diff --git a/config/applyconfigurations/config/v1/extramapping.go b/config/applyconfigurations/config/v1/extramapping.go new file mode 100644 index 0000000000..4100ed7ed3 --- /dev/null +++ b/config/applyconfigurations/config/v1/extramapping.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ExtraMappingApplyConfiguration represents a declarative configuration of the ExtraMapping type for use +// with apply. +type ExtraMappingApplyConfiguration struct { + Key *string `json:"key,omitempty"` + ValueExpression *string `json:"valueExpression,omitempty"` +} + +// ExtraMappingApplyConfiguration constructs a declarative configuration of the ExtraMapping type for use with +// apply. +func ExtraMapping() *ExtraMappingApplyConfiguration { + return &ExtraMappingApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *ExtraMappingApplyConfiguration) WithKey(value string) *ExtraMappingApplyConfiguration { + b.Key = &value + return b +} + +// WithValueExpression sets the ValueExpression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ValueExpression field is set to the value of the last call. +func (b *ExtraMappingApplyConfiguration) WithValueExpression(value string) *ExtraMappingApplyConfiguration { + b.ValueExpression = &value + return b +} diff --git a/config/applyconfigurations/config/v1/release.go b/config/applyconfigurations/config/v1/release.go index 4ffecd9266..9247e46a05 100644 --- a/config/applyconfigurations/config/v1/release.go +++ b/config/applyconfigurations/config/v1/release.go @@ -9,10 +9,11 @@ import ( // ReleaseApplyConfiguration represents a declarative configuration of the Release type for use // with apply. type ReleaseApplyConfiguration struct { - Version *string `json:"version,omitempty"` - Image *string `json:"image,omitempty"` - URL *v1.URL `json:"url,omitempty"` - Channels []string `json:"channels,omitempty"` + Architecture *v1.ClusterVersionArchitecture `json:"architecture,omitempty"` + Version *string `json:"version,omitempty"` + Image *string `json:"image,omitempty"` + URL *v1.URL `json:"url,omitempty"` + Channels []string `json:"channels,omitempty"` } // ReleaseApplyConfiguration constructs a declarative configuration of the Release type for use with @@ -21,6 +22,14 @@ func Release() *ReleaseApplyConfiguration { return &ReleaseApplyConfiguration{} } +// WithArchitecture sets the Architecture field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Architecture field is set to the value of the last call. +func (b *ReleaseApplyConfiguration) WithArchitecture(value v1.ClusterVersionArchitecture) *ReleaseApplyConfiguration { + b.Architecture = &value + return b +} + // WithVersion sets the Version field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Version field is set to the value of the last call. diff --git a/config/applyconfigurations/config/v1/tokenclaimmappings.go b/config/applyconfigurations/config/v1/tokenclaimmappings.go index 9b3b0bb561..c748c31115 100644 --- a/config/applyconfigurations/config/v1/tokenclaimmappings.go +++ b/config/applyconfigurations/config/v1/tokenclaimmappings.go @@ -5,8 +5,10 @@ package v1 // TokenClaimMappingsApplyConfiguration represents a declarative configuration of the TokenClaimMappings type for use // with apply. type TokenClaimMappingsApplyConfiguration struct { - Username *UsernameClaimMappingApplyConfiguration `json:"username,omitempty"` - Groups *PrefixedClaimMappingApplyConfiguration `json:"groups,omitempty"` + Username *UsernameClaimMappingApplyConfiguration `json:"username,omitempty"` + Groups *PrefixedClaimMappingApplyConfiguration `json:"groups,omitempty"` + UID *TokenClaimOrExpressionMappingApplyConfiguration `json:"uid,omitempty"` + Extra []ExtraMappingApplyConfiguration `json:"extra,omitempty"` } // TokenClaimMappingsApplyConfiguration constructs a declarative configuration of the TokenClaimMappings type for use with @@ -30,3 +32,24 @@ func (b *TokenClaimMappingsApplyConfiguration) WithGroups(value *PrefixedClaimMa b.Groups = value return b } + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *TokenClaimMappingsApplyConfiguration) WithUID(value *TokenClaimOrExpressionMappingApplyConfiguration) *TokenClaimMappingsApplyConfiguration { + b.UID = value + return b +} + +// WithExtra adds the given value to the Extra field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Extra field. +func (b *TokenClaimMappingsApplyConfiguration) WithExtra(values ...*ExtraMappingApplyConfiguration) *TokenClaimMappingsApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithExtra") + } + b.Extra = append(b.Extra, *values[i]) + } + return b +} diff --git a/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go b/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go new file mode 100644 index 0000000000..6aab9e0b5d --- /dev/null +++ b/config/applyconfigurations/config/v1/tokenclaimorexpressionmapping.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// TokenClaimOrExpressionMappingApplyConfiguration represents a declarative configuration of the TokenClaimOrExpressionMapping type for use +// with apply. +type TokenClaimOrExpressionMappingApplyConfiguration struct { + Claim *string `json:"claim,omitempty"` + Expression *string `json:"expression,omitempty"` +} + +// TokenClaimOrExpressionMappingApplyConfiguration constructs a declarative configuration of the TokenClaimOrExpressionMapping type for use with +// apply. +func TokenClaimOrExpressionMapping() *TokenClaimOrExpressionMappingApplyConfiguration { + return &TokenClaimOrExpressionMappingApplyConfiguration{} +} + +// WithClaim sets the Claim field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Claim field is set to the value of the last call. +func (b *TokenClaimOrExpressionMappingApplyConfiguration) WithClaim(value string) *TokenClaimOrExpressionMappingApplyConfiguration { + b.Claim = &value + return b +} + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *TokenClaimOrExpressionMappingApplyConfiguration) WithExpression(value string) *TokenClaimOrExpressionMappingApplyConfiguration { + b.Expression = &value + return b +} diff --git a/config/applyconfigurations/internal/internal.go b/config/applyconfigurations/internal/internal.go index 55099fc988..8eec30651a 100644 --- a/config/applyconfigurations/internal/internal.go +++ b/config/applyconfigurations/internal/internal.go @@ -1156,6 +1156,17 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.CloudControllerManagerStatus default: {} +- name: com.github.openshift.api.config.v1.ExtraMapping + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: valueExpression + type: + scalar: string + default: "" - name: com.github.openshift.api.config.v1.FeatureGate map: fields: @@ -2206,9 +2217,7 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.config.v1.NutanixResourceIdentifier - elementRelationship: associative - keys: - - type + elementRelationship: atomic - name: com.github.openshift.api.config.v1.NutanixPlatformLoadBalancer map: fields: @@ -3053,6 +3062,9 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.config.v1.Release map: fields: + - name: architecture + type: + scalar: string - name: channels type: list: @@ -3265,14 +3277,34 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.config.v1.TokenClaimMappings map: fields: + - name: extra + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ExtraMapping + elementRelationship: associative + keys: + - key - name: groups type: namedType: com.github.openshift.api.config.v1.PrefixedClaimMapping default: {} + - name: uid + type: + namedType: com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping - name: username type: namedType: com.github.openshift.api.config.v1.UsernameClaimMapping default: {} +- name: com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping + map: + fields: + - name: claim + type: + scalar: string + - name: expression + type: + scalar: string - name: com.github.openshift.api.config.v1.TokenClaimValidationRule map: fields: diff --git a/config/applyconfigurations/utils.go b/config/applyconfigurations/utils.go index a470354475..8c0b4eb3ab 100644 --- a/config/applyconfigurations/utils.go +++ b/config/applyconfigurations/utils.go @@ -146,6 +146,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.ExternalPlatformSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ExternalPlatformStatus"): return &configv1.ExternalPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExtraMapping"): + return &configv1.ExtraMappingApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("FeatureGate"): return &configv1.FeatureGateApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("FeatureGateAttributes"): @@ -368,6 +370,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.TokenClaimMappingApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("TokenClaimMappings"): return &configv1.TokenClaimMappingsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenClaimOrExpressionMapping"): + return &configv1.TokenClaimOrExpressionMappingApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("TokenClaimValidationRule"): return &configv1.TokenClaimValidationRuleApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("TokenConfig"): diff --git a/console/applyconfigurations/console/v1/consoleplugincsp.go b/console/applyconfigurations/console/v1/consoleplugincsp.go new file mode 100644 index 0000000000..d32c1dcbc0 --- /dev/null +++ b/console/applyconfigurations/console/v1/consoleplugincsp.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/console/v1" +) + +// ConsolePluginCSPApplyConfiguration represents a declarative configuration of the ConsolePluginCSP type for use +// with apply. +type ConsolePluginCSPApplyConfiguration struct { + Directive *v1.DirectiveType `json:"directive,omitempty"` + Values []v1.CSPDirectiveValue `json:"values,omitempty"` +} + +// ConsolePluginCSPApplyConfiguration constructs a declarative configuration of the ConsolePluginCSP type for use with +// apply. +func ConsolePluginCSP() *ConsolePluginCSPApplyConfiguration { + return &ConsolePluginCSPApplyConfiguration{} +} + +// WithDirective sets the Directive field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Directive field is set to the value of the last call. +func (b *ConsolePluginCSPApplyConfiguration) WithDirective(value v1.DirectiveType) *ConsolePluginCSPApplyConfiguration { + b.Directive = &value + return b +} + +// WithValues adds the given value to the Values field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Values field. +func (b *ConsolePluginCSPApplyConfiguration) WithValues(values ...v1.CSPDirectiveValue) *ConsolePluginCSPApplyConfiguration { + for i := range values { + b.Values = append(b.Values, values[i]) + } + return b +} diff --git a/console/applyconfigurations/console/v1/consolepluginspec.go b/console/applyconfigurations/console/v1/consolepluginspec.go index e70152653a..c4674c6aa6 100644 --- a/console/applyconfigurations/console/v1/consolepluginspec.go +++ b/console/applyconfigurations/console/v1/consolepluginspec.go @@ -5,10 +5,11 @@ package v1 // ConsolePluginSpecApplyConfiguration represents a declarative configuration of the ConsolePluginSpec type for use // with apply. type ConsolePluginSpecApplyConfiguration struct { - DisplayName *string `json:"displayName,omitempty"` - Backend *ConsolePluginBackendApplyConfiguration `json:"backend,omitempty"` - Proxy []ConsolePluginProxyApplyConfiguration `json:"proxy,omitempty"` - I18n *ConsolePluginI18nApplyConfiguration `json:"i18n,omitempty"` + DisplayName *string `json:"displayName,omitempty"` + Backend *ConsolePluginBackendApplyConfiguration `json:"backend,omitempty"` + Proxy []ConsolePluginProxyApplyConfiguration `json:"proxy,omitempty"` + I18n *ConsolePluginI18nApplyConfiguration `json:"i18n,omitempty"` + ContentSecurityPolicy []ConsolePluginCSPApplyConfiguration `json:"contentSecurityPolicy,omitempty"` } // ConsolePluginSpecApplyConfiguration constructs a declarative configuration of the ConsolePluginSpec type for use with @@ -53,3 +54,16 @@ func (b *ConsolePluginSpecApplyConfiguration) WithI18n(value *ConsolePluginI18nA b.I18n = value return b } + +// WithContentSecurityPolicy adds the given value to the ContentSecurityPolicy field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ContentSecurityPolicy field. +func (b *ConsolePluginSpecApplyConfiguration) WithContentSecurityPolicy(values ...*ConsolePluginCSPApplyConfiguration) *ConsolePluginSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithContentSecurityPolicy") + } + b.ContentSecurityPolicy = append(b.ContentSecurityPolicy, *values[i]) + } + return b +} diff --git a/console/applyconfigurations/internal/internal.go b/console/applyconfigurations/internal/internal.go index a0c1f7644e..efa08520a2 100644 --- a/console/applyconfigurations/internal/internal.go +++ b/console/applyconfigurations/internal/internal.go @@ -215,6 +215,19 @@ var schemaYAML = typed.YAMLObject(`types: fields: - fieldName: service discriminatorValue: Service +- name: com.github.openshift.api.console.v1.ConsolePluginCSP + map: + fields: + - name: directive + type: + scalar: string + default: "" + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic - name: com.github.openshift.api.console.v1.ConsolePluginI18n map: fields: @@ -295,6 +308,14 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.console.v1.ConsolePluginBackend default: {} + - name: contentSecurityPolicy + type: + list: + elementType: + namedType: com.github.openshift.api.console.v1.ConsolePluginCSP + elementRelationship: associative + keys: + - directive - name: displayName type: scalar: string diff --git a/console/applyconfigurations/utils.go b/console/applyconfigurations/utils.go index 489266ba60..8cb817b049 100644 --- a/console/applyconfigurations/utils.go +++ b/console/applyconfigurations/utils.go @@ -40,6 +40,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &consolev1.ConsolePluginApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ConsolePluginBackend"): return &consolev1.ConsolePluginBackendApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConsolePluginCSP"): + return &consolev1.ConsolePluginCSPApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ConsolePluginI18n"): return &consolev1.ConsolePluginI18nApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ConsolePluginProxy"): diff --git a/go.mod b/go.mod index 5fa6b5e287..f0cd3f5781 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.22.0 toolchain go1.22.1 require ( - github.com/openshift/api v0.0.0-20241107155230-d37bb9f7e380 + github.com/openshift/api v0.0.0-20250711200046-c86d80652a9e github.com/openshift/build-machinery-go v0.0.0-20240613134303-8359781da660 github.com/spf13/pflag v1.0.5 k8s.io/api v0.31.1 diff --git a/go.sum b/go.sum index 8d005d0cae..d54f0a1065 100644 --- a/go.sum +++ b/go.sum @@ -62,8 +62,8 @@ github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= -github.com/openshift/api v0.0.0-20241107155230-d37bb9f7e380 h1:EstDpct2ypQv500NPRQk92YBk9ZO0baDd94mna8o6w0= -github.com/openshift/api v0.0.0-20241107155230-d37bb9f7e380/go.mod h1:Shkl4HanLwDiiBzakv+con/aMGnVE2MAGvoKp5oyYUo= +github.com/openshift/api v0.0.0-20250711200046-c86d80652a9e h1:E1OdwSpqWuDPCedyUt0GEdoAE+r5TXy7YS21yNEo+2U= +github.com/openshift/api v0.0.0-20250711200046-c86d80652a9e/go.mod h1:Shkl4HanLwDiiBzakv+con/aMGnVE2MAGvoKp5oyYUo= github.com/openshift/build-machinery-go v0.0.0-20240613134303-8359781da660 h1:F0zE2bmdVvaEd18VXuGYQdJJ1FYJu4MIDW9PYZWc9No= github.com/openshift/build-machinery-go v0.0.0-20240613134303-8359781da660/go.mod h1:8jcm8UPtg2mCAsxfqKil1xrmRMI3a+XU2TZ9fF8A7TE= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= diff --git a/machineconfiguration/applyconfigurations/internal/internal.go b/machineconfiguration/applyconfigurations/internal/internal.go index 4d678f4d6b..da0071b083 100644 --- a/machineconfiguration/applyconfigurations/internal/internal.go +++ b/machineconfiguration/applyconfigurations/internal/internal.go @@ -73,6 +73,26 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.machineconfiguration.v1.MachineOSBuild + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.machineconfiguration.v1.MachineOSConfig + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable - name: com.github.openshift.api.machineconfiguration.v1alpha1.BuildInputs map: fields: diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/imagesecretobjectreference.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/imagesecretobjectreference.go new file mode 100644 index 0000000000..5c10080173 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/imagesecretobjectreference.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ImageSecretObjectReferenceApplyConfiguration represents a declarative configuration of the ImageSecretObjectReference type for use +// with apply. +type ImageSecretObjectReferenceApplyConfiguration struct { + Name *string `json:"name,omitempty"` +} + +// ImageSecretObjectReferenceApplyConfiguration constructs a declarative configuration of the ImageSecretObjectReference type for use with +// apply. +func ImageSecretObjectReference() *ImageSecretObjectReferenceApplyConfiguration { + return &ImageSecretObjectReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ImageSecretObjectReferenceApplyConfiguration) WithName(value string) *ImageSecretObjectReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolreference.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolreference.go new file mode 100644 index 0000000000..fa0207b339 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigpoolreference.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// MachineConfigPoolReferenceApplyConfiguration represents a declarative configuration of the MachineConfigPoolReference type for use +// with apply. +type MachineConfigPoolReferenceApplyConfiguration struct { + Name *string `json:"name,omitempty"` +} + +// MachineConfigPoolReferenceApplyConfiguration constructs a declarative configuration of the MachineConfigPoolReference type for use with +// apply. +func MachineConfigPoolReference() *MachineConfigPoolReferenceApplyConfiguration { + return &MachineConfigPoolReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *MachineConfigPoolReferenceApplyConfiguration) WithName(value string) *MachineConfigPoolReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigreference.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigreference.go new file mode 100644 index 0000000000..45c3c741f1 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfigreference.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// MachineConfigReferenceApplyConfiguration represents a declarative configuration of the MachineConfigReference type for use +// with apply. +type MachineConfigReferenceApplyConfiguration struct { + Name *string `json:"name,omitempty"` +} + +// MachineConfigReferenceApplyConfiguration constructs a declarative configuration of the MachineConfigReference type for use with +// apply. +func MachineConfigReference() *MachineConfigReferenceApplyConfiguration { + return &MachineConfigReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *MachineConfigReferenceApplyConfiguration) WithName(value string) *MachineConfigReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuild.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuild.go new file mode 100644 index 0000000000..632e7c526d --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuild.go @@ -0,0 +1,246 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + apimachineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// MachineOSBuildApplyConfiguration represents a declarative configuration of the MachineOSBuild type for use +// with apply. +type MachineOSBuildApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *MachineOSBuildSpecApplyConfiguration `json:"spec,omitempty"` + Status *MachineOSBuildStatusApplyConfiguration `json:"status,omitempty"` +} + +// MachineOSBuild constructs a declarative configuration of the MachineOSBuild type for use with +// apply. +func MachineOSBuild(name string) *MachineOSBuildApplyConfiguration { + b := &MachineOSBuildApplyConfiguration{} + b.WithName(name) + b.WithKind("MachineOSBuild") + b.WithAPIVersion("machineconfiguration.openshift.io/v1") + return b +} + +// ExtractMachineOSBuild extracts the applied configuration owned by fieldManager from +// machineOSBuild. If no managedFields are found in machineOSBuild for fieldManager, a +// MachineOSBuildApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// machineOSBuild must be a unmodified MachineOSBuild API object that was retrieved from the Kubernetes API. +// ExtractMachineOSBuild provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractMachineOSBuild(machineOSBuild *apimachineconfigurationv1.MachineOSBuild, fieldManager string) (*MachineOSBuildApplyConfiguration, error) { + return extractMachineOSBuild(machineOSBuild, fieldManager, "") +} + +// ExtractMachineOSBuildStatus is the same as ExtractMachineOSBuild except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractMachineOSBuildStatus(machineOSBuild *apimachineconfigurationv1.MachineOSBuild, fieldManager string) (*MachineOSBuildApplyConfiguration, error) { + return extractMachineOSBuild(machineOSBuild, fieldManager, "status") +} + +func extractMachineOSBuild(machineOSBuild *apimachineconfigurationv1.MachineOSBuild, fieldManager string, subresource string) (*MachineOSBuildApplyConfiguration, error) { + b := &MachineOSBuildApplyConfiguration{} + err := managedfields.ExtractInto(machineOSBuild, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1.MachineOSBuild"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(machineOSBuild.Name) + + b.WithKind("MachineOSBuild") + b.WithAPIVersion("machineconfiguration.openshift.io/v1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithKind(value string) *MachineOSBuildApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithAPIVersion(value string) *MachineOSBuildApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithName(value string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithGenerateName(value string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithNamespace(value string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithUID(value types.UID) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithResourceVersion(value string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithGeneration(value int64) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithCreationTimestamp(value metav1.Time) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *MachineOSBuildApplyConfiguration) WithLabels(entries map[string]string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *MachineOSBuildApplyConfiguration) WithAnnotations(entries map[string]string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *MachineOSBuildApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *MachineOSBuildApplyConfiguration) WithFinalizers(values ...string) *MachineOSBuildApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *MachineOSBuildApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithSpec(value *MachineOSBuildSpecApplyConfiguration) *MachineOSBuildApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *MachineOSBuildApplyConfiguration) WithStatus(value *MachineOSBuildStatusApplyConfiguration) *MachineOSBuildApplyConfiguration { + b.Status = value + return b +} + +// GetName retrieves the value of the Name field in the declarative configuration. +func (b *MachineOSBuildApplyConfiguration) GetName() *string { + b.ensureObjectMetaApplyConfigurationExists() + return b.Name +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuilderreference.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuilderreference.go new file mode 100644 index 0000000000..91a14fed96 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuilderreference.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/machineconfiguration/v1" +) + +// MachineOSBuilderReferenceApplyConfiguration represents a declarative configuration of the MachineOSBuilderReference type for use +// with apply. +type MachineOSBuilderReferenceApplyConfiguration struct { + ImageBuilderType *v1.MachineOSImageBuilderType `json:"imageBuilderType,omitempty"` + Job *ObjectReferenceApplyConfiguration `json:"job,omitempty"` +} + +// MachineOSBuilderReferenceApplyConfiguration constructs a declarative configuration of the MachineOSBuilderReference type for use with +// apply. +func MachineOSBuilderReference() *MachineOSBuilderReferenceApplyConfiguration { + return &MachineOSBuilderReferenceApplyConfiguration{} +} + +// WithImageBuilderType sets the ImageBuilderType field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ImageBuilderType field is set to the value of the last call. +func (b *MachineOSBuilderReferenceApplyConfiguration) WithImageBuilderType(value v1.MachineOSImageBuilderType) *MachineOSBuilderReferenceApplyConfiguration { + b.ImageBuilderType = &value + return b +} + +// WithJob sets the Job field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Job field is set to the value of the last call. +func (b *MachineOSBuilderReferenceApplyConfiguration) WithJob(value *ObjectReferenceApplyConfiguration) *MachineOSBuilderReferenceApplyConfiguration { + b.Job = value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuildspec.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuildspec.go new file mode 100644 index 0000000000..1f39ab14b4 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuildspec.go @@ -0,0 +1,45 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// MachineOSBuildSpecApplyConfiguration represents a declarative configuration of the MachineOSBuildSpec type for use +// with apply. +type MachineOSBuildSpecApplyConfiguration struct { + MachineConfig *MachineConfigReferenceApplyConfiguration `json:"machineConfig,omitempty"` + MachineOSConfig *MachineOSConfigReferenceApplyConfiguration `json:"machineOSConfig,omitempty"` + RenderedImagePushSpec *machineconfigurationv1.ImageTagFormat `json:"renderedImagePushSpec,omitempty"` +} + +// MachineOSBuildSpecApplyConfiguration constructs a declarative configuration of the MachineOSBuildSpec type for use with +// apply. +func MachineOSBuildSpec() *MachineOSBuildSpecApplyConfiguration { + return &MachineOSBuildSpecApplyConfiguration{} +} + +// WithMachineConfig sets the MachineConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MachineConfig field is set to the value of the last call. +func (b *MachineOSBuildSpecApplyConfiguration) WithMachineConfig(value *MachineConfigReferenceApplyConfiguration) *MachineOSBuildSpecApplyConfiguration { + b.MachineConfig = value + return b +} + +// WithMachineOSConfig sets the MachineOSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MachineOSConfig field is set to the value of the last call. +func (b *MachineOSBuildSpecApplyConfiguration) WithMachineOSConfig(value *MachineOSConfigReferenceApplyConfiguration) *MachineOSBuildSpecApplyConfiguration { + b.MachineOSConfig = value + return b +} + +// WithRenderedImagePushSpec sets the RenderedImagePushSpec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RenderedImagePushSpec field is set to the value of the last call. +func (b *MachineOSBuildSpecApplyConfiguration) WithRenderedImagePushSpec(value machineconfigurationv1.ImageTagFormat) *MachineOSBuildSpecApplyConfiguration { + b.RenderedImagePushSpec = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuildstatus.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuildstatus.go new file mode 100644 index 0000000000..2ef3c5140c --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosbuildstatus.go @@ -0,0 +1,84 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + apimachineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// MachineOSBuildStatusApplyConfiguration represents a declarative configuration of the MachineOSBuildStatus type for use +// with apply. +type MachineOSBuildStatusApplyConfiguration struct { + Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` + Builder *MachineOSBuilderReferenceApplyConfiguration `json:"builder,omitempty"` + RelatedObjects []ObjectReferenceApplyConfiguration `json:"relatedObjects,omitempty"` + BuildStart *metav1.Time `json:"buildStart,omitempty"` + BuildEnd *metav1.Time `json:"buildEnd,omitempty"` + DigestedImagePushSpec *apimachineconfigurationv1.ImageDigestFormat `json:"digestedImagePushSpec,omitempty"` +} + +// MachineOSBuildStatusApplyConfiguration constructs a declarative configuration of the MachineOSBuildStatus type for use with +// apply. +func MachineOSBuildStatus() *MachineOSBuildStatusApplyConfiguration { + return &MachineOSBuildStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *MachineOSBuildStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *MachineOSBuildStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.Conditions = append(b.Conditions, *values[i]) + } + return b +} + +// WithBuilder sets the Builder field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Builder field is set to the value of the last call. +func (b *MachineOSBuildStatusApplyConfiguration) WithBuilder(value *MachineOSBuilderReferenceApplyConfiguration) *MachineOSBuildStatusApplyConfiguration { + b.Builder = value + return b +} + +// WithRelatedObjects adds the given value to the RelatedObjects field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the RelatedObjects field. +func (b *MachineOSBuildStatusApplyConfiguration) WithRelatedObjects(values ...