diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 44f90caa..37c92fa0 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -14,7 +14,7 @@ namePrefix: platform-operators- # Annotations to add to all resources. commonAnnotations: - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade include.release.openshift.io/self-managed-high-availability: "true" images: diff --git a/go.mod b/go.mod index 6164270d..c5dcb70e 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/blang/semver/v4 v4.0.0 github.com/onsi/ginkgo/v2 v2.1.4 github.com/onsi/gomega v1.19.0 - github.com/openshift/api v0.0.0-20220831185921-0ee1471bcabb + github.com/openshift/api v0.0.0-20220908185739-e518ece6c293 github.com/operator-framework/api v0.15.0 github.com/operator-framework/operator-registry v1.22.1 github.com/operator-framework/rukpak v0.9.0 diff --git a/go.sum b/go.sum index 789fb65d..fa63c788 100644 --- a/go.sum +++ b/go.sum @@ -412,8 +412,8 @@ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7J github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/openshift/api v0.0.0-20220831185921-0ee1471bcabb h1:/tun/ZD0MtypwIYvZMxwupWQwVyYgQhFi1FKeZf85ms= -github.com/openshift/api v0.0.0-20220831185921-0ee1471bcabb/go.mod h1:9JWn+H7X8wEPPc9D63krigXl8r3F1Mt6/lC98brUyhQ= +github.com/openshift/api v0.0.0-20220908185739-e518ece6c293 h1:oqCGwpNsLTz5gXnjWK2COXkCxI5HdRwY/Aiq+P0RVdk= +github.com/openshift/api v0.0.0-20220908185739-e518ece6c293/go.mod h1:9JWn+H7X8wEPPc9D63krigXl8r3F1Mt6/lC98brUyhQ= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/operator-framework/api v0.15.0 h1:4f9i0drtqHj7ykLoHxv92GR43S7MmQHhmFQkfm5YaGI= github.com/operator-framework/api v0.15.0/go.mod h1:scnY9xqSeCsOdtJtNoHIXd7OtHZ14gj1hkDA4+DlgLY= diff --git a/manifests/0000_50_cluster-platform-operator-manager_00-namespace.yaml b/manifests/0000_50_cluster-platform-operator-manager_00-namespace.yaml index 060b7f3a..c54f6b46 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_00-namespace.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_00-namespace.yaml @@ -3,7 +3,7 @@ kind: Namespace metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: control-plane: controller-manager pod-security.kubernetes.io/enforce: baseline diff --git a/manifests/0000_50_cluster-platform-operator-manager_00-platformoperator.crd.yaml b/manifests/0000_50_cluster-platform-operator-manager_00-platformoperator.crd.yaml index fb68de11..b74c9c17 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_00-platformoperator.crd.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_00-platformoperator.crd.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade api-approved.openshift.io: https://github.com/openshift/api/pull/1234 include.release.openshift.io/self-managed-high-availability: "true" creationTimestamp: null @@ -66,7 +66,7 @@ spec: description: conditions represent the latest available observations of a platform operator's current state. type: array items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n \ttype FooStatus struct{ \t // Represents the observations of a foo's current state. \t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map \t // +listMapKey=type \t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields \t}" + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" type: object required: - lastTransitionTime diff --git a/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundledeployments.crd.yaml b/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundledeployments.crd.yaml index be287864..6eb462d8 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundledeployments.crd.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundledeployments.crd.yaml @@ -4,7 +4,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade creationTimestamp: null name: bundledeployments.core.rukpak.io spec: diff --git a/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundles.crd.yaml b/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundles.crd.yaml index 401ced4b..1537af68 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundles.crd.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_00-rukpak-bundles.crd.yaml @@ -4,7 +4,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade creationTimestamp: null name: bundles.core.rukpak.io spec: diff --git a/manifests/0000_50_cluster-platform-operator-manager_01-core-ca.cm.yaml b/manifests/0000_50_cluster-platform-operator-manager_01-core-ca.cm.yaml index a2842f71..ecd484fd 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_01-core-ca.cm.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_01-core-ca.cm.yaml @@ -4,7 +4,7 @@ kind: ConfigMap metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" name: platform-operators-rukpak-core-tls namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-core-admin.sa.yaml b/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-core-admin.sa.yaml index 3c6837f7..a90fee35 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-core-admin.sa.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-core-admin.sa.yaml @@ -3,6 +3,6 @@ kind: ServiceAccount metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-rukpak-core-admin namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-webhooks-admin.sa.yaml b/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-webhooks-admin.sa.yaml index bbc923af..0ba2fb50 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-webhooks-admin.sa.