(d) +} + +func (d Digest) sepIndex() int { + i := strings.Index(string(d), ":") + + if i < 0 { + panic(fmt.Sprintf("no ':' separator in digest %q", d)) + } + + return i +} diff --git a/vendor/github.com/opencontainers/go-digest/digester.go b/vendor/github.com/opencontainers/go-digest/digester.go new file mode 100644 index 0000000000..36fa2728ef --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/digester.go @@ -0,0 +1,39 @@ +// Copyright 2017 Docker, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package digest + +import "hash" + +// Digester calculates the digest of written data. Writes should go directly +// to the return value of Hash, while calling Digest will return the current +// value of the digest. +type Digester interface { + Hash() hash.Hash // provides direct access to underlying hash instance. + Digest() Digest +} + +// digester provides a simple digester definition that embeds a hasher. +type digester struct { + alg Algorithm + hash hash.Hash +} + +func (d *digester) Hash() hash.Hash { + return d.hash +} + +func (d *digester) Digest() Digest { + return NewDigest(d.alg, d.hash) +} diff --git a/vendor/github.com/opencontainers/go-digest/doc.go b/vendor/github.com/opencontainers/go-digest/doc.go new file mode 100644 index 0000000000..491ea1ef1f --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/doc.go @@ -0,0 +1,56 @@ +// Copyright 2017 Docker, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package digest provides a generalized type to opaquely represent message +// digests and their operations within the registry. The Digest type is +// designed to serve as a flexible identifier in a content-addressable system. +// More importantly, it provides tools and wrappers to work with +// hash.Hash-based digests with little effort. +// +// Basics +// +// The format of a digest is simply a string with two parts, dubbed the +// "algorithm" and the "digest", separated by a colon: +// +// : +// +// An example of a sha256 digest representation follows: +// +// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc +// +// In this case, the string "sha256" is the algorithm and the hex bytes are +// the "digest". +// +// Because the Digest type is simply a string, once a valid Digest is +// obtained, comparisons are cheap, quick and simple to express with the +// standard equality operator. +// +// Verification +// +// The main benefit of using the Digest type is simple verification against a +// given digest. The Verifier interface, modeled after the stdlib hash.Hash +// interface, provides a common write sink for digest verification. After +// writing is complete, calling the Verifier.Verified method will indicate +// whether or not the stream of bytes matches the target digest. +// +// Missing Features +// +// In addition to the above, we intend to add the following features to this +// package: +// +// 1. A Digester type that supports write sink digest calculation. +// +// 2. Suspend and resume of ongoing digest calculations to support efficient digest verification in the registry. +// +package digest diff --git a/vendor/github.com/opencontainers/go-digest/verifiers.go b/vendor/github.com/opencontainers/go-digest/verifiers.go new file mode 100644 index 0000000000..32125e9187 --- /dev/null +++ b/vendor/github.com/opencontainers/go-digest/verifiers.go @@ -0,0 +1,45 @@ +// Copyright 2017 Docker, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package digest + +import ( + "hash" + "io" +) + +// Verifier presents a general verification interface to be used with message +// digests and other byte stream verifications. Users instantiate a Verifier +// from one of the various methods, write the data under test to it then check +// the result with the Verified method. +type Verifier interface { + io.Writer + + // Verified will return true if the content written to Verifier matches + // the digest. + Verified() bool +} + +type hashVerifier struct { + digest Digest + hash hash.Hash +} + +func (hv hashVerifier) Write(p []byte) (n int, err error) { + return hv.hash.Write(p) +} + +func (hv hashVerifier) Verified() bool { + return hv.digest == NewDigest(hv.digest.Algorithm(), hv.hash) +} diff --git a/vendor/github.com/opencontainers/image-spec/LICENSE b/vendor/github.com/opencontainers/image-spec/LICENSE new file mode 100644 index 0000000000..9fdc20fdb6 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2016 The Linux Foundation. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go new file mode 100644 index 0000000000..35d8108958 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go @@ -0,0 +1,56 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +const ( + // AnnotationCreated is the annotation key for the date and time on which the image was built (date-time string as defined by RFC 3339). + AnnotationCreated = "org.opencontainers.image.created" + + // AnnotationAuthors is the annotation key for the contact details of the people or organization responsible for the image (freeform string). + AnnotationAuthors = "org.opencontainers.image.authors" + + // AnnotationURL is the annotation key for the URL to find more information on the image. + AnnotationURL = "org.opencontainers.image.url" + + // AnnotationDocumentation is the annotation key for the URL to get documentation on the image. + AnnotationDocumentation = "org.opencontainers.image.documentation" + + // AnnotationSource is the annotation key for the URL to get source code for building the image. + AnnotationSource = "org.opencontainers.image.source" + + // AnnotationVersion is the annotation key for the version of the packaged software. + // The version MAY match a label or tag in the source code repository. + // The version MAY be Semantic versioning-compatible. + AnnotationVersion = "org.opencontainers.image.version" + + // AnnotationRevision is the annotation key for the source control revision identifier for the packaged software. + AnnotationRevision = "org.opencontainers.image.revision" + + // AnnotationVendor is the annotation key for the name of the distributing entity, organization or individual. + AnnotationVendor = "org.opencontainers.image.vendor" + + // AnnotationLicenses is the annotation key for the license(s) under which contained software is distributed as an SPDX License Expression. + AnnotationLicenses = "org.opencontainers.image.licenses" + + // AnnotationRefName is the annotation key for the name of the reference for a target. + // SHOULD only be considered valid when on descriptors on `index.json` within image layout. + AnnotationRefName = "org.opencontainers.image.ref.name" + + // AnnotationTitle is the annotation key for the human-readable title of the image. + AnnotationTitle = "org.opencontainers.image.title" + + // AnnotationDescription is the annotation key for the human-readable description of the software packaged in the image. + AnnotationDescription = "org.opencontainers.image.description" +) diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go new file mode 100644 index 0000000000..fe799bd698 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go @@ -0,0 +1,103 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import ( + "time" + + digest "github.com/opencontainers/go-digest" +) + +// ImageConfig defines the execution parameters which should be used as a base when running a container using an image. +type ImageConfig struct { + // User defines the username or UID which the process in the container should run as. + User string `json:"User,omitempty"` + + // ExposedPorts a set of ports to expose from a container running this image. + ExposedPorts map[string]struct{} `json:"ExposedPorts,omitempty"` + + // Env is a list of environment variables to be used in a container. + Env []string `json:"Env,omitempty"` + + // Entrypoint defines a list of arguments to use as the command to execute when the container starts. + Entrypoint []string `json:"Entrypoint,omitempty"` + + // Cmd defines the default arguments to the entrypoint of the container. + Cmd []string `json:"Cmd,omitempty"` + + // Volumes is a set of directories describing where the process is likely write data specific to a container instance. + Volumes map[string]struct{} `json:"Volumes,omitempty"` + + // WorkingDir sets the current working directory of the entrypoint process in the container. + WorkingDir string `json:"WorkingDir,omitempty"` + + // Labels contains arbitrary metadata for the container. + Labels map[string]string `json:"Labels,omitempty"` + + // StopSignal contains the system call signal that will be sent to the container to exit. + StopSignal string `json:"StopSignal,omitempty"` +} + +// RootFS describes a layer content addresses +type RootFS struct { + // Type is the type of the rootfs. + Type string `json:"type"` + + // DiffIDs is an array of layer content hashes (DiffIDs), in order from bottom-most to top-most. + DiffIDs []digest.Digest `json:"diff_ids"` +} + +// History describes the history of a layer. +type History struct { + // Created is the combined date and time at which the layer was created, formatted as defined by RFC 3339, section 5.6. + Created *time.Time `json:"created,omitempty"` + + // CreatedBy is the command which created the layer. + CreatedBy string `json:"created_by,omitempty"` + + // Author is the author of the build point. + Author string `json:"author,omitempty"` + + // Comment is a custom message set when creating the layer. + Comment string `json:"comment,omitempty"` + + // EmptyLayer is used to mark if the history item created a filesystem diff. + EmptyLayer bool `json:"empty_layer,omitempty"` +} + +// Image is the JSON structure which describes some basic information about the image. +// This provides the `application/vnd.oci.image.config.v1+json` mediatype when marshalled to JSON. +type Image struct { + // Created is the combined date and time at which the image was created, formatted as defined by RFC 3339, section 5.6. + Created *time.Time `json:"created,omitempty"` + + // Author defines the name and/or email address of the person or entity which created and is responsible for maintaining the image. + Author string `json:"author,omitempty"` + + // Architecture is the CPU architecture which the binaries in this image are built to run on. + Architecture string `json:"architecture"` + + // OS is the name of the operating system which the image is built to run on. + OS string `json:"os"` + + // Config defines the execution parameters which should be used as a base when running a container using the image. + Config ImageConfig `json:"config,omitempty"` + + // RootFS references the layer content addresses used by the image. + RootFS RootFS `json:"rootfs"` + + // History describes the history of each layer. + History []History `json:"history,omitempty"` +} diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/descriptor.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/descriptor.go new file mode 100644 index 0000000000..6e442a0853 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/descriptor.go @@ -0,0 +1,64 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import digest "github.com/opencontainers/go-digest" + +// Descriptor describes the disposition of targeted content. +// This structure provides `application/vnd.oci.descriptor.v1+json` mediatype +// when marshalled to JSON. +type Descriptor struct { + // MediaType is the media type of the object this schema refers to. + MediaType string `json:"mediaType,omitempty"` + + // Digest is the digest of the targeted content. + Digest digest.Digest `json:"digest"` + + // Size specifies the size in bytes of the blob. + Size int64 `json:"size"` + + // URLs specifies a list of URLs from which this object MAY be downloaded + URLs []string `json:"urls,omitempty"` + + // Annotations contains arbitrary metadata relating to the targeted content. + Annotations map[string]string `json:"annotations,omitempty"` + + // Platform describes the platform which the image in the manifest runs on. + // + // This should only be used when referring to a manifest. + Platform *Platform `json:"platform,omitempty"` +} + +// Platform describes the platform which the image in the manifest runs on. +type Platform struct { + // Architecture field specifies the CPU architecture, for example + // `amd64` or `ppc64`. + Architecture string `json:"architecture"` + + // OS specifies the operating system, for example `linux` or `windows`. + OS string `json:"os"` + + // OSVersion is an optional field specifying the operating system + // version, for example on Windows `10.0.14393.1066`. + OSVersion string `json:"os.version,omitempty"` + + // OSFeatures is an optional field specifying an array of strings, + // each listing a required OS feature (for example on Windows `win32k`). + OSFeatures []string `json:"os.features,omitempty"` + + // Variant is an optional field specifying a variant of the CPU, for + // example `v7` to specify ARMv7 when architecture is `arm`. + Variant string `json:"variant,omitempty"` +} diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go new file mode 100644 index 0000000000..4e6c4b2362 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go @@ -0,0 +1,29 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import "github.com/opencontainers/image-spec/specs-go" + +// Index references manifests for various platforms. +// This structure provides `application/vnd.oci.image.index.v1+json` mediatype when marshalled to JSON. +type Index struct { + specs.Versioned + + // Manifests references platform specific manifests. + Manifests []Descriptor `json:"manifests"` + + // Annotations contains arbitrary metadata for the image index. + Annotations map[string]string `json:"annotations,omitempty"` +} diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/layout.