*ObjectReferenceApplyConfiguration) *MachineOSBuildStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithRelatedObjects") + } + b.RelatedObjects = append(b.RelatedObjects, *values[i]) + } + return b +} + +// WithBuildStart sets the BuildStart field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BuildStart field is set to the value of the last call. +func (b *MachineOSBuildStatusApplyConfiguration) WithBuildStart(value metav1.Time) *MachineOSBuildStatusApplyConfiguration { + b.BuildStart = &value + return b +} + +// WithBuildEnd sets the BuildEnd field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BuildEnd field is set to the value of the last call. +func (b *MachineOSBuildStatusApplyConfiguration) WithBuildEnd(value metav1.Time) *MachineOSBuildStatusApplyConfiguration { + b.BuildEnd = &value + return b +} + +// WithDigestedImagePushSpec sets the DigestedImagePushSpec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DigestedImagePushSpec field is set to the value of the last call. +func (b *MachineOSBuildStatusApplyConfiguration) WithDigestedImagePushSpec(value apimachineconfigurationv1.ImageDigestFormat) *MachineOSBuildStatusApplyConfiguration { + b.DigestedImagePushSpec = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfig.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfig.go new file mode 100644 index 0000000000..15cc867113 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfig.go @@ -0,0 +1,246 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + apimachineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// MachineOSConfigApplyConfiguration represents a declarative configuration of the MachineOSConfig type for use +// with apply. +type MachineOSConfigApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *MachineOSConfigSpecApplyConfiguration `json:"spec,omitempty"` + Status *MachineOSConfigStatusApplyConfiguration `json:"status,omitempty"` +} + +// MachineOSConfig constructs a declarative configuration of the MachineOSConfig type for use with +// apply. +func MachineOSConfig(name string) *MachineOSConfigApplyConfiguration { + b := &MachineOSConfigApplyConfiguration{} + b.WithName(name) + b.WithKind("MachineOSConfig") + b.WithAPIVersion("machineconfiguration.openshift.io/v1") + return b +} + +// ExtractMachineOSConfig extracts the applied configuration owned by fieldManager from +// machineOSConfig. If no managedFields are found in machineOSConfig for fieldManager, a +// MachineOSConfigApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// machineOSConfig must be a unmodified MachineOSConfig API object that was retrieved from the Kubernetes API. +// ExtractMachineOSConfig provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractMachineOSConfig(machineOSConfig *apimachineconfigurationv1.MachineOSConfig, fieldManager string) (*MachineOSConfigApplyConfiguration, error) { + return extractMachineOSConfig(machineOSConfig, fieldManager, "") +} + +// ExtractMachineOSConfigStatus is the same as ExtractMachineOSConfig except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractMachineOSConfigStatus(machineOSConfig *apimachineconfigurationv1.MachineOSConfig, fieldManager string) (*MachineOSConfigApplyConfiguration, error) { + return extractMachineOSConfig(machineOSConfig, fieldManager, "status") +} + +func extractMachineOSConfig(machineOSConfig *apimachineconfigurationv1.MachineOSConfig, fieldManager string, subresource string) (*MachineOSConfigApplyConfiguration, error) { + b := &MachineOSConfigApplyConfiguration{} + err := managedfields.ExtractInto(machineOSConfig, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1.MachineOSConfig"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(machineOSConfig.Name) + + b.WithKind("MachineOSConfig") + b.WithAPIVersion("machineconfiguration.openshift.io/v1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithKind(value string) *MachineOSConfigApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithAPIVersion(value string) *MachineOSConfigApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithName(value string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithGenerateName(value string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithNamespace(value string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithUID(value types.UID) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithResourceVersion(value string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithGeneration(value int64) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithCreationTimestamp(value metav1.Time) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *MachineOSConfigApplyConfiguration) WithLabels(entries map[string]string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *MachineOSConfigApplyConfiguration) WithAnnotations(entries map[string]string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *MachineOSConfigApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *MachineOSConfigApplyConfiguration) WithFinalizers(values ...string) *MachineOSConfigApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *MachineOSConfigApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithSpec(value *MachineOSConfigSpecApplyConfiguration) *MachineOSConfigApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *MachineOSConfigApplyConfiguration) WithStatus(value *MachineOSConfigStatusApplyConfiguration) *MachineOSConfigApplyConfiguration { + b.Status = value + return b +} + +// GetName retrieves the value of the Name field in the declarative configuration. +func (b *MachineOSConfigApplyConfiguration) GetName() *string { + b.ensureObjectMetaApplyConfigurationExists() + return b.Name +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigreference.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigreference.go new file mode 100644 index 0000000000..13afe3f088 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigreference.go @@ -0,0 +1,23 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// MachineOSConfigReferenceApplyConfiguration represents a declarative configuration of the MachineOSConfigReference type for use +// with apply. +type MachineOSConfigReferenceApplyConfiguration struct { + Name *string `json:"name,omitempty"` +} + +// MachineOSConfigReferenceApplyConfiguration constructs a declarative configuration of the MachineOSConfigReference type for use with +// apply. +func MachineOSConfigReference() *MachineOSConfigReferenceApplyConfiguration { + return &MachineOSConfigReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *MachineOSConfigReferenceApplyConfiguration) WithName(value string) *MachineOSConfigReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigspec.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigspec.go new file mode 100644 index 0000000000..6a9be7eded --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigspec.go @@ -0,0 +1,77 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// MachineOSConfigSpecApplyConfiguration represents a declarative configuration of the MachineOSConfigSpec type for use +// with apply. +type MachineOSConfigSpecApplyConfiguration struct { + MachineConfigPool *MachineConfigPoolReferenceApplyConfiguration `json:"machineConfigPool,omitempty"` + ImageBuilder *MachineOSImageBuilderApplyConfiguration `json:"imageBuilder,omitempty"` + BaseImagePullSecret *ImageSecretObjectReferenceApplyConfiguration `json:"baseImagePullSecret,omitempty"` + RenderedImagePushSecret *ImageSecretObjectReferenceApplyConfiguration `json:"renderedImagePushSecret,omitempty"` + RenderedImagePushSpec *machineconfigurationv1.ImageTagFormat `json:"renderedImagePushSpec,omitempty"` + Containerfile []MachineOSContainerfileApplyConfiguration `json:"containerFile,omitempty"` +} + +// MachineOSConfigSpecApplyConfiguration constructs a declarative configuration of the MachineOSConfigSpec type for use with +// apply. +func MachineOSConfigSpec() *MachineOSConfigSpecApplyConfiguration { + return &MachineOSConfigSpecApplyConfiguration{} +} + +// WithMachineConfigPool sets the MachineConfigPool field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MachineConfigPool field is set to the value of the last call. +func (b *MachineOSConfigSpecApplyConfiguration) WithMachineConfigPool(value *MachineConfigPoolReferenceApplyConfiguration) *MachineOSConfigSpecApplyConfiguration { + b.MachineConfigPool = value + return b +} + +// WithImageBuilder sets the ImageBuilder field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ImageBuilder field is set to the value of the last call. +func (b *MachineOSConfigSpecApplyConfiguration) WithImageBuilder(value *MachineOSImageBuilderApplyConfiguration) *MachineOSConfigSpecApplyConfiguration { + b.ImageBuilder = value + return b +} + +// WithBaseImagePullSecret sets the BaseImagePullSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BaseImagePullSecret field is set to the value of the last call. +func (b *MachineOSConfigSpecApplyConfiguration) WithBaseImagePullSecret(value *ImageSecretObjectReferenceApplyConfiguration) *MachineOSConfigSpecApplyConfiguration { + b.BaseImagePullSecret = value + return b +} + +// WithRenderedImagePushSecret sets the RenderedImagePushSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RenderedImagePushSecret field is set to the value of the last call. +func (b *MachineOSConfigSpecApplyConfiguration) WithRenderedImagePushSecret(value *ImageSecretObjectReferenceApplyConfiguration) *MachineOSConfigSpecApplyConfiguration { + b.RenderedImagePushSecret = value + return b +} + +// WithRenderedImagePushSpec sets the RenderedImagePushSpec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RenderedImagePushSpec field is set to the value of the last call. +func (b *MachineOSConfigSpecApplyConfiguration) WithRenderedImagePushSpec(value machineconfigurationv1.ImageTagFormat) *MachineOSConfigSpecApplyConfiguration { + b.RenderedImagePushSpec = &value + return b +} + +// WithContainerfile adds the given value to the Containerfile field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Containerfile field. +func (b *MachineOSConfigSpecApplyConfiguration) WithContainerfile(values ...*MachineOSContainerfileApplyConfiguration) *MachineOSConfigSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithContainerfile") + } + b.Containerfile = append(b.Containerfile, *values[i]) + } + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigstatus.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigstatus.go new file mode 100644 index 0000000000..185381e8fd --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosconfigstatus.go @@ -0,0 +1,60 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// MachineOSConfigStatusApplyConfiguration represents a declarative configuration of the MachineOSConfigStatus type for use +// with apply. +type MachineOSConfigStatusApplyConfiguration struct { + Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + CurrentImagePullSpec *machineconfigurationv1.ImageDigestFormat `json:"currentImagePullSpec,omitempty"` + MachineOSBuild *ObjectReferenceApplyConfiguration `json:"machineOSBuild,omitempty"` +} + +// MachineOSConfigStatusApplyConfiguration constructs a declarative configuration of the MachineOSConfigStatus type for use with +// apply. +func MachineOSConfigStatus() *MachineOSConfigStatusApplyConfiguration { + return &MachineOSConfigStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *MachineOSConfigStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *MachineOSConfigStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.Conditions = append(b.Conditions, *values[i]) + } + return b +} + +// WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ObservedGeneration field is set to the value of the last call. +func (b *MachineOSConfigStatusApplyConfiguration) WithObservedGeneration(value int64) *MachineOSConfigStatusApplyConfiguration { + b.ObservedGeneration = &value + return b +} + +// WithCurrentImagePullSpec sets the CurrentImagePullSpec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CurrentImagePullSpec field is set to the value of the last call. +func (b *MachineOSConfigStatusApplyConfiguration) WithCurrentImagePullSpec(value machineconfigurationv1.ImageDigestFormat) *MachineOSConfigStatusApplyConfiguration { + b.CurrentImagePullSpec = &value + return b +} + +// WithMachineOSBuild sets the MachineOSBuild field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MachineOSBuild field is set to the value of the last call. +func (b *MachineOSConfigStatusApplyConfiguration) WithMachineOSBuild(value *ObjectReferenceApplyConfiguration) *MachineOSConfigStatusApplyConfiguration { + b.MachineOSBuild = value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineoscontainerfile.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineoscontainerfile.go new file mode 100644 index 0000000000..a39d174086 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineoscontainerfile.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/machineconfiguration/v1" +) + +// MachineOSContainerfileApplyConfiguration represents a declarative configuration of the MachineOSContainerfile type for use +// with apply. +type MachineOSContainerfileApplyConfiguration struct { + ContainerfileArch *v1.ContainerfileArch `json:"containerfileArch,omitempty"` + Content *string `json:"content,omitempty"` +} + +// MachineOSContainerfileApplyConfiguration constructs a declarative configuration of the MachineOSContainerfile type for use with +// apply. +func MachineOSContainerfile() *MachineOSContainerfileApplyConfiguration { + return &MachineOSContainerfileApplyConfiguration{} +} + +// WithContainerfileArch sets the ContainerfileArch field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ContainerfileArch field is set to the value of the last call. +func (b *MachineOSContainerfileApplyConfiguration) WithContainerfileArch(value v1.ContainerfileArch) *MachineOSContainerfileApplyConfiguration { + b.ContainerfileArch = &value + return b +} + +// WithContent sets the Content field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Content field is set to the value of the last call. +func (b *MachineOSContainerfileApplyConfiguration) WithContent(value string) *MachineOSContainerfileApplyConfiguration { + b.Content = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosimagebuilder.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosimagebuilder.go new file mode 100644 index 0000000000..6edf70fe85 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineosimagebuilder.go @@ -0,0 +1,27 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/machineconfiguration/v1" +) + +// MachineOSImageBuilderApplyConfiguration represents a declarative configuration of the MachineOSImageBuilder type for use +// with apply. +type MachineOSImageBuilderApplyConfiguration struct { + ImageBuilderType *v1.MachineOSImageBuilderType `json:"imageBuilderType,omitempty"` +} + +// MachineOSImageBuilderApplyConfiguration constructs a declarative configuration of the MachineOSImageBuilder type for use with +// apply. +func MachineOSImageBuilder() *MachineOSImageBuilderApplyConfiguration { + return &MachineOSImageBuilderApplyConfiguration{} +} + +// WithImageBuilderType sets the ImageBuilderType field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ImageBuilderType field is set to the value of the last call. +func (b *MachineOSImageBuilderApplyConfiguration) WithImageBuilderType(value v1.MachineOSImageBuilderType) *MachineOSImageBuilderApplyConfiguration { + b.ImageBuilderType = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/machineconfiguration/v1/objectreference.go b/machineconfiguration/applyconfigurations/machineconfiguration/v1/objectreference.go new file mode 100644 index 0000000000..dfbc465e71 --- /dev/null +++ b/machineconfiguration/applyconfigurations/machineconfiguration/v1/objectreference.go @@ -0,0 +1,50 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// ObjectReferenceApplyConfiguration represents a declarative configuration of the ObjectReference type for use +// with apply. +type ObjectReferenceApplyConfiguration struct { + Group *string `json:"group,omitempty"` + Resource *string `json:"resource,omitempty"` + Namespace *string `json:"namespace,omitempty"` + Name *string `json:"name,omitempty"` +} + +// ObjectReferenceApplyConfiguration constructs a declarative configuration of the ObjectReference type for use with +// apply. +func ObjectReference() *ObjectReferenceApplyConfiguration { + return &ObjectReferenceApplyConfiguration{} +} + +// WithGroup sets the Group field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Group field is set to the value of the last call. +func (b *ObjectReferenceApplyConfiguration) WithGroup(value string) *ObjectReferenceApplyConfiguration { + b.Group = &value + return b +} + +// WithResource sets the Resource field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Resource field is set to the value of the last call. +func (b *ObjectReferenceApplyConfiguration) WithResource(value string) *ObjectReferenceApplyConfiguration { + b.Resource = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *ObjectReferenceApplyConfiguration) WithNamespace(value string) *ObjectReferenceApplyConfiguration { + b.Namespace = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *ObjectReferenceApplyConfiguration) WithName(value string) *ObjectReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/machineconfiguration/applyconfigurations/utils.go b/machineconfiguration/applyconfigurations/utils.go index 3798c8996b..0d93d1223f 100644 --- a/machineconfiguration/applyconfigurations/utils.go +++ b/machineconfiguration/applyconfigurations/utils.go @@ -42,6 +42,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &machineconfigurationv1.ControllerConfigStatusConditionApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ImageRegistryBundle"): return &machineconfigurationv1.ImageRegistryBundleApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageSecretObjectReference"): + return &machineconfigurationv1.ImageSecretObjectReferenceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("KubeletConfig"): return &machineconfigurationv1.KubeletConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("KubeletConfigCondition"): @@ -56,16 +58,42 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &machineconfigurationv1.MachineConfigPoolApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MachineConfigPoolCondition"): return &machineconfigurationv1.MachineConfigPoolConditionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineConfigPoolReference"): + return &machineconfigurationv1.MachineConfigPoolReferenceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MachineConfigPoolSpec"): return &machineconfigurationv1.MachineConfigPoolSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MachineConfigPoolStatus"): return &machineconfigurationv1.MachineConfigPoolStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MachineConfigPoolStatusConfiguration"): return &machineconfigurationv1.MachineConfigPoolStatusConfigurationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineConfigReference"): + return &machineconfigurationv1.MachineConfigReferenceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("MachineConfigSpec"): return &machineconfigurationv1.MachineConfigSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSBuild"): + return &machineconfigurationv1.MachineOSBuildApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSBuilderReference"): + return &machineconfigurationv1.MachineOSBuilderReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSBuildSpec"): + return &machineconfigurationv1.MachineOSBuildSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSBuildStatus"): + return &machineconfigurationv1.MachineOSBuildStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSConfig"): + return &machineconfigurationv1.MachineOSConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSConfigReference"): + return &machineconfigurationv1.MachineOSConfigReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSConfigSpec"): + return &machineconfigurationv1.MachineOSConfigSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSConfigStatus"): + return &machineconfigurationv1.MachineOSConfigStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSContainerfile"): + return &machineconfigurationv1.MachineOSContainerfileApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MachineOSImageBuilder"): + return &machineconfigurationv1.MachineOSImageBuilderApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NetworkInfo"): return &machineconfigurationv1.NetworkInfoApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ObjectReference"): + return &machineconfigurationv1.ObjectReferenceApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("PinnedImageSetRef"): return &machineconfigurationv1.PinnedImageSetRefApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("PoolSynchronizerStatus"): diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineconfiguration_client.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineconfiguration_client.go index c9ef0eeb40..8983b09104 100644 --- a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineconfiguration_client.go +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineconfiguration_client.go @@ -32,6 +32,14 @@ func (c *FakeMachineconfigurationV1) MachineConfigPools() v1.MachineConfigPoolIn return &FakeMachineConfigPools{c} } +func (c *FakeMachineconfigurationV1) MachineOSBuilds() v1.MachineOSBuildInterface { + return &FakeMachineOSBuilds{c} +} + +func (c *FakeMachineconfigurationV1) MachineOSConfigs() v1.MachineOSConfigInterface { + return &FakeMachineOSConfigs{c} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeMachineconfigurationV1) RESTClient() rest.Interface { diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineosbuild.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineosbuild.go new file mode 100644 index 0000000000..40cc28a633 --- /dev/null +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineosbuild.go @@ -0,0 +1,170 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + json "encoding/json" + "fmt" + + v1 "github.com/openshift/api/machineconfiguration/v1" + machineconfigurationv1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeMachineOSBuilds implements MachineOSBuildInterface +type FakeMachineOSBuilds struct { + Fake *FakeMachineconfigurationV1 +} + +var machineosbuildsResource = v1.SchemeGroupVersion.WithResource("machineosbuilds") + +var machineosbuildsKind = v1.SchemeGroupVersion.WithKind("MachineOSBuild") + +// Get takes name of the machineOSBuild, and returns the corresponding machineOSBuild object, and an error if there is any. +func (c *FakeMachineOSBuilds) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.MachineOSBuild, err error) { + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootGetActionWithOptions(machineosbuildsResource, name, options), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} + +// List takes label and field selectors, and returns the list of MachineOSBuilds that match those selectors. +func (c *FakeMachineOSBuilds) List(ctx context.Context, opts metav1.ListOptions) (result *v1.MachineOSBuildList, err error) { + emptyResult := &v1.MachineOSBuildList{} + obj, err := c.Fake. + Invokes(testing.NewRootListActionWithOptions(machineosbuildsResource, machineosbuildsKind, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1.MachineOSBuildList{ListMeta: obj.(*v1.MachineOSBuildList).ListMeta} + for _, item := range obj.(*v1.MachineOSBuildList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested machineOSBuilds. +func (c *FakeMachineOSBuilds) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchActionWithOptions(machineosbuildsResource, opts)) +} + +// Create takes the representation of a machineOSBuild and creates it. Returns the server's representation of the machineOSBuild, and an error, if there is any. +func (c *FakeMachineOSBuilds) Create(ctx context.Context, machineOSBuild *v1.MachineOSBuild, opts metav1.CreateOptions) (result *v1.MachineOSBuild, err error) { + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootCreateActionWithOptions(machineosbuildsResource, machineOSBuild, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} + +// Update takes the representation of a machineOSBuild and updates it. Returns the server's representation of the machineOSBuild, and an error, if there is any. +func (c *FakeMachineOSBuilds) Update(ctx context.Context, machineOSBuild *v1.MachineOSBuild, opts metav1.UpdateOptions) (result *v1.MachineOSBuild, err error) { + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootUpdateActionWithOptions(machineosbuildsResource, machineOSBuild, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeMachineOSBuilds) UpdateStatus(ctx context.Context, machineOSBuild *v1.MachineOSBuild, opts metav1.UpdateOptions) (result *v1.MachineOSBuild, err error) { + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceActionWithOptions(machineosbuildsResource, "status", machineOSBuild, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} + +// Delete takes name of the machineOSBuild and deletes it. Returns an error if one occurs. +func (c *FakeMachineOSBuilds) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(machineosbuildsResource, name, opts), &v1.MachineOSBuild{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeMachineOSBuilds) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + action := testing.NewRootDeleteCollectionActionWithOptions(machineosbuildsResource, opts, listOpts) + + _, err := c.Fake.Invokes(action, &v1.MachineOSBuildList{}) + return err +} + +// Patch applies the patch and returns the patched machineOSBuild. +func (c *FakeMachineOSBuilds) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.MachineOSBuild, err error) { + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceActionWithOptions(machineosbuildsResource, name, pt, data, opts, subresources...), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied machineOSBuild. +func (c *FakeMachineOSBuilds) Apply(ctx context.Context, machineOSBuild *machineconfigurationv1.MachineOSBuildApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSBuild, err error) { + if machineOSBuild == nil { + return nil, fmt.Errorf("machineOSBuild provided to Apply must not be nil") + } + data, err := json.Marshal(machineOSBuild) + if err != nil { + return nil, err + } + name := machineOSBuild.Name + if name == nil { + return nil, fmt.Errorf("machineOSBuild.Name must be provided to Apply") + } + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceActionWithOptions(machineosbuildsResource, *name, types.ApplyPatchType, data, opts.ToPatchOptions()), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *FakeMachineOSBuilds) ApplyStatus(ctx context.Context, machineOSBuild *machineconfigurationv1.MachineOSBuildApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSBuild, err error) { + if machineOSBuild == nil { + return nil, fmt.Errorf("machineOSBuild provided to Apply must not be nil") + } + data, err := json.Marshal(machineOSBuild) + if err != nil { + return nil, err + } + name := machineOSBuild.Name + if name == nil { + return nil, fmt.Errorf("machineOSBuild.Name must be provided to Apply") + } + emptyResult := &v1.MachineOSBuild{} + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceActionWithOptions(machineosbuildsResource, *name, types.ApplyPatchType, data, opts.ToPatchOptions(), "status"), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSBuild), err +} diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineosconfig.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineosconfig.go new file mode 100644 index 0000000000..aa07b72b9c --- /dev/null +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/fake/fake_machineosconfig.go @@ -0,0 +1,170 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + json "encoding/json" + "fmt" + + v1 "github.com/openshift/api/machineconfiguration/v1" + machineconfigurationv1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeMachineOSConfigs implements MachineOSConfigInterface +type FakeMachineOSConfigs struct { + Fake *FakeMachineconfigurationV1 +} + +var machineosconfigsResource = v1.SchemeGroupVersion.WithResource("machineosconfigs") + +var machineosconfigsKind = v1.SchemeGroupVersion.WithKind("MachineOSConfig") + +// Get takes name of the machineOSConfig, and returns the corresponding machineOSConfig object, and an error if there is any. +func (c *FakeMachineOSConfigs) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.MachineOSConfig, err error) { + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootGetActionWithOptions(machineosconfigsResource, name, options), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} + +// List takes label and field selectors, and returns the list of MachineOSConfigs that match those selectors. +func (c *FakeMachineOSConfigs) List(ctx context.Context, opts metav1.ListOptions) (result *v1.MachineOSConfigList, err error) { + emptyResult := &v1.MachineOSConfigList{} + obj, err := c.Fake. + Invokes(testing.NewRootListActionWithOptions(machineosconfigsResource, machineosconfigsKind, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1.MachineOSConfigList{ListMeta: obj.