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_01-rukpak-webhooks-admin.sa.yaml @@ -3,6 +3,6 @@ kind: ServiceAccount metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-rukpak-webhooks-admin namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_01-serviceaccount.yaml b/manifests/0000_50_cluster-platform-operator-manager_01-serviceaccount.yaml index 45d6c393..c943de46 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_01-serviceaccount.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_01-serviceaccount.yaml @@ -3,6 +3,6 @@ kind: ServiceAccount metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-controller-manager namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_01-webhook-ca.cm.yaml b/manifests/0000_50_cluster-platform-operator-manager_01-webhook-ca.cm.yaml index 16db9570..97ff1d94 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_01-webhook-ca.cm.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_01-webhook-ca.cm.yaml @@ -4,7 +4,7 @@ kind: ConfigMap metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" name: platform-operators-rukpak-webhook-tls namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_02-metricsservice.yaml b/manifests/0000_50_cluster-platform-operator-manager_02-metricsservice.yaml index ae87f902..55908ec1 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_02-metricsservice.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_02-metricsservice.yaml @@ -3,7 +3,7 @@ kind: Service metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: control-plane: controller-manager name: platform-operators-controller-manager-metrics-service diff --git a/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-core.service.yaml b/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-core.service.yaml index ab5095f3..da1754a5 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-core.service.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-core.service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/serving-cert-secret-name: platform-operators-rukpak-core-tls name: platform-operators-rukpak-core namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-webhook.service.yaml b/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-webhook.service.yaml index 3622e532..309fa238 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-webhook.service.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_02-rukpak-webhook.service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/serving-cert-secret-name: platform-operators-rukpak-webhook-tls name: platform-operators-rukpak-webhook-service namespace: openshift-platform-operators diff --git a/manifests/0000_50_cluster-platform-operator-manager_03_rbac.yaml b/manifests/0000_50_cluster-platform-operator-manager_03_rbac.yaml index 0aa3f90e..356855f5 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_03_rbac.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_03_rbac.yaml @@ -3,7 +3,7 @@ kind: ClusterRole metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade creationTimestamp: null name: platform-operators-manager-role rules: @@ -86,7 +86,7 @@ kind: ClusterRole metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-metrics-reader rules: - nonResourceURLs: @@ -99,7 +99,7 @@ kind: ClusterRole metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-proxy-role rules: - apiGroups: @@ -120,7 +120,7 @@ kind: ClusterRoleBinding metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io @@ -136,7 +136,7 @@ kind: ClusterRoleBinding metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io @@ -152,7 +152,7 @@ kind: Role metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-leader-election-role namespace: openshift-platform-operators rules: @@ -193,7 +193,7 @@ kind: RoleBinding metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-leader-election-rolebinding namespace: openshift-platform-operators roleRef: @@ -210,7 +210,7 @@ kind: ClusterRole metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-rukpak-bundle-reader rules: - nonResourceURLs: @@ -223,7 +223,7 @@ kind: ClusterRole metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-rukpak-bundle-uploader rules: - nonResourceURLs: @@ -236,7 +236,7 @@ kind: ClusterRole metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade creationTimestamp: null name: platform-operators-rukpak-core-admin rules: @@ -329,7 +329,7 @@ kind: ClusterRoleBinding metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-rukpak-core-admin roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-core.deployment.yaml b/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-core.deployment.yaml index 68fa412c..7371021f 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-core.deployment.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-core.deployment.yaml @@ -3,7 +3,7 @@ kind: Deployment metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: app: core name: platform-operators-rukpak-core @@ -18,7 +18,7 @@ spec: annotations: include.release.openshift.io/self-managed-high-availability: "true" kubectl.kubernetes.io/default-container: manager - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: app: core spec: diff --git a/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-webhooks.deployment.yaml b/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-webhooks.deployment.yaml index e97aaee3..ee381abc 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-webhooks.deployment.