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/layout.go new file mode 100644 index 0000000000..fc79e9e0d1 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/layout.go @@ -0,0 +1,28 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +const ( + // ImageLayoutFile is the file name of oci image layout file + ImageLayoutFile = "oci-layout" + // ImageLayoutVersion is the version of ImageLayout + ImageLayoutVersion = "1.0.0" +) + +// ImageLayout is the structure in the "oci-layout" file, found in the root +// of an OCI Image-layout directory. +type ImageLayout struct { + Version string `json:"imageLayoutVersion"` +} diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go new file mode 100644 index 0000000000..7ff32c40ba --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go @@ -0,0 +1,32 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import "github.com/opencontainers/image-spec/specs-go" + +// Manifest provides `application/vnd.oci.image.manifest.v1+json` mediatype structure when marshalled to JSON. +type Manifest struct { + specs.Versioned + + // Config references a configuration object for a container, by digest. + // The referenced configuration object is a JSON blob that the runtime uses to set up the container. + Config Descriptor `json:"config"` + + // Layers is an indexed list of layers referenced by the manifest. + Layers []Descriptor `json:"layers"` + + // Annotations contains arbitrary metadata for the image manifest. + Annotations map[string]string `json:"annotations,omitempty"` +} diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go new file mode 100644 index 0000000000..bad7bb97f4 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go @@ -0,0 +1,48 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +const ( + // MediaTypeDescriptor specifies the media type for a content descriptor. + MediaTypeDescriptor = "application/vnd.oci.descriptor.v1+json" + + // MediaTypeLayoutHeader specifies the media type for the oci-layout. + MediaTypeLayoutHeader = "application/vnd.oci.layout.header.v1+json" + + // MediaTypeImageManifest specifies the media type for an image manifest. + MediaTypeImageManifest = "application/vnd.oci.image.manifest.v1+json" + + // MediaTypeImageIndex specifies the media type for an image index. + MediaTypeImageIndex = "application/vnd.oci.image.index.v1+json" + + // MediaTypeImageLayer is the media type used for layers referenced by the manifest. + MediaTypeImageLayer = "application/vnd.oci.image.layer.v1.tar" + + // MediaTypeImageLayerGzip is the media type used for gzipped layers + // referenced by the manifest. + MediaTypeImageLayerGzip = "application/vnd.oci.image.layer.v1.tar+gzip" + + // MediaTypeImageLayerNonDistributable is the media type for layers referenced by + // the manifest but with distribution restrictions. + MediaTypeImageLayerNonDistributable = "application/vnd.oci.image.layer.nondistributable.v1.tar" + + // MediaTypeImageLayerNonDistributableGzip is the media type for + // gzipped layers referenced by the manifest but with distribution + // restrictions. + MediaTypeImageLayerNonDistributableGzip = "application/vnd.oci.image.layer.nondistributable.v1.tar+gzip" + + // MediaTypeImageConfig specifies the media type for the image configuration. + MediaTypeImageConfig = "application/vnd.oci.image.config.v1+json" +) diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/version.go b/vendor/github.com/opencontainers/image-spec/specs-go/version.go new file mode 100644 index 0000000000..5d493df233 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/version.go @@ -0,0 +1,32 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package specs + +import "fmt" + +const ( + // VersionMajor is for an API incompatible changes + VersionMajor = 1 + // VersionMinor is for functionality in a backwards-compatible manner + VersionMinor = 0 + // VersionPatch is for backwards-compatible bug fixes + VersionPatch = 1 + + // VersionDev indicates development branch. Releases will be empty string. + VersionDev = "" +) + +// Version is the specification version that the package types support. +var Version = fmt.Sprintf("%d.%d.%d%s", VersionMajor, VersionMinor, VersionPatch, VersionDev) diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/versioned.go b/vendor/github.com/opencontainers/image-spec/specs-go/versioned.go new file mode 100644 index 0000000000..58a1510f33 --- /dev/null +++ b/vendor/github.com/opencontainers/image-spec/specs-go/versioned.go @@ -0,0 +1,23 @@ +// Copyright 2016 The Linux Foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package specs + +// Versioned provides a struct with the manifest schemaVersion and mediaType. +// Incoming content with unknown schema version can be decoded against this +// struct to check the version. +type Versioned struct { + // SchemaVersion is the image manifest schema that this image follows + SchemaVersion int `json:"schemaVersion"` +} diff --git a/vendor/github.com/openshift/api/config/v1/register.go b/vendor/github.com/openshift/api/config/v1/register.go index 2f0ff20c4f..2e5914ac50 100644 --- a/vendor/github.com/openshift/api/config/v1/register.go +++ b/vendor/github.com/openshift/api/config/v1/register.go @@ -44,6 +44,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &ConsoleList{}, &DNS{}, &DNSList{}, + &Features{}, + &FeaturesList{}, &Image{}, &ImageList{}, &Infrastructure{}, diff --git a/vendor/github.com/openshift/api/config/v1/type_features.go b/vendor/github.com/openshift/api/config/v1/type_features.go new file mode 100644 index 0000000000..c943cf133a --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/type_features.go @@ -0,0 +1,70 @@ +package v1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// Features holds cluster-wide information about feature gates. The canonical name is `cluster` +type Features struct { + metav1.TypeMeta `json:",inline"` + // Standard object's metadata. + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec holds user settable values for configuration + Spec FeaturesSpec `json:"spec"` + // status holds observed values from the cluster. They may not be overridden. + Status FeaturesStatus `json:"status"` +} + +type FeaturesSpec struct { + // enabled holds a list of features that should be enabled. You only need to enter in the exceptional + // cases. Most features that should be enabled are enabled out of the box. Often times, setting a feature + // enabled can cause your cluster to be unstable. If that is the case, status will be updated. + // Because of the nature of feature gates, + // the full list isn't known by a single entity making static validation unrealistic. You can watch + // status of this resource to figure out where your feature was respected. + // +optional + Enabled []string `json:"enabled"` + + // disabled holds a list of features that should be disabled. You only need to enter in the exceptional + // cases. Most features that should be disabled are disabled out of the box. Often times, setting a feature + // disabled can cause your cluster to be unstable. If that is the case, status will be updated. + // Because of the nature of feature gates, + // the full list isn't known by a single entity making static validation unrealistic. You can watch + // status of this resource to figure out where your feature was respected. + // +optional + Disabled []string `json:"disabled"` +} + +type FeaturesStatus struct { + // featureConditions holds information about each enabled or disabled feature as aggregated from multiple + // operators. It is keyed by name. + FeatureConditions map[string]FeatureCondition `json:"featureConditions"` +} + +type FeatureCondition struct { + // operatorCondition holds information about each operator that attempted to handle a particular feature. + // It is keyed by the operator name and indicates success or failure with a message. No entry for an operator + // means that the operator did not know about or acknowledge your feature. + OperatorConditions map[string]OperatorFeatureCondition `json:"operatorConditions"` +} + +type OperatorFeatureCondition struct { + // failure is a message indicating that the operator had trouble handling a feature and explaining why. + // +optional + Failure string `json:"failure,omitempty"` + // success is a message indicating that the operator honored a feature. + // +optional + Success string `json:"success,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type FeaturesList struct { + metav1.TypeMeta `json:",inline"` + // Standard object's metadata. + metav1.ListMeta `json:"metadata,omitempty"` + Items []Features `json:"items"` +} diff --git a/vendor/github.com/openshift/api/config/v1/types.go b/vendor/github.com/openshift/api/config/v1/types.go index cfb9ef805d..f9853db275 100644 --- a/vendor/github.com/openshift/api/config/v1/types.go +++ b/vendor/github.com/openshift/api/config/v1/types.go @@ -137,6 +137,19 @@ type RemoteConnectionInfo struct { CertInfo `json:",inline"` } +type AdmissionConfig struct { + PluginConfig map[string]AdmissionPluginConfig `json:"pluginConfig"` + + // enabledPlugins is a list of admission plugins that must be on in addition to the default list. + // Some admission plugins are disabled by default, but certain configurations require them. This is fairly uncommon + // and can result in performance penalties and unexpected behavior. + EnabledAdmissionPlugins []string `json:"enabledPlugins"` + + // disabledPlugins is a list of admission plugins that must be off. Putting something in this list + // is almost always a mistake and likely to result in cluster instability. + DisabledAdmissionPlugins []string `json:"disabledPlugins"` +} + // AdmissionPluginConfig holds the necessary configuration options for admission plugins type AdmissionPluginConfig struct { // Location is the path to a configuration file that contains the plugin's @@ -220,18 +233,22 @@ type EtcdStorageConfig struct { // GenericAPIServerConfig is an inline-able struct for aggregated apiservers that need to store data in etcd type GenericAPIServerConfig struct { - // ServingInfo describes how to start serving + // servingInfo describes how to start serving ServingInfo HTTPServingInfo `json:"servingInfo"` - // CORSAllowedOrigins + // corsAllowedOrigins CORSAllowedOrigins []string `json:"corsAllowedOrigins"` - // AuditConfig describes how to configure audit information + // auditConfig describes how to configure audit information AuditConfig AuditConfig `json:"auditConfig"` - // StorageConfig contains information about how to use + // storageConfig contains information about how to use StorageConfig EtcdStorageConfig `json:"storageConfig"` + // admissionConfig holds information about how to configure admission. + AdmissionConfig AdmissionConfig `json:"admission"` + + // TODO remove this. We need a cut-over or we'll have a gap. AdmissionPluginConfig map[string]AdmissionPluginConfig `json:"admissionPluginConfig"` KubeClientConfig KubeClientConfig `json:"kubeClientConfig"` diff --git a/vendor/github.com/openshift/api/config/v1/types_build.go b/vendor/github.com/openshift/api/config/v1/types_build.go index 05ea4da9f9..fa852c7ef4 100644 --- a/vendor/github.com/openshift/api/config/v1/types_build.go +++ b/vendor/github.com/openshift/api/config/v1/types_build.go @@ -78,12 +78,6 @@ type ImageLabel struct { } type RegistriesConfig struct { - // SearchRegistries lists the registries to search for images if an image repository is not specified in an image pull spec. - // - // If this is not set, builds will search Docker Hub (docker.io) when a repository is not specified. - // Setting this to an empty list will require all builds to fully qualify their image pull specs. - // +optional - SearchRegistries *[]string `json:"searchRegistries,omitempty"` // InsecureRegistries are registries which do not have a valid SSL certificate or only support HTTP connections. // +optional InsecureRegistries []string `json:"insecureRegistries,omitempty"` diff --git a/vendor/github.com/openshift/api/config/v1/types_dns.go b/vendor/github.com/openshift/api/config/v1/types_dns.go index c371895471..f7f890c133 100644 --- a/vendor/github.com/openshift/api/config/v1/types_dns.go +++ b/vendor/github.com/openshift/api/config/v1/types_dns.go @@ -26,6 +26,40 @@ type DNSSpec struct { // For example, given the base domain `openshift.example.com`, an API server // DNS record may be created for `cluster-api.openshift.example.com`. BaseDomain string `json:"baseDomain"` + // publicZone is the location where all the DNS records that are publicly accessible to + // the internet exist. + // If this field is nil, no public records should be created. + // +optional + PublicZone *DNSZone `json:"publicZone,omitempty"` + // privateZone is the location where all the DNS records that are only available internally + // to the cluster exist. + // If this field is nil, no private records should be created. + // +optional + PrivateZone *DNSZone `json:"privateZone,omitempty"` +} + +// DNSZone is used to define a DNS hosted zone. +// A zone can be identified by an ID or tags. +type DNSZone struct { + // id is the identifier that can be used to find the DNS hosted zone. + // + // on AWS zone can be fetched using `ID` as id in [1] + // on Azure zone can be fetched using `ID` as a pre-determined name in [2], + // on GCP zone can be fetched using `ID` as a pre-determined name in [3]. + // + // [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options + // [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show + // [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get + // +optional + ID string `json:"id,omitempty"` + + // tags can be used to query the DNS hosted zone. + // + // on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, + // + // [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options + // +optional + Tags map[string]string `json:"tags,omitempty"` } type DNSStatus struct { diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go index c067d87122..a87b217738 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image.go +++ b/vendor/github.com/openshift/api/config/v1/types_image.go @@ -34,9 +34,16 @@ type ImageSpec struct { ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` // AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that - // should be trusted during imagestream import. + // should be trusted during imagestream import, pod image pull, and imageregistry + // pullthrough. // The namespace for this config map is openshift-config. AdditionalTrustedCA ConfigMapNameReference `json:"additionalTrustedCA,omitempty"` + + // RegistrySources