(*v1.MachineOSConfigList).ListMeta} + for _, item := range obj.(*v1.MachineOSConfigList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested machineOSConfigs. +func (c *FakeMachineOSConfigs) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchActionWithOptions(machineosconfigsResource, opts)) +} + +// Create takes the representation of a machineOSConfig and creates it. Returns the server's representation of the machineOSConfig, and an error, if there is any. +func (c *FakeMachineOSConfigs) Create(ctx context.Context, machineOSConfig *v1.MachineOSConfig, opts metav1.CreateOptions) (result *v1.MachineOSConfig, err error) { + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootCreateActionWithOptions(machineosconfigsResource, machineOSConfig, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} + +// Update takes the representation of a machineOSConfig and updates it. Returns the server's representation of the machineOSConfig, and an error, if there is any. +func (c *FakeMachineOSConfigs) Update(ctx context.Context, machineOSConfig *v1.MachineOSConfig, opts metav1.UpdateOptions) (result *v1.MachineOSConfig, err error) { + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootUpdateActionWithOptions(machineosconfigsResource, machineOSConfig, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeMachineOSConfigs) UpdateStatus(ctx context.Context, machineOSConfig *v1.MachineOSConfig, opts metav1.UpdateOptions) (result *v1.MachineOSConfig, err error) { + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceActionWithOptions(machineosconfigsResource, "status", machineOSConfig, opts), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} + +// Delete takes name of the machineOSConfig and deletes it. Returns an error if one occurs. +func (c *FakeMachineOSConfigs) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(machineosconfigsResource, name, opts), &v1.MachineOSConfig{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeMachineOSConfigs) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + action := testing.NewRootDeleteCollectionActionWithOptions(machineosconfigsResource, opts, listOpts) + + _, err := c.Fake.Invokes(action, &v1.MachineOSConfigList{}) + return err +} + +// Patch applies the patch and returns the patched machineOSConfig. +func (c *FakeMachineOSConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.MachineOSConfig, err error) { + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceActionWithOptions(machineosconfigsResource, name, pt, data, opts, subresources...), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied machineOSConfig. +func (c *FakeMachineOSConfigs) Apply(ctx context.Context, machineOSConfig *machineconfigurationv1.MachineOSConfigApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSConfig, err error) { + if machineOSConfig == nil { + return nil, fmt.Errorf("machineOSConfig provided to Apply must not be nil") + } + data, err := json.Marshal(machineOSConfig) + if err != nil { + return nil, err + } + name := machineOSConfig.Name + if name == nil { + return nil, fmt.Errorf("machineOSConfig.Name must be provided to Apply") + } + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceActionWithOptions(machineosconfigsResource, *name, types.ApplyPatchType, data, opts.ToPatchOptions()), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *FakeMachineOSConfigs) ApplyStatus(ctx context.Context, machineOSConfig *machineconfigurationv1.MachineOSConfigApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSConfig, err error) { + if machineOSConfig == nil { + return nil, fmt.Errorf("machineOSConfig provided to Apply must not be nil") + } + data, err := json.Marshal(machineOSConfig) + if err != nil { + return nil, err + } + name := machineOSConfig.Name + if name == nil { + return nil, fmt.Errorf("machineOSConfig.Name must be provided to Apply") + } + emptyResult := &v1.MachineOSConfig{} + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceActionWithOptions(machineosconfigsResource, *name, types.ApplyPatchType, data, opts.ToPatchOptions(), "status"), emptyResult) + if obj == nil { + return emptyResult, err + } + return obj.(*v1.MachineOSConfig), err +} diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go index cce54d166a..a277355544 100644 --- a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/generated_expansion.go @@ -11,3 +11,7 @@ type KubeletConfigExpansion interface{} type MachineConfigExpansion interface{} type MachineConfigPoolExpansion interface{} + +type MachineOSBuildExpansion interface{} + +type MachineOSConfigExpansion interface{} diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go index 6bc99dd14a..c595fc4467 100644 --- a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineconfiguration_client.go @@ -17,6 +17,8 @@ type MachineconfigurationV1Interface interface { KubeletConfigsGetter MachineConfigsGetter MachineConfigPoolsGetter + MachineOSBuildsGetter + MachineOSConfigsGetter } // MachineconfigurationV1Client is used to interact with features provided by the machineconfiguration.openshift.io group. @@ -44,6 +46,14 @@ func (c *MachineconfigurationV1Client) MachineConfigPools() MachineConfigPoolInt return newMachineConfigPools(c) } +func (c *MachineconfigurationV1Client) MachineOSBuilds() MachineOSBuildInterface { + return newMachineOSBuilds(c) +} + +func (c *MachineconfigurationV1Client) MachineOSConfigs() MachineOSConfigInterface { + return newMachineOSConfigs(c) +} + // NewForConfig creates a new MachineconfigurationV1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineosbuild.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineosbuild.go new file mode 100644 index 0000000000..41ead8964e --- /dev/null +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineosbuild.go @@ -0,0 +1,57 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + + v1 "github.com/openshift/api/machineconfiguration/v1" + machineconfigurationv1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1" + scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// MachineOSBuildsGetter has a method to return a MachineOSBuildInterface. +// A group's client should implement this interface. +type MachineOSBuildsGetter interface { + MachineOSBuilds() MachineOSBuildInterface +} + +// MachineOSBuildInterface has methods to work with MachineOSBuild resources. +type MachineOSBuildInterface interface { + Create(ctx context.Context, machineOSBuild *v1.MachineOSBuild, opts metav1.CreateOptions) (*v1.MachineOSBuild, error) + Update(ctx context.Context, machineOSBuild *v1.MachineOSBuild, opts metav1.UpdateOptions) (*v1.MachineOSBuild, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, machineOSBuild *v1.MachineOSBuild, opts metav1.UpdateOptions) (*v1.MachineOSBuild, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.MachineOSBuild, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.MachineOSBuildList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.MachineOSBuild, err error) + Apply(ctx context.Context, machineOSBuild *machineconfigurationv1.MachineOSBuildApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSBuild, err error) + // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). + ApplyStatus(ctx context.Context, machineOSBuild *machineconfigurationv1.MachineOSBuildApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSBuild, err error) + MachineOSBuildExpansion +} + +// machineOSBuilds implements MachineOSBuildInterface +type machineOSBuilds struct { + *gentype.ClientWithListAndApply[*v1.MachineOSBuild, *v1.MachineOSBuildList, *machineconfigurationv1.MachineOSBuildApplyConfiguration] +} + +// newMachineOSBuilds returns a MachineOSBuilds +func newMachineOSBuilds(c *MachineconfigurationV1Client) *machineOSBuilds { + return &machineOSBuilds{ + gentype.NewClientWithListAndApply[*v1.MachineOSBuild, *v1.MachineOSBuildList, *machineconfigurationv1.MachineOSBuildApplyConfiguration]( + "machineosbuilds", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *v1.MachineOSBuild { return &v1.MachineOSBuild{} }, + func() *v1.MachineOSBuildList { return &v1.MachineOSBuildList{} }), + } +} diff --git a/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineosconfig.go b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineosconfig.go new file mode 100644 index 0000000000..0bc3bf4645 --- /dev/null +++ b/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1/machineosconfig.go @@ -0,0 +1,57 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + + v1 "github.com/openshift/api/machineconfiguration/v1" + machineconfigurationv1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1" + scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// MachineOSConfigsGetter has a method to return a MachineOSConfigInterface. +// A group's client should implement this interface. +type MachineOSConfigsGetter interface { + MachineOSConfigs() MachineOSConfigInterface +} + +// MachineOSConfigInterface has methods to work with MachineOSConfig resources. +type MachineOSConfigInterface interface { + Create(ctx context.Context, machineOSConfig *v1.MachineOSConfig, opts metav1.CreateOptions) (*v1.MachineOSConfig, error) + Update(ctx context.Context, machineOSConfig *v1.MachineOSConfig, opts metav1.UpdateOptions) (*v1.MachineOSConfig, error) + // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + UpdateStatus(ctx context.Context, machineOSConfig *v1.MachineOSConfig, opts metav1.UpdateOptions) (*v1.MachineOSConfig, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.MachineOSConfig, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.MachineOSConfigList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.MachineOSConfig, err error) + Apply(ctx context.Context, machineOSConfig *machineconfigurationv1.MachineOSConfigApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSConfig, err error) + // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). + ApplyStatus(ctx context.Context, machineOSConfig *machineconfigurationv1.MachineOSConfigApplyConfiguration, opts metav1.ApplyOptions) (result *v1.MachineOSConfig, err error) + MachineOSConfigExpansion +} + +// machineOSConfigs implements MachineOSConfigInterface +type machineOSConfigs struct { + *gentype.ClientWithListAndApply[*v1.MachineOSConfig, *v1.MachineOSConfigList, *machineconfigurationv1.MachineOSConfigApplyConfiguration] +} + +// newMachineOSConfigs returns a MachineOSConfigs +func newMachineOSConfigs(c *MachineconfigurationV1Client) *machineOSConfigs { + return &machineOSConfigs{ + gentype.NewClientWithListAndApply[*v1.MachineOSConfig, *v1.MachineOSConfigList, *machineconfigurationv1.MachineOSConfigApplyConfiguration]( + "machineosconfigs", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *v1.MachineOSConfig { return &v1.MachineOSConfig{} }, + func() *v1.MachineOSConfigList { return &v1.MachineOSConfigList{} }), + } +} diff --git a/machineconfiguration/informers/externalversions/generic.go b/machineconfiguration/informers/externalversions/generic.go index 2c95cc84ef..6f4c64ba3d 100644 --- a/machineconfiguration/informers/externalversions/generic.go +++ b/machineconfiguration/informers/externalversions/generic.go @@ -48,6 +48,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1().MachineConfigs().Informer()}, nil case v1.SchemeGroupVersion.WithResource("machineconfigpools"): return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1().MachineConfigPools().Informer()}, nil + case v1.SchemeGroupVersion.WithResource("machineosbuilds"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1().MachineOSBuilds().Informer()}, nil + case v1.SchemeGroupVersion.WithResource("machineosconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1().MachineOSConfigs().Informer()}, nil // Group=machineconfiguration.openshift.io, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("machineconfignodes"): diff --git a/machineconfiguration/informers/externalversions/machineconfiguration/v1/interface.go b/machineconfiguration/informers/externalversions/machineconfiguration/v1/interface.go index f0613fa8a8..abf342f5cd 100644 --- a/machineconfiguration/informers/externalversions/machineconfiguration/v1/interface.go +++ b/machineconfiguration/informers/externalversions/machineconfiguration/v1/interface.go @@ -18,6 +18,10 @@ type Interface interface { MachineConfigs() MachineConfigInformer // MachineConfigPools returns a MachineConfigPoolInformer. MachineConfigPools() MachineConfigPoolInformer + // MachineOSBuilds returns a MachineOSBuildInformer. + MachineOSBuilds() MachineOSBuildInformer + // MachineOSConfigs returns a MachineOSConfigInformer. + MachineOSConfigs() MachineOSConfigInformer } type version struct { @@ -55,3 +59,13 @@ func (v *version) MachineConfigs() MachineConfigInformer { func (v *version) MachineConfigPools() MachineConfigPoolInformer { return &machineConfigPoolInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } + +// MachineOSBuilds returns a MachineOSBuildInformer. +func (v *version) MachineOSBuilds() MachineOSBuildInformer { + return &machineOSBuildInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// MachineOSConfigs returns a MachineOSConfigInformer. +func (v *version) MachineOSConfigs() MachineOSConfigInformer { + return &machineOSConfigInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/machineconfiguration/informers/externalversions/machineconfiguration/v1/machineosbuild.go b/machineconfiguration/informers/externalversions/machineconfiguration/v1/machineosbuild.go new file mode 100644 index 0000000000..5013801c2c --- /dev/null +++ b/machineconfiguration/informers/externalversions/machineconfiguration/v1/machineosbuild.go @@ -0,0 +1,73 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + time "time" + + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + versioned "github.com/openshift/client-go/machineconfiguration/clientset/versioned" + internalinterfaces "github.com/openshift/client-go/machineconfiguration/informers/externalversions/internalinterfaces" + v1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// MachineOSBuildInformer provides access to a shared informer and lister for +// MachineOSBuilds. +type MachineOSBuildInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1.MachineOSBuildLister +} + +type machineOSBuildInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewMachineOSBuildInformer constructs a new informer for MachineOSBuild type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewMachineOSBuildInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredMachineOSBuildInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredMachineOSBuildInformer constructs a new informer for MachineOSBuild type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredMachineOSBuildInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.MachineconfigurationV1().MachineOSBuilds().List(context.TODO(), options) + }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.MachineconfigurationV1().MachineOSBuilds().Watch(context.TODO(), options) + }, + }, + &machineconfigurationv1.MachineOSBuild{}, + resyncPeriod, + indexers, + ) +} + +func (f *machineOSBuildInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredMachineOSBuildInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *machineOSBuildInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&machineconfigurationv1.MachineOSBuild{}, f.defaultInformer) +} + +func (f *machineOSBuildInformer) Lister() v1.MachineOSBuildLister { + return v1.NewMachineOSBuildLister(f.Informer().GetIndexer()) +} diff --git a/machineconfiguration/informers/externalversions/machineconfiguration/v1/machineosconfig.go b/machineconfiguration/informers/externalversions/machineconfiguration/v1/machineosconfig.go new file mode 100644 index 0000000000..8fddfd8228 --- /dev/null +++ b/machineconfiguration/informers/externalversions/machineconfiguration/v1/machineosconfig.go @@ -0,0 +1,73 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + time "time" + + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" + versioned "github.com/openshift/client-go/machineconfiguration/clientset/versioned" + internalinterfaces "github.com/openshift/client-go/machineconfiguration/informers/externalversions/internalinterfaces" + v1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// MachineOSConfigInformer provides access to a shared informer and lister for +// MachineOSConfigs. +type MachineOSConfigInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1.MachineOSConfigLister +} + +type machineOSConfigInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewMachineOSConfigInformer constructs a new informer for MachineOSConfig type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewMachineOSConfigInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredMachineOSConfigInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredMachineOSConfigInformer constructs a new informer for MachineOSConfig type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredMachineOSConfigInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.MachineconfigurationV1().MachineOSConfigs().List(context.TODO(), options) + }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.MachineconfigurationV1().MachineOSConfigs().Watch(context.TODO(), options) + }, + }, + &machineconfigurationv1.MachineOSConfig{}, + resyncPeriod, + indexers, + ) +} + +func (f *machineOSConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredMachineOSConfigInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *machineOSConfigInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&machineconfigurationv1.MachineOSConfig{}, f.defaultInformer) +} + +func (f *machineOSConfigInformer) Lister() v1.MachineOSConfigLister { + return v1.NewMachineOSConfigLister(f.Informer().GetIndexer()) +} diff --git a/machineconfiguration/listers/machineconfiguration/v1/expansion_generated.go b/machineconfiguration/listers/machineconfiguration/v1/expansion_generated.go index 8882e1ec19..5ed9d8f07c 100644 --- a/machineconfiguration/listers/machineconfiguration/v1/expansion_generated.go +++ b/machineconfiguration/listers/machineconfiguration/v1/expansion_generated.go @@ -21,3 +21,11 @@ type MachineConfigListerExpansion interface{} // MachineConfigPoolListerExpansion allows custom methods to be added to // MachineConfigPoolLister. type MachineConfigPoolListerExpansion interface{} + +// MachineOSBuildListerExpansion allows custom methods to be added to +// MachineOSBuildLister. +type MachineOSBuildListerExpansion interface{} + +// MachineOSConfigListerExpansion allows custom methods to be added to +// MachineOSConfigLister. +type MachineOSConfigListerExpansion interface{} diff --git a/machineconfiguration/listers/machineconfiguration/v1/machineosbuild.go b/machineconfiguration/listers/machineconfiguration/v1/machineosbuild.go new file mode 100644 index 0000000000..dca053fac1 --- /dev/null +++ b/machineconfiguration/listers/machineconfiguration/v1/machineosbuild.go @@ -0,0 +1,32 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/machineconfiguration/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/listers" + "k8s.io/client-go/tools/cache" +) + +// MachineOSBuildLister helps list MachineOSBuilds. +// All objects returned here must be treated as read-only. +type MachineOSBuildLister interface { + // List lists all MachineOSBuilds in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1.MachineOSBuild, err error) + // Get retrieves the MachineOSBuild from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1.MachineOSBuild, error) + MachineOSBuildListerExpansion +} + +// machineOSBuildLister implements the MachineOSBuildLister interface. +type machineOSBuildLister struct { + listers.ResourceIndexer[*v1.MachineOSBuild] +} + +// NewMachineOSBuildLister returns a new MachineOSBuildLister. +func NewMachineOSBuildLister(indexer cache.Indexer) MachineOSBuildLister { + return &machineOSBuildLister{listers.New[*v1.MachineOSBuild](indexer, v1.Resource("machineosbuild"))} +} diff --git a/machineconfiguration/listers/machineconfiguration/v1/machineosconfig.go b/machineconfiguration/listers/machineconfiguration/v1/machineosconfig.go new file mode 100644 index 0000000000..219e169aa8 --- /dev/null +++ b/machineconfiguration/listers/machineconfiguration/v1/machineosconfig.go @@ -0,0 +1,32 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/machineconfiguration/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/listers" + "k8s.io/client-go/tools/cache" +) + +// MachineOSConfigLister helps list MachineOSConfigs. +// All objects returned here must be treated as read-only. +type MachineOSConfigLister interface { + // List lists all MachineOSConfigs in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1.MachineOSConfig, err error) + // Get retrieves the MachineOSConfig from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1.MachineOSConfig, error) + MachineOSConfigListerExpansion +} + +// machineOSConfigLister implements the MachineOSConfigLister interface. +type machineOSConfigLister struct { + listers.ResourceIndexer[*v1.MachineOSConfig] +} + +// NewMachineOSConfigLister returns a new MachineOSConfigLister. +func NewMachineOSConfigLister(indexer cache.Indexer) MachineOSConfigLister { + return &machineOSConfigLister{listers.New[*v1.MachineOSConfig](indexer, v1.Resource("machineosconfig"))} +} diff --git a/operator/applyconfigurations/internal/internal.go b/operator/applyconfigurations/internal/internal.go index 2a11bffc77..d0b0e01568 100644 --- a/operator/applyconfigurations/internal/internal.go +++ b/operator/applyconfigurations/internal/internal.go @@ -1542,9 +1542,23 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.operator.v1.IPsecConfig map: fields: + - name: full + type: + namedType: com.github.openshift.api.operator.v1.IPsecFullModeConfig - name: mode type: scalar: string + unions: + - discriminator: mode + fields: + - fieldName: full + discriminatorValue: Full +- name: com.github.openshift.api.operator.v1.IPsecFullModeConfig + map: + fields: + - name: encapsulation + type: + scalar: string - name: com.github.openshift.api.operator.v1.IPv4GatewayConfig map: fields: @@ -1775,6 +1789,10 @@ var schemaYAML = typed.YAMLObject(`types: - name: httpHeaders type: namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders + - name: idleConnectionTerminationPolicy + type: + scalar: string + default: Deferred - name: logging type: namedType: com.github.openshift.api.operator.v1.IngressControllerLogging @@ -2862,7 +2880,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: currentRevision type: scalar: numeric - default: 0 - name: lastFailedCount type: scalar: numeric diff --git a/operator/applyconfigurations/operator/v1/ingresscontrollerspec.go b/operator/applyconfigurations/operator/v1/ingresscontrollerspec.go index fc57030c73..e8ed1738a4 100644 --- a/operator/applyconfigurations/operator/v1/ingresscontrollerspec.go +++ b/operator/applyconfigurations/operator/v1/ingresscontrollerspec.go @@ -13,23 +13,24 @@ import ( // IngressControllerSpecApplyConfiguration represents a declarative configuration of the IngressControllerSpec type for use // with apply. type IngressControllerSpecApplyConfiguration struct { - Domain *string `json:"domain,omitempty"` - HttpErrorCodePages *v1.ConfigMapNameReference `json:"httpErrorCodePages,omitempty"` - Replicas *int32 `json:"replicas,omitempty"` - EndpointPublishingStrategy *EndpointPublishingStrategyApplyConfiguration `json:"endpointPublishingStrategy,omitempty"` - DefaultCertificate *corev1.LocalObjectReference `json:"defaultCertificate,omitempty"` - NamespaceSelector *metav1.LabelSelectorApplyConfiguration `json:"namespaceSelector,omitempty"` - RouteSelector *metav1.LabelSelectorApplyConfiguration `json:"routeSelector,omitempty"` - NodePlacement *NodePlacementApplyConfiguration `json:"nodePlacement,omitempty"` - TLSSecurityProfile *v1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` - ClientTLS *ClientTLSApplyConfiguration `json:"clientTLS,omitempty"` - RouteAdmission *RouteAdmissionPolicyApplyConfiguration `json:"routeAdmission,omitempty"` - Logging *IngressControllerLoggingApplyConfiguration `json:"logging,omitempty"` - HTTPHeaders *IngressControllerHTTPHeadersApplyConfiguration `json:"httpHeaders,omitempty"` - HTTPEmptyRequestsPolicy *apioperatorv1.HTTPEmptyRequestsPolicy `json:"httpEmptyRequestsPolicy,omitempty"` - TuningOptions *IngressControllerTuningOptionsApplyConfiguration `json:"tuningOptions,omitempty"` - UnsupportedConfigOverrides *runtime.RawExtension `json:"unsupportedConfigOverrides,omitempty"` - HTTPCompression *HTTPCompressionPolicyApplyConfiguration `json:"httpCompression,omitempty"` + Domain *string `json:"domain,omitempty"` + HttpErrorCodePages *v1.ConfigMapNameReference `json:"httpErrorCodePages,omitempty"` + Replicas *int32 `json:"replicas,omitempty"` + EndpointPublishingStrategy *EndpointPublishingStrategyApplyConfiguration `json:"endpointPublishingStrategy,omitempty"` + DefaultCertificate *corev1.LocalObjectReference `json:"defaultCertificate,omitempty"` + NamespaceSelector *metav1.LabelSelectorApplyConfiguration `json:"namespaceSelector,omitempty"` + RouteSelector *metav1.LabelSelectorApplyConfiguration `json:"routeSelector,omitempty"` + NodePlacement *NodePlacementApplyConfiguration `json:"nodePlacement,omitempty"` + TLSSecurityProfile *v1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + ClientTLS *ClientTLSApplyConfiguration `json:"clientTLS,omitempty"` + RouteAdmission *RouteAdmissionPolicyApplyConfiguration `json:"routeAdmission,omitempty"` + Logging *IngressControllerLoggingApplyConfiguration `json:"logging,omitempty"` + HTTPHeaders *IngressControllerHTTPHeadersApplyConfiguration `json:"httpHeaders,omitempty"` + HTTPEmptyRequestsPolicy *apioperatorv1.HTTPEmptyRequestsPolicy `json:"httpEmptyRequestsPolicy,omitempty"` + TuningOptions *IngressControllerTuningOptionsApplyConfiguration `json:"tuningOptions,omitempty"` + UnsupportedConfigOverrides *runtime.RawExtension `json:"unsupportedConfigOverrides,omitempty"` + HTTPCompression *HTTPCompressionPolicyApplyConfiguration `json:"httpCompression,omitempty"` + IdleConnectionTerminationPolicy *apioperatorv1.IngressControllerConnectionTerminationPolicy `json:"idleConnectionTerminationPolicy,omitempty"` } // IngressControllerSpecApplyConfiguration constructs a declarative configuration of the IngressControllerSpec type for use with @@ -173,3 +174,11 @@ func (b *IngressControllerSpecApplyConfiguration) WithHTTPCompression(value *HTT b.HTTPCompression = value return b } + +// WithIdleConnectionTerminationPolicy sets the IdleConnectionTerminationPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the IdleConnectionTerminationPolicy field is set to the value of the last call. +func (b *IngressControllerSpecApplyConfiguration) WithIdleConnectionTerminationPolicy(value apioperatorv1.IngressControllerConnectionTerminationPolicy) *IngressControllerSpecApplyConfiguration { + b.IdleConnectionTerminationPolicy = &value + return b +} diff --git a/operator/applyconfigurations/operator/v1/ipsecconfig.go b/operator/applyconfigurations/operator/v1/ipsecconfig.go index ebe738b9f9..e6e7317fe8 100644 --- a/operator/applyconfigurations/operator/v1/ipsecconfig.go +++ b/operator/applyconfigurations/operator/v1/ipsecconfig.go @@ -9,7 +9,8 @@ import ( // IPsecConfigApplyConfiguration represents a declarative configuration of the IPsecConfig type for use // with apply. type IPsecConfigApplyConfiguration struct { - Mode *v1.IPsecMode `json:"mode,omitempty"` + Mode *v1.IPsecMode `json:"mode,omitempty"` + Full *IPsecFullModeConfigApplyConfiguration `json:"full,omitempty"` } // IPsecConfigApplyConfiguration constructs a declarative configuration of the IPsecConfig type for use with @@ -25,3 +26,11 @@ func (b *IPsecConfigApplyConfiguration) WithMode(value v1.IPsecMode) *IPsecConfi b.Mode = &value return b } + +// WithFull sets the Full field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Full field is set to the value of the last call. +func (b *IPsecConfigApplyConfiguration) WithFull(value *IPsecFullModeConfigApplyConfiguration) *IPsecConfigApplyConfiguration { + b.Full = value + return b +} diff --git a/operator/applyconfigurations/operator/v1/ipsecfullmodeconfig.go b/operator/applyconfigurations/operator/v1/ipsecfullmodeconfig.go new file mode 100644 index 0000000000..afdb76c288 --- /dev/null +++ b/operator/applyconfigurations/operator/v1/ipsecfullmodeconfig.go @@ -0,0 +1,27 