CFE-885:Feature route external certificate validation

go.mod

@@ -18,11 +18,11 @@ require (
 	github.com/jteeuwen/go-bindata v3.0.8-0.20151023091102-a0ff2567cfb7+incompatible
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.1.0-rc2
-	github.com/openshift/api v0.0.0-20231218131639-7a5aa77cc72d
+	github.com/openshift/api v0.0.0-20240417231225-21822c8bdd5c
 	github.com/openshift/apiserver-library-go v0.0.0-20240313131158-facc40cc7688
-	github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d
-	github.com/openshift/client-go v0.0.0-20231218155125-ff7d9f9bf415
-	github.com/openshift/library-go v0.0.0-20231218143352-99cedb2a141c
+	github.com/openshift/build-machinery-go v0.0.0-20231128094528-1e9b1b0595c8
+	github.com/openshift/client-go v0.0.0-20240415214935-be70f772f157
+	github.com/openshift/library-go v0.0.0-20240412173449-eb2f24c36528
 	github.com/openshift/runtime-utils v0.0.0-20230921210328-7bdb5b9c177b
 	github.com/spf13/cobra v1.7.0
 	github.com/spf13/pflag v1.0.5
@@ -53,7 +53,6 @@ require (
 	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blang/semver v3.5.1+incompatible // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect

go.sum

@@ -33,8 +33,6 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
-github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
 github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
 github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
 github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
@@ -266,20 +264,20 @@ github.com/opencontainers/runc v1.1.10 h1:EaL5WeO9lv9wmS6SASjszOeQdSctvpbu0DdBQB
 github.com/opencontainers/runc v1.1.10/go.mod h1:+/R6+KmDlh+hOO8NkjmgkG9Qzvypzk0yXxAPYYR65+M=
 github.com/opencontainers/runtime-spec v1.0.3-0.20220909204839-494a5a6aca78 h1:R5M2qXZiK/mWPMT4VldCOiSL9HIAMuxQZWdG0CSM5+4=
 github.com/opencontainers/runtime-spec v1.0.3-0.20220909204839-494a5a6aca78/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/openshift/api v0.0.0-20231218131639-7a5aa77cc72d h1:aVjDasSo08KUIltX++Mcl6ptN0ooxh3dRttHBFGVVI0=
-github.com/openshift/api v0.0.0-20231218131639-7a5aa77cc72d/go.mod h1:RLaNkRn87bQeH3MpTWXCxlSb62qVGBxfQY344jBfVsg=
+github.com/openshift/api v0.0.0-20240417231225-21822c8bdd5c h1:NSNh/Y7aPvoRNzjvNEdGiTjSS1JYI19fbgyY5GO5SvE=
+github.com/openshift/api v0.0.0-20240417231225-21822c8bdd5c/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4=
 github.com/openshift/apiserver-library-go v0.0.0-20240313131158-facc40cc7688 h1:E7U+i+BKXjzH1bZsB5a9ueSxF/8QeLxA9ZncCb0vecs=
 github.com/openshift/apiserver-library-go v0.0.0-20240313131158-facc40cc7688/go.mod h1:a6meSr6htNKfmmZ8ixLmnim/JL7NkgW7rX7J2vczMp4=
-github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d h1:RR4ah7FfaPR1WePizm0jlrsbmPu91xQZnAsVVreQV1k=
-github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE=
-github.com/openshift/client-go v0.0.0-20231218155125-ff7d9f9bf415 h1:wfnn3E0Z62bB3wYM5eO1AZ9EYZpFd7M1p4PclcIyVv0=
-github.com/openshift/client-go v0.0.0-20231218155125-ff7d9f9bf415/go.mod h1:5W+xoimHjRdZ0dI/yeQR0ANRNLK9mPmXMzUWPAIPADo=
+github.com/openshift/build-machinery-go v0.0.0-20231128094528-1e9b1b0595c8 h1:cu3YUMVGsKIyFyJGO3F6BZKGYQZpCKxAv9cBPgQAca8=
+github.com/openshift/build-machinery-go v0.0.0-20231128094528-1e9b1b0595c8/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE=
+github.com/openshift/client-go v0.0.0-20240415214935-be70f772f157 h1:xbd4qHpyFnnOYDHHnMQa+100MR+K/DFiC1J3BFdL+tQ=
+github.com/openshift/client-go v0.0.0-20240415214935-be70f772f157/go.mod h1:Q3mt/X5xrxnR5R6BE7duF2ToLioRQJYnTYaaDS4QZTs=
 github.com/openshift/docker-distribution/v3 v3.0.0-20240215131201-6b2f5d2f1f43 h1:iFiveehT5yqHvAxdTwHGZLTxyxzMqP8bLcQKz6Y7NQQ=
 github.com/openshift/docker-distribution/v3 v3.0.0-20240215131201-6b2f5d2f1f43/go.mod h1:+fqBJ4vPYo4Uu1ZE4d+bUtTLRXfdSL3NvCZIZ9GHv58=
 github.com/openshift/kubernetes-apiserver v0.0.0-20240410114447-9e7c11c45dab h1:hVEUWx+0XiMkstOLlQ5BiBZTnA7WWJJf80Dc2L2FLyM=
 github.com/openshift/kubernetes-apiserver v0.0.0-20240410114447-9e7c11c45dab/go.mod h1:B0LieKVoyU7ykQvPFm7XSdIHaCHSzCzQWPFa5bqbeMQ=
-github.com/openshift/library-go v0.0.0-20231218143352-99cedb2a141c h1:Onc1C9RWubJj88Jye/giWg2dbbTdMkRGvdekIWBzqTE=
-github.com/openshift/library-go v0.0.0-20231218143352-99cedb2a141c/go.mod h1:3taNPDhXab1SAcKteUtv5T7VEYeHJxa5xfHqfnHPEKY=
+github.com/openshift/library-go v0.0.0-20240412173449-eb2f24c36528 h1:vnLKZUSW1aPv7Pd6+QYjDUU+/8z2MSBacU38cAlNMPA=
+github.com/openshift/library-go v0.0.0-20240412173449-eb2f24c36528/go.mod h1:m/HsttSi90vSixwoy5mPUBHcZid2YRw/QbsLErLxF9s=
 github.com/openshift/moby-moby v0.0.0-20190308215630-da810a85109d h1:fLITXDjxMSvUDjnXs/zljIWktbST9+Om8XbrmmM7T4I=
 github.com/openshift/moby-moby v0.0.0-20190308215630-da810a85109d/go.mod h1:LJM49W8fBVSj+rvcopJZu9mgH5Tx6HwLHySIYeGeu4k=
 github.com/openshift/runtime-utils v0.0.0-20230921210328-7bdb5b9c177b h1:oXzC1N6E9gw76/WH2gEA8GEHvuq09wuVQ9GoCuR8GF4=