contains configuration that determines how the container runtime + // should treat individual registries when accessing images for builds+pods. (e.g. + // whether or not to allow insecure access). It does not contain configuration for the + // internal cluster registry. + RegistrySources RegistrySources `json:"registrySources,omitempty"` } type ImageStatus struct { @@ -75,3 +82,20 @@ type RegistryLocation struct { // By default (if not specified) the registry is assumed as secure. Insecure bool `json:"insecure,omitempty"` } + +// RegistrySources holds cluster-wide information about how to handle the registries config. +type RegistrySources struct { + // InsecureRegistries are registries which do not have a valid SSL certificate or only support HTTP connections. + // +optional + InsecureRegistries []string `json:"insecureRegistries,omitempty"` + // BlockedRegistries are blacklisted from image pull/push. All other registries are allowed. + // + // Only one of BlockedRegistries or AllowedRegistries may be set. + // +optional + BlockedRegistries []string `json:"blockedRegistries,omitempty"` + // AllowedRegistries are whitelisted for image pull/push. All other registries are blocked. + // + // Only one of BlockedRegistries or AllowedRegistries may be set. + // +optional + AllowedRegistries []string `json:"allowedRegistries,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 89d8df5a28..9340a14a15 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -150,6 +150,41 @@ func (in *APIServerStatus) DeepCopy() *APIServerStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdmissionConfig) DeepCopyInto(out *AdmissionConfig) { + *out = *in + if in.PluginConfig != nil { + in, out := &in.PluginConfig, &out.PluginConfig + *out = make(map[string]AdmissionPluginConfig, len(*in)) + for key, val := range *in { + newVal := new(AdmissionPluginConfig) + val.DeepCopyInto(newVal) + (*out)[key] = *newVal + } + } + if in.EnabledAdmissionPlugins != nil { + in, out := &in.EnabledAdmissionPlugins, &out.EnabledAdmissionPlugins + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.DisabledAdmissionPlugins != nil { + in, out := &in.DisabledAdmissionPlugins, &out.DisabledAdmissionPlugins + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdmissionConfig. +func (in *AdmissionConfig) DeepCopy() *AdmissionConfig { + if in == nil { + return nil + } + out := new(AdmissionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AdmissionPluginConfig) DeepCopyInto(out *AdmissionPluginConfig) { *out = *in @@ -929,7 +964,7 @@ func (in *DNS) DeepCopyInto(out *DNS) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status return } @@ -988,6 +1023,24 @@ func (in *DNSList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSSpec) DeepCopyInto(out *DNSSpec) { *out = *in + if in.PublicZone != nil { + in, out := &in.PublicZone, &out.PublicZone + if *in == nil { + *out = nil + } else { + *out = new(DNSZone) + (*in).DeepCopyInto(*out) + } + } + if in.PrivateZone != nil { + in, out := &in.PrivateZone, &out.PrivateZone + if *in == nil { + *out = nil + } else { + *out = new(DNSZone) + (*in).DeepCopyInto(*out) + } + } return } @@ -1017,6 +1070,29 @@ func (in *DNSStatus) DeepCopy() *DNSStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DNSZone) DeepCopyInto(out *DNSZone) { + *out = *in + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSZone. +func (in *DNSZone) DeepCopy() *DNSZone { + if in == nil { + return nil + } + out := new(DNSZone) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DelegatedAuthentication) DeepCopyInto(out *DelegatedAuthentication) { *out = *in @@ -1088,6 +1164,141 @@ func (in *EtcdStorageConfig) DeepCopy() *EtcdStorageConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FeatureCondition) DeepCopyInto(out *FeatureCondition) { + *out = *in + if in.OperatorConditions != nil { + in, out := &in.OperatorConditions, &out.OperatorConditions + *out = make(map[string]OperatorFeatureCondition, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureCondition. +func (in *FeatureCondition) DeepCopy() *FeatureCondition { + if in == nil { + return nil + } + out := new(FeatureCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Features) DeepCopyInto(out *Features) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Features. +func (in *Features) DeepCopy() *Features { + if in == nil { + return nil + } + out := new(Features) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Features) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FeaturesList) DeepCopyInto(out *FeaturesList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Features, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeaturesList. +func (in *FeaturesList) DeepCopy() *FeaturesList { + if in == nil { + return nil + } + out := new(FeaturesList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FeaturesList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FeaturesSpec) DeepCopyInto(out *FeaturesSpec) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeaturesSpec. +func (in *FeaturesSpec) DeepCopy() *FeaturesSpec { + if in == nil { + return nil + } + out := new(FeaturesSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FeaturesStatus) DeepCopyInto(out *FeaturesStatus) { + *out = *in + if in.FeatureConditions != nil { + in, out := &in.FeatureConditions, &out.FeatureConditions + *out = make(map[string]FeatureCondition, len(*in)) + for key, val := range *in { + newVal := new(FeatureCondition) + val.DeepCopyInto(newVal) + (*out)[key] = *newVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeaturesStatus. +func (in *FeaturesStatus) DeepCopy() *FeaturesStatus { + if in == nil { + return nil + } + out := new(FeaturesStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GenericAPIServerConfig) DeepCopyInto(out *GenericAPIServerConfig) { *out = *in @@ -1099,6 +1310,7 @@ func (in *GenericAPIServerConfig) DeepCopyInto(out *GenericAPIServerConfig) { } in.AuditConfig.DeepCopyInto(&out.AuditConfig) in.StorageConfig.DeepCopyInto(&out.StorageConfig) + in.AdmissionConfig.DeepCopyInto(&out.AdmissionConfig) if in.AdmissionPluginConfig != nil { in, out := &in.AdmissionPluginConfig, &out.AdmissionPluginConfig *out = make(map[string]AdmissionPluginConfig, len(*in)) @@ -1444,6 +1656,7 @@ func (in *ImageSpec) DeepCopyInto(out *ImageSpec) { copy(*out, *in) } out.AdditionalTrustedCA = in.AdditionalTrustedCA + in.RegistrySources.DeepCopyInto(&out.RegistrySources) return } @@ -2158,6 +2371,22 @@ func (in *OperandVersion) DeepCopy() *OperandVersion { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OperatorFeatureCondition) DeepCopyInto(out *OperatorFeatureCondition) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorFeatureCondition. +func (in *OperatorFeatureCondition) DeepCopy() *OperatorFeatureCondition { + if in == nil { + return nil + } + out := new(OperatorFeatureCondition) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Project) DeepCopyInto(out *Project) { *out = *in @@ -2331,19 +2560,6 @@ func (in *ProxySpec) DeepCopy() *ProxySpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RegistriesConfig) DeepCopyInto(out *RegistriesConfig) { *out = *in - if in.SearchRegistries != nil { - in, out := &in.SearchRegistries, &out.SearchRegistries - if *in == nil { - *out = nil - } else { - *out = new([]string) - if **in != nil { - in, out := *in, *out - *out = make([]string, len(*in)) - copy(*out, *in) - } - } - } if in.InsecureRegistries != nil { in, out := &in.InsecureRegistries, &out.InsecureRegistries *out = make([]string, len(*in)) @@ -2388,6 +2604,37 @@ func (in *RegistryLocation) DeepCopy() *RegistryLocation { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RegistrySources) DeepCopyInto(out *RegistrySources) { + *out = *in + if in.InsecureRegistries != nil { + in, out := &in.InsecureRegistries, &out.InsecureRegistries + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.BlockedRegistries != nil { + in, out := &in.BlockedRegistries, &out.BlockedRegistries + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedRegistries != nil { + in, out := &in.AllowedRegistries, &out.AllowedRegistries + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistrySources. +func (in *RegistrySources) DeepCopy() *RegistrySources { + if in == nil { + return nil + } + out := new(RegistrySources) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RemoteConnectionInfo) DeepCopyInto(out *RemoteConnectionInfo) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 476c2e2d98..2220bfefba 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -11,6 +11,15 @@ package v1 // Those methods can be generated by using hack/update-swagger-docs.sh // AUTO-GENERATED FUNCTIONS START HERE +var map_AdmissionConfig = map[string]string{ + "enabledPlugins": "enabledPlugins is a list of admission plugins that must be on in addition to the default list. Some admission plugins are disabled by default, but certain configurations require them. This is fairly uncommon and can result in performance penalties and unexpected behavior.", + "disabledPlugins": "disabledPlugins is a list of admission plugins that must be off. Putting something in this list is almost always a mistake and likely to result in cluster instability.", +} + +func (AdmissionConfig) SwaggerDoc() map[string]string { + return map_AdmissionConfig +} + var map_AdmissionPluginConfig = map[string]string{ "": "AdmissionPluginConfig holds the necessary configuration options for admission plugins", "location": "Location is the path to a configuration file that contains the plugin's configuration", @@ -116,10 +125,11 @@ func (EtcdStorageConfig) SwaggerDoc() map[string]string { var map_GenericAPIServerConfig = map[string]string{ "": "GenericAPIServerConfig is an inline-able struct for aggregated apiservers that need to store data in etcd", - "servingInfo": "ServingInfo describes how to start serving", - "corsAllowedOrigins": "CORSAllowedOrigins", - "auditConfig": "AuditConfig describes how to configure audit information", - "storageConfig": "StorageConfig contains information about how to use", + "servingInfo": "servingInfo describes how to start serving", + "corsAllowedOrigins": "corsAllowedOrigins", + "auditConfig": "auditConfig describes how to configure audit information", + "storageConfig": "storageConfig contains information about how to use", + "admission": "admissionConfig holds information about how to configure admission.", } func (GenericAPIServerConfig) SwaggerDoc() map[string]string { @@ -375,7 +385,6 @@ func (ImageLabel) SwaggerDoc() map[string]string { } var map_RegistriesConfig = map[string]string{ - "searchRegistries": "SearchRegistries lists the registries to search for images if an image repository is not specified in an image pull spec.\n\nIf this is not set, builds will search Docker Hub (docker.io) when a repository is not specified. Setting this to an empty list will require all builds to fully qualify their image pull specs.", "insecureRegistries": "InsecureRegistries are registries which do not have a valid SSL certificate or only support HTTP connections.", "blockedRegistries": "BlockedRegistries are blacklisted from image pull/push. All other registries are allowed.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", "allowedRegistries": "AllowedRegistries are whitelisted for image pull/push. All other registries are blocked.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", @@ -593,13 +602,25 @@ func (DNSList) SwaggerDoc() map[string]string { } var map_DNSSpec = map[string]string{ - "baseDomain": "baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base.\n\nFor example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`.", + "baseDomain": "baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base.\n\nFor example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`.", + "publicZone": "publicZone is the location where all the DNS records that are publicly accessible to the internet exist. If this field is nil, no public records should be created.", + "privateZone": "privateZone is the location where all the DNS records that are only available internally to the cluster exist. If this field is nil, no private records should be created.", } func (DNSSpec) SwaggerDoc() map[string]string { return map_DNSSpec } +var map_DNSZone = map[string]string{ + "": "DNSZone is used to define a DNS hosted zone. A zone can be identified by an ID or tags.", + "id": "id is the identifier that can be used to find the DNS hosted zone.\n\non AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3].\n\n[1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get", + "tags": "tags can be used to query the DNS hosted zone.\n\non AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters,\n\n[1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options", +} + +func (DNSZone) SwaggerDoc() map[string]string { + return map_DNSZone +} + var map_Image = map[string]string{ "": "Image holds cluster-wide information about how to handle images. The canonical name is `cluster`", "metadata": "Standard object's metadata.", @@ -622,7 +643,8 @@ func (ImageList) SwaggerDoc() map[string]string { var map_ImageSpec = map[string]string{ "allowedRegistriesForImport": "AllowedRegistriesForImport limits the container image registries that normal users may import images from. Set this list to the registries that you trust to contain valid Docker images and that you want applications to be able to import from. Users with permission to create Images or ImageStreamMappings via the API are not affected by this policy - typically only administrators or system integrations will have those permissions.", "externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.", - "additionalTrustedCA": "AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted during imagestream import. The namespace for this config map is openshift-config.", + "additionalTrustedCA": "AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted during imagestream import, pod image pull, and imageregistry pullthrough. The namespace for this config map is openshift-config.", + "registrySources": "RegistrySources contains configuration that determines how the container runtime should treat individual registries when accessing images for builds+pods. (e.g. whether or not to allow insecure access). It does not contain configuration for the internal cluster registry.", } func (ImageSpec) SwaggerDoc() map[string]string { @@ -648,6 +670,17 @@ func (RegistryLocation) SwaggerDoc() map[string]string { return map_RegistryLocation } +var map_RegistrySources = map[string]string{ + "": "RegistrySources holds cluster-wide information about how to handle the registries config.", + "insecureRegistries": "InsecureRegistries are registries which do not have a valid SSL certificate or only support HTTP connections.", + "blockedRegistries": "BlockedRegistries are blacklisted from image pull/push. All other registries are allowed.