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_04-rukpak-webhooks.deployment.yaml @@ -3,7 +3,7 @@ kind: Deployment metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: app: webhooks name: platform-operators-rukpak-webhooks @@ -20,7 +20,7 @@ spec: metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: app: webhooks spec: diff --git a/manifests/0000_50_cluster-platform-operator-manager_05-rukpak.validating-webhook-configuration.yaml b/manifests/0000_50_cluster-platform-operator-manager_05-rukpak.validating-webhook-configuration.yaml index eb798f0f..76d19458 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_05-rukpak.validating-webhook-configuration.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_05-rukpak.validating-webhook-configuration.yaml @@ -3,7 +3,7 @@ kind: ValidatingWebhookConfiguration metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade service.beta.openshift.io/inject-cabundle: "true" name: platform-operators-rukpak-validating-webhook-configuration webhooks: diff --git a/manifests/0000_50_cluster-platform-operator-manager_06-deployment.yaml b/manifests/0000_50_cluster-platform-operator-manager_06-deployment.yaml index 2ea2cd1f..c97a5641 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_06-deployment.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_06-deployment.yaml @@ -3,7 +3,7 @@ kind: Deployment metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: control-plane: controller-manager name: platform-operators-controller-manager @@ -18,7 +18,7 @@ spec: annotations: include.release.openshift.io/self-managed-high-availability: "true" kubectl.kubernetes.io/default-container: manager - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade labels: control-plane: controller-manager spec: diff --git a/manifests/0000_50_cluster-platform-operator-manager_07-aggregated-clusteroperator.yaml b/manifests/0000_50_cluster-platform-operator-manager_07-aggregated-clusteroperator.yaml index 0849792a..c4602792 100644 --- a/manifests/0000_50_cluster-platform-operator-manager_07-aggregated-clusteroperator.yaml +++ b/manifests/0000_50_cluster-platform-operator-manager_07-aggregated-clusteroperator.yaml @@ -4,7 +4,7 @@ metadata: annotations: include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade name: platform-operators-aggregated namespace: openshift-platform-operators spec: {} diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml index a79c00e1..73677d5c 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml @@ -208,7 +208,7 @@ spec: description: 'conditions represents the observations of the conditional update''s current status. Known types are: * Evaluating, for whether the cluster-version operator will attempt to evaluate any risks[].matchingRules. * Recommended, for whether the update is recommended for the current cluster.' type: array items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n \ttype FooStatus struct{ \t // Represents the observations of a foo's current state. \t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map \t // +listMapKey=type \t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields \t}" + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" type: object required: - lastTransitionTime diff --git a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml index 24622539..3f58cbf6 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_proxy.crd.yaml @@ -51,7 +51,7 @@ spec: items: type: string trustedCA: - description: "trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key \"ca-bundle.crt\", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE-----" + description: "trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key \"ca-bundle.crt\", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE-----" type: object required: - name diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml index 3ff78377..3e53b28b 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_apiserver.crd.yaml @@ -73,7 +73,7 @@ spec: - group x-kubernetes-list-type: map profile: - description: "profile specifies the name of the desired top-level audit profile to be applied to all requests sent to any of the OpenShift-provided API servers in the cluster (kube-apiserver, openshift-apiserver and oauth-apiserver), with the exception of those requests that match one or more of the customRules. \n The following profiles are provided: - Default: default policy which means MetaData level logging with the exception of events (not logged at all), oauthaccesstokens and oauthauthorizetokens (both logged at RequestBody level). - WriteRequestBodies: like 'Default', but logs request and response HTTP payloads for write requests (create, update, patch). - AllRequestBodies: like 'WriteRequestBodies', but also logs request and response HTTP payloads for read requests (get, list). - None: no requests are logged at all, not even oauthaccesstokens