hack/openapi-violation.list

@@ -86,6 +86,7 @@ API rule violation: list_type_missing,github.com/openshift/api/config/v1,Feature
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,FeatureGateDetails,Enabled
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,FeatureGateEnabledDisabled,Disabled
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,FeatureGateEnabledDisabled,Enabled
+API rule violation: list_type_missing,github.com/openshift/api/config/v1,FeatureGateTests,Tests
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,GenericAPIServerConfig,CORSAllowedOrigins
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,GitHubIdentityProvider,Organizations
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,GitHubIdentityProvider,Teams
@@ -118,9 +119,12 @@ API rule violation: list_type_missing,github.com/openshift/api/config/v1,Require
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,ServingInfo,CipherSuites
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,ServingInfo,NamedCertificates
 API rule violation: list_type_missing,github.com/openshift/api/config/v1,TLSProfileSpec,Ciphers
-API rule violation: list_type_missing,github.com/openshift/api/config/v1,featureSetBuilder,forceOff
-API rule violation: list_type_missing,github.com/openshift/api/config/v1,featureSetBuilder,forceOn
+API rule violation: list_type_missing,github.com/openshift/api/config/v1,TestReportingSpec,TestsForFeatureGates
+API rule violation: list_type_missing,github.com/openshift/api/config/v1alpha1,FulcioCAWithRekor,FulcioCAData
+API rule violation: list_type_missing,github.com/openshift/api/config/v1alpha1,FulcioCAWithRekor,RekorKeyData
 API rule violation: list_type_missing,github.com/openshift/api/config/v1alpha1,GatherConfig,DisabledGatherers
+API rule violation: list_type_missing,github.com/openshift/api/config/v1alpha1,PublicKey,KeyData
+API rule violation: list_type_missing,github.com/openshift/api/config/v1alpha1,PublicKey,RekorKeyData
 API rule violation: list_type_missing,github.com/openshift/api/console/v1,ConsoleCLIDownloadSpec,Links
 API rule violation: list_type_missing,github.com/openshift/api/console/v1,ConsolePluginSpec,Proxy
 API rule violation: list_type_missing,github.com/openshift/api/console/v1,ConsoleQuickStartSpec,AccessReviewResources
@@ -217,7 +221,6 @@ API rule violation: list_type_missing,github.com/openshift/api/machine/v1,Alibab
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1,AlibabaCloudMachineProviderConfig,Tags
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1,AlibabaCloudMachineProviderStatus,Conditions
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1,FailureDomains,OpenStack
-API rule violation: list_type_missing,github.com/openshift/api/machine/v1,FailureDomains,VSphere
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1,NutanixMachineProviderConfig,Subnets
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1,NutanixMachineProviderStatus,Conditions
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1,PowerVSMachineProviderConfig,LoadBalancers
@@ -258,11 +261,12 @@ API rule violation: list_type_missing,github.com/openshift/api/machine/v1beta1,N
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1beta1,NetworkDeviceSpec,Nameservers
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1beta1,NetworkSpec,Devices
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1beta1,ObjectMeta,OwnerReferences
+API rule violation: list_type_missing,github.com/openshift/api/machine/v1beta1,VSphereMachineProviderSpec,TagIDs
 API rule violation: list_type_missing,github.com/openshift/api/machine/v1beta1,VSphereMachineProviderStatus,Conditions
-API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1alpha1,AlertRelabelConfigSpec,Configs
-API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1alpha1,AlertRelabelConfigStatus,Conditions
-API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1alpha1,RelabelConfig,SourceLabels
-API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1alpha1,RuleGroup,Rules
+API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1,AlertRelabelConfigSpec,Configs
+API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1,AlertRelabelConfigStatus,Conditions
+API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1,RelabelConfig,SourceLabels
+API rule violation: list_type_missing,github.com/openshift/api/monitoring/v1,RuleGroup,Rules
 API rule violation: list_type_missing,github.com/openshift/api/network/v1,ClusterNetwork,ClusterNetworks