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/operator/v1" +) + +// IPsecFullModeConfigApplyConfiguration represents a declarative configuration of the IPsecFullModeConfig type for use +// with apply. +type IPsecFullModeConfigApplyConfiguration struct { + Encapsulation *v1.Encapsulation `json:"encapsulation,omitempty"` +} + +// IPsecFullModeConfigApplyConfiguration constructs a declarative configuration of the IPsecFullModeConfig type for use with +// apply. +func IPsecFullModeConfig() *IPsecFullModeConfigApplyConfiguration { + return &IPsecFullModeConfigApplyConfiguration{} +} + +// WithEncapsulation sets the Encapsulation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Encapsulation field is set to the value of the last call. +func (b *IPsecFullModeConfigApplyConfiguration) WithEncapsulation(value v1.Encapsulation) *IPsecFullModeConfigApplyConfiguration { + b.Encapsulation = &value + return b +} diff --git a/operator/applyconfigurations/utils.go b/operator/applyconfigurations/utils.go index db980ec719..bed266ca41 100644 --- a/operator/applyconfigurations/utils.go +++ b/operator/applyconfigurations/utils.go @@ -210,6 +210,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.IPFIXConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("IPsecConfig"): return &operatorv1.IPsecConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IPsecFullModeConfig"): + return &operatorv1.IPsecFullModeConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("IPv4GatewayConfig"): return &operatorv1.IPv4GatewayConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("IPv4OVNKubernetesConfig"): diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index f6f0c12a3b..7f0d3239b8 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -5,7 +5,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +genclient // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace == specC.componentNamespace && statusC.componentName == specC.componentName) || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, oldC.componentNamespace == specC.componentNamespace && oldC.componentName == specC.componentName)))))",message="all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC;ExternalOIDCWithUIDAndExtraClaimMappings,rule="!has(self.spec.oidcProviders) || self.spec.oidcProviders.all(p, !has(p.oidcClients) || p.oidcClients.all(specC, self.status.oidcClients.exists(statusC, statusC.componentNamespace == specC.componentNamespace && statusC.componentName == specC.componentName) || (has(oldSelf.spec.oidcProviders) && oldSelf.spec.oidcProviders.exists(oldP, oldP.name == p.name && has(oldP.oidcClients) && oldP.oidcClients.exists(oldC, oldC.componentNamespace == specC.componentNamespace && oldC.componentName == specC.componentName)))))",message="all oidcClients in the oidcProviders must match their componentName and componentNamespace to either a previously configured oidcClient or they must exist in the status.oidcClients" // Authentication specifies cluster-wide settings for authentication (like OAuth and // webhook token authenticators). The canonical name of an instance is `cluster`. @@ -91,6 +91,7 @@ type AuthenticationSpec struct { // +listMapKey=name // +kubebuilder:validation:MaxItems=1 // +openshift:enable:FeatureGate=ExternalOIDC + // +openshift:enable:FeatureGate=ExternalOIDCWithUIDAndExtraClaimMappings OIDCProviders []OIDCProvider `json:"oidcProviders,omitempty"` } @@ -118,6 +119,7 @@ type AuthenticationStatus struct { // +listMapKey=componentName // +kubebuilder:validation:MaxItems=20 // +openshift:enable:FeatureGate=ExternalOIDC + // +openshift:enable:FeatureGate=ExternalOIDCWithUIDAndExtraClaimMappings OIDCClients []OIDCClientStatus `json:"oidcClients"` } @@ -136,7 +138,7 @@ type AuthenticationList struct { } // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum="";None;IntegratedOAuth -// +openshift:validation:FeatureGateAwareEnum:featureGate=ExternalOIDC,enum="";None;IntegratedOAuth;OIDC +// +openshift:validation:FeatureGateAwareEnum:featureGate=ExternalOIDC;ExternalOIDCWithUIDAndExtraClaimMappings,enum="";None;IntegratedOAuth;OIDC type AuthenticationType string const ( @@ -268,6 +270,33 @@ type TokenClaimMappings struct { // groups for the cluster identity. // The referenced claim must use array of strings values. Groups PrefixedClaimMapping `json:"groups,omitempty"` + + // uid is an optional field for configuring the claim mapping + // used to construct the uid for the cluster identity. + // + // When using uid.claim to specify the claim it must be a single string value. + // When using uid.expression the expression must result in a single string value. + // + // When omitted, this means the user has no opinion and the platform + // is left to choose a default, which is subject to change over time. + // The current default is to use the 'sub' claim. + // + // +optional + // +openshift:enable:FeatureGate=ExternalOIDCWithUIDAndExtraClaimMappings + UID *TokenClaimOrExpressionMapping `json:"uid,omitempty"` + + // extra is an optional field for configuring the mappings + // used to construct the extra attribute for the cluster identity. + // When omitted, no extra attributes will be present on the cluster identity. + // key values for extra mappings must be unique. + // A maximum of 64 extra attribute mappings may be provided. + // + // +optional + // +kubebuilder:validation:MaxItems=64 + // +listType=map + // +listMapKey=key + // +openshift:enable:FeatureGate=ExternalOIDCWithUIDAndExtraClaimMappings + Extra []ExtraMapping `json:"extra,omitempty"` } type TokenClaimMapping struct { @@ -278,6 +307,110 @@ type TokenClaimMapping struct { Claim string `json:"claim"` } +// TokenClaimOrExpressionMapping allows specifying either a JWT +// token claim or CEL expression to be used when mapping claims +// from an authentication token to cluster identities. +// +kubebuilder:validation:XValidation:rule="has(self.claim) ? !has(self.expression) : has(self.expression)",message="precisely one of claim or expression must be set" +type TokenClaimOrExpressionMapping struct { + // claim is an optional field for specifying the + // JWT token claim that is used in the mapping. + // The value of this claim will be assigned to + // the field in which this mapping is associated. + // + // Precisely one of claim or expression must be set. + // claim must not be specified when expression is set. + // When specified, claim must be at least 1 character in length + // and must not exceed 256 characters in length. + // + // +optional + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:MinLength=1 + Claim string `json:"claim,omitempty"` + + // expression is an optional field for specifying a + // CEL expression that produces a string value from + // JWT token claims. + // + // CEL expressions have access to the token claims + // through a CEL variable, 'claims'. + // 'claims' is a map of claim names to claim values. + // For example, the 'sub' claim value can be accessed as 'claims.sub'. + // Nested claims can be accessed using dot notation ('claims.foo.bar'). + // + // Precisely one of claim or expression must be set. + // expression must not be specified when claim is set. + // When specified, expression must be at least 1 character in length + // and must not exceed 4096 characters in length. + // + // +optional + // +kubebuilder:validation:MaxLength=4096 + // +kubebuilder:validation:MinLength=1 + Expression string `json:"expression,omitempty"` +} + +// ExtraMapping allows specifying a key and CEL expression +// to evaluate the keys' value. It is used to create additional +// mappings and attributes added to a cluster identity from +// a provided authentication token. +type ExtraMapping struct { + // key is a required field that specifies the string + // to use as the extra attribute key. + // + // key must be a domain-prefix path (e.g 'example.org/foo'). + // key must not exceed 510 characters in length. + // key must contain the '/' character, separating the domain and path characters. + // key must not be empty. + // + // The domain portion of the key (string of characters prior to the '/') must be a valid RFC1123 subdomain. + // It must not exceed 253 characters in length. + // It must start and end with an alphanumeric character. + // It must only contain lower case alphanumeric characters and '-' or '.'. + // It must not use the reserved domains, or be subdomains of, "kubernetes.io", "k8s.io", and "openshift.io". + // + // The path portion of the key (string of characters after the '/') must not be empty and must consist of at least one + // alphanumeric character, percent-encoded octets, '-', '.', '_', '~', '!', '$', '&', ''', '(', ')', '*', '+', ',', ';', '=', and ':'. + // It must not exceed 256 characters in length. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=510 + // +kubebuilder:validation:XValidation:rule="self.contains('/')",message="key must contain the '/' character" + // + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[0].matches(\"^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$\")",message="the domain of the key must consist of only lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character" + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[0].size() <= 253",message="the domain of the key must not exceed 253 characters in length" + // + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[0] != 'kubernetes.io'",message="the domain 'kubernetes.io' is reserved for Kubernetes use" + // +kubebuilder:validation:XValidation:rule="!self.split('/', 2)[0].endsWith('.kubernetes.io')",message="the subdomains '*.kubernetes.io' are reserved for Kubernetes use" + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[0] != 'k8s.io'",message="the domain 'k8s.io' is reserved for Kubernetes use" + // +kubebuilder:validation:XValidation:rule="!self.split('/', 2)[0].endsWith('.k8s.io')",message="the subdomains '*.k8s.io' are reserved for Kubernetes use" + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[0] != 'openshift.io'",message="the domain 'openshift.io' is reserved for OpenShift use" + // +kubebuilder:validation:XValidation:rule="!self.split('/', 2)[0].endsWith('.openshift.io')",message="the subdomains '*.openshift.io' are reserved for OpenShift use" + // + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[1].matches('[A-Za-z0-9/\\\\-._~%!$&\\'()*+;=:]+')",message="the path of the key must not be empty and must consist of at least one alphanumeric character, percent-encoded octets, apostrophe, '-', '.', '_', '~', '!', '$', '&', '(', ')', '*', '+', ',', ';', '=', and ':'" + // +kubebuilder:validation:XValidation:rule="self.split('/', 2)[1].size() <= 256",message="the path of the key must not exceed 256 characters in length" + Key string `json:"key"` + + // valueExpression is a required field to specify the CEL expression to extract + // the extra attribute value from a JWT token's claims. + // valueExpression must produce a string or string array value. + // "", [], and null are treated as the extra mapping not being present. + // Empty string values within an array are filtered out. + // + // CEL expressions have access to the token claims + // through a CEL variable, 'claims'. + // 'claims' is a map of claim names to claim values. + // For example, the 'sub' claim value can be accessed as 'claims.sub'. + // Nested claims can be accessed using dot notation ('claims.foo.bar'). + // + // valueExpression must not exceed 4096 characters in length. + // valueExpression must not be empty. + // + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + ValueExpression string `json:"valueExpression"` +} + type OIDCClientConfig struct { // ComponentName is the name of the component that is supposed to consume this // client configuration diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index 61386a72e4..2b392298e8 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -288,7 +288,7 @@ const ( ) // ClusterVersionCapability enumerates optional, core cluster components. -// +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager +// +kubebuilder:validation:Enum=openshift-samples;baremetal;marketplace;Console;Insights;Storage;CSISnapshot;NodeTuning;MachineAPI;Build;DeploymentConfig;ImageRegistry;OperatorLifecycleManager;CloudCredential;Ingress;CloudControllerManager;OperatorLifecycleManagerV1 type ClusterVersionCapability string const ( @@ -379,10 +379,14 @@ const ( // allows to distribute Docker images ClusterVersionCapabilityImageRegistry ClusterVersionCapability = "ImageRegistry" - // ClusterVersionCapabilityOperatorLifecycleManager manages the Operator Lifecycle Manager + // ClusterVersionCapabilityOperatorLifecycleManager manages the Operator Lifecycle Manager (legacy) // which itself manages the lifecycle of operators ClusterVersionCapabilityOperatorLifecycleManager ClusterVersionCapability = "OperatorLifecycleManager" + // ClusterVersionCapabilityOperatorLifecycleManagerV1 manages the Operator Lifecycle Manager (v1) + // which itself manages the lifecycle of operators + ClusterVersionCapabilityOperatorLifecycleManagerV1 ClusterVersionCapability = "OperatorLifecycleManagerV1" + // ClusterVersionCapabilityCloudCredential manages credentials for cloud providers // in openshift cluster ClusterVersionCapabilityCloudCredential ClusterVersionCapability = "CloudCredential" @@ -422,6 +426,7 @@ var KnownClusterVersionCapabilities = []ClusterVersionCapability{ ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, + ClusterVersionCapabilityOperatorLifecycleManagerV1, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, @@ -600,6 +605,7 @@ var ClusterVersionCapabilitySets = map[ClusterVersionCapabilitySet][]ClusterVers ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, + ClusterVersionCapabilityOperatorLifecycleManagerV1, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, @@ -618,6 +624,7 @@ var ClusterVersionCapabilitySets = map[ClusterVersionCapabilitySet][]ClusterVers ClusterVersionCapabilityDeploymentConfig, ClusterVersionCapabilityImageRegistry, ClusterVersionCapabilityOperatorLifecycleManager, + ClusterVersionCapabilityOperatorLifecycleManagerV1, ClusterVersionCapabilityCloudCredential, ClusterVersionCapabilityIngress, ClusterVersionCapabilityCloudControllerManager, @@ -739,6 +746,16 @@ type Update struct { // Release represents an OpenShift release image and associated metadata. // +k8s:deepcopy-gen=true type Release struct { + // architecture is an optional field that indicates the + // value of the cluster architecture. In this context cluster + // architecture means either a single architecture or a multi + // architecture. + // Valid values are 'Multi' and empty. + // + // +openshift:enable:FeatureGate=ImageStreamImportMode + // +optional + Architecture ClusterVersionArchitecture `json:"architecture,omitempty"` + // version is a semantic version identifying the update version. When this // field is part of spec, version is optional if image is specified. // +required diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 0daa62d309..0a7b8a06ee 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -525,20 +525,24 @@ type AWSPlatformStatus struct { // AWSResourceTag is a tag to apply to AWS resources created for the cluster. type AWSResourceTag struct { - // key is the key of the tag + // key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag. + // Key should consist of between 1 and 128 characters, and may + // contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=128 - // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$` + // +kubebuilder:validation:XValidation:rule=`self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')`,message="invalid AWS resource tag key. The string can contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', '@'" // +required Key string `json:"key"` - // value is the value of the tag. + // value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag. + // Value should consist of between 1 and 256 characters, and may + // contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. // Some AWS service do not support empty values. Since tags are added to resources in many services, the // length of the tag value must meet the requirements of all services. // +kubebuilder:validation:Required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=256 - // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$` + // +kubebuilder:validation:XValidation:rule=`self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')`,message="invalid AWS resource tag value. The string can contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', '@'" // +required Value string `json:"value"` } @@ -1593,7 +1597,7 @@ type PowerVSServiceEndpoint struct { // Power Cloud - https://cloud.ibm.com/apidocs/power-cloud // // +kubebuilder:validation:Required - // +kubebuilder:validation:Pattern=`^[a-z0-9-]+$` + // +kubebuilder:validation:Enum=CIS;COS;COSConfig;DNSServices;GlobalCatalog;GlobalSearch;GlobalTagging;HyperProtect;IAM;KeyProtect;Power;ResourceController;ResourceManager;VPC Name string `json:"name"` // url is fully qualified URI with scheme https, that overrides the default generated @@ -1739,6 +1743,7 @@ type NutanixPlatformSpec struct { // failureDomains configures failure domains information for the Nutanix platform. // When set, the failure domains defined here may be used to spread Machines across // prism element clusters to improve fault tolerance of the cluster. + // +openshift:validation:FeatureGateAwareMaxItems:featureGate=NutanixMultiSubnets,maxItems=32 // +listType=map // +listMapKey=name // +optional @@ -1765,13 +1770,15 @@ type NutanixFailureDomain struct { Cluster NutanixResourceIdentifier `json:"cluster"` // subnets holds a list of identifiers (one or more) of the cluster's network subnets + // If the feature gate NutanixMultiSubnets is enabled, up to 32 subnets may be configured. // for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be // obtained from the Prism Central console or using the prism_central API. // +kubebuilder:validation:Required // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=1 - // +listType=map - // +listMapKey=type + // +openshift:validation:FeatureGateAwareMaxItems:featureGate="",maxItems=1 + // +openshift:validation:FeatureGateAwareMaxItems:featureGate=NutanixMultiSubnets,maxItems=32 + // +openshift:validation:FeatureGateAwareXValidation:featureGate=NutanixMultiSubnets,rule="self.all(x, self.exists_one(y, x == y))",message="each subnet must be unique" + // +listType=atomic Subnets []NutanixResourceIdentifier `json:"subnets"` } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 1b7fa44aad..4f3d5f911b 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -2000,6 +2000,22 @@ func (in *ExternalPlatformStatus) DeepCopy() *ExternalPlatformStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExtraMapping) DeepCopyInto(out *ExtraMapping) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraMapping. +func (in *ExtraMapping) DeepCopy() *ExtraMapping { + if in == nil { + return nil + } + out := new(ExtraMapping) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FeatureGate) DeepCopyInto(out *FeatureGate) { *out = *in @@ -5659,6 +5675,16 @@ func (in *TokenClaimMappings) DeepCopyInto(out *TokenClaimMappings) { *out = *in in.Username.DeepCopyInto(&out.Username) out.Groups = in.Groups + if in.UID != nil { + in, out := &in.UID, &out.UID + *out = new(TokenClaimOrExpressionMapping) + **out = **in + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make([]ExtraMapping, len(*in)) + copy(*out, *in) + } return } @@ -5672,6 +5698,22 @@ func (in *TokenClaimMappings) DeepCopy() *TokenClaimMappings { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenClaimOrExpressionMapping) DeepCopyInto(out *TokenClaimOrExpressionMapping) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenClaimOrExpressionMapping. +func (in *TokenClaimOrExpressionMapping) DeepCopy() *TokenClaimOrExpressionMapping { + if in == nil { + return nil + } + out := new(TokenClaimOrExpressionMapping) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenClaimValidationRule) DeepCopyInto(out *TokenClaimValidationRule) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index abfea5eaf0..1acd1a0bb4 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -29,6 +29,7 @@ authentications.config.openshift.io: Category: "" FeatureGates: - ExternalOIDC + - ExternalOIDCWithUIDAndExtraClaimMappings FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -115,6 +116,7 @@ clusterversions.config.openshift.io: Capability: "" Category: "" FeatureGates: + - ImageStreamImportMode - SignatureStores FilenameOperatorName: cluster-version-operator FilenameOperatorOrdering: "01" @@ -314,6 +316,7 @@ infrastructures.config.openshift.io: - BareMetalLoadBalancer - GCPClusterHostedDNS - GCPLabelsTags + - NutanixMultiSubnets - VSphereControlPlaneMachineSet - VSphereMultiNetworks - VSphereMultiVCenters diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 145a7e4c04..1ae32996bd 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -394,6 +394,16 @@ func (DeprecatedWebhookTokenAuthenticator) SwaggerDoc() map[string]string { return map_DeprecatedWebhookTokenAuthenticator } +var map_ExtraMapping = map[string]string{ + "": "ExtraMapping allows specifying a key and CEL expression to evaluate the keys' value. It is used to create additional mappings and attributes added to a cluster identity from a provided authentication token.", + "key": "key is a required field that specifies the string to use as the extra attribute key.\n\nkey must be a domain-prefix path (e.g 'example.org/foo'). key must not exceed 510 characters in length. key must contain the '/' character, separating the domain and path characters. key must not be empty.\n\nThe domain portion of the key (string of characters prior to the '/') must be a valid RFC1123 subdomain. It must not exceed 253 characters in length. It must start and end with an alphanumeric character. It must only contain lower case alphanumeric characters and '-' or '.'. It must not use the reserved domains, or be subdomains of, \"kubernetes.io\", \"k8s.io\", and \"openshift.io\".\n\nThe path portion of the key (string of characters after the '/') must not be empty and must consist of at least one alphanumeric character, percent-encoded octets, '-', '.', '_', '~', '!', '$', '&', ''', '(', ')', '*', '+', ',', ';', '=', and ':'. It must not exceed 256 characters in length.", + "valueExpression": "valueExpression is a required field to specify the CEL expression to extract the extra attribute value from a JWT token's claims. valueExpression must produce a string or string array value. \"\", [], and null are treated as the extra mapping not being present. Empty string values within an array are filtered out.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'. 'claims' is a map of claim names to claim values. For example, the 'sub' claim value can be accessed as 'claims.sub'. Nested claims can be accessed using dot notation ('claims.foo.bar').\n\nvalueExpression must not exceed 4096 characters in length. valueExpression must not be empty.", +} + +func (ExtraMapping) SwaggerDoc() map[string]string { + return map_ExtraMapping +} + var map_OIDCClientConfig = map[string]string{ "componentName": "ComponentName is the name of the component that is supposed to consume this client configuration", "componentNamespace": "ComponentNamespace is the namespace of the component that is supposed to consume this client configuration", @@ -459,12 +469,24 @@ func (TokenClaimMapping) SwaggerDoc() map[string]string { var map_TokenClaimMappings = map[string]string{ "username": "Username is a name of the claim that should be used to construct usernames for the cluster identity.\n\nDefault value: \"sub\"", "groups": "Groups is a name of the claim that should be used to construct groups for the cluster identity. The referenced claim must use array of strings values.", + "uid": "uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity.\n\nWhen using uid.claim to specify the claim it must be a single string value. When using uid.expression the expression must result in a single string value.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose a default, which is subject to change over time. The current default is to use the 'sub' claim.", + "extra": "extra is an optional field for configuring the mappings used to construct the extra attribute for the cluster identity. When omitted, no extra attributes will be present on the cluster identity. key values for extra mappings must be unique. A maximum of 64 extra attribute mappings may be provided.", } func (TokenClaimMappings) SwaggerDoc() map[string]string { return map_TokenClaimMappings } +var map_TokenClaimOrExpressionMapping = map[string]string{ + "": "TokenClaimOrExpressionMapping allows specifying either a JWT token claim or CEL expression to be used when mapping claims from an authentication token to cluster identities.", + "claim": "claim is an optional field for specifying the JWT token claim that is used in the mapping. The value of this claim will be assigned to the field in which this mapping is associated.\n\nPrecisely one of claim or expression must be set. claim must not be specified when expression is set. When specified, claim must be at least 1 character in length and must not exceed 256 characters in length.", + "expression": "expression is an optional field for specifying a CEL expression that produces a string value from JWT token claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'. 'claims' is a map of claim names to claim values. For example, the 'sub' claim value can be accessed as 'claims.sub'. Nested claims can be accessed using dot notation ('claims.foo.bar').