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", + "allowedRegistries": "AllowedRegistries are whitelisted for image pull/push. All other registries are blocked.\n\nOnly one of BlockedRegistries or AllowedRegistries may be set.", +} + +func (RegistrySources) SwaggerDoc() map[string]string { + return map_RegistrySources +} + var map_Infrastructure = map[string]string{ "": "Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster`", "metadata": "Standard object's metadata.", diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/clientset_generated.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 0000000000..8e64843f81 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,66 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/openshift/client-go/config/clientset/versioned" + configv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + fakeconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +var _ clientset.Interface = &Clientset{} + +// ConfigV1 retrieves the ConfigV1Client +func (c *Clientset) ConfigV1() configv1.ConfigV1Interface { + return &fakeconfigv1.FakeConfigV1{Fake: &c.Fake} +} + +// Config retrieves the ConfigV1Client +func (c *Clientset) Config() configv1.ConfigV1Interface { + return &fakeconfigv1.FakeConfigV1{Fake: &c.Fake} +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/doc.go new file mode 100644 index 0000000000..3630ed1cd1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/register.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/register.go new file mode 100644 index 0000000000..ae058a902c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/register.go @@ -0,0 +1,40 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + configv1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + util_runtime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + util_runtime.Must(AddToScheme(scheme)) +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go index 023ef7d550..7366e183c5 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/config_client.go @@ -18,6 +18,7 @@ type ConfigV1Interface interface { ClusterVersionsGetter ConsolesGetter DNSsGetter + FeaturesGetter ImagesGetter InfrastructuresGetter IngressesGetter @@ -61,6 +62,10 @@ func (c *ConfigV1Client) DNSs() DNSInterface { return newDNSs(c) } +func (c *ConfigV1Client) Features() FeaturesInterface { + return newFeatures(c) +} + func (c *ConfigV1Client) Images() ImageInterface { return newImages(c) } diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/doc.go new file mode 100644 index 0000000000..2b5ba4c8e4 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_apiserver.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_apiserver.go new file mode 100644 index 0000000000..984eb9a696 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_apiserver.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeAPIServers implements APIServerInterface +type FakeAPIServers struct { + Fake *FakeConfigV1 +} + +var apiserversResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "apiservers"} + +var apiserversKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "APIServer"} + +// Get takes name of the aPIServer, and returns the corresponding aPIServer object, and an error if there is any. +func (c *FakeAPIServers) Get(name string, options v1.GetOptions) (result *config_v1.APIServer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(apiserversResource, name), &config_v1.APIServer{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.APIServer), err +} + +// List takes label and field selectors, and returns the list of APIServers that match those selectors. +func (c *FakeAPIServers) List(opts v1.ListOptions) (result *config_v1.APIServerList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(apiserversResource, apiserversKind, opts), &config_v1.APIServerList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.APIServerList{ListMeta: obj.(*config_v1.APIServerList).ListMeta} + for _, item := range obj.(*config_v1.APIServerList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested aPIServers. +func (c *FakeAPIServers) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(apiserversResource, opts)) +} + +// Create takes the representation of a aPIServer and creates it. Returns the server's representation of the aPIServer, and an error, if there is any. +func (c *FakeAPIServers) Create(aPIServer *config_v1.APIServer) (result *config_v1.APIServer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(apiserversResource, aPIServer), &config_v1.APIServer{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.APIServer), err +} + +// Update takes the representation of a aPIServer and updates it. Returns the server's representation of the aPIServer, and an error, if there is any. +func (c *FakeAPIServers) Update(aPIServer *config_v1.APIServer) (result *config_v1.APIServer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(apiserversResource, aPIServer), &config_v1.APIServer{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.APIServer), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeAPIServers) UpdateStatus(aPIServer *config_v1.APIServer) (*config_v1.APIServer, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(apiserversResource, "status", aPIServer), &config_v1.APIServer{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.APIServer), err +} + +// Delete takes name of the aPIServer and deletes it. Returns an error if one occurs. +func (c *FakeAPIServers) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(apiserversResource, name), &config_v1.APIServer{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAPIServers) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(apiserversResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.APIServerList{}) + return err +} + +// Patch applies the patch and returns the patched aPIServer. +func (c *FakeAPIServers) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.APIServer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(apiserversResource, name, data, subresources...), &config_v1.APIServer{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.APIServer), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_authentication.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_authentication.go new file mode 100644 index 0000000000..564af7e200 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_authentication.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeAuthentications implements AuthenticationInterface +type FakeAuthentications struct { + Fake *FakeConfigV1 +} + +var authenticationsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "authentications"} + +var authenticationsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Authentication"} + +// Get takes name of the authentication, and returns the corresponding authentication object, and an error if there is any. +func (c *FakeAuthentications) Get(name string, options v1.GetOptions) (result *config_v1.Authentication, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(authenticationsResource, name), &config_v1.Authentication{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Authentication), err +} + +// List takes label and field selectors, and returns the list of Authentications that match those selectors. +func (c *FakeAuthentications) List(opts v1.ListOptions) (result *config_v1.AuthenticationList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(authenticationsResource, authenticationsKind, opts), &config_v1.AuthenticationList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.AuthenticationList{ListMeta: obj.(*config_v1.AuthenticationList).ListMeta} + for _, item := range obj.(*config_v1.AuthenticationList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested authentications. +func (c *FakeAuthentications) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(authenticationsResource, opts)) +} + +// Create takes the representation of a authentication and creates it. Returns the server's representation of the authentication, and an error, if there is any. +func (c *FakeAuthentications) Create(authentication *config_v1.Authentication) (result *config_v1.Authentication, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(authenticationsResource, authentication), &config_v1.Authentication{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Authentication), err +} + +// Update takes the representation of a authentication and updates it. Returns the server's representation of the authentication, and an error, if there is any. +func (c *FakeAuthentications) Update(authentication *config_v1.Authentication) (result *config_v1.Authentication, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(authenticationsResource, authentication), &config_v1.Authentication{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Authentication), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeAuthentications) UpdateStatus(authentication *config_v1.Authentication) (*config_v1.Authentication, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(authenticationsResource, "status", authentication), &config_v1.Authentication{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Authentication), err +} + +// Delete takes name of the authentication and deletes it. Returns an error if one occurs. +func (c *FakeAuthentications) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(authenticationsResource, name), &config_v1.Authentication{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAuthentications) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(authenticationsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.AuthenticationList{}) + return err +} + +// Patch applies the patch and returns the patched authentication. +func (c *FakeAuthentications) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Authentication, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(authenticationsResource, name, data, subresources...), &config_v1.Authentication{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Authentication), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_build.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_build.go new file mode 100644 index 0000000000..629d9d748b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_build.go @@ -0,0 +1,104 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeBuilds implements BuildInterface +type FakeBuilds struct { + Fake *FakeConfigV1 +} + +var buildsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "builds"} + +var buildsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Build"} + +// Get takes name of the build, and returns the corresponding build object, and an error if there is any. +func (c *FakeBuilds) Get(name string, options v1.GetOptions) (result *config_v1.Build, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(buildsResource, name), &config_v1.Build{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Build), err +} + +// List takes label and field selectors, and returns the list of Builds that match those selectors. +func (c *FakeBuilds) List(opts v1.ListOptions) (result *config_v1.BuildList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(buildsResource, buildsKind, opts), &config_v1.BuildList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.BuildList{ListMeta: obj.(*config_v1.BuildList).ListMeta} + for _, item := range obj.(*config_v1.BuildList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested builds. +func (c *FakeBuilds) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(buildsResource, opts)) +} + +// Create takes the representation of a build and creates it. Returns the server's representation of the build, and an error, if there is any. +func (c *FakeBuilds) Create(build *config_v1.Build) (result *config_v1.Build, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(buildsResource, build), &config_v1.Build{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Build), err +} + +// Update takes the representation of a build and updates it. Returns the server's representation of the build, and an error, if there is any. +func (c *FakeBuilds) Update(build *config_v1.Build) (result *config_v1.Build, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(buildsResource, build), &config_v1.Build{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Build), err +} + +// Delete takes name of the build and deletes it. Returns an error if one occurs. +func (c *FakeBuilds) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(buildsResource, name), &config_v1.Build{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeBuilds) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(buildsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.BuildList{}) + return err +} + +// Patch applies the patch and returns the patched build. +func (c *FakeBuilds) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Build, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(buildsResource, name, data, subresources...), &config_v1.Build{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Build), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusteroperator.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusteroperator.go new file mode 100644 index 0000000000..49bc4c61d0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusteroperator.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterOperators implements ClusterOperatorInterface +type FakeClusterOperators struct { + Fake *FakeConfigV1 +} + +var clusteroperatorsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "clusteroperators"} + +var clusteroperatorsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "ClusterOperator"} + +// Get takes name of the clusterOperator, and returns the corresponding clusterOperator object, and an error if there is any. +func (c *FakeClusterOperators) Get(name string, options v1.GetOptions) (result *config_v1.ClusterOperator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(clusteroperatorsResource, name), &config_v1.ClusterOperator{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterOperator), err +} + +// List takes label and field selectors, and returns the list of ClusterOperators that match those selectors. +func (c *FakeClusterOperators) List(opts v1.ListOptions) (result *config_v1.ClusterOperatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(clusteroperatorsResource, clusteroperatorsKind, opts), &config_v1.ClusterOperatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.ClusterOperatorList{ListMeta: obj.(*config_v1.ClusterOperatorList).ListMeta} + for _, item := range obj.(*config_v1.ClusterOperatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterOperators. +func (c *FakeClusterOperators) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(clusteroperatorsResource, opts)) +} + +// Create takes the representation of a clusterOperator and creates it. Returns the server's representation of the clusterOperator, and an error, if there is any. +func (c *FakeClusterOperators) Create(clusterOperator *config_v1.ClusterOperator) (result *config_v1.ClusterOperator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(clusteroperatorsResource, clusterOperator), &config_v1.ClusterOperator{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterOperator), err +} + +// Update takes the representation of a clusterOperator and updates it. Returns the server's representation of the clusterOperator, and an error, if there is any. +func (c *FakeClusterOperators) Update(clusterOperator *config_v1.ClusterOperator) (result *config_v1.ClusterOperator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(clusteroperatorsResource, clusterOperator), &config_v1.ClusterOperator{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterOperator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterOperators) UpdateStatus(clusterOperator *config_v1.ClusterOperator) (*config_v1.ClusterOperator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(clusteroperatorsResource, "status", clusterOperator), &config_v1.ClusterOperator{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterOperator), err +} + +// Delete takes name of the clusterOperator and deletes it. Returns an error if one occurs. +func (c *FakeClusterOperators) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(clusteroperatorsResource, name), &config_v1.ClusterOperator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterOperators) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(clusteroperatorsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.ClusterOperatorList{}) + return err +} + +// Patch applies the patch and returns the patched clusterOperator. +func (c *FakeClusterOperators) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.ClusterOperator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(clusteroperatorsResource, name, data, subresources...), &config_v1.ClusterOperator{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterOperator), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterversion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterversion.go new file mode 100644 index 0000000000..f505d10444 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterversion.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterVersions implements ClusterVersionInterface +type FakeClusterVersions struct { + Fake *FakeConfigV1 +} + +var clusterversionsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "clusterversions"} + +var clusterversionsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "ClusterVersion"} + +// Get takes name of the clusterVersion, and returns the corresponding clusterVersion object, and an error if there is any. +func (c *FakeClusterVersions) Get(name string, options v1.GetOptions) (result *config_v1.ClusterVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(clusterversionsResource, name), &config_v1.ClusterVersion{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterVersion), err +} + +// List takes label and field selectors, and returns the list of ClusterVersions that match those selectors. +func (c *FakeClusterVersions) List(opts v1.ListOptions) (result *config_v1.ClusterVersionList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(clusterversionsResource, clusterversionsKind, opts), &config_v1.ClusterVersionList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.ClusterVersionList{ListMeta: obj.(*config_v1.ClusterVersionList).ListMeta} + for _, item := range obj.(*config_v1.ClusterVersionList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterVersions. +func (c *FakeClusterVersions) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(clusterversionsResource, opts)) +} + +// Create takes the representation of a clusterVersion and creates it. Returns the server's representation of the clusterVersion, and an error, if there is any. +func (c *FakeClusterVersions) Create(clusterVersion *config_v1.ClusterVersion) (result *config_v1.ClusterVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(clusterversionsResource, clusterVersion), &config_v1.ClusterVersion{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterVersion), err +} + +// Update takes the representation of a clusterVersion and updates it. Returns the server's representation of the clusterVersion, and an error, if there is any. +func (c *FakeClusterVersions) Update(clusterVersion *config_v1.ClusterVersion) (result *config_v1.ClusterVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(clusterversionsResource, clusterVersion), &config_v1.ClusterVersion{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterVersion), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterVersions) UpdateStatus(clusterVersion *config_v1.ClusterVersion) (*config_v1.ClusterVersion, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(clusterversionsResource, "status", clusterVersion), &config_v1.ClusterVersion{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterVersion), err +} + +// Delete takes name of the clusterVersion and deletes it. Returns an error if one occurs. +func (c *FakeClusterVersions) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(clusterversionsResource, name), &config_v1.ClusterVersion{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterVersions) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(clusterversionsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.ClusterVersionList{}) + return err +} + +// Patch applies the patch and returns the patched clusterVersion. +func (c *FakeClusterVersions) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.ClusterVersion, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(clusterversionsResource, name, data, subresources...), &config_v1.ClusterVersion{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.ClusterVersion), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go new file mode 100644 index 0000000000..0b3ac58044 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go @@ -0,0 +1,84 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1 struct { + *testing.Fake +} + +func (c *FakeConfigV1) APIServers() v1.APIServerInterface { + return &FakeAPIServers{c} +} + +func (c *FakeConfigV1) Authentications() v1.AuthenticationInterface { + return &FakeAuthentications{c} +} + +func (c *FakeConfigV1) Builds() v1.BuildInterface { + return &FakeBuilds{c} +} + +func (c *FakeConfigV1) ClusterOperators() v1.ClusterOperatorInterface { + return &FakeClusterOperators{c} +} + +func (c *FakeConfigV1) ClusterVersions() v1.ClusterVersionInterface { + return &FakeClusterVersions{c} +} + +func (c *FakeConfigV1) Consoles() v1.ConsoleInterface { + return &FakeConsoles{c} +} + +func (c *FakeConfigV1) DNSs() v1.DNSInterface { + return &FakeDNSs{c} +} + +func (c *FakeConfigV1) Features() v1.FeaturesInterface { + return &FakeFeatures{c} +} + +func (c *FakeConfigV1) Images() v1.ImageInterface { + return &FakeImages{c} +} + +func (c *FakeConfigV1) Infrastructures() v1.InfrastructureInterface { + return &FakeInfrastructures{c} +} + +func (c *FakeConfigV1) Ingresses() v1.IngressInterface { + return &FakeIngresses{c} +} + +func (c *FakeConfigV1) Networks() v1.NetworkInterface { + return &FakeNetworks{c} +} + +func (c *FakeConfigV1) OAuths() v1.OAuthInterface { + return &FakeOAuths{c} +} + +func (c *FakeConfigV1) Projects() v1.ProjectInterface { + return &FakeProjects{c} +} + +func (c *FakeConfigV1) Proxies() v1.ProxyInterface { + return &FakeProxies{c} +} + +func (c *FakeConfigV1) Schedulings() v1.SchedulingInterface { + return &FakeSchedulings{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_console.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_console.go new file mode 100644 index 0000000000..5c60b237b4 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_console.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeConsoles implements ConsoleInterface +type FakeConsoles struct { + Fake *FakeConfigV1 +} + +var consolesResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "consoles"} + +var consolesKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Console"} + +// Get takes name of the console, and returns the corresponding console object, and an error if there is any. +func (c *FakeConsoles) Get(name string, options v1.GetOptions) (result *config_v1.Console, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(consolesResource, name), &config_v1.Console{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Console), err +} + +// List takes label and field selectors, and returns the list of Consoles that match those selectors. +func (c *FakeConsoles) List(opts v1.ListOptions) (result *config_v1.ConsoleList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(consolesResource, consolesKind, opts), &config_v1.ConsoleList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.ConsoleList{ListMeta: obj.(*config_v1.ConsoleList).ListMeta} + for _, item := range obj.(*config_v1.ConsoleList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested consoles. +func (c *FakeConsoles) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(consolesResource, opts)) +} + +// Create takes the representation of a console and creates it. Returns the server's representation of the console, and an error, if there is any. +func (c *FakeConsoles) Create(console *config_v1.Console) (result *config_v1.Console, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(consolesResource, console), &config_v1.Console{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Console), err +} + +// Update takes the representation of a console and updates it. Returns the server's representation of the console, and an error, if there is any. +func (c *FakeConsoles) Update(console *config_v1.Console) (result *config_v1.Console, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(consolesResource, console), &config_v1.Console{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Console), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeConsoles) UpdateStatus(console *config_v1.Console) (*config_v1.Console, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(consolesResource, "status", console), &config_v1.Console{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Console), err +} + +// Delete takes name of the console and deletes it. Returns an error if one occurs. +func (c *FakeConsoles) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(consolesResource, name), &config_v1.Console{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeConsoles) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(consolesResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.ConsoleList{}) + return err +} + +// Patch applies the patch and returns the patched console. +func (c *FakeConsoles) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Console, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(consolesResource, name, data, subresources...), &config_v1.Console{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Console), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_dns.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_dns.go new file mode 100644 index 0000000000..64946e73d5 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_dns.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeDNSs implements DNSInterface +type FakeDNSs struct { + Fake *FakeConfigV1 +} + +var dnssResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "dnss"} + +var dnssKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "DNS"} + +// Get takes name of the dNS, and returns the corresponding dNS object, and an error if there is any. +func (c *FakeDNSs) Get(name string, options v1.GetOptions) (result *config_v1.DNS, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(dnssResource, name), &config_v1.DNS{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.DNS), err +} + +// List takes label and field selectors, and returns the list of DNSs that match those selectors. +func (c *FakeDNSs) List(opts v1.ListOptions) (result *config_v1.DNSList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(dnssResource, dnssKind, opts), &config_v1.DNSList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.DNSList{ListMeta: obj.(*config_v1.DNSList).ListMeta} + for _, item := range obj.