and oauthauthorizetokens. \n Warning: It is not recommended to disable audit logging by using the `None` profile unless you are fully aware of the risks of not logging data that can be beneficial when troubleshooting issues. If you disable audit logging and a support situation arises, you might need to enable audit logging and reproduce the issue in order to troubleshoot properly. \n If unset, the 'Default' profile is used as the default." + description: "profile specifies the name of the desired top-level audit profile to be applied to all requests sent to any of the OpenShift-provided API servers in the cluster (kube-apiserver, openshift-apiserver and oauth-apiserver), with the exception of those requests that match one or more of the customRules. \n The following profiles are provided: - Default: default policy which means MetaData level logging with the exception of events (not logged at all), oauthaccesstokens and oauthauthorizetokens (both logged at RequestBody level). - WriteRequestBodies: like 'Default', but logs request and response HTTP payloads for write requests (create, update, patch). - AllRequestBodies: like 'WriteRequestBodies', but also logs request and response HTTP payloads for read requests (get, list). - None: no requests are logged at all, not even oauthaccesstokens and oauthauthorizetokens. \n Warning: It is not recommended to disable audit logging by using the `None` profile unless you are fully aware of the risks of not logging data that can be beneficial when troubleshooting issues. If you disable audit logging and a support situation arises, you might need to enable audit logging and reproduce the issue in order to troubleshoot properly. \n If unset, the 'Default' profile is used as the default." type: string default: Default enum: @@ -95,7 +95,7 @@ spec: type: object properties: type: - description: "type defines what encryption type should be used to encrypt resources at the datastore layer. When this field is unset (i.e. when it is set to the empty string), identity is implied. The behavior of unset can and will change over time. Even if encryption is enabled by default, the meaning of unset may change to a different encryption type based on changes in best practices. \n When encryption is enabled, all sensitive resources shipped with the platform are encrypted. This list of sensitive resources can and will change over time. The current authoritative list is: \n 1. secrets 2. configmaps 3. routes.route.openshift.io 4. oauthaccesstokens.oauth.openshift.io 5. oauthauthorizetokens.oauth.openshift.io" + description: "type defines what encryption type should be used to encrypt resources at the datastore layer. When this field is unset (i.e. when it is set to the empty string), identity is implied. The behavior of unset can and will change over time. Even if encryption is enabled by default, the meaning of unset may change to a different encryption type based on changes in best practices. \n When encryption is enabled, all sensitive resources shipped with the platform are encrypted. This list of sensitive resources can and will change over time. The current authoritative list is: \n 1. secrets 2. configmaps 3. routes.route.openshift.io 4. oauthaccesstokens.oauth.openshift.io 5. oauthauthorizetokens.oauth.openshift.io" type: string enum: - "" @@ -131,16 +131,16 @@ spec: type: object properties: custom: - description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1" + description: "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1" type: object properties: ciphers: - description: "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" + description: "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" type: array items: type: string minTLSVersion: - description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12" + description: "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion allowed is VersionTLS12" type: string enum: - VersionTLS10 @@ -149,15 +149,15 @@ spec: - VersionTLS13 nullable: true intermediate: - description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2" + description: "intermediate is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2" type: object nullable: true modern: - description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported." + description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported." type: object nullable: true old: - description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0" + description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0" type: object nullable: true type: diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml index f67be27d..89bc6558 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml @@ -69,7 +69,7 @@ spec: items: type: string trustedCA: - description: "trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key \"ca-bundle.crt\", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE-----" + description: "trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key \"ca-bundle.crt\", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE-----" type: object required: - name @@ -111,6 +111,7 @@ spec: optional: description: Specify whether the ConfigMap or its key must be defined type: boolean + x-kubernetes-map-type: atomic fieldRef: description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' type: object @@ -123,6 +124,7 @@ spec: fieldPath: description: Path of the field to select in the specified API version. type: string + x-kubernetes-map-type: atomic resourceFieldRef: description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' type: object @@ -142,6 +144,7 @@ spec: resource: description: 'Required: resource to select' type: string + x-kubernetes-map-type: atomic secretKeyRef: description: Selects a key of a secret in the pod's namespace type: object @@ -157,6 +160,7 @@ spec: optional: description: Specify whether the Secret or its key must be defined type: boolean + x-kubernetes-map-type: atomic gitProxy: description: "GitProxy contains the proxy settings for git operations only. If set, this will override any Proxy settings for all git commands, such as git clone. \n Values that are not set here will be inherited from DefaultProxy." type: object @@ -176,7 +180,7 @@ spec: items: type: string trustedCA: - description: "trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key \"ca-bundle.crt\", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE-----" + description: "trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key \"ca-bundle.crt\", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. \n The namespace for the ConfigMap referenced by trustedCA is \"openshift-config\". Here is an example ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE-----" type: object required: - name diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml index 026560ea..0491e842 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_ingress.crd.yaml @@ -96,7 +96,7 @@ spec: - type properties: type: - description: "type allows user to set a load balancer type. When this field is set the default ingresscontroller will get created using the specified LBType. If this field is not set then the default ingress controller of LBType Classic will be created. Valid values are: \n * \"Classic\": A Classic Load Balancer that makes routing decisions at either the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS). See the following for additional details: \n https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb \n * \"NLB\": A Network Load Balancer that makes routing decisions at the transport layer (TCP/SSL). See the following for additional details: \n https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb" + description: "type allows user to set a load balancer type. When this field is set the default ingresscontroller will get created using the specified LBType. If this field is not set then the default ingress controller of LBType Classic will be created. Valid values are: \n * \"Classic\": A Classic Load Balancer that makes routing decisions at either the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS). See the following for additional details: \n https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#clb \n * \"NLB\": A Network Load Balancer that makes routing decisions at the transport layer (TCP/SSL). See the following for additional details: \n https://docs.aws.amazon.com/AmazonECS/latest/developerguide/load-balancer-types.html#nlb" type: string enum: - NLB @@ -188,6 +188,7 @@ spec: type: object additionalProperties: type: string + x-kubernetes-map-type: atomic preloadPolicy: description: preloadPolicy directs the client to include hosts in its host preload list so that it never needs to do an initial load to get the HSTS header (note that this is not defined in RFC 6797 and is therefore client implementation-dependent). type: string @@ -215,7 +216,7 @@ spec: description: "conditions are used to communicate the state of the componentRoutes entry. \n Supported conditions include Available, Degraded and Progressing. \n If available is true, the content served by the route can be accessed by users. This includes cases where a default may continue to serve content while the customized route specified by the cluster-admin is being configured. \n If Degraded is true, that means something has gone wrong trying to handle the componentRoutes entry. The currentHostnames field may or may not be in effect. \n If Progressing is true, that means the component is taking some action related to the componentRoutes entry." type: array items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n \ttype FooStatus struct{ \t // Represents the observations of a foo's current state. \t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map \t // +listMapKey=type \t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields \t}" + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" type: object required: - lastTransitionTime diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml index 883c623b..ba5ab832 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_oauth.crd.yaml @@ -262,7 +262,7 @@ spec: description: name is the metadata.name of the referenced config map type: string insecure: - description: 'insecure, if true, indicates the connection should not use TLS WARNING: Should not be set to `true` with the URL scheme "ldaps://" as "ldaps://" URLs always attempt to connect using TLS, even when `insecure` is set to `true` When `true`, "ldap://" URLS connect insecurely. When `false`, "ldap://" URLs are upgraded to a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830.' + description: 'insecure, if true, indicates the connection should not use TLS WARNING: Should not be set to `true` with the URL scheme "ldaps://" as "ldaps://" URLs always attempt to connect using TLS, even when `insecure` is set to `true` When `true`, "ldap://" URLS connect insecurely. When `false`, "ldap://" URLs are upgraded to a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830.' type: boolean url: description: 'url is an RFC 2255 URL which specifies the LDAP search parameters to use. The syntax of the URL is: ldap://host:port/basedn?attribute?scope?filter' @@ -271,7 +271,7 @@ spec: description: mappingMethod determines how identities from this provider are mapped to users Defaults to "claim" type: string name: - description: 'name is used to qualify the identities returned by this provider. - It MUST be unique and not shared by any other identity provider used - It MUST be a valid path segment: name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName' + description: 'name is used to qualify the identities returned by this provider. - It MUST be unique and not shared by any other identity provider used - It MUST be a valid path segment: name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName' type: string openID: description: openID enables user authentication using OpenID credentials @@ -355,7 +355,7 @@ spec: description: name is the metadata.name of the referenced config map type: string challengeURL: - description: challengeURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect WWW-Authenticate challenges will be redirected here. ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when challenge is set to true. + description: challengeURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect WWW-Authenticate challenges will be redirected here. ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when challenge is set to true. type: string clientCommonNames: description: clientCommonNames is an optional list of common names to require a match from. If empty, any client certificate validated against the clientCA bundle is considered authoritative. @@ -373,7 +373,7 @@ spec: items: type: string loginURL: - description: loginURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect interactive logins will be redirected here ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when login is set to true. + description: loginURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect interactive logins will be redirected here ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when login is set to true. type: string nameHeaders: description: nameHeaders is the set of headers to check for the display name diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go index a697124e..cef620a9 100644 --- a/vendor/github.com/openshift/api/config/v1/types_feature.go +++ b/vendor/github.com/openshift/api/config/v1/types_feature.go @@ -118,6 +118,7 @@ var FeatureSets = map[FeatureSet]*FeatureGateEnabledDisabled{ with("MachineAPIProviderOpenStack"). // openstack, egarcia (#forum-openstack), OCP specific with("CGroupsV2"). // sig-node, harche, OCP specific with("Crun"). // sig-node, haircommander, OCP specific + with("InsightsConfigAPI"). // insights, tremes (#ccx), OCP specific toFeatures(), LatencySensitive: newDefaultFeatures(). with( diff --git a/vendor/github.com/openshift/api/platform/v1alpha1/platformoperators.crd.yaml b/vendor/github.com/openshift/api/platform/v1alpha1/platformoperators.crd.yaml index 607d73b7..4ef1ca4a 100644 --- a/vendor/github.com/openshift/api/platform/v1alpha1/platformoperators.crd.yaml +++ b/vendor/github.com/openshift/api/platform/v1alpha1/platformoperators.crd.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - release.openshift.io/feature-gate: TechPreviewNoUpgrade + release.openshift.io/feature-set: TechPreviewNoUpgrade api-approved.openshift.io: https://github.com/openshift/api/pull/1234 creationTimestamp: null name: platformoperators.platform.openshift.io @@ -65,7 +65,7 @@ spec: description: conditions represent the latest available observations of a platform operator's current state. type: array items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n \ttype FooStatus struct{ \t // Represents the observations of a foo's current state. \t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map \t // +listMapKey=type \t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields \t}" + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" type: object required: - lastTransitionTime diff --git a/vendor/modules.txt b/vendor/modules.txt index 431e8f9b..444c362c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -160,7 +160,7 @@ github.com/onsi/gomega/matchers/support/goraph/edge github.com/onsi/gomega/matchers/support/goraph/node github.com/onsi/gomega/matchers/support/goraph/util github.com/onsi/gomega/types -# github.com/openshift/api v0.0.0-20220831185921-0ee1471bcabb +# github.com/openshift/api v0.0.0-20220908185739-e518ece6c293 ## explicit; go 1.18 github.com/openshift/api/config/v1 github.com/openshift/api/platform/v1alpha1