\n\nPrecisely one of claim or expression must be set. expression must not be specified when claim is set. When specified, expression must be at least 1 character in length and must not exceed 4096 characters in length.", +} + +func (TokenClaimOrExpressionMapping) SwaggerDoc() map[string]string { + return map_TokenClaimOrExpressionMapping +} + var map_TokenClaimValidationRule = map[string]string{ "type": "Type sets the type of the validation rule", "requiredClaim": "RequiredClaim allows configuring a required claim name and its expected value", @@ -772,11 +794,12 @@ func (PromQLClusterCondition) SwaggerDoc() map[string]string { } var map_Release = map[string]string{ - "": "Release represents an OpenShift release image and associated metadata.", - "version": "version is a semantic version identifying the update version. When this field is part of spec, version is optional if image is specified.", - "image": "image is a container image location that contains the update. When this field is part of spec, image is optional if version is specified and the availableUpdates field contains a matching version.", - "url": "url contains information about this release. This URL is set by the 'url' metadata property on a release or the metadata returned by the update API and should be displayed as a link in user interfaces. The URL field may not be set for test or nightly releases.", - "channels": "channels is the set of Cincinnati channels to which the release currently belongs.", + "": "Release represents an OpenShift release image and associated metadata.", + "architecture": "architecture is an optional field that indicates the value of the cluster architecture. In this context cluster architecture means either a single architecture or a multi architecture. Valid values are 'Multi' and empty.", + "version": "version is a semantic version identifying the update version. When this field is part of spec, version is optional if image is specified.", + "image": "image is a container image location that contains the update. When this field is part of spec, image is optional if version is specified and the availableUpdates field contains a matching version.", + "url": "url contains information about this release. This URL is set by the 'url' metadata property on a release or the metadata returned by the update API and should be displayed as a link in user interfaces. The URL field may not be set for test or nightly releases.", + "channels": "channels is the set of Cincinnati channels to which the release currently belongs.", } func (Release) SwaggerDoc() map[string]string { @@ -1197,8 +1220,8 @@ func (AWSPlatformStatus) SwaggerDoc() map[string]string { var map_AWSResourceTag = map[string]string{ "": "AWSResourceTag is a tag to apply to AWS resources created for the cluster.", - "key": "key is the key of the tag", - "value": "value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services.", + "key": "key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag. Key should consist of between 1 and 128 characters, and may contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'.", + "value": "value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag. Value should consist of between 1 and 256 characters, and may contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services.", } func (AWSResourceTag) SwaggerDoc() map[string]string { @@ -1519,7 +1542,7 @@ var map_NutanixFailureDomain = map[string]string{ "": "NutanixFailureDomain configures failure domain information for the Nutanix platform.", "name": "name defines the unique name of a failure domain. Name is required and must be at most 64 characters in length. It must consist of only lower case alphanumeric characters and hyphens (-). It must start and end with an alphanumeric character. This value is arbitrary and is used to identify the failure domain within the platform.", "cluster": "cluster is to identify the cluster (the Prism Element under management of the Prism Central), in which the Machine's VM will be created. The cluster identifier (uuid or name) can be obtained from the Prism Central console or using the prism_central API.", - "subnets": "subnets holds a list of identifiers (one or more) of the cluster's network subnets for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be obtained from the Prism Central console or using the prism_central API.", + "subnets": "subnets holds a list of identifiers (one or more) of the cluster's network subnets If the feature gate NutanixMultiSubnets is enabled, up to 32 subnets may be configured. for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be obtained from the Prism Central console or using the prism_central API.", } func (NutanixFailureDomain) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/console/v1/types_console_plugin.go b/vendor/github.com/openshift/api/console/v1/types_console_plugin.go index 24954687d5..534a41ca76 100644 --- a/vendor/github.com/openshift/api/console/v1/types_console_plugin.go +++ b/vendor/github.com/openshift/api/console/v1/types_console_plugin.go @@ -43,11 +43,137 @@ type ConsolePluginSpec struct { Backend ConsolePluginBackend `json:"backend"` // proxy is a list of proxies that describe various service type // to which the plugin needs to connect to. + // +listType=atomic // +optional Proxy []ConsolePluginProxy `json:"proxy,omitempty"` // i18n is the configuration of plugin's localization resources. // +optional I18n ConsolePluginI18n `json:"i18n"` + // contentSecurityPolicy is a list of Content-Security-Policy (CSP) directives for the plugin. + // Each directive specifies a list of values, appropriate for the given directive type, + // for example a list of remote endpoints for fetch directives such as ScriptSrc. + // Console web application uses CSP to detect and mitigate certain types of attacks, + // such as cross-site scripting (XSS) and data injection attacks. + // Dynamic plugins should specify this field if need to load assets from outside + // the cluster or if violation reports are observed. Dynamic plugins should always prefer + // loading their assets from within the cluster, either by vendoring them, or fetching + // from a cluster service. + // CSP violation reports can be viewed in the browser's console logs during development and + // testing of the plugin in the OpenShift web console. + // Available directive types are DefaultSrc, ScriptSrc, StyleSrc, ImgSrc and FontSrc. + // Each of the available directives may be defined only once in the list. + // The value 'self' is automatically included in all fetch directives by the OpenShift web + // console's backend. + // For more information about the CSP directives, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + // + // The OpenShift web console server aggregates the CSP directives and values across + // its own default values and all enabled ConsolePlugin CRs, merging them into a single + // policy string that is sent to the browser via `Content-Security-Policy` HTTP response header. + // + // Example: + // ConsolePlugin A directives: + // script-src: https://script1.com/, https://script2.com/ + // font-src: https://font1.com/ + // + // ConsolePlugin B directives: + // script-src: https://script2.com/, https://script3.com/ + // font-src: https://font2.com/ + // img-src: https://img1.com/ + // + // Unified set of CSP directives, passed to the OpenShift web console server: + // script-src: https://script1.com/, https://script2.com/, https://script3.com/ + // font-src: https://font1.com/, https://font2.com/ + // img-src: https://img1.com/ + // + // OpenShift web console server CSP response header: + // Content-Security-Policy: default-src 'self'; base-uri 'self'; script-src 'self' https://script1.com/ https://script2.com/ https://script3.com/; font-src 'self' https://font1.com/ https://font2.com/; img-src 'self' https://img1.com/; style-src 'self'; frame-src 'none'; object-src 'none' + // + // +openshift:enable:FeatureGate=ConsolePluginContentSecurityPolicy + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:XValidation:rule="self.map(x, x.values.map(y, y.size()).sum()).sum() < 8192",message="the total combined size of values of all directives must not exceed 8192 (8kb)" + // +listType=map + // +listMapKey=directive + // +optional + ContentSecurityPolicy []ConsolePluginCSP `json:"contentSecurityPolicy"` +} + +// DirectiveType is an enumeration of OpenShift web console supported CSP directives. +// LoadType is an enumeration of i18n loading types. +// +kubebuilder:validation:Enum:="DefaultSrc";"ScriptSrc";"StyleSrc";"ImgSrc";"FontSrc" +// +enum +type DirectiveType string + +const ( + // DefaultSrc directive serves as a fallback for the other CSP fetch directives. + // For more information about the DefaultSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src + DefaultSrc DirectiveType = "DefaultSrc" + // ScriptSrc directive specifies valid sources for JavaScript. + // For more information about the ScriptSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src + ScriptSrc DirectiveType = "ScriptSrc" + // StyleSrc directive specifies valid sources for stylesheets. + // For more information about the StyleSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src + StyleSrc DirectiveType = "StyleSrc" + // ImgSrc directive specifies a valid sources of images and favicons. + // For more information about the ImgSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src + ImgSrc DirectiveType = "ImgSrc" + // FontSrc directive specifies valid sources for fonts loaded using @font-face. + // For more information about the FontSrcdirective, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src + FontSrc DirectiveType = "FontSrc" +) + +// CSPDirectiveValue is single value for a Content-Security-Policy directive. +// Each directive value must have a maximum length of 1024 characters and must not contain +// whitespace, commas (,), semicolons (;) or single quotes ('). The value '*' is not permitted. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +// +kubebuilder:validation:XValidation:rule="!self.contains(\"'\")",message="CSP directive value cannot contain a quote" +// +kubebuilder:validation:XValidation:rule="!self.matches('\\\\s')",message="CSP directive value cannot contain a whitespace" +// +kubebuilder:validation:XValidation:rule="!self.contains(',')",message="CSP directive value cannot contain a comma" +// +kubebuilder:validation:XValidation:rule="!self.contains(';')",message="CSP directive value cannot contain a semi-colon" +// +kubebuilder:validation:XValidation:rule="self != '*'",message="CSP directive value cannot be a wildcard" +type CSPDirectiveValue string + +// ConsolePluginCSP holds configuration for a specific CSP directive +type ConsolePluginCSP struct { + // directive specifies which Content-Security-Policy directive to configure. + // Available directive types are DefaultSrc, ScriptSrc, StyleSrc, ImgSrc and FontSrc. + // DefaultSrc directive serves as a fallback for the other CSP fetch directives. + // For more information about the DefaultSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src + // ScriptSrc directive specifies valid sources for JavaScript. + // For more information about the ScriptSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src + // StyleSrc directive specifies valid sources for stylesheets. + // For more information about the StyleSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src + // ImgSrc directive specifies a valid sources of images and favicons. + // For more information about the ImgSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src + // FontSrc directive specifies valid sources for fonts loaded using @font-face. + // For more information about the FontSrc directive, see: + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src + // +kubebuilder:validation:Required + Directive DirectiveType `json:"directive"` + // values defines an array of values to append to the console defaults for this directive. + // Each ConsolePlugin may define their own directives with their values. These will be set + // by the OpenShift web console's backend, as part of its Content-Security-Policy header. + // The array can contain at most 16 values. Each directive value must have a maximum length + // of 1024 characters and must not contain whitespace, commas (,), semicolons (;) or single + // quotes ('). The value '*' is not permitted. + // Each value in the array must be unique. + // + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))",message="each CSP directive value must be unique" + // +listType=atomic + Values []CSPDirectiveValue `json:"values"` } // LoadType is an enumeration of i18n loading types diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go index b7cd66da0c..d4fefaa37c 100644 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.deepcopy.go @@ -416,6 +416,27 @@ func (in *ConsolePluginBackend) DeepCopy() *ConsolePluginBackend { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsolePluginCSP) DeepCopyInto(out *ConsolePluginCSP) { + *out = *in + if in.Values != nil { + in, out := &in.Values, &out.Values + *out = make([]CSPDirectiveValue, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsolePluginCSP. +func (in *ConsolePluginCSP) DeepCopy() *ConsolePluginCSP { + if in == nil { + return nil + } + out := new(ConsolePluginCSP) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConsolePluginI18n) DeepCopyInto(out *ConsolePluginI18n) { *out = *in @@ -547,6 +568,13 @@ func (in *ConsolePluginSpec) DeepCopyInto(out *ConsolePluginSpec) { } } out.I18n = in.I18n + if in.ContentSecurityPolicy != nil { + in, out := &in.ContentSecurityPolicy, &out.ContentSecurityPolicy + *out = make([]ConsolePluginCSP, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml index 98abc7147b..250f873a09 100644 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.featuregated-crd-manifests.yaml @@ -137,7 +137,8 @@ consoleplugins.console.openshift.io: CRDName: consoleplugins.console.openshift.io Capability: Console Category: "" - FeatureGates: [] + FeatureGates: + - ConsolePluginContentSecurityPolicy FilenameOperatorName: "" FilenameOperatorOrdering: "90" FilenameRunLevel: "" diff --git a/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go index c6f2070fa4..685cb7ea27 100644 --- a/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/console/v1/zz_generated.swagger_doc_generated.go @@ -187,6 +187,16 @@ func (ConsolePluginBackend) SwaggerDoc() map[string]string { return map_ConsolePluginBackend } +var map_ConsolePluginCSP = map[string]string{ + "": "ConsolePluginCSP holds configuration for a specific CSP directive", + "directive": "directive specifies which Content-Security-Policy directive to configure. Available directive types are DefaultSrc, ScriptSrc, StyleSrc, ImgSrc and FontSrc. DefaultSrc directive serves as a fallback for the other CSP fetch directives. For more information about the DefaultSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src ScriptSrc directive specifies valid sources for JavaScript. For more information about the ScriptSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src StyleSrc directive specifies valid sources for stylesheets. For more information about the StyleSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src ImgSrc directive specifies a valid sources of images and favicons. For more information about the ImgSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src FontSrc directive specifies valid sources for fonts loaded using @font-face. For more information about the FontSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src", + "values": "values defines an array of values to append to the console defaults for this directive. Each ConsolePlugin may define their own directives with their values. These will be set by the OpenShift web console's backend, as part of its Content-Security-Policy header. The array can contain at most 16 values. Each directive value must have a maximum length of 1024 characters and must not contain whitespace, commas (,), semicolons (;) or single quotes ('). The value '*' is not permitted. Each value in the array must be unique.", +} + +func (ConsolePluginCSP) SwaggerDoc() map[string]string { + return map_ConsolePluginCSP +} + var map_ConsolePluginI18n = map[string]string{ "": "ConsolePluginI18n holds information on localization resources that are served by the dynamic plugin.", "loadType": "loadType indicates how the plugin's localization resource should be loaded. Valid values are Preload, Lazy and the empty string. When set to Preload, all localization resources are fetched when the plugin is loaded. When set to Lazy, localization resources are lazily loaded as and when they are required by the console. When omitted or set to the empty string, the behaviour is equivalent to Lazy type.", @@ -251,11 +261,12 @@ func (ConsolePluginService) SwaggerDoc() map[string]string { } var map_ConsolePluginSpec = map[string]string{ - "": "ConsolePluginSpec is the desired plugin configuration.", - "displayName": "displayName is the display name of the plugin. The dispalyName should be between 1 and 128 characters.", - "backend": "backend holds the configuration of backend which is serving console's plugin .", - "proxy": "proxy is a list of proxies that describe various service type to which the plugin needs to connect to.", - "i18n": "i18n is the configuration of plugin's localization resources.", + "": "ConsolePluginSpec is the desired plugin configuration.", + "displayName": "displayName is the display name of the plugin. The dispalyName should be between 1 and 128 characters.", + "backend": "backend holds the configuration of backend which is serving console's plugin .", + "proxy": "proxy is a list of proxies that describe various service type to which the plugin needs to connect to.", + "i18n": "i18n is the configuration of plugin's localization resources.", + "contentSecurityPolicy": "contentSecurityPolicy is a list of Content-Security-Policy (CSP) directives for the plugin. Each directive specifies a list of values, appropriate for the given directive type, for example a list of remote endpoints for fetch directives such as ScriptSrc. Console web application uses CSP to detect and mitigate certain types of attacks, such as cross-site scripting (XSS) and data injection attacks. Dynamic plugins should specify this field if need to load assets from outside the cluster or if violation reports are observed. Dynamic plugins should always prefer loading their assets from within the cluster, either by vendoring them, or fetching from a cluster service. CSP violation reports can be viewed in the browser's console logs during development and testing of the plugin in the OpenShift web console. Available directive types are DefaultSrc, ScriptSrc, StyleSrc, ImgSrc and FontSrc. Each of the available directives may be defined only once in the list. The value 'self' is automatically included in all fetch directives by the OpenShift web console's backend. For more information about the CSP directives, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy\n\nThe OpenShift web console server aggregates the CSP directives and values across its own default values and all enabled ConsolePlugin CRs, merging them into a single policy string that is sent to the browser via `Content-Security-Policy` HTTP response header.\n\nExample:\n ConsolePlugin A directives:\n script-src: https://script1.com/, https://script2.com/\n font-src: https://font1.com/\n\n ConsolePlugin B directives:\n script-src: https://script2.com/, https://script3.com/\n font-src: https://font2.com/\n img-src: https://img1.com/\n\n Unified set of CSP directives, passed to the OpenShift web console server:\n script-src: https://script1.com/, https://script2.com/, https://script3.com/\n font-src: https://font1.com/, https://font2.com/\n img-src: https://img1.com/\n\n OpenShift web console server CSP response header:\n Content-Security-Policy: default-src 'self'; base-uri 'self'; script-src 'self' https://script1.com/ https://script2.com/ https://script3.com/; font-src 'self' https://font1.com/ https://font2.com/; img-src 'self' https://img1.com/; style-src 'self'; frame-src 'none'; object-src 'none'", } func (ConsolePluginSpec) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/register.go b/vendor/github.com/openshift/api/machineconfiguration/v1/register.go index bbafc28dea..cddaa85301 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/register.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/register.go @@ -34,6 +34,10 @@ func addKnownTypes(scheme *runtime.Scheme) error { &MachineConfigList{}, &MachineConfigPool{}, &MachineConfigPoolList{}, + &MachineOSConfig{}, + &MachineOSConfigList{}, + &MachineOSBuild{}, + &MachineOSBuildList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineosbuild.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineosbuild.go new file mode 100644 index 0000000000..8765363b57 --- /dev/null +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineosbuild.go @@ -0,0 +1,217 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=machineosbuilds,scope=Cluster +// +kubebuilder:subresource:status +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2090 +// +openshift:enable:FeatureGate=OnClusterBuild +// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 +// +kubebuilder:metadata:labels=openshift.io/operator-managed= +// +kubebuilder:printcolumn:name="Prepared",type="string",JSONPath=.status.conditions[?(@.type=="Prepared")].status +// +kubebuilder:printcolumn:name="Building",type="string",JSONPath=.status.conditions[?(@.type=="Building")].status +// +kubebuilder:printcolumn:name="Succeeded",type="string",JSONPath=.status.conditions[?(@.type=="Succeeded")].status +// +kubebuilder:printcolumn:name="Interrupted",type="string",JSONPath=.status.conditions[?(@.type=="Interrupted")].status +// +kubebuilder:printcolumn:name="Failed",type="string",JSONPath=.status.conditions[?(@.type=="Failed")].status +// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" + +// MachineOSBuild describes a build process managed and deployed by the MCO +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineOSBuild struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object metadata. + // +optional + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec describes the configuration of the machine os build. + // It is immutable once set. + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="machineOSBuildSpec is immutable once set" + // +required + Spec MachineOSBuildSpec `json:"spec"` + + // status describes the last observed state of this machine os build. + // +optional + Status MachineOSBuildStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineOSBuildList describes all of the Builds on the system +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineOSBuildList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list metadata. + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + // items contains a collection of MachineOSBuild resources. + // +optional + Items []MachineOSBuild `json:"items,omitempty"` +} + +// MachineOSBuildSpec describes information about a build process primarily populated from a MachineOSConfig object. +type MachineOSBuildSpec struct { + // machineConfig points to the rendered MachineConfig resource to be included in this image build. + // +required + MachineConfig MachineConfigReference `json:"machineConfig"` + // machineOSConfig references the MachineOSConfig resource that this image build extends. + // +required + MachineOSConfig MachineOSConfigReference `json:"machineOSConfig"` + // renderedImagePushSpec is set by the Machine Config Operator from the MachineOSConfig object this build is attached to. + // This field describes the location of the final image, which will be pushed by the build once complete. + // The format of the image push spec is: host[:port][/namespace]/name: or svc_name.namespace.svc[:port]/repository/name:. + // The length of the push spec must be between 1 to 447 characters. + // +required + RenderedImagePushSpec ImageTagFormat `json:"renderedImagePushSpec"` +} + +// MachineOSBuildStatus describes the state of a build and other helpful information. +// +kubebuilder:validation:XValidation:rule="has(self.buildEnd) ? has(self.buildStart) && timestamp(self.buildStart) < timestamp(self.buildEnd) : true",message="buildEnd must be after buildStart" +type MachineOSBuildStatus struct { + // conditions are state related conditions for the build. Valid types are: + // Prepared, Building, Failed, Interrupted, and Succeeded. + // Once a Build is marked as Failed, Interrupted or Succeeded, no future conditions can be set. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="oldSelf.exists(x, x.type=='Failed' && x.status=='True') ? self==oldSelf : true",message="once a Failed condition is set, conditions are immutable" + // +kubebuilder:validation:XValidation:rule="oldSelf.exists(x, x.type=='Interrupted' && x.status=='True') ? self==oldSelf : true",message="once an Interrupted condition is set, conditions are immutable" + // +kubebuilder:validation:XValidation:rule="oldSelf.exists(x, x.type=='Succeeded' && x.status=='True') ? self==oldSelf : true",message="once an Succeeded condition is set, conditions are immutable" + // +optional + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + // builder describes the image builder backend used for this build. + // +optional + Builder *MachineOSBuilderReference `json:"builder,omitempty"` + // relatedObjects is a list of references to ephemeral objects such as ConfigMaps or Secrets that are meant to be consumed while the build process runs. + // After a successful build or when this MachineOSBuild is deleted, these ephemeral objects will be removed. + // In the event of a failed build, the objects will remain until the build is removed to allow for inspection. + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + // +listMapKey=resource + // +optional + RelatedObjects []ObjectReference `json:"relatedObjects,omitempty"` + // buildStart is the timestamp corresponding to the build controller initiating the build backend for this MachineOSBuild. + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="buildStart is immutable once set" + // +optional + BuildStart *metav1.Time `json:"buildStart,omitempty"` + // buildEnd is the timestamp corresponding to completion of the builder backend. + // When omitted the build has either not been started, or is in progress. + // It will be populated once the build completes, fails or is interrupted. + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="buildEnd is immutable once set" + // +optional + BuildEnd *metav1.Time `json:"buildEnd,omitempty"` + // digestedImagePushSpec describes the fully qualified push spec produced by this build. + // The format of the push spec is: host[:port][/namespace]/name@sha256:, + // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The length of the whole spec must be between 1 to 447 characters. + // +optional + DigestedImagePushSpec ImageDigestFormat `json:"digestedImagePushSpec,omitempty"` +} + +// MachineOSBuilderReference describes which ImageBuilder backend to use for this build +// +union +// +kubebuilder:validation:XValidation:rule="has(self.imageBuilderType) && self.imageBuilderType == 'Job' ? has(self.job) : !has(self.job)",message="job is required when imageBuilderType is Job, and forbidden otherwise" +type MachineOSBuilderReference struct { + // imageBuilderType describes the type of image builder used to build this image. + // Valid values are Job only. + // When set to Job, a pod based builder, using buildah, is launched to build the specified image. + // +unionDiscriminator + // +required + ImageBuilderType MachineOSImageBuilderType `json:"imageBuilderType"` + + // job is a reference to the job object that is managing the image build. + // This is required if the imageBuilderType is Job, and forbidden otherwise. + // +unionMember + // +optional + Job *ObjectReference `json:"job,omitempty"` +} + +// BuildProgess highlights some of the key phases of a build to be tracked in Conditions. +type BuildProgress string + +const ( + // prepared indicates that the build has finished preparing. A build is prepared + // by gathering the build inputs, validating them, and making sure we can do an update as specified. + MachineOSBuildPrepared BuildProgress = "Prepared" + // building indicates that the build has been kicked off with the specified image builder + MachineOSBuilding BuildProgress = "Building" + // failed indicates that during the build or preparation process, the build failed. + MachineOSBuildFailed BuildProgress = "Failed" + // interrupted indicates that the user stopped the build process by modifying part of the build config + MachineOSBuildInterrupted BuildProgress = "Interrupted" + // succeeded indicates that the build has completed and the image is ready to roll out. + MachineOSBuildSucceeded BuildProgress = "Succeeded" +) + +// Refers to the name of a rendered MachineConfig (e.g., "rendered-worker-ec40d2965ff81bce7cd7a7e82a680739", etc.): +// the build targets this MachineConfig, this is often used to tell us whether we need an update. +type MachineConfigReference struct { + // name is the name of the rendered MachineConfig object. + // This value should be between 10 and 253 characters, and must contain only lowercase + // alphanumeric characters, hyphens and periods, and should start and end with an alphanumeric character. + // +kubebuilder:validation:MinLength:=10 + // +kubebuilder:validation:MaxLength:=253 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')`,message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name"` +} + +// ObjectReference contains enough information to let you inspect or modify the referred object. +type ObjectReference struct { + // group of the referent. + // The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. + // Example: "", "apps", "build.openshift.io", etc. + // +kubebuilder:validation:MaxLength:=253 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')`,message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Group string `json:"group"` + // resource of the referent. + // This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, + // and should start with an alphabetic character and end with an alphanumeric character. + // Example: "deployments", "deploymentconfigs", "pods", etc. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z]([-a-z0-9]*[a-z0-9])?$')`,message="a DNS-1035 label must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character" + Resource string `json:"resource"` + // namespace of the referent. + // This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, + // and should start and end with an alphanumeric character. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?$')`,message="the value must consist of only lowercase alphanumeric characters and hyphens" + // +optional + Namespace string `json:"namespace,omitempty"` + // name of the referent. + // The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')`,message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name"` +} + +// MachineOSConfigReference refers to the MachineOSConfig this build is based off of +type MachineOSConfigReference struct { + // name of the MachineOSConfig. + // The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')`,message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name"` +} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineosconfig.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineosconfig.go new file mode 100644 index 0000000000..217e762ccc --- /dev/null +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineosconfig.go @@ -0,0 +1,217 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=machineosconfigs,scope=Cluster +// +kubebuilder:subresource:status +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2090 +// +openshift:enable:FeatureGate=OnClusterBuild +// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 +// +kubebuilder:metadata:labels=openshift.io/operator-managed= + +// MachineOSConfig describes the configuration for a build process managed by the MCO +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineOSConfig struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object metadata. + // +optional + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec describes the configuration of the machineosconfig + // +required + Spec MachineOSConfigSpec `json:"spec"` + + // status describes the status of the machineosconfig + // +optional + Status MachineOSConfigStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// MachineOSConfigList describes all configurations for image builds on the system +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type MachineOSConfigList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list metadata. + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + // items contains a collection of MachineOSConfig resources. + // +optional + Items []MachineOSConfig `json:"items"` +} + +// MachineOSConfigSpec describes user-configurable options as well as information about a build process. +type MachineOSConfigSpec struct { + // machineConfigPool is the pool which the build is for. + // The Machine Config Operator will perform the build and roll out the built image to the specified pool. + // +required + MachineConfigPool MachineConfigPoolReference `json:"machineConfigPool"` + // imageBuilder describes which image builder will be used in each build triggered by this MachineOSConfig. + // Currently supported type(s): Job + // +required + ImageBuilder MachineOSImageBuilder `json:"imageBuilder"` + // baseImagePullSecret is the secret used to pull the base image. + // Must live in the openshift-machine-config-operator namespace if provided. + // Defaults to using the cluster-wide pull secret if not specified. This is provided during install time of the cluster, and lives in the openshift-config namespace as a secret. + // +optional + BaseImagePullSecret *ImageSecretObjectReference `json:"baseImagePullSecret,omitempty"` + // renderedImagePushSecret is the secret used to connect to a user registry. + // The final image push and pull secrets should be separate and assume the principal of least privilege. + // The push secret with write privilege is only required to be present on the node hosting the MachineConfigController pod. + // The pull secret with read only privileges is required on all nodes. + // By separating the two secrets, the risk of write credentials becoming compromised is reduced. + // +required + RenderedImagePushSecret ImageSecretObjectReference `json:"renderedImagePushSecret"` + // renderedImagePushSpec describes the location of the final image. + // The MachineOSConfig object will use the in cluster image registry configuration. + // If you wish to use a mirror or any other settings specific to registries.conf, please specify those in the cluster wide registries.conf via the cluster image.config, ImageContentSourcePolicies, ImageDigestMirrorSet, or ImageTagMirrorSet objects. + // The format of the image push spec is: host[:port][/namespace]/name: or svc_name.namespace.svc[:port]/repository/name:. + // The length of the push spec must be between 1 to 447 characters. + // +required + RenderedImagePushSpec ImageTagFormat `json:"renderedImagePushSpec"` + // containerFile describes the custom data the user has specified to build into the image. + // This is also commonly called a Dockerfile and you can treat it as such. The content is the content of your Dockerfile. + // See https://github.com/containers/common/blob/main/docs/Containerfile.5.md for the spec reference. + // This is a list indexed by architecture name (e.g. AMD64), and allows specifying one containerFile per arch, up to 4. + // +patchMergeKey=containerfileArch + // +patchStrategy=merge + // +listType=map + // +listMapKey=containerfileArch + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=4 + // +optional + Containerfile []MachineOSContainerfile `json:"containerFile" patchStrategy:"merge" patchMergeKey:"containerfileArch"` +} + +// MachineOSConfigStatus describes the status this config object and relates it to the builds associated with this MachineOSConfig +type MachineOSConfigStatus struct { + // conditions are state related conditions for the object. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + // +optional + // TODO(jerzhang): add godoc after conditions are finalized. Also consider adding printer columns. + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` + // observedGeneration represents the generation of the MachineOSConfig object observed by the Machine Config Operator's build controller. + // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="observedGeneration must not move backwards" + // +kubebuilder:validation:Minimum=0 + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + // currentImagePullSpec is the fully qualified image pull spec used by the MCO to pull down the new OSImage. This includes the sha256 image digest. + // This is generated when the Machine Config Operator's build controller successfully completes the build, and is populated from the corresponding + // MachineOSBuild object's FinalImagePushSpec. This may change after completion in reaction to spec changes that would cause a new image build, + // but will not be removed. + // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, + // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The length of the whole spec must be between 1 to 447 characters. + // +optional + CurrentImagePullSpec ImageDigestFormat `json:"currentImagePullSpec,omitempty"` + // machineOSBuild is a reference to the MachineOSBuild object for this MachineOSConfig, which contains the status for the image build. + // +optional + MachineOSBuild *ObjectReference `json:"machineOSBuild,omitempty"` +} + +type MachineOSImageBuilder struct { + // imageBuilderType specifies the backend to be used to build the image. + // +kubebuilder:validation:Enum:=Job + // Valid options are: Job + // +required + ImageBuilderType MachineOSImageBuilderType `json:"imageBuilderType"` +} + +// MachineOSContainerfile contains all custom content the user wants built into the image +type MachineOSContainerfile struct { + // containerfileArch describes the architecture this containerfile is to be built for. + // This arch is optional. If the user does not specify an architecture, it is assumed + // that the content can be applied to all architectures, or in a single arch cluster: the only architecture. + // +kubebuilder:validation:Enum:=ARM64;AMD64;PPC64LE;S390X;NoArch + // +kubebuilder:default:=NoArch + // +optional + ContainerfileArch ContainerfileArch `json:"containerfileArch,omitempty"` + // content is an embedded Containerfile/Dockerfile that defines the contents to be built into your image. + // See https://github.com/containers/common/blob/main/docs/Containerfile.5.md for the spec reference. + // for example, this would add the tree package to your hosts: + // FROM configs AS final + // RUN rpm-ostree install tree && \ + // ostree container commit + // This is a required field and can have a maximum length of **4096** characters. + // +required + // +kubebuilder:validation:MaxLength=4096 + Content string `json:"content"` +} + +// +enum +type ContainerfileArch string + +const ( + // describes the arm64 architecture + Arm64 ContainerfileArch = "ARM64" + // describes the amd64 architecture + Amd64 ContainerfileArch = "AMD64" + // describes the ppc64le architecture + Ppc ContainerfileArch = "PPC64LE" + // describes the s390x architecture + S390 ContainerfileArch = "S390X" + // describes a containerfile that can be applied to any arch + NoArch ContainerfileArch = "NoArch" +) + +// Refers to the name of a MachineConfigPool (e.g., "worker", "infra", etc.): +// the MachineOSBuilder pod validates that the user has provided a valid pool +type MachineConfigPoolReference struct { + // name of the MachineConfigPool object. + // This value should be at most 253 characters, and must contain only lowercase + // alphanumeric characters, hyphens and periods, and should start and end with an alphanumeric character. + // +kubebuilder:validation:MaxLength:=253 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')`,message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name"` +} + +// Refers to the name of an image registry push/pull secret needed in the build process. +type ImageSecretObjectReference struct { + // name is the name of the secret used to push or pull this MachineOSConfig object. + // Must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. + // This secret must be in the openshift-machine-config-operator namespace. + // +kubebuilder:validation:MaxLength:=253 + // +kubebuilder:validation:XValidation:rule=`self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$')`,message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name"` +} + +// ImageTagFormat is a type that conforms to the format host[:port][/namespace]/name: or svc_name.namespace.svc[:port]/repository/name:. +// The length of the field must be between 1 to 447 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=447 +// +kubebuilder:validation:XValidation:rule=`self.matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?(/[a-zA-Z0-9-_]{1,61})*/[a-zA-Z0-9-_.]+:[a-zA-Z0-9._-]+$') || self.matches('^[^.]+\\.[^.]+\\.svc:\\d+\\/[^\\/]+\\/[^\\/]+:[^\\/]+$')`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme. Or it must be a valid .svc followed by a port, repository, image name, and tag." +type ImageTagFormat string + +// ImageDigestFormat is a type that conforms to the format host[:port][/namespace]/name@sha256:. +// The digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. +// The length of the field must be between 1 to 447 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=447 +// +kubebuilder:validation:XValidation:rule=`(self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))`,message="the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" +// +kubebuilder:validation:XValidation:rule=`(self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$'))`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme" +type ImageDigestFormat string + +// +enum +type MachineOSImageBuilderType string + +const ( + // describes that the machine-os-builder will use a Job to spin up a custom pod builder that uses buildah + JobBuilder MachineOSImageBuilderType = "Job" +) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go index 9ad13130fe..94f9acbd5a 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.deepcopy.go @@ -431,6 +431,22 @@ func (in *ImageRegistryBundle) DeepCopy() *ImageRegistryBundle { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImageSecretObjectReference) DeepCopyInto(out *ImageSecretObjectReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSecretObjectReference. +func (in *ImageSecretObjectReference) DeepCopy() *ImageSecretObjectReference { + if in == nil { + return nil + } + out := new(ImageSecretObjectReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KubeletConfig) DeepCopyInto(out *KubeletConfig) { *out = *in @@ -711,6 +727,22 @@ func (in *MachineConfigPoolList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigPoolReference) DeepCopyInto(out *MachineConfigPoolReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigPoolReference. +func (in *MachineConfigPoolReference) DeepCopy() *MachineConfigPoolReference { + if in == nil { + return nil + } + out := new(MachineConfigPoolReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MachineConfigPoolSpec) DeepCopyInto(out *MachineConfigPoolSpec) { *out = *in @@ -806,6 +838,22 @@ func (in *MachineConfigPoolStatusConfiguration) DeepCopy() *MachineConfigPoolSta return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineConfigReference) DeepCopyInto(out *MachineConfigReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigReference. +func (in *MachineConfigReference) DeepCopy() *MachineConfigReference { + if in == nil { + return nil + } + out := new(MachineConfigReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MachineConfigSpec) DeepCopyInto(out *MachineConfigSpec) { *out = *in @@ -833,6 +881,313 @@ func (in *MachineConfigSpec) DeepCopy() *MachineConfigSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSBuild) DeepCopyInto(out *MachineOSBuild) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSBuild. +func (in *MachineOSBuild) DeepCopy() *MachineOSBuild { + if in == nil { + return nil + } + out := new(MachineOSBuild) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineOSBuild) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSBuildList) DeepCopyInto(out *MachineOSBuildList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MachineOSBuild, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSBuildList. +func (in *MachineOSBuildList) DeepCopy() *MachineOSBuildList { + if in == nil { + return nil + } + out := new(MachineOSBuildList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineOSBuildList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSBuildSpec) DeepCopyInto(out *MachineOSBuildSpec) { + *out = *in + out.MachineConfig = in.MachineConfig + out.MachineOSConfig = in.MachineOSConfig + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSBuildSpec. +func (in *MachineOSBuildSpec) DeepCopy() *MachineOSBuildSpec { + if in == nil { + return nil + } + out := new(MachineOSBuildSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSBuildStatus) DeepCopyInto(out *MachineOSBuildStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Builder != nil { + in, out := &in.Builder, &out.Builder + *out = new(MachineOSBuilderReference) + (*in).DeepCopyInto(*out) + } + if in.RelatedObjects != nil { + in, out := &in.RelatedObjects, &out.RelatedObjects + *out = make([]ObjectReference, len(*in)) + copy(*out, *in) + } + if in.BuildStart != nil { + in, out := &in.BuildStart, &out.BuildStart + *out = (*in).DeepCopy() + } + if in.BuildEnd != nil { + in, out := &in.BuildEnd, &out.BuildEnd + *out = (*in).DeepCopy() + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSBuildStatus. +func (in *MachineOSBuildStatus) DeepCopy() *MachineOSBuildStatus { + if in == nil { + return nil + } + out := new(MachineOSBuildStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSBuilderReference) DeepCopyInto(out *MachineOSBuilderReference) { + *out = *in + if in.Job != nil { + in, out := &in.Job, &out.Job + *out = new(ObjectReference) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSBuilderReference. +func (in *MachineOSBuilderReference) DeepCopy() *MachineOSBuilderReference { + if in == nil { + return nil + } + out := new(MachineOSBuilderReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSConfig) DeepCopyInto(out *MachineOSConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSConfig. +func (in *MachineOSConfig) DeepCopy() *MachineOSConfig { + if in == nil { + return nil + } + out := new(MachineOSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineOSConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSConfigList) DeepCopyInto(out *MachineOSConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MachineOSConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSConfigList. +func (in *MachineOSConfigList) DeepCopy() *MachineOSConfigList { + if in == nil { + return nil + } + out := new(MachineOSConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MachineOSConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSConfigReference) DeepCopyInto(out *MachineOSConfigReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSConfigReference. +func (in *MachineOSConfigReference) DeepCopy() *MachineOSConfigReference { + if in == nil { + return nil + } + out := new(MachineOSConfigReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSConfigSpec) DeepCopyInto(out *MachineOSConfigSpec) { + *out = *in + out.MachineConfigPool = in.MachineConfigPool + out.ImageBuilder = in.ImageBuilder + if in.BaseImagePullSecret != nil { + in, out := &in.BaseImagePullSecret, &out.BaseImagePullSecret + *out = new(ImageSecretObjectReference) + **out = **in + } + out.RenderedImagePushSecret = in.RenderedImagePushSecret + if in.Containerfile != nil { + in, out := &in.Containerfile, &out.Containerfile + *out = make([]MachineOSContainerfile, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSConfigSpec. +func (in *MachineOSConfigSpec) DeepCopy() *MachineOSConfigSpec { + if in == nil { + return nil + } + out := new(MachineOSConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSConfigStatus) DeepCopyInto(out *MachineOSConfigStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.MachineOSBuild != nil { + in, out := &in.MachineOSBuild, &out.MachineOSBuild + *out = new(ObjectReference) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSConfigStatus. +func (in *MachineOSConfigStatus) DeepCopy() *MachineOSConfigStatus { + if in == nil { + return nil + } + out := new(MachineOSConfigStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSContainerfile) DeepCopyInto(out *MachineOSContainerfile) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSContainerfile. +func (in *MachineOSContainerfile) DeepCopy() *MachineOSContainerfile { + if in == nil { + return nil + } + out := new(MachineOSContainerfile) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MachineOSImageBuilder) DeepCopyInto(out *MachineOSImageBuilder) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineOSImageBuilder. +func (in *MachineOSImageBuilder) DeepCopy() *MachineOSImageBuilder { + if in == nil { + return nil + } + out := new(MachineOSImageBuilder) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkInfo) DeepCopyInto(out *NetworkInfo) { *out = *in @@ -854,6 +1209,22 @@ func (in *NetworkInfo) DeepCopy() *NetworkInfo { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ObjectReference) DeepCopyInto(out *ObjectReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectReference. +func (in *ObjectReference) DeepCopy() *ObjectReference { + if in == nil { + return nil + } + out := new(ObjectReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PinnedImageSetRef) DeepCopyInto(out *PinnedImageSetRef) { *out = *in diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml index 0766b10691..a882f46323 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml @@ -32,6 +32,7 @@ controllerconfigs.machineconfiguration.openshift.io: - BareMetalLoadBalancer - GCPClusterHostedDNS - GCPLabelsTags + - NutanixMultiSubnets - VSphereControlPlaneMachineSet - VSphereMultiNetworks - VSphereMultiVCenters @@ -169,3 +170,69 @@ machineconfigpools.machineconfiguration.openshift.io: TopLevelFeatureGates: [] Version: v1 +machineosbuilds.machineconfiguration.openshift.io: + Annotations: {} + ApprovedPRNumber: https://github.com/openshift/api/pull/2090 + CRDName: machineosbuilds.machineconfiguration.openshift.io + Capability: "" + Category: "" + FeatureGates: + - OnClusterBuild + FilenameOperatorName: machine-config + FilenameOperatorOrdering: "01" + FilenameRunLevel: "0000_80" + GroupName: machineconfiguration.openshift.io + HasStatus: true + KindName: MachineOSBuild + Labels: + openshift.io/operator-managed: "" + PluralName: machineosbuilds + PrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Prepared")].status + name: Prepared + type: string + - jsonPath: .status.conditions[?(@.type=="Building")].status + name: Building + type: string + - jsonPath: .status.conditions[?(@.type=="Succeeded")].status + name: Succeeded + type: string + - jsonPath: .status.conditions[?(@.type=="Interrupted")].status + name: Interrupted + type: string + - jsonPath: .status.conditions[?(@.type=="Failed")].status + name: Failed + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - OnClusterBuild + Version: v1 + +machineosconfigs.machineconfiguration.openshift.io: + Annotations: {} + ApprovedPRNumber: https://github.com/openshift/api/pull/2090 + CRDName: machineosconfigs.machineconfiguration.openshift.io + Capability: "" + Category: "" + FeatureGates: + - OnClusterBuild + FilenameOperatorName: machine-config + FilenameOperatorOrdering: "01" + FilenameRunLevel: "0000_80" + GroupName: machineconfiguration.openshift.io + HasStatus: true + KindName: MachineOSConfig + Labels: + openshift.io/operator-managed: "" + PluralName: machineosconfigs + PrinterColumns: [] + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - OnClusterBuild + Version: v1 + diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go index 29a3a2a902..2a125cfab4 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -359,4 +359,173 @@ func (PoolSynchronizerStatus) SwaggerDoc() map[string]string { return map_PoolSynchronizerStatus } +var map_MachineConfigReference = map[string]string{ + "": "Refers to the name of a rendered MachineConfig (e.g., \"rendered-worker-ec40d2965ff81bce7cd7a7e82a680739\", etc.): the build targets this MachineConfig, this is often used to tell us whether we need an update.", + "name": "name is the name of the rendered MachineConfig object. This value should be between 10 and 253 characters, and must contain only lowercase alphanumeric characters, hyphens and periods, and should start and end with an alphanumeric character.", +} + +func (MachineConfigReference) SwaggerDoc() map[string]string { + return map_MachineConfigReference +} + +var map_MachineOSBuild = map[string]string{ + "": "MachineOSBuild describes a build process managed and deployed by the MCO Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object metadata.", + "spec": "spec describes the configuration of the machine os build. It is immutable once set.", + "status": "status describes the last observed state of this machine os build.", +} + +func (MachineOSBuild) SwaggerDoc() map[string]string { + return map_MachineOSBuild +} + +var map_MachineOSBuildList = map[string]string{ + "": "MachineOSBuildList describes all of the Builds on the system\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list metadata.", + "items": "items contains a collection of MachineOSBuild resources.", +} + +func (MachineOSBuildList) SwaggerDoc() map[string]string { + return map_MachineOSBuildList +} + +var map_MachineOSBuildSpec = map[string]string{ + "": "MachineOSBuildSpec describes information about a build process primarily populated from a MachineOSConfig object.", + "machineConfig": "machineConfig points to the rendered MachineConfig resource to be included in this image build.", + "machineOSConfig": "machineOSConfig references the MachineOSConfig resource that this image build extends.", + "renderedImagePushSpec": "renderedImagePushSpec is set by the Machine Config Operator from the MachineOSConfig object this build is attached to. This field describes the location of the final image, which will be pushed by the build once complete. The format of the image push spec is: host[:port][/namespace]/name: or svc_name.namespace.svc[:port]/repository/name:. The length of the push spec must be between 1 to 447 characters.", +} + +func (MachineOSBuildSpec) SwaggerDoc() map[string]string { + return map_MachineOSBuildSpec +} + +var map_MachineOSBuildStatus = map[string]string{ + "": "MachineOSBuildStatus describes the state of a build and other helpful information.", + "conditions": "conditions are state related conditions for the build. Valid types are: Prepared, Building, Failed, Interrupted, and Succeeded. Once a Build is marked as Failed, Interrupted or Succeeded, no future conditions can be set.", + "builder": "builder describes the image builder backend used for this build.", + "relatedObjects": "relatedObjects is a list of references to ephemeral objects such as ConfigMaps or Secrets that are meant to be consumed while the build process runs. After a successful build or when this MachineOSBuild is deleted, these ephemeral objects will be removed. In the event of a failed build, the objects will remain until the build is removed to allow for inspection.", + "buildStart": "buildStart is the timestamp corresponding to the build controller initiating the build backend for this MachineOSBuild.", + "buildEnd": "buildEnd is the timestamp corresponding to completion of the builder backend. When omitted the build has either not been started, or is in progress. It will be populated once the build completes, fails or is interrupted.", + "digestedImagePushSpec": "digestedImagePushSpec describes the fully qualified push spec produced by this build. The format of the push spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", +} + +func (MachineOSBuildStatus) SwaggerDoc() map[string]string { + return map_MachineOSBuildStatus +} + +var map_MachineOSBuilderReference = map[string]string{ + "": "MachineOSBuilderReference describes which ImageBuilder backend to use for this build", + "imageBuilderType": "imageBuilderType describes the type of image builder used to build this image. Valid values are Job only. When set to Job, a pod based builder, using buildah, is launched to build the specified image.", + "job": "job is a reference to the job object that is managing the image build. This is required if the imageBuilderType is Job, and forbidden otherwise.", +} + +func (MachineOSBuilderReference) SwaggerDoc() map[string]string { + return map_MachineOSBuilderReference +} + +var map_MachineOSConfigReference = map[string]string{ + "": "MachineOSConfigReference refers to the MachineOSConfig this build is based off of", + "name": "name of the MachineOSConfig. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character.", +} + +func (MachineOSConfigReference) SwaggerDoc() map[string]string { + return map_MachineOSConfigReference +} + +var map_ObjectReference = map[string]string{ + "": "ObjectReference contains enough information to let you inspect or modify the referred object.", + "group": "group of the referent. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. Example: \"\", \"apps\", \"build.openshift.io\", etc.", + "resource": "resource of the referent. This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, and should start with an alphabetic character and end with an alphanumeric character. Example: \"deployments\", \"deploymentconfigs\", \"pods\", etc.", + "namespace": "namespace of the referent. This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, and should start and end with an alphanumeric character.", + "name": "name of the referent. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character.", +} + +func (ObjectReference) SwaggerDoc() map[string]string { + return map_ObjectReference +} + +var map_ImageSecretObjectReference = map[string]string{ + "": "Refers to the name of an image registry push/pull secret needed in the build process.", + "name": "name is the name of the secret used to push or pull this MachineOSConfig object. Must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. This secret must be in the openshift-machine-config-operator namespace.", +} + +func (ImageSecretObjectReference) SwaggerDoc() map[string]string { + return map_ImageSecretObjectReference +} + +var map_MachineConfigPoolReference = map[string]string{ + "": "Refers to the name of a MachineConfigPool (e.g., \"worker\", \"infra\", etc.): the MachineOSBuilder pod validates that the user has provided a valid pool", + "name": "name of the MachineConfigPool object. This value should be at most 253 characters, and must contain only lowercase alphanumeric characters, hyphens and periods, and should start and end with an alphanumeric character.", +} + +func (MachineConfigPoolReference) SwaggerDoc() map[string]string { + return map_MachineConfigPoolReference +} + +var map_MachineOSConfig = map[string]string{ + "": "MachineOSConfig describes the configuration for a build process managed by the MCO Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object metadata.", + "spec": "spec describes the configuration of the machineosconfig", + "status": "status describes the status of the machineosconfig", +} + +func (MachineOSConfig) SwaggerDoc() map[string]string { + return map_MachineOSConfig +} + +var map_MachineOSConfigList = map[string]string{ + "": "MachineOSConfigList describes all configurations for image builds on the system\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list metadata.", + "items": "items contains a collection of MachineOSConfig resources.", +} + +func (MachineOSConfigList) SwaggerDoc() map[string]string { + return map_MachineOSConfigList +} + +var map_MachineOSConfigSpec = map[string]string{ + "": "MachineOSConfigSpec describes user-configurable options as well as information about a build process.", + "machineConfigPool": "machineConfigPool is the pool which the build is for. The Machine Config Operator will perform the build and roll out the built image to the specified pool.", + "imageBuilder": "imageBuilder describes which image builder will be used in each build triggered by this MachineOSConfig. Currently supported type(s): Job", + "baseImagePullSecret": "baseImagePullSecret is the secret used to pull the base image. Must live in the openshift-machine-config-operator namespace if provided. Defaults to using the cluster-wide pull secret if not specified. This is provided during install time of the cluster, and lives in the openshift-config namespace as a secret.", + "renderedImagePushSecret": "renderedImagePushSecret is the secret used to connect to a user registry. The final image push and pull secrets should be separate and assume the principal of least privilege. The push secret with write privilege is only required to be present on the node hosting the MachineConfigController pod. The pull secret with read only privileges is required on all nodes. By separating the two secrets, the risk of write credentials becoming compromised is reduced.", + "renderedImagePushSpec": "renderedImagePushSpec describes the location of the final image. The MachineOSConfig object will use the in cluster image registry configuration. If you wish to use a mirror or any other settings specific to registries.conf, please specify those in the cluster wide registries.conf via the cluster image.config, ImageContentSourcePolicies, ImageDigestMirrorSet, or ImageTagMirrorSet objects. The format of the image push spec is: host[:port][/namespace]/name: or svc_name.namespace.svc[:port]/repository/name:. The length of the push spec must be between 1 to 447 characters.", + "containerFile": "containerFile describes the custom data the user has specified to build into the image. This is also commonly called a Dockerfile and you can treat it as such. The content is the content of your Dockerfile. See https://github.com/containers/common/blob/main/docs/Containerfile.5.md for the spec reference. This is a list indexed by architecture name (e.g. AMD64), and allows specifying one containerFile per arch, up to 4.", +} + +func (MachineOSConfigSpec) SwaggerDoc() map[string]string { + return map_MachineOSConfigSpec +} + +var map_MachineOSConfigStatus = map[string]string{ + "": "MachineOSConfigStatus describes the status this config object and relates it to the builds associated with this MachineOSConfig", + "conditions": "conditions are state related conditions for the object.", + "observedGeneration": "observedGeneration represents the generation of the MachineOSConfig object observed by the Machine Config Operator's build controller.", + "currentImagePullSpec": "currentImagePullSpec is the fully qualified image pull spec used by the MCO to pull down the new OSImage. This includes the sha256 image digest. This is generated when the Machine Config Operator's build controller successfully completes the build, and is populated from the corresponding MachineOSBuild object's FinalImagePushSpec. This may change after completion in reaction to spec changes that would cause a new image build, but will not be removed. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", + "machineOSBuild": "machineOSBuild is a reference to the MachineOSBuild object for this MachineOSConfig, which contains the status for the image build.", +} + +func (MachineOSConfigStatus) SwaggerDoc() map[string]string { + return map_MachineOSConfigStatus +} + +var map_MachineOSContainerfile = map[string]string{ + "": "MachineOSContainerfile contains all custom content the user wants built into the image", + "containerfileArch": "containerfileArch describes the architecture this containerfile is to be built for. This arch is optional. If the user does not specify an architecture, it is assumed that the content can be applied to all architectures, or in a single arch cluster: the only architecture.", + "content": "content is an embedded Containerfile/Dockerfile that defines the contents to be built into your image. See https://github.com/containers/common/blob/main/docs/Containerfile.5.md for the spec reference. for example, this would add the tree package to your hosts:\n FROM configs AS final\n RUN rpm-ostree install tree && \\n ostree container commit\nThis is a required field and can have a maximum length of **4096** characters.", +} + +func (MachineOSContainerfile) SwaggerDoc() map[string]string { + return map_MachineOSContainerfile +} + +var map_MachineOSImageBuilder = map[string]string{ + "imageBuilderType": "imageBuilderType specifies the backend to be used to build the image. Valid options are: Job", +} + +func (MachineOSImageBuilder) SwaggerDoc() map[string]string { + return map_MachineOSImageBuilder +} + // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineosconfig.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineosconfig.go index 35863517a5..9a11f8d080 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineosconfig.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineosconfig.go @@ -105,7 +105,7 @@ type BuildInputs struct { BaseOSImagePullspec string `json:"baseOSImagePullspec,omitempty"` // baseImagePullSecret is the secret used to pull the base image. // must live in the openshift-machine-config-operator namespace - // +kubebuilder:validation:Required + // +required BaseImagePullSecret ImageSecretObjectReference `json:"baseImagePullSecret"` // machineOSImageBuilder describes which image builder will be used in each build triggered by this MachineOSConfig // +kubebuilder:validation:Required diff --git a/vendor/github.com/openshift/api/openapi/openapi.json b/vendor/github.com/openshift/api/openapi/openapi.json index 33384de2a3..1577ee2c46 100644 --- a/vendor/github.com/openshift/api/openapi/openapi.json +++ b/vendor/github.com/openshift/api/openapi/openapi.json @@ -4229,12 +4229,12 @@ ], "properties": { "key": { - "description": "key is the key of the tag", + "description": "key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag. Key should consist of between 1 and 128 characters, and may contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'.", "type": "string", "default": "" }, "value": { - "description": "value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services.", + "description": "value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag. Value should consist of between 1 and 256 characters, and may contain only the set of alphanumeric characters, space (' '), '_', '.', '/', '=', '+', '-', ':', and '@'. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services.", "type": "string", "default": "" } @@ -6181,6 +6181,26 @@ } } }, + "com.github.openshift.api.config.v1.ExtraMapping": { + "description": "ExtraMapping allows specifying a key and CEL expression to evaluate the keys' value. It is used to create additional mappings and attributes added to a cluster identity from a provided authentication token.", + "type": "object", + "required": [ + "key", + "valueExpression" + ], + "properties": { + "key": { + "description": "key is a required field that specifies the string to use as the extra attribute key.\n\nkey must be a domain-prefix path (e.g 'example.org/foo'). key must not exceed 510 characters in length. key must contain the '/' character, separating the domain and path characters. key must not be empty.\n\nThe domain portion of the key (string of characters prior to the '/') must be a valid RFC1123 subdomain. It must not exceed 253 characters in length. It must start and end with an alphanumeric character. It must only contain lower case alphanumeric characters and '-' or '.'. It must not use the reserved domains, or be subdomains of, \"kubernetes.io\", \"k8s.io\", and \"openshift.io\".\n\nThe path portion of the key (string of characters after the '/') must not be empty and must consist of at least one alphanumeric character, percent-encoded octets, '-', '.', '_', '~', '!', '$', '&', ''', '(', ')', '*', '+', ',', ';', '=', and ':'. It must not exceed 256 characters in length.", + "type": "string", + "default": "" + }, + "valueExpression": { + "description": "valueExpression is a required field to specify the CEL expression to extract the extra attribute value from a JWT token's claims. valueExpression must produce a string or string array value. \"\", [], and null are treated as the extra mapping not being present. Empty string values within an array are filtered out.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'. 'claims' is a map of claim names to claim values. For example, the 'sub' claim value can be accessed as 'claims.sub'. Nested claims can be accessed using dot notation ('claims.foo.bar').\n\nvalueExpression must not exceed 4096 characters in length. valueExpression must not be empty.", + "type": "string", + "default": "" + } + } + }, "com.github.openshift.api.config.v1.FeatureGate": { "description": "Feature holds cluster-wide information about feature gates. The canonical name is `cluster`\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "type": "object", @@ -8320,16 +8340,13 @@ "default": "" }, "subnets": { - "description": "subnets holds a list of identifiers (one or more) of the cluster's network subnets for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be obtained from the Prism Central console or using the prism_central API.", + "description": "subnets holds a list of identifiers (one or more) of the cluster's network subnets If the feature gate NutanixMultiSubnets is enabled, up to 32 subnets may be configured. for the Machine's VM to connect to. The subnet identifiers (uuid or name) can be obtained from the Prism Central console or using the prism_central API.", "type": "array", "items": { "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1.NutanixResourceIdentifier" }, - "x-kubernetes-list-map-keys": [ - "type" - ], - "x-kubernetes-list-type": "map" + "x-kubernetes-list-type": "atomic" } } }, @@ -9765,6 +9782,10 @@ "image" ], "properties": { + "architecture": { + "description": "architecture is an optional field that indicates the value of the cluster architecture. In this context cluster architecture means either a single architecture or a multi architecture. Valid values are 'Multi' and empty.", + "type": "string" + }, "channels": { "description": "channels is the set of Cincinnati channels to which the release currently belongs.", "type": "array", @@ -10354,11 +10375,27 @@ "com.github.openshift.api.config.v1.TokenClaimMappings": { "type": "object", "properties": { + "extra": { + "description": "extra is an optional field for configuring the mappings used to construct the extra attribute for the cluster identity. When omitted, no extra attributes will be present on the cluster identity. key values for extra mappings must be unique. A maximum of 64 extra attribute mappings may be provided.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.config.v1.ExtraMapping" + }, + "x-kubernetes-list-map-keys": [ + "key" + ], + "x-kubernetes-list-type": "map" + }, "groups": { "description": "Groups is a name of the claim that should be used to construct groups for the cluster identity. The referenced claim must use array of strings values.", "default": {}, "$ref": "#/definitions/com.github.openshift.api.config.v1.PrefixedClaimMapping" }, + "uid": { + "description": "uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity.\n\nWhen using uid.claim to specify the claim it must be a single string value. When using uid.expression the expression must result in a single string value.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose a default, which is subject to change over time. The current default is to use the 'sub' claim.", + "$ref": "#/definitions/com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping" + }, "username": { "description": "Username is a name of the claim that should be used to construct usernames for the cluster identity.\n\nDefault value: \"sub\"", "default": {}, @@ -10366,6 +10403,20 @@ } } }, + "com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping": { + "description": "TokenClaimOrExpressionMapping allows specifying either a JWT token claim or CEL expression to be used when mapping claims from an authentication token to cluster identities.", + "type": "object", + "properties": { + "claim": { + "description": "claim is an optional field for specifying the JWT token claim that is used in the mapping. The value of this claim will be assigned to the field in which this mapping is associated.\n\nPrecisely one of claim or expression must be set. claim must not be specified when expression is set. When specified, claim must be at least 1 character in length and must not exceed 256 characters in length.", + "type": "string" + }, + "expression": { + "description": "expression is an optional field for specifying a CEL expression that produces a string value from JWT token claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'. 'claims' is a map of claim names to claim values. For example, the 'sub' claim value can be accessed as 'claims.sub'. Nested claims can be accessed using dot notation ('claims.foo.bar').\n\nPrecisely one of claim or expression must be set. expression must not be specified when claim is set. When specified, expression must be at least 1 character in length and must not exceed 4096 characters in length.", + "type": "string" + } + } + }, "com.github.openshift.api.config.v1.TokenClaimValidationRule": { "type": "object", "required": [ @@ -11936,6 +11987,37 @@ } ] }, + "com.github.openshift.api.console.v1.ConsolePluginCSP": { + "description": "ConsolePluginCSP holds configuration for a specific CSP directive", + "type": "object", + "required": [ + "directive", + "values" + ], + "properties": { + "directive": { + "description": "directive specifies which Content-Security-Policy directive to configure. Available directive types are DefaultSrc, ScriptSrc, StyleSrc, ImgSrc and FontSrc. DefaultSrc directive serves as a fallback for the other CSP fetch directives. For more information about the DefaultSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src ScriptSrc directive specifies valid sources for JavaScript. For more information about the ScriptSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src StyleSrc directive specifies valid sources for stylesheets. For more information about the StyleSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src ImgSrc directive specifies a valid sources of images and favicons. For more information about the ImgSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src FontSrc directive specifies valid sources for fonts loaded using @font-face. For more information about the FontSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src\n\nPossible enum values:\n - `\"DefaultSrc\"` directive serves as a fallback for the other CSP fetch directives. For more information about the DefaultSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src\n - `\"FontSrc\"` directive specifies valid sources for fonts loaded using @font-face. For more information about the FontSrcdirective, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src\n - `\"ImgSrc\"` directive specifies a valid sources of images and favicons. For more information about the ImgSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/img-src\n - `\"ScriptSrc\"` directive specifies valid sources for JavaScript. For more information about the ScriptSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src\n - `\"StyleSrc\"` directive specifies valid sources for stylesheets. For more information about the StyleSrc directive, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src", + "type": "string", + "default": "", + "enum": [ + "DefaultSrc", + "FontSrc", + "ImgSrc", + "ScriptSrc", + "StyleSrc" + ] + }, + "values": { + "description": "values defines an array of values to append to the console defaults for this directive. Each ConsolePlugin may define their own directives with their values. These will be set by the OpenShift web console's backend, as part of its Content-Security-Policy header. The array can contain at most 16 values. Each directive value must have a maximum length of 1024 characters and must not contain whitespace, commas (,), semicolons (;) or single quotes ('). The value '*' is not permitted. Each value in the array must be unique.", + "type": "array", + "items": { + "type": "string", + "default": "" + }, + "x-kubernetes-list-type": "atomic" + } + } + }, "com.github.openshift.api.console.v1.ConsolePluginI18n": { "description": "ConsolePluginI18n holds information on localization resources that are served by the dynamic plugin.", "type": "object", @@ -12106,6 +12188,18 @@ "default": {}, "$ref": "#/definitions/com.github.openshift.api.console.v1.ConsolePluginBackend" }, + "contentSecurityPolicy": { + "description": "contentSecurityPolicy is a list of Content-Security-Policy (CSP) directives for the plugin. Each directive specifies a list of values, appropriate for the given directive type, for example a list of remote endpoints for fetch directives such as ScriptSrc. Console web application uses CSP to detect and mitigate certain types of attacks, such as cross-site scripting (XSS) and data injection attacks. Dynamic plugins should specify this field if need to load assets from outside the cluster or if violation reports are observed. Dynamic plugins should always prefer loading their assets from within the cluster, either by vendoring them, or fetching from a cluster service. CSP violation reports can be viewed in the browser's console logs during development and testing of the plugin in the OpenShift web console. Available directive types are DefaultSrc, ScriptSrc, StyleSrc, ImgSrc and FontSrc. Each of the available directives may be defined only once in the list. The value 'self' is automatically included in all fetch directives by the OpenShift web console's backend. For more information about the CSP directives, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy\n\nThe OpenShift web console server aggregates the CSP directives and values across its own default values and all enabled ConsolePlugin CRs, merging them into a single policy string that is sent to the browser via `Content-Security-Policy` HTTP response header.\n\nExample:\n ConsolePlugin A directives:\n script-src: https://script1.com/, https://script2.com/\n font-src: https://font1.com/\n\n ConsolePlugin B directives:\n script-src: https://script2.com/, https://script3.com/\n font-src: https://font2.com/\n img-src: https://img1.com/\n\n Unified set of CSP directives, passed to the OpenShift web console server:\n script-src: https://script1.com/, https://script2.com/, https://script3.com/\n font-src: https://font1.com/, https://font2.com/\n img-src: https://img1.com/\n\n OpenShift web console server CSP response header:\n Content-Security-Policy: default-src 'self'; base-uri 'self'; script-src 'self' https://script1.com/ https://script2.com/ https://script3.com/; font-src 'self' https://font1.com/ https://font2.com/; img-src 'self' https://img1.com/; style-src 'self'; frame-src 'none'; object-src 'none'", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/com.github.openshift.api.console.v1.ConsolePluginCSP" + }, + "x-kubernetes-list-map-keys": [ + "directive" + ], + "x-kubernetes-list-type": "map" + }, "displayName": { "description": "displayName is the display name of the plugin. The dispalyName should be between 1 and 128 characters.", "type": "string", @@ -12122,7 +12216,8 @@ "items": { "default": {}, "$ref": "#/definitions/com.github.openshift.api.console.v1.ConsolePluginProxy" - } + }, + "x-kubernetes-list-type": "atomic" } } }, @@ -27949,10 +28044,32 @@ "com.github.openshift.api.operator.v1.IPsecConfig": { "type": "object", "properties": { + "full": { + "description": "full defines configuration parameters for the IPsec `Full` mode. This is permitted only when mode is configured with `Full`, and forbidden otherwise.", + "$ref": "#/definitions/com.github.openshift.api.operator.v1.IPsecFullModeConfig" + }, "mode": { "description": "mode defines the behaviour of the ipsec configuration within the platform. Valid values are `Disabled`, `External` and `Full`. When 'Disabled', ipsec will not be enabled at the node level. When 'External', ipsec is enabled on the node level but requires the user to configure the secure communication parameters. This mode is for external secure communications and the configuration can be done using the k8s-nmstate operator. When 'Full', ipsec is configured on the node level and inter-pod secure communication within the cluster is configured. Note with `Full`, if ipsec is desired for communication with external (to the cluster) entities (such as storage arrays), this is left to the user to configure.", "type": "string" } + }, + "x-kubernetes-unions": [ + { + "discriminator": "mode", + "fields-to-discriminateBy": { + "full": "Full" + } + } + ] + }, + "com.github.openshift.api.operator.v1.IPsecFullModeConfig": { + "description": "IPsecFullModeConfig defines configuration parameters for the IPsec `Full` mode.", + "type": "object", + "properties": { + "encapsulation": { + "description": "encapsulation option to configure libreswan on how inter-pod traffic across nodes are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 for the encapsulation. Valid values are Always, Auto and omitted. Always means enable UDP encapsulation regardless of whether NAT is detected. Auto means enable UDP encapsulation based on the detection of NAT. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is Auto.", + "type": "string" + } } }, "com.github.openshift.api.operator.v1.IPv4GatewayConfig": { @@ -28373,6 +28490,11 @@ "description": "httpHeaders defines policy for HTTP headers.\n\nIf this field is empty, the default values are used.", "$ref": "#/definitions/com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders" }, + "idleConnectionTerminationPolicy": { + "description": "idleConnectionTerminationPolicy maps directly to HAProxy's idle-close-on-response option and controls whether HAProxy keeps idle frontend connections open during a soft stop (router reload).\n\nAllowed values for this field are \"Immediate\" and \"Deferred\". The default value is \"Deferred\".\n\nWhen set to \"Immediate\", idle connections are closed immediately during router reloads. This ensures immediate propagation of route changes but may impact clients sensitive to connection resets.\n\nWhen set to \"Deferred\", HAProxy will maintain idle connections during a soft reload instead of closing them immediately. These connections remain open until any of the following occurs:\n\n - A new request is received on the connection, in which\n case HAProxy handles it in the old process and closes\n the connection after sending the response.\n\n - HAProxy's `timeout http-keep-alive` duration expires\n (300 seconds in OpenShift's configuration, not\n configurable).\n\n - The client's keep-alive timeout expires, causing the\n client to close the connection.\n\nSetting Deferred can help prevent errors in clients or load balancers that do not properly handle connection resets. Additionally, this option allows you to retain the pre-2.4 HAProxy behaviour: in HAProxy version 2.2 (OpenShift versions < 4.14), maintaining idle connections during a soft reload was the default behaviour, but starting with HAProxy 2.4, the default changed to closing idle connections immediately.\n\nImportant Consideration:\n\n - Using Deferred will result in temporary inconsistencies\n for the first request on each persistent connection\n after a route update and router reload. This request\n will be processed by the old HAProxy process using its\n old configuration. Subsequent requests will use the\n updated configuration.\n\nOperational Considerations:\n\n - Keeping idle connections open during reloads may lead\n to an accumulation of old HAProxy processes if\n connections remain idle for extended periods,\n especially in environments where frequent reloads\n occur.\n\n - Consider monitoring the number of HAProxy processes in\n the router pods when Deferred is set.\n\n - You may need to enable or adjust the\n `ingress.operator.openshift.io/hard-stop-after`\n duration (configured via an annotation on the\n IngressController resource) in environments with\n frequent reloads to prevent resource exhaustion.", + "type": "string", + "default": "Deferred" + }, "logging": { "description": "logging defines parameters for what should be logged where. If this field is empty, operational logs are enabled but access logs are disabled.", "$ref": "#/definitions/com.github.openshift.api.operator.v1.IngressControllerLogging" @@ -30394,15 +30516,13 @@ "description": "NodeStatus provides information about the current state of a particular node managed by this operator.", "type": "object", "required": [ - "nodeName", - "currentRevision" + "nodeName" ], "properties": { "currentRevision": { - "description": "currentRevision is the generation of the most recently successful deployment", + "description": "currentRevision is the generation of the most recently successful deployment. Can not be set on creation of a nodeStatus. Updates must only increase the value.", "type": "integer", - "format": "int32", - "default": 0 + "format": "int32" }, "lastFailedCount": { "description": "lastFailedCount is how often the installer pod of the last failed revision failed.", @@ -30442,7 +30562,7 @@ "default": "" }, "targetRevision": { - "description": "targetRevision is the generation of the deployment we're trying to apply", + "description": "targetRevision is the generation of the deployment we're trying to apply. Can not be set on creation of a nodeStatus.", "type": "integer", "format": "int32" } diff --git a/vendor/github.com/openshift/api/operator/v1/register.go b/vendor/github.com/openshift/api/operator/v1/register.go index 21919f9a8b..5920c4fca7 100644 --- a/vendor/github.com/openshift/api/operator/v1/register.go +++ b/vendor/github.com/openshift/api/operator/v1/register.go @@ -62,6 +62,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { &OpenShiftAPIServerList{}, &OpenShiftControllerManager{}, &OpenShiftControllerManagerList{}, + &OLM{}, + &OLMList{}, &ServiceCA{}, &ServiceCAList{}, &ServiceCatalogAPIServer{}, diff --git a/vendor/github.com/openshift/api/operator/v1/types.go b/vendor/github.com/openshift/api/operator/v1/types.go index f04b6846ae..91e496fc96 100644 --- a/vendor/github.com/openshift/api/operator/v1/types.go +++ b/vendor/github.com/openshift/api/operator/v1/types.go @@ -256,18 +256,27 @@ type StaticPodOperatorStatus struct { // +listType=map // +listMapKey=nodeName // +optional + // +kubebuilder:validation:XValidation:rule="size(self.filter(status, status.?targetRevision.orValue(0) != 0)) <= 1",message="no more than 1 node status may have a nonzero targetRevision" NodeStatuses []NodeStatus `json:"nodeStatuses,omitempty"` } // NodeStatus provides information about the current state of a particular node managed by this operator. +// +kubebuilder:validation:XValidation:rule="has(self.currentRevision) || !has(oldSelf.currentRevision)",message="cannot be unset once set",fieldPath=".currentRevision" +// +kubebuilder:validation:XValidation:rule="oldSelf.hasValue() || !has(self.currentRevision)",message="currentRevision can not be set on creation of a nodeStatus",optionalOldSelf=true,fieldPath=.currentRevision +// +kubebuilder:validation:XValidation:rule="oldSelf.hasValue() || !has(self.targetRevision)",message="targetRevision can not be set on creation of a nodeStatus",optionalOldSelf=true,fieldPath=.targetRevision type NodeStatus struct { // nodeName is the name of the node // +kubebuilder:validation:Required NodeName string `json:"nodeName"` - // currentRevision is the generation of the most recently successful deployment - CurrentRevision int32 `json:"currentRevision"` - // targetRevision is the generation of the deployment we're trying to apply + // currentRevision is the generation of the most recently successful deployment. + // Can not be set on creation of a nodeStatus. Updates must only increase the value. + // +kubebuilder:validation:XValidation:rule="self >= oldSelf",message="must only increase" + // +optional + CurrentRevision int32 `json:"currentRevision,omitempty"` + // targetRevision is the generation of the deployment we're trying to apply. + // Can not be set on creation of a nodeStatus. + // +optional TargetRevision int32 `json:"targetRevision,omitempty"` // lastFailedRevision is the generation of the deployment we tried and failed to deploy. diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index 0644b6a93c..fa81ea7d79 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -20,7 +20,7 @@ import ( // +kubebuilder:resource:path=clustercsidrivers,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/701 -// +openshift:file-pattern=cvoRunLevel=0000_90,operatorName=csi-driver,operatorOrdering=01 +// +openshift:file-pattern=cvoRunLevel=0000_50,operatorName=csi-driver,operatorOrdering=01 // ClusterCSIDriver object allows management and configuration of a CSI driver operator // installed by default in OpenShift. Name of the object must be name of the CSI driver @@ -71,7 +71,7 @@ const ( RemovedStorageClass StorageClassStateName = "Removed" ) -// If you are adding a new driver name here, ensure that 0000_90_cluster_csi_driver_01_config.crd.yaml-merge-patch file is also updated with new driver name. +// If you are adding a new driver name here, ensure that 