(*config_v1.DNSList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested dNSs. +func (c *FakeDNSs) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(dnssResource, opts)) +} + +// Create takes the representation of a dNS and creates it. Returns the server's representation of the dNS, and an error, if there is any. +func (c *FakeDNSs) Create(dNS *config_v1.DNS) (result *config_v1.DNS, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(dnssResource, dNS), &config_v1.DNS{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.DNS), err +} + +// Update takes the representation of a dNS and updates it. Returns the server's representation of the dNS, and an error, if there is any. +func (c *FakeDNSs) Update(dNS *config_v1.DNS) (result *config_v1.DNS, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(dnssResource, dNS), &config_v1.DNS{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.DNS), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeDNSs) UpdateStatus(dNS *config_v1.DNS) (*config_v1.DNS, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(dnssResource, "status", dNS), &config_v1.DNS{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.DNS), err +} + +// Delete takes name of the dNS and deletes it. Returns an error if one occurs. +func (c *FakeDNSs) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(dnssResource, name), &config_v1.DNS{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeDNSs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(dnssResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.DNSList{}) + return err +} + +// Patch applies the patch and returns the patched dNS. +func (c *FakeDNSs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.DNS, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(dnssResource, name, data, subresources...), &config_v1.DNS{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.DNS), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_features.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_features.go new file mode 100644 index 0000000000..6952af793a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_features.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeFeatures implements FeaturesInterface +type FakeFeatures struct { + Fake *FakeConfigV1 +} + +var featuresResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "features"} + +var featuresKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Features"} + +// Get takes name of the features, and returns the corresponding features object, and an error if there is any. +func (c *FakeFeatures) Get(name string, options v1.GetOptions) (result *config_v1.Features, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(featuresResource, name), &config_v1.Features{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Features), err +} + +// List takes label and field selectors, and returns the list of Features that match those selectors. +func (c *FakeFeatures) List(opts v1.ListOptions) (result *config_v1.FeaturesList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(featuresResource, featuresKind, opts), &config_v1.FeaturesList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.FeaturesList{ListMeta: obj.(*config_v1.FeaturesList).ListMeta} + for _, item := range obj.(*config_v1.FeaturesList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested features. +func (c *FakeFeatures) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(featuresResource, opts)) +} + +// Create takes the representation of a features and creates it. Returns the server's representation of the features, and an error, if there is any. +func (c *FakeFeatures) Create(features *config_v1.Features) (result *config_v1.Features, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(featuresResource, features), &config_v1.Features{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Features), err +} + +// Update takes the representation of a features and updates it. Returns the server's representation of the features, and an error, if there is any. +func (c *FakeFeatures) Update(features *config_v1.Features) (result *config_v1.Features, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(featuresResource, features), &config_v1.Features{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Features), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeFeatures) UpdateStatus(features *config_v1.Features) (*config_v1.Features, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(featuresResource, "status", features), &config_v1.Features{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Features), err +} + +// Delete takes name of the features and deletes it. Returns an error if one occurs. +func (c *FakeFeatures) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(featuresResource, name), &config_v1.Features{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeFeatures) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(featuresResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.FeaturesList{}) + return err +} + +// Patch applies the patch and returns the patched features. +func (c *FakeFeatures) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Features, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(featuresResource, name, data, subresources...), &config_v1.Features{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Features), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_image.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_image.go new file mode 100644 index 0000000000..9b2e364fed --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_image.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeImages implements ImageInterface +type FakeImages struct { + Fake *FakeConfigV1 +} + +var imagesResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "images"} + +var imagesKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Image"} + +// Get takes name of the image, and returns the corresponding image object, and an error if there is any. +func (c *FakeImages) Get(name string, options v1.GetOptions) (result *config_v1.Image, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(imagesResource, name), &config_v1.Image{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Image), err +} + +// List takes label and field selectors, and returns the list of Images that match those selectors. +func (c *FakeImages) List(opts v1.ListOptions) (result *config_v1.ImageList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(imagesResource, imagesKind, opts), &config_v1.ImageList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.ImageList{ListMeta: obj.(*config_v1.ImageList).ListMeta} + for _, item := range obj.(*config_v1.ImageList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested images. +func (c *FakeImages) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(imagesResource, opts)) +} + +// Create takes the representation of a image and creates it. Returns the server's representation of the image, and an error, if there is any. +func (c *FakeImages) Create(image *config_v1.Image) (result *config_v1.Image, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(imagesResource, image), &config_v1.Image{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Image), err +} + +// Update takes the representation of a image and updates it. Returns the server's representation of the image, and an error, if there is any. +func (c *FakeImages) Update(image *config_v1.Image) (result *config_v1.Image, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(imagesResource, image), &config_v1.Image{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Image), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeImages) UpdateStatus(image *config_v1.Image) (*config_v1.Image, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(imagesResource, "status", image), &config_v1.Image{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Image), err +} + +// Delete takes name of the image and deletes it. Returns an error if one occurs. +func (c *FakeImages) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(imagesResource, name), &config_v1.Image{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeImages) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(imagesResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.ImageList{}) + return err +} + +// Patch applies the patch and returns the patched image. +func (c *FakeImages) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Image, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(imagesResource, name, data, subresources...), &config_v1.Image{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Image), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_infrastructure.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_infrastructure.go new file mode 100644 index 0000000000..351fac1c48 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_infrastructure.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeInfrastructures implements InfrastructureInterface +type FakeInfrastructures struct { + Fake *FakeConfigV1 +} + +var infrastructuresResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "infrastructures"} + +var infrastructuresKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Infrastructure"} + +// Get takes name of the infrastructure, and returns the corresponding infrastructure object, and an error if there is any. +func (c *FakeInfrastructures) Get(name string, options v1.GetOptions) (result *config_v1.Infrastructure, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(infrastructuresResource, name), &config_v1.Infrastructure{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Infrastructure), err +} + +// List takes label and field selectors, and returns the list of Infrastructures that match those selectors. +func (c *FakeInfrastructures) List(opts v1.ListOptions) (result *config_v1.InfrastructureList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(infrastructuresResource, infrastructuresKind, opts), &config_v1.InfrastructureList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.InfrastructureList{ListMeta: obj.(*config_v1.InfrastructureList).ListMeta} + for _, item := range obj.(*config_v1.InfrastructureList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested infrastructures. +func (c *FakeInfrastructures) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(infrastructuresResource, opts)) +} + +// Create takes the representation of a infrastructure and creates it. Returns the server's representation of the infrastructure, and an error, if there is any. +func (c *FakeInfrastructures) Create(infrastructure *config_v1.Infrastructure) (result *config_v1.Infrastructure, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(infrastructuresResource, infrastructure), &config_v1.Infrastructure{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Infrastructure), err +} + +// Update takes the representation of a infrastructure and updates it. Returns the server's representation of the infrastructure, and an error, if there is any. +func (c *FakeInfrastructures) Update(infrastructure *config_v1.Infrastructure) (result *config_v1.Infrastructure, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(infrastructuresResource, infrastructure), &config_v1.Infrastructure{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Infrastructure), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeInfrastructures) UpdateStatus(infrastructure *config_v1.Infrastructure) (*config_v1.Infrastructure, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(infrastructuresResource, "status", infrastructure), &config_v1.Infrastructure{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Infrastructure), err +} + +// Delete takes name of the infrastructure and deletes it. Returns an error if one occurs. +func (c *FakeInfrastructures) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(infrastructuresResource, name), &config_v1.Infrastructure{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeInfrastructures) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(infrastructuresResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.InfrastructureList{}) + return err +} + +// Patch applies the patch and returns the patched infrastructure. +func (c *FakeInfrastructures) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Infrastructure, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(infrastructuresResource, name, data, subresources...), &config_v1.Infrastructure{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Infrastructure), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_ingress.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_ingress.go new file mode 100644 index 0000000000..861caec96d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_ingress.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeIngresses implements IngressInterface +type FakeIngresses struct { + Fake *FakeConfigV1 +} + +var ingressesResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "ingresses"} + +var ingressesKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Ingress"} + +// Get takes name of the ingress, and returns the corresponding ingress object, and an error if there is any. +func (c *FakeIngresses) Get(name string, options v1.GetOptions) (result *config_v1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(ingressesResource, name), &config_v1.Ingress{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Ingress), err +} + +// List takes label and field selectors, and returns the list of Ingresses that match those selectors. +func (c *FakeIngresses) List(opts v1.ListOptions) (result *config_v1.IngressList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(ingressesResource, ingressesKind, opts), &config_v1.IngressList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.IngressList{ListMeta: obj.(*config_v1.IngressList).ListMeta} + for _, item := range obj.