 API rule violation: list_type_missing,github.com/openshift/api/network/v1,EgressNetworkPolicySpec,Egress
 API rule violation: list_type_missing,github.com/openshift/api/network/v1,HostSubnet,EgressCIDRs
@@ -319,9 +323,6 @@ API rule violation: list_type_missing,github.com/openshift/api/operator/v1,Netwo
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,NetworkSpec,ClusterNetwork
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,NetworkSpec,ServiceNetwork
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,NodePlacement,Tolerations
-API rule violation: list_type_missing,github.com/openshift/api/operator/v1,NodeStatus,LastFailedRevisionErrors
-API rule violation: list_type_missing,github.com/openshift/api/operator/v1,OperatorStatus,Conditions
-API rule violation: list_type_missing,github.com/openshift/api/operator/v1,OperatorStatus,Generations
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,ProjectAccess,AvailableClusterRoles
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,QuickStarts,Disabled
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,ResourceAttributesAccessReview,Missing
@@ -332,7 +333,6 @@ API rule violation: list_type_missing,github.com/openshift/api/operator/v1,Stati
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,StaticIPAMConfig,Routes
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,StaticIPAMDNS,Nameservers
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,StaticIPAMDNS,Search
-API rule violation: list_type_missing,github.com/openshift/api/operator/v1,StaticPodOperatorStatus,NodeStatuses
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,UpstreamResolvers,Upstreams
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1,VSphereCSIDriverConfigSpec,TopologyCategories
 API rule violation: list_type_missing,github.com/openshift/api/operator/v1alpha1,ImageContentSourcePolicySpec,RepositoryDigestMirrors
@@ -773,8 +773,11 @@ API rule violation: names_match,github.com/openshift/api/config/v1,TokenIssuer,U
 API rule violation: names_match,github.com/openshift/api/config/v1,VSpherePlatformNodeNetworkingSpec,ExcludeNetworkSubnetCIDR
 API rule violation: names_match,github.com/openshift/api/config/v1,VSpherePlatformNodeNetworkingSpec,NetworkSubnetCIDR
 API rule violation: names_match,github.com/openshift/api/config/v1,VSpherePlatformSpec,VCenters
-API rule violation: names_match,github.com/openshift/api/config/v1,featureSetBuilder,forceOff
-API rule violation: names_match,github.com/openshift/api/config/v1,featureSetBuilder,forceOn
+API rule violation: names_match,github.com/openshift/api/config/v1,featureGateBuilder,name
+API rule violation: names_match,github.com/openshift/api/config/v1,featureGateBuilder,owningJiraComponent
+API rule violation: names_match,github.com/openshift/api/config/v1,featureGateBuilder,owningProduct
+API rule violation: names_match,github.com/openshift/api/config/v1,featureGateBuilder,responsiblePerson
+API rule violation: names_match,github.com/openshift/api/config/v1,featureGateBuilder,statusByClusterProfileByFeatureSet
 API rule violation: names_match,github.com/openshift/api/config/v1alpha1,BackupSpec,EtcdBackupSpec
 API rule violation: names_match,github.com/openshift/api/config/v1alpha1,PolicyIdentity,PolicyMatchExactRepository
 API rule violation: names_match,github.com/openshift/api/config/v1alpha1,PolicyIdentity,PolicyMatchRemapIdentity
@@ -891,7 +894,11 @@ API rule violation: names_match,github.com/openshift/api/operator/v1,EtcdSpec,Ha
 API rule violation: names_match,github.com/openshift/api/operator/v1,EtcdStatus,HardwareSpeed
 API rule violation: names_match,github.com/openshift/api/operator/v1,GatewayConfig,IPv4
 API rule violation: names_match,github.com/openshift/api/operator/v1,GatewayConfig,IPv6
+API rule violation: names_match,github.com/openshift/api/operator/v1,NodeDisruptionPolicyClusterStatus,SSHKey
+API rule violation: names_match,github.com/openshift/api/operator/v1,NodeDisruptionPolicyConfig,SSHKey
 API rule violation: names_match,github.com/openshift/api/operator/v1,OVNKubernetesConfig,IPsecConfig
+API rule violation: names_match,github.com/openshift/api/operator/v1,OVNKubernetesConfig,IPv4
+API rule violation: names_match,github.com/openshift/api/operator/v1,OVNKubernetesConfig,IPv6
 API rule violation: names_match,github.com/openshift/api/operator/v1,StorageSpec,VSphereStorageDriver
 API rule violation: names_match,github.com/openshift/api/operator/v1alpha1,OperatorStatus,CurrentAvailability
 API rule violation: names_match,github.com/openshift/api/operator/v1alpha1,OperatorStatus,TargetAvailability