(*config_v1.IngressList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested ingresses. +func (c *FakeIngresses) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(ingressesResource, opts)) +} + +// Create takes the representation of a ingress and creates it. Returns the server's representation of the ingress, and an error, if there is any. +func (c *FakeIngresses) Create(ingress *config_v1.Ingress) (result *config_v1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(ingressesResource, ingress), &config_v1.Ingress{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Ingress), err +} + +// Update takes the representation of a ingress and updates it. Returns the server's representation of the ingress, and an error, if there is any. +func (c *FakeIngresses) Update(ingress *config_v1.Ingress) (result *config_v1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(ingressesResource, ingress), &config_v1.Ingress{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Ingress), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeIngresses) UpdateStatus(ingress *config_v1.Ingress) (*config_v1.Ingress, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(ingressesResource, "status", ingress), &config_v1.Ingress{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Ingress), err +} + +// Delete takes name of the ingress and deletes it. Returns an error if one occurs. +func (c *FakeIngresses) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(ingressesResource, name), &config_v1.Ingress{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeIngresses) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(ingressesResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.IngressList{}) + return err +} + +// Patch applies the patch and returns the patched ingress. +func (c *FakeIngresses) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Ingress, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(ingressesResource, name, data, subresources...), &config_v1.Ingress{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Ingress), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_network.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_network.go new file mode 100644 index 0000000000..88eabd4921 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_network.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeNetworks implements NetworkInterface +type FakeNetworks struct { + Fake *FakeConfigV1 +} + +var networksResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "networks"} + +var networksKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Network"} + +// Get takes name of the network, and returns the corresponding network object, and an error if there is any. +func (c *FakeNetworks) Get(name string, options v1.GetOptions) (result *config_v1.Network, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(networksResource, name), &config_v1.Network{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Network), err +} + +// List takes label and field selectors, and returns the list of Networks that match those selectors. +func (c *FakeNetworks) List(opts v1.ListOptions) (result *config_v1.NetworkList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(networksResource, networksKind, opts), &config_v1.NetworkList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.NetworkList{ListMeta: obj.(*config_v1.NetworkList).ListMeta} + for _, item := range obj.(*config_v1.NetworkList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested networks. +func (c *FakeNetworks) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(networksResource, opts)) +} + +// Create takes the representation of a network and creates it. Returns the server's representation of the network, and an error, if there is any. +func (c *FakeNetworks) Create(network *config_v1.Network) (result *config_v1.Network, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(networksResource, network), &config_v1.Network{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Network), err +} + +// Update takes the representation of a network and updates it. Returns the server's representation of the network, and an error, if there is any. +func (c *FakeNetworks) Update(network *config_v1.Network) (result *config_v1.Network, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(networksResource, network), &config_v1.Network{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Network), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeNetworks) UpdateStatus(network *config_v1.Network) (*config_v1.Network, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(networksResource, "status", network), &config_v1.Network{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Network), err +} + +// Delete takes name of the network and deletes it. Returns an error if one occurs. +func (c *FakeNetworks) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(networksResource, name), &config_v1.Network{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeNetworks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(networksResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.NetworkList{}) + return err +} + +// Patch applies the patch and returns the patched network. +func (c *FakeNetworks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Network, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(networksResource, name, data, subresources...), &config_v1.Network{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Network), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_oauth.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_oauth.go new file mode 100644 index 0000000000..9d018dfe7c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_oauth.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOAuths implements OAuthInterface +type FakeOAuths struct { + Fake *FakeConfigV1 +} + +var oauthsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "oauths"} + +var oauthsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "OAuth"} + +// Get takes name of the oAuth, and returns the corresponding oAuth object, and an error if there is any. +func (c *FakeOAuths) Get(name string, options v1.GetOptions) (result *config_v1.OAuth, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(oauthsResource, name), &config_v1.OAuth{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.OAuth), err +} + +// List takes label and field selectors, and returns the list of OAuths that match those selectors. +func (c *FakeOAuths) List(opts v1.ListOptions) (result *config_v1.OAuthList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(oauthsResource, oauthsKind, opts), &config_v1.OAuthList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.OAuthList{ListMeta: obj.(*config_v1.OAuthList).ListMeta} + for _, item := range obj.(*config_v1.OAuthList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested oAuths. +func (c *FakeOAuths) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(oauthsResource, opts)) +} + +// Create takes the representation of a oAuth and creates it. Returns the server's representation of the oAuth, and an error, if there is any. +func (c *FakeOAuths) Create(oAuth *config_v1.OAuth) (result *config_v1.OAuth, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(oauthsResource, oAuth), &config_v1.OAuth{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.OAuth), err +} + +// Update takes the representation of a oAuth and updates it. Returns the server's representation of the oAuth, and an error, if there is any. +func (c *FakeOAuths) Update(oAuth *config_v1.OAuth) (result *config_v1.OAuth, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(oauthsResource, oAuth), &config_v1.OAuth{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.OAuth), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOAuths) UpdateStatus(oAuth *config_v1.OAuth) (*config_v1.OAuth, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(oauthsResource, "status", oAuth), &config_v1.OAuth{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.OAuth), err +} + +// Delete takes name of the oAuth and deletes it. Returns an error if one occurs. +func (c *FakeOAuths) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(oauthsResource, name), &config_v1.OAuth{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOAuths) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(oauthsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.OAuthList{}) + return err +} + +// Patch applies the patch and returns the patched oAuth. +func (c *FakeOAuths) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.OAuth, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(oauthsResource, name, data, subresources...), &config_v1.OAuth{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.OAuth), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_project.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_project.go new file mode 100644 index 0000000000..09d3b95351 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_project.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeProjects implements ProjectInterface +type FakeProjects struct { + Fake *FakeConfigV1 +} + +var projectsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "projects"} + +var projectsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Project"} + +// Get takes name of the project, and returns the corresponding project object, and an error if there is any. +func (c *FakeProjects) Get(name string, options v1.GetOptions) (result *config_v1.Project, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(projectsResource, name), &config_v1.Project{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Project), err +} + +// List takes label and field selectors, and returns the list of Projects that match those selectors. +func (c *FakeProjects) List(opts v1.ListOptions) (result *config_v1.ProjectList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(projectsResource, projectsKind, opts), &config_v1.ProjectList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.ProjectList{ListMeta: obj.(*config_v1.ProjectList).ListMeta} + for _, item := range obj.(*config_v1.ProjectList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested projects. +func (c *FakeProjects) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(projectsResource, opts)) +} + +// Create takes the representation of a project and creates it. Returns the server's representation of the project, and an error, if there is any. +func (c *FakeProjects) Create(project *config_v1.Project) (result *config_v1.Project, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(projectsResource, project), &config_v1.Project{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Project), err +} + +// Update takes the representation of a project and updates it. Returns the server's representation of the project, and an error, if there is any. +func (c *FakeProjects) Update(project *config_v1.Project) (result *config_v1.Project, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(projectsResource, project), &config_v1.Project{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Project), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeProjects) UpdateStatus(project *config_v1.Project) (*config_v1.Project, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(projectsResource, "status", project), &config_v1.Project{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Project), err +} + +// Delete takes name of the project and deletes it. Returns an error if one occurs. +func (c *FakeProjects) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(projectsResource, name), &config_v1.Project{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeProjects) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(projectsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.ProjectList{}) + return err +} + +// Patch applies the patch and returns the patched project. +func (c *FakeProjects) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Project, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(projectsResource, name, data, subresources...), &config_v1.Project{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Project), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_proxy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_proxy.go new file mode 100644 index 0000000000..01be8ca9d6 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_proxy.go @@ -0,0 +1,104 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeProxies implements ProxyInterface +type FakeProxies struct { + Fake *FakeConfigV1 +} + +var proxiesResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "proxies"} + +var proxiesKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Proxy"} + +// Get takes name of the proxy, and returns the corresponding proxy object, and an error if there is any. +func (c *FakeProxies) Get(name string, options v1.GetOptions) (result *config_v1.Proxy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(proxiesResource, name), &config_v1.Proxy{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Proxy), err +} + +// List takes label and field selectors, and returns the list of Proxies that match those selectors. +func (c *FakeProxies) List(opts v1.ListOptions) (result *config_v1.ProxyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(proxiesResource, proxiesKind, opts), &config_v1.ProxyList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.ProxyList{ListMeta: obj.(*config_v1.ProxyList).ListMeta} + for _, item := range obj.(*config_v1.ProxyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested proxies. +func (c *FakeProxies) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(proxiesResource, opts)) +} + +// Create takes the representation of a proxy and creates it. Returns the server's representation of the proxy, and an error, if there is any. +func (c *FakeProxies) Create(proxy *config_v1.Proxy) (result *config_v1.Proxy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(proxiesResource, proxy), &config_v1.Proxy{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Proxy), err +} + +// Update takes the representation of a proxy and updates it. Returns the server's representation of the proxy, and an error, if there is any. +func (c *FakeProxies) Update(proxy *config_v1.Proxy) (result *config_v1.Proxy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(proxiesResource, proxy), &config_v1.Proxy{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Proxy), err +} + +// Delete takes name of the proxy and deletes it. Returns an error if one occurs. +func (c *FakeProxies) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(proxiesResource, name), &config_v1.Proxy{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeProxies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(proxiesResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.ProxyList{}) + return err +} + +// Patch applies the patch and returns the patched proxy. +func (c *FakeProxies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Proxy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(proxiesResource, name, data, subresources...), &config_v1.Proxy{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Proxy), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_scheduling.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_scheduling.go new file mode 100644 index 0000000000..9b9891bdb1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_scheduling.go @@ -0,0 +1,115 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + config_v1 "github.com/openshift/api/config/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeSchedulings implements SchedulingInterface +type FakeSchedulings struct { + Fake *FakeConfigV1 +} + +var schedulingsResource = schema.GroupVersionResource{Group: "config.openshift.io", Version: "v1", Resource: "schedulings"} + +var schedulingsKind = schema.GroupVersionKind{Group: "config.openshift.io", Version: "v1", Kind: "Scheduling"} + +// Get takes name of the scheduling, and returns the corresponding scheduling object, and an error if there is any. +func (c *FakeSchedulings) Get(name string, options v1.GetOptions) (result *config_v1.Scheduling, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(schedulingsResource, name), &config_v1.Scheduling{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Scheduling), err +} + +// List takes label and field selectors, and returns the list of Schedulings that match those selectors. +func (c *FakeSchedulings) List(opts v1.ListOptions) (result *config_v1.SchedulingList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(schedulingsResource, schedulingsKind, opts), &config_v1.SchedulingList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &config_v1.SchedulingList{ListMeta: obj.(*config_v1.SchedulingList).ListMeta} + for _, item := range obj.(*config_v1.SchedulingList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested schedulings. +func (c *FakeSchedulings) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(schedulingsResource, opts)) +} + +// Create takes the representation of a scheduling and creates it. Returns the server's representation of the scheduling, and an error, if there is any. +func (c *FakeSchedulings) Create(scheduling *config_v1.Scheduling) (result *config_v1.Scheduling, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(schedulingsResource, scheduling), &config_v1.Scheduling{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Scheduling), err +} + +// Update takes the representation of a scheduling and updates it. Returns the server's representation of the scheduling, and an error, if there is any. +func (c *FakeSchedulings) Update(scheduling *config_v1.Scheduling) (result *config_v1.Scheduling, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(schedulingsResource, scheduling), &config_v1.Scheduling{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Scheduling), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeSchedulings) UpdateStatus(scheduling *config_v1.Scheduling) (*config_v1.Scheduling, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(schedulingsResource, "status", scheduling), &config_v1.Scheduling{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Scheduling), err +} + +// Delete takes name of the scheduling and deletes it. Returns an error if one occurs. +func (c *FakeSchedulings) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(schedulingsResource, name), &config_v1.Scheduling{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeSchedulings) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(schedulingsResource, listOptions) + + _, err := c.Fake.Invokes(action, &config_v1.SchedulingList{}) + return err +} + +// Patch applies the patch and returns the patched scheduling. +func (c *FakeSchedulings) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *config_v1.Scheduling, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(schedulingsResource, name, data, subresources...), &config_v1.Scheduling{}) + if obj == nil { + return nil, err + } + return obj.(*config_v1.Scheduling), err +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/features.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/features.go new file mode 100644 index 0000000000..a6eb5983a6 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/features.go @@ -0,0 +1,147 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/config/v1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// FeaturesGetter has a method to return a FeaturesInterface. +// A group's client should implement this interface. +type FeaturesGetter interface { + Features() FeaturesInterface +} + +// FeaturesInterface has methods to work with Features resources. +type FeaturesInterface interface { + Create(*v1.Features) (*v1.Features, error) + Update(*v1.Features) (*v1.Features, error) + UpdateStatus(*v1.Features) (*v1.Features, error) + Delete(name string, options *meta_v1.DeleteOptions) error + DeleteCollection(options *meta_v1.DeleteOptions, listOptions meta_v1.ListOptions) error + Get(name string, options meta_v1.GetOptions) (*v1.Features, error) + List(opts meta_v1.ListOptions) (*v1.FeaturesList, error) + Watch(opts meta_v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.Features, err error) + FeaturesExpansion +} + +// features implements FeaturesInterface +type features struct { + client rest.Interface +} + +// newFeatures returns a Features +func newFeatures(c *ConfigV1Client) *features { + return &features{ + client: c.RESTClient(), + } +} + +// Get takes name of the features, and returns the corresponding features object, and an error if there is any. +func (c *features) Get(name string, options meta_v1.GetOptions) (result *v1.Features, err error) { + result = &v1.Features{} + err = c.client.Get(). + Resource("features"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Features that match those selectors. +func (c *features) List(opts meta_v1.ListOptions) (result *v1.FeaturesList, err error) { + result = &v1.FeaturesList{} + err = c.client.Get(). + Resource("features"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested features. +func (c *features) Watch(opts meta_v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Resource("features"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a features and creates it. Returns the server's representation of the features, and an error, if there is any. +func (c *features) Create(features *v1.Features) (result *v1.Features, err error) { + result = &v1.Features{} + err = c.client.Post(). + Resource("features"). + Body(features). + Do(). + Into(result) + return +} + +// Update takes the representation of a features and updates it. Returns the server's representation of the features, and an error, if there is any. +func (c *features) Update(features *v1.Features) (result *v1.Features, err error) { + result = &v1.Features{} + err = c.client.Put(). + Resource("features"). + Name(features.Name). + Body(features). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *features) UpdateStatus(features *v1.Features) (result *v1.Features, err error) { + result = &v1.Features{} + err = c.client.Put(). + Resource("features"). + Name(features.Name). + SubResource("status"). + Body(features). + Do(). + Into(result) + return +} + +// Delete takes name of the features and deletes it. Returns an error if one occurs. +func (c *features) Delete(name string, options *meta_v1.DeleteOptions) error { + return c.client.Delete(). + Resource("features"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *features) DeleteCollection(options *meta_v1.DeleteOptions, listOptions meta_v1.ListOptions) error { + return c.client.Delete(). + Resource("features"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched features. +func (c *features) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.Features, err error) { + result = &v1.Features{} + err = c.client.Patch(pt). + Resource("features"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go index eb431398f8..8d6e47c02f 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/generated_expansion.go @@ -16,6 +16,8 @@ type ConsoleExpansion interface{} type DNSExpansion interface{} +type FeaturesExpansion interface{} + type ImageExpansion interface{} type InfrastructureExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/features.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/features.go new file mode 100644 index 0000000000..e336b68a8b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/features.go @@ -0,0 +1,72 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + time "time" + + config_v1 "github.com/openshift/api/config/v1" + versioned "github.com/openshift/client-go/config/clientset/versioned" + internalinterfaces "github.com/openshift/client-go/config/informers/externalversions/internalinterfaces" + v1 "github.com/openshift/client-go/config/listers/config/v1" + meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// FeaturesInformer provides access to a shared informer and lister for +// Features. +type FeaturesInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1.FeaturesLister +} + +type featuresInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewFeaturesInformer constructs a new informer for Features type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFeaturesInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredFeaturesInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredFeaturesInformer constructs a new informer for Features type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredFeaturesInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options meta_v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1().Features().List(options) + }, + WatchFunc: func(options meta_v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1().Features().Watch(options) + }, + }, + &config_v1.Features{}, + resyncPeriod, + indexers, + ) +} + +func (f *featuresInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredFeaturesInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *featuresInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&config_v1.Features{}, f.defaultInformer) +} + +func (f *featuresInformer) Lister() v1.FeaturesLister { + return v1.NewFeaturesLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/interface.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/interface.go index d5c7ac48f9..cf3dc7f944 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/interface.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1/interface.go @@ -22,6 +22,8 @@ type Interface interface { Consoles() ConsoleInformer // DNSs returns a DNSInformer. DNSs() DNSInformer + // Features returns a FeaturesInformer. + Features() FeaturesInformer // Images returns a ImageInformer. Images() ImageInformer // Infrastructures returns a InfrastructureInformer. @@ -86,6 +88,11 @@ func (v *version) DNSs() DNSInformer { return &dNSInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } +// Features returns a FeaturesInformer. +func (v *version) Features() FeaturesInformer { + return &featuresInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + // Images returns a ImageInformer. func (v *version) Images() ImageInformer { return &imageInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go index 31124f6325..4986ff3e00 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go @@ -51,6 +51,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1().Consoles().Informer()}, nil case v1.SchemeGroupVersion.WithResource("dnss"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1().DNSs().Informer()}, nil + case v1.SchemeGroupVersion.WithResource("features"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1().Features().Informer()}, nil case v1.SchemeGroupVersion.WithResource("images"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1().Images().Informer()}, nil case v1.SchemeGroupVersion.WithResource("infrastructures"): diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1/expansion_generated.go b/vendor/github.com/openshift/client-go/config/listers/config/v1/expansion_generated.go index dcd4a714f3..8121641bd7 100644 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1/expansion_generated.go +++ b/vendor/github.com/openshift/client-go/config/listers/config/v1/expansion_generated.go @@ -30,6 +30,10 @@ type ConsoleListerExpansion interface{} // DNSLister. type DNSListerExpansion interface{} +// FeaturesListerExpansion allows custom methods to be added to +// FeaturesLister. +type FeaturesListerExpansion interface{} + // ImageListerExpansion allows custom methods to be added to // ImageLister. type ImageListerExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1/features.go b/vendor/github.com/openshift/client-go/config/listers/config/v1/features.go new file mode 100644 index 0000000000..1b2dd33bc3 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/listers/config/v1/features.go @@ -0,0 +1,49 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/config/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// FeaturesLister helps list Features. +type FeaturesLister interface { + // List lists all Features in the indexer. + List(selector labels.Selector) (ret []*v1.Features, err error) + // Get retrieves the Features from the index for a given name. + Get(name string) (*v1.Features, error) + FeaturesListerExpansion +} + +// featuresLister implements the FeaturesLister interface. +type featuresLister struct { + indexer cache.Indexer +} + +// NewFeaturesLister returns a new FeaturesLister. +func NewFeaturesLister(indexer cache.Indexer) FeaturesLister { + return &featuresLister{indexer: indexer} +} + +// List lists all Features in the indexer. +func (s *featuresLister) List(selector labels.Selector) (ret []*v1.Features, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1.Features)) + }) + return ret, err +} + +// Get retrieves the Features from the index for a given name. +func (s *featuresLister) Get(name string) (*v1.Features, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1.Resource("features"), name) + } + return obj.(*v1.Features), nil +}