pkg/api/validation/register.go

@@ -1,6 +1,9 @@
 package validation
 
 import (
+	"context"
+
+	routecommon "github.com/openshift/library-go/pkg/route"
 	appsvalidation "github.com/openshift/openshift-apiserver/pkg/apps/apis/apps/validation"
 	authorizationvalidation "github.com/openshift/openshift-apiserver/pkg/authorization/apis/authorization/validation"
 	buildvalidation "github.com/openshift/openshift-apiserver/pkg/build/apis/build/validation"
@@ -11,6 +14,8 @@ import (
 	securityvalidation "github.com/openshift/openshift-apiserver/pkg/security/apis/security/validation"
 	templatevalidation "github.com/openshift/openshift-apiserver/pkg/template/apis/template/validation"
 	"k8s.io/apimachinery/pkg/util/validation/field"
+	authorizationclient "k8s.io/client-go/kubernetes/typed/authorization/v1"
+	v1 "k8s.io/client-go/kubernetes/typed/core/v1"
 
 	appsapi "github.com/openshift/openshift-apiserver/pkg/apps/apis/apps"
 	authorizationapi "github.com/openshift/openshift-apiserver/pkg/authorization/apis/authorization"
@@ -76,9 +81,11 @@ func registerAll() {
 }
 
 func routeOptionsAdapter(route *routeapi.Route) field.ErrorList {
-	return routevalidation.ValidateRoute(route, routevalidation.RouteValidationOptions{})
+	a := &authorizationclient.AuthorizationV1Client{}
+	return routevalidation.ValidateRoute(context.Background(), route, a.SubjectAccessReviews(), &v1.CoreV1Client{}, routecommon.RouteValidationOptions{})
 }
 
 func routeUpdateOptionsAdapter(route *routeapi.Route, oldRoute *routeapi.Route) field.ErrorList {
-	return routevalidation.ValidateRouteUpdate(route, oldRoute, routevalidation.RouteValidationOptions{})
+	a := &authorizationclient.AuthorizationV1Client{}
+	return routevalidation.ValidateRouteUpdate(context.Background(), route, oldRoute, a.SubjectAccessReviews(), &v1.CoreV1Client{}, routecommon.RouteValidationOptions{})
 }

pkg/cmd/openshift-apiserver/cmd.go

@@ -103,7 +103,7 @@ func (o *OpenShiftAPIServer) Validate() error {
 
 // RunAPIServer takes the options, starts the API server and waits until stopCh is closed or initial listening fails.
 func (o *OpenShiftAPIServer) RunAPIServer(stopCh <-chan struct{}) error {
-	if err := features.InitializeFeatureGates(feature.DefaultMutableFeatureGate, configv1.FeatureGateRouteExternalCertificate); err != nil {
+	if err := features.InitializeFeatureGates(feature.DefaultMutableFeatureGate, configv1.SelfManaged, configv1.FeatureGateRouteExternalCertificate); err != nil {
 		return err
 	}
 

pkg/cmd/openshift-apiserver/openshiftadmission/register_test.go

@@ -9,7 +9,7 @@ import (
 )
 
 func TestAdmissionRegistration(t *testing.T) {
-	err := admissionregistrationtesting.AdmissionRegistrationTest(OriginAdmissionPlugins, OpenShiftAdmissionPlugins, sets.String{})
+	err := admissionregistrationtesting.AdmissionRegistrationTest(OriginAdmissionPlugins, OpenShiftAdmissionPlugins, sets.Set[string]{})
 	if err != nil {
 		t.Fatal(err)
 	}