0000_50_cluster_csi_driver_01_config.crd.yaml-merge-patch file is also updated with new driver name. const ( AWSEBSCSIDriver CSIDriverName = "ebs.csi.aws.com" AWSEFSCSIDriver CSIDriverName = "efs.csi.aws.com" diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index 1f56643456..61c0bcdbb4 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -258,6 +258,75 @@ type IngressControllerSpec struct { // // +optional HTTPCompression HTTPCompressionPolicy `json:"httpCompression,omitempty"` + + // idleConnectionTerminationPolicy maps directly to HAProxy's + // idle-close-on-response option and controls whether HAProxy + // keeps idle frontend connections open during a soft stop + // (router reload). + // + // Allowed values for this field are "Immediate" and + // "Deferred". The default value is "Deferred". + // + // When set to "Immediate", idle connections are closed + // immediately during router reloads. This ensures immediate + // propagation of route changes but may impact clients + // sensitive to connection resets. + // + // When set to "Deferred", HAProxy will maintain idle + // connections during a soft reload instead of closing them + // immediately. These connections remain open until any of the + // following occurs: + // + // - A new request is received on the connection, in which + // case HAProxy handles it in the old process and closes + // the connection after sending the response. + // + // - HAProxy's `timeout http-keep-alive` duration expires + // (300 seconds in OpenShift's configuration, not + // configurable). + // + // - The client's keep-alive timeout expires, causing the + // client to close the connection. + // + // Setting Deferred can help prevent errors in clients or load + // balancers that do not properly handle connection resets. + // Additionally, this option allows you to retain the pre-2.4 + // HAProxy behaviour: in HAProxy version 2.2 (OpenShift + // versions < 4.14), maintaining idle connections during a + // soft reload was the default behaviour, but starting with + // HAProxy 2.4, the default changed to closing idle + // connections immediately. + // + // Important Consideration: + // + // - Using Deferred will result in temporary inconsistencies + // for the first request on each persistent connection + // after a route update and router reload. This request + // will be processed by the old HAProxy process using its + // old configuration. Subsequent requests will use the + // updated configuration. + // + // Operational Considerations: + // + // - Keeping idle connections open during reloads may lead + // to an accumulation of old HAProxy processes if + // connections remain idle for extended periods, + // especially in environments where frequent reloads + // occur. + // + // - Consider monitoring the number of HAProxy processes in + // the router pods when Deferred is set. + // + // - You may need to enable or adjust the + // `ingress.operator.openshift.io/hard-stop-after` + // duration (configured via an annotation on the + // IngressController resource) in environments with + // frequent reloads to prevent resource exhaustion. + // + // +optional + // +kubebuilder:default:="Deferred" + // +default="Deferred" + IdleConnectionTerminationPolicy IngressControllerConnectionTerminationPolicy `json:"idleConnectionTerminationPolicy,omitempty"` } // httpCompressionPolicy turns on compression for the specified MIME types. @@ -2068,3 +2137,23 @@ type IngressControllerList struct { Items []IngressController `json:"items"` } + +// IngressControllerConnectionTerminationPolicy defines the behaviour +// for handling idle connections during a soft reload of the router. +// +// +kubebuilder:validation:Enum=Immediate;Deferred +type IngressControllerConnectionTerminationPolicy string + +const ( + // IngressControllerConnectionTerminationPolicyImmediate specifies + // that idle connections should be closed immediately during a + // router reload. + IngressControllerConnectionTerminationPolicyImmediate IngressControllerConnectionTerminationPolicy = "Immediate" + + // IngressControllerConnectionTerminationPolicyDeferred + // specifies that idle connections should remain open until a + // terminating event, such as a new request, the expiration of + // the proxy keep-alive timeout, or the client closing the + // connection. + IngressControllerConnectionTerminationPolicyDeferred IngressControllerConnectionTerminationPolicy = "Deferred" +) diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 9b1588bc25..fbad89ba21 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -550,6 +550,8 @@ type HybridOverlayConfig struct { } // +kubebuilder:validation:XValidation:rule="self == oldSelf || has(self.mode)",message="ipsecConfig.mode is required" +// +kubebuilder:validation:XValidation:rule="has(self.mode) && self.mode == 'Full' ? true : !has(self.full)",message="full is forbidden when mode is not Full" +// +union type IPsecConfig struct { // mode defines the behaviour of the ipsec configuration within the platform. // Valid values are `Disabled`, `External` and `Full`. @@ -561,7 +563,40 @@ type IPsecConfig struct { // this is left to the user to configure. // +kubebuilder:validation:Enum=Disabled;External;Full // +optional + // +unionDiscriminator Mode IPsecMode `json:"mode,omitempty"` + + // full defines configuration parameters for the IPsec `Full` mode. + // This is permitted only when mode is configured with `Full`, + // and forbidden otherwise. + // +unionMember,optional + // +optional + Full *IPsecFullModeConfig `json:"full,omitempty"` +} + +type Encapsulation string + +const ( + // EncapsulationAlways always enable UDP encapsulation regardless of whether NAT is detected. + EncapsulationAlways = "Always" + // EncapsulationAuto enable UDP encapsulation based on the detection of NAT. + EncapsulationAuto = "Auto" +) + +// IPsecFullModeConfig defines configuration parameters for the IPsec `Full` mode. +// +kubebuilder:validation:MinProperties:=1 +type IPsecFullModeConfig struct { + // encapsulation option to configure libreswan on how inter-pod traffic across nodes + // are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 + // for the encapsulation. + // Valid values are Always, Auto and omitted. + // Always means enable UDP encapsulation regardless of whether NAT is detected. + // Auto means enable UDP encapsulation based on the detection of NAT. + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. The current default is Auto. + // +kubebuilder:validation:Enum:=Always;Auto + // +optional + Encapsulation Encapsulation `json:"encapsulation,omitempty"` } type IPForwardingMode string diff --git a/vendor/github.com/openshift/api/operator/v1/types_olm.go b/vendor/github.com/openshift/api/operator/v1/types_olm.go index 84d7e9ea11..1ce349d357 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_olm.go +++ b/vendor/github.com/openshift/api/operator/v1/types_olm.go @@ -13,9 +13,12 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +kubebuilder:object:root=true // +kubebuilder:resource:path=olms,scope=Cluster // +kubebuilder:subresource:status +// +kubebuilder:metadata:annotations=include.release.openshift.io/ibm-cloud-managed=false +// +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1504 // +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=operator-lifecycle-manager,operatorOrdering=01 // +openshift:enable:FeatureGate=NewOLM +// +openshift:capability=OperatorLifecycleManagerV1 // +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="olm is a singleton, .metadata.name must be 'cluster'" type OLM struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 3b984f2a61..700ae5e695 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -1912,6 +1912,11 @@ func (in *IPFIXConfig) DeepCopy() *IPFIXConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPsecConfig) DeepCopyInto(out *IPsecConfig) { *out = *in + if in.Full != nil { + in, out := &in.Full, &out.Full + *out = new(IPsecFullModeConfig) + **out = **in + } return } @@ -1925,6 +1930,22 @@ func (in *IPsecConfig) DeepCopy() *IPsecConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPsecFullModeConfig) DeepCopyInto(out *IPsecFullModeConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPsecFullModeConfig. +func (in *IPsecFullModeConfig) DeepCopy() *IPsecFullModeConfig { + if in == nil { + return nil + } + out := new(IPsecFullModeConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPv4GatewayConfig) DeepCopyInto(out *IPv4GatewayConfig) { *out = *in @@ -3950,7 +3971,7 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { if in.IPsecConfig != nil { in, out := &in.IPsecConfig, &out.IPsecConfig *out = new(IPsecConfig) - **out = **in + (*in).DeepCopyInto(*out) } if in.PolicyAuditConfig != nil { in, out := &in.PolicyAuditConfig, &out.PolicyAuditConfig diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index ae9a88c228..d45d8ac300 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -73,7 +73,7 @@ clustercsidrivers.operator.openshift.io: - VSphereDriverConfiguration FilenameOperatorName: csi-driver FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_90" + FilenameRunLevel: "0000_50" GroupName: operator.openshift.io HasStatus: true KindName: ClusterCSIDriver @@ -347,10 +347,12 @@ networks.operator.openshift.io: Version: v1 olms.operator.openshift.io: - Annotations: {} + Annotations: + include.release.openshift.io/ibm-cloud-managed: "false" + include.release.openshift.io/self-managed-high-availability: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/1504 CRDName: olms.operator.openshift.io - Capability: "" + Capability: OperatorLifecycleManagerV1 Category: "" FeatureGates: - NewOLM diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 3c00fe2f03..d707cf271f 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -37,8 +37,8 @@ func (MyOperatorResource) SwaggerDoc() map[string]string { var map_NodeStatus = map[string]string{ "": "NodeStatus provides information about the current state of a particular node managed by this operator.", "nodeName": "nodeName is the name of the node", - "currentRevision": "currentRevision is the generation of the most recently successful deployment", - "targetRevision": "targetRevision is the generation of the deployment we're trying to apply", + "currentRevision": "currentRevision is the generation of the most recently successful deployment. Can not be set on creation of a nodeStatus. Updates must only increase the value.", + "targetRevision": "targetRevision is the generation of the deployment we're trying to apply. Can not be set on creation of a nodeStatus.", "lastFailedRevision": "lastFailedRevision is the generation of the deployment we tried and failed to deploy.", "lastFailedTime": "lastFailedTime is the time the last failed revision failed the last time.", "lastFailedReason": "lastFailedReason is a machine readable failure reason string.", @@ -1020,24 +1020,25 @@ func (IngressControllerSetHTTPHeader) SwaggerDoc() map[string]string { } var map_IngressControllerSpec = map[string]string{ - "": "IngressControllerSpec is the specification of the desired behavior of the IngressController.", - "domain": "domain is a DNS name serviced by the ingress controller and is used to configure multiple features:\n\n* For the LoadBalancerService endpoint publishing strategy, domain is\n used to configure DNS records. See endpointPublishingStrategy.\n\n* When using a generated default certificate, the certificate will be valid\n for domain and its subdomains. See defaultCertificate.\n\n* The value is published to individual Route statuses so that end-users\n know where to target external DNS records.\n\ndomain must be unique among all IngressControllers, and cannot be updated.\n\nIf empty, defaults to ingress.config.openshift.io/cluster .spec.domain.", - "httpErrorCodePages": "httpErrorCodePages specifies a configmap with custom error pages. The administrator must create this configmap in the openshift-config namespace. This configmap should have keys in the format \"error-page-.http\", where is an HTTP error code. For example, \"error-page-503.http\" defines an error page for HTTP 503 responses. Currently only error pages for 503 and 404 responses can be customized. Each value in the configmap should be the full response, including HTTP headers. Eg- https://raw.githubusercontent.com/openshift/router/fadab45747a9b30cc3f0a4b41ad2871f95827a93/images/router/haproxy/conf/error-page-503.http If this field is empty, the ingress controller uses the default error pages.", - "replicas": "replicas is the desired number of ingress controller replicas. If unset, the default depends on the value of the defaultPlacement field in the cluster config.openshift.io/v1/ingresses status.\n\nThe value of replicas is set based on the value of a chosen field in the Infrastructure CR. If defaultPlacement is set to ControlPlane, the chosen field will be controlPlaneTopology. If it is set to Workers the chosen field will be infrastructureTopology. Replicas will then be set to 1 or 2 based whether the chosen field's value is SingleReplica or HighlyAvailable, respectively.\n\nThese defaults are subject to change.", - "endpointPublishingStrategy": "endpointPublishingStrategy is used to publish the ingress controller endpoints to other networks, enable load balancer integrations, etc.\n\nIf unset, the default is based on infrastructure.config.openshift.io/cluster .status.platform:\n\n AWS: LoadBalancerService (with External scope)\n Azure: LoadBalancerService (with External scope)\n GCP: LoadBalancerService (with External scope)\n IBMCloud: LoadBalancerService (with External scope)\n AlibabaCloud: LoadBalancerService (with External scope)\n Libvirt: HostNetwork\n\nAny other platform types (including None) default to HostNetwork.\n\nendpointPublishingStrategy cannot be updated.", - "defaultCertificate": "defaultCertificate is a reference to a secret containing the default certificate served by the ingress controller. When Routes don't specify their own certificate, defaultCertificate is used.\n\nThe secret must contain the following keys and data:\n\n tls.crt: certificate file contents\n tls.key: key file contents\n\nIf unset, a wildcard certificate is automatically generated and used. The certificate is valid for the ingress controller domain (and subdomains) and the generated certificate's CA will be automatically integrated with the cluster's trust store.\n\nIf a wildcard certificate is used and shared by multiple HTTP/2 enabled routes (which implies ALPN) then clients (i.e., notably browsers) are at liberty to reuse open connections. This means a client can reuse a connection to another route and that is likely to fail. This behaviour is generally known as connection coalescing.\n\nThe in-use certificate (whether generated or user-specified) will be automatically integrated with OpenShift's built-in OAuth server.", - "namespaceSelector": "namespaceSelector is used to filter the set of namespaces serviced by the ingress controller. This is useful for implementing shards.\n\nIf unset, the default is no filtering.", - "routeSelector": "routeSelector is used to filter the set of Routes serviced by the ingress controller. This is useful for implementing shards.\n\nIf unset, the default is no filtering.", - "nodePlacement": "nodePlacement enables explicit control over the scheduling of the ingress controller.\n\nIf unset, defaults are used. See NodePlacement for more details.", - "tlsSecurityProfile": "tlsSecurityProfile specifies settings for TLS connections for ingresscontrollers.\n\nIf unset, the default is based on the apiservers.config.openshift.io/cluster resource.\n\nNote that when using the Old, Intermediate, and Modern profile types, the effective profile configuration is subject to change between releases. For example, given a specification to use the Intermediate profile deployed on release X.Y.Z, an upgrade to release X.Y.Z+1 may cause a new profile configuration to be applied to the ingress controller, resulting in a rollout.", - "clientTLS": "clientTLS specifies settings for requesting and verifying client certificates, which can be used to enable mutual TLS for edge-terminated and reencrypt routes.", - "routeAdmission": "routeAdmission defines a policy for handling new route claims (for example, to allow or deny claims across namespaces).\n\nIf empty, defaults will be applied. See specific routeAdmission fields for details about their defaults.", - "logging": "logging defines parameters for what should be logged where. If this field is empty, operational logs are enabled but access logs are disabled.", - "httpHeaders": "httpHeaders defines policy for HTTP headers.\n\nIf this field is empty, the default values are used.", - "httpEmptyRequestsPolicy": "httpEmptyRequestsPolicy describes how HTTP connections should be handled if the connection times out before a request is received. Allowed values for this field are \"Respond\" and \"Ignore\". If the field is set to \"Respond\", the ingress controller sends an HTTP 400 or 408 response, logs the connection (if access logging is enabled), and counts the connection in the appropriate metrics. If the field is set to \"Ignore\", the ingress controller closes the connection without sending a response, logging the connection, or incrementing metrics. The default value is \"Respond\".\n\nTypically, these connections come from load balancers' health probes or Web browsers' speculative connections (\"preconnect\") and can be safely ignored. However, these requests may also be caused by network errors, and so setting this field to \"Ignore\" may impede detection and diagnosis of problems. In addition, these requests may be caused by port scans, in which case logging empty requests may aid in detecting intrusion attempts.", - "tuningOptions": "tuningOptions defines parameters for adjusting the performance of ingress controller pods. All fields are optional and will use their respective defaults if not set. See specific tuningOptions fields for more details.\n\nSetting fields within tuningOptions is generally not recommended. The default values are suitable for most configurations.", - "unsupportedConfigOverrides": "unsupportedConfigOverrides allows specifying unsupported configuration options. Its use is unsupported.", - "httpCompression": "httpCompression defines a policy for HTTP traffic compression. By default, there is no HTTP compression.", + "": "IngressControllerSpec is the specification of the desired behavior of the IngressController.", + "domain": "domain is a DNS name serviced by the ingress controller and is used to configure multiple features:\n\n* For the LoadBalancerService endpoint publishing strategy, domain is\n used to configure DNS records. See endpointPublishingStrategy.\n\n* When using a generated default certificate, the certificate will be valid\n for domain and its subdomains. See defaultCertificate.\n\n* The value is published to individual Route statuses so that end-users\n know where to target external DNS records.\n\ndomain must be unique among all IngressControllers, and cannot be updated.\n\nIf empty, defaults to ingress.config.openshift.io/cluster .spec.domain.", + "httpErrorCodePages": "httpErrorCodePages specifies a configmap with custom error pages. The administrator must create this configmap in the openshift-config namespace. This configmap should have keys in the format \"error-page-.http\", where is an HTTP error code. For example, \"error-page-503.http\" defines an error page for HTTP 503 responses. Currently only error pages for 503 and 404 responses can be customized. Each value in the configmap should be the full response, including HTTP headers. Eg- https://raw.githubusercontent.com/openshift/router/fadab45747a9b30cc3f0a4b41ad2871f95827a93/images/router/haproxy/conf/error-page-503.http If this field is empty, the ingress controller uses the default error pages.", + "replicas": "replicas is the desired number of ingress controller replicas. If unset, the default depends on the value of the defaultPlacement field in the cluster config.openshift.io/v1/ingresses status.\n\nThe value of replicas is set based on the value of a chosen field in the Infrastructure CR. If defaultPlacement is set to ControlPlane, the chosen field will be controlPlaneTopology. If it is set to Workers the chosen field will be infrastructureTopology. Replicas will then be set to 1 or 2 based whether the chosen field's value is SingleReplica or HighlyAvailable, respectively.\n\nThese defaults are subject to change.", + "endpointPublishingStrategy": "endpointPublishingStrategy is used to publish the ingress controller endpoints to other networks, enable load balancer integrations, etc.\n\nIf unset, the default is based on infrastructure.config.openshift.io/cluster .status.platform:\n\n AWS: LoadBalancerService (with External scope)\n Azure: LoadBalancerService (with External scope)\n GCP: LoadBalancerService (with External scope)\n IBMCloud: LoadBalancerService (with External scope)\n AlibabaCloud: LoadBalancerService (with External scope)\n Libvirt: HostNetwork\n\nAny other platform types (including None) default to HostNetwork.\n\nendpointPublishingStrategy cannot be updated.", + "defaultCertificate": "defaultCertificate is a reference to a secret containing the default certificate served by the ingress controller. When Routes don't specify their own certificate, defaultCertificate is used.\n\nThe secret must contain the following keys and data:\n\n tls.crt: certificate file contents\n tls.key: key file contents\n\nIf unset, a wildcard certificate is automatically generated and used. The certificate is valid for the ingress controller domain (and subdomains) and the generated certificate's CA will be automatically integrated with the cluster's trust store.\n\nIf a wildcard certificate is used and shared by multiple HTTP/2 enabled routes (which implies ALPN) then clients (i.e., notably browsers) are at liberty to reuse open connections. This means a client can reuse a connection to another route and that is likely to fail. This behaviour is generally known as connection coalescing.\n\nThe in-use certificate (whether generated or user-specified) will be automatically integrated with OpenShift's built-in OAuth server.", + "namespaceSelector": "namespaceSelector is used to filter the set of namespaces serviced by the ingress controller. This is useful for implementing shards.\n\nIf unset, the default is no filtering.", + "routeSelector": "routeSelector is used to filter the set of Routes serviced by the ingress controller. This is useful for implementing shards.\n\nIf unset, the default is no filtering.", + "nodePlacement": "nodePlacement enables explicit control over the scheduling of the ingress controller.\n\nIf unset, defaults are used. See NodePlacement for more details.", + "tlsSecurityProfile": "tlsSecurityProfile specifies settings for TLS connections for ingresscontrollers.\n\nIf unset, the default is based on the apiservers.config.openshift.io/cluster resource.\n\nNote that when using the Old, Intermediate, and Modern profile types, the effective profile configuration is subject to change between releases. For example, given a specification to use the Intermediate profile deployed on release X.Y.Z, an upgrade to release X.Y.Z+1 may cause a new profile configuration to be applied to the ingress controller, resulting in a rollout.", + "clientTLS": "clientTLS specifies settings for requesting and verifying client certificates, which can be used to enable mutual TLS for edge-terminated and reencrypt routes.", + "routeAdmission": "routeAdmission defines a policy for handling new route claims (for example, to allow or deny claims across namespaces).\n\nIf empty, defaults will be applied. See specific routeAdmission fields for details about their defaults.", + "logging": "logging defines parameters for what should be logged where. If this field is empty, operational logs are enabled but access logs are disabled.", + "httpHeaders": "httpHeaders defines policy for HTTP headers.\n\nIf this field is empty, the default values are used.", + "httpEmptyRequestsPolicy": "httpEmptyRequestsPolicy describes how HTTP connections should be handled if the connection times out before a request is received. Allowed values for this field are \"Respond\" and \"Ignore\". If the field is set to \"Respond\", the ingress controller sends an HTTP 400 or 408 response, logs the connection (if access logging is enabled), and counts the connection in the appropriate metrics. If the field is set to \"Ignore\", the ingress controller closes the connection without sending a response, logging the connection, or incrementing metrics. The default value is \"Respond\".\n\nTypically, these connections come from load balancers' health probes or Web browsers' speculative connections (\"preconnect\") and can be safely ignored. However, these requests may also be caused by network errors, and so setting this field to \"Ignore\" may impede detection and diagnosis of problems. In addition, these requests may be caused by port scans, in which case logging empty requests may aid in detecting intrusion attempts.", + "tuningOptions": "tuningOptions defines parameters for adjusting the performance of ingress controller pods. All fields are optional and will use their respective defaults if not set. See specific tuningOptions fields for more details.\n\nSetting fields within tuningOptions is generally not recommended. The default values are suitable for most configurations.", + "unsupportedConfigOverrides": "unsupportedConfigOverrides allows specifying unsupported configuration options. Its use is unsupported.", + "httpCompression": "httpCompression defines a policy for HTTP traffic compression. By default, there is no HTTP compression.", + "idleConnectionTerminationPolicy": "idleConnectionTerminationPolicy maps directly to HAProxy's idle-close-on-response option and controls whether HAProxy keeps idle frontend connections open during a soft stop (router reload).\n\nAllowed values for this field are \"Immediate\" and \"Deferred\". The default value is \"Deferred\".\n\nWhen set to \"Immediate\", idle connections are closed immediately during router reloads. This ensures immediate propagation of route changes but may impact clients sensitive to connection resets.\n\nWhen set to \"Deferred\", HAProxy will maintain idle connections during a soft reload instead of closing them immediately. These connections remain open until any of the following occurs:\n\n - A new request is received on the connection, in which\n case HAProxy handles it in the old process and closes\n the connection after sending the response.\n\n - HAProxy's `timeout http-keep-alive` duration expires\n (300 seconds in OpenShift's configuration, not\n configurable).\n\n - The client's keep-alive timeout expires, causing the\n client to close the connection.\n\nSetting Deferred can help prevent errors in clients or load balancers that do not properly handle connection resets. Additionally, this option allows you to retain the pre-2.4 HAProxy behaviour: in HAProxy version 2.2 (OpenShift versions < 4.14), maintaining idle connections during a soft reload was the default behaviour, but starting with HAProxy 2.4, the default changed to closing idle connections immediately.\n\nImportant Consideration:\n\n - Using Deferred will result in temporary inconsistencies\n for the first request on each persistent connection\n after a route update and router reload. This request\n will be processed by the old HAProxy process using its\n old configuration. Subsequent requests will use the\n updated configuration.\n\nOperational Considerations:\n\n - Keeping idle connections open during reloads may lead\n to an accumulation of old HAProxy processes if\n connections remain idle for extended periods,\n especially in environments where frequent reloads\n occur.\n\n - Consider monitoring the number of HAProxy processes in\n the router pods when Deferred is set.\n\n - You may need to enable or adjust the\n `ingress.operator.openshift.io/hard-stop-after`\n duration (configured via an annotation on the\n IngressController resource) in environments with\n frequent reloads to prevent resource exhaustion.", } func (IngressControllerSpec) SwaggerDoc() map[string]string { @@ -1650,12 +1651,22 @@ func (IPFIXConfig) SwaggerDoc() map[string]string { var map_IPsecConfig = map[string]string{ "mode": "mode defines the behaviour of the ipsec configuration within the platform. Valid values are `Disabled`, `External` and `Full`. When 'Disabled', ipsec will not be enabled at the node level. When 'External', ipsec is enabled on the node level but requires the user to configure the secure communication parameters. This mode is for external secure communications and the configuration can be done using the k8s-nmstate operator. When 'Full', ipsec is configured on the node level and inter-pod secure communication within the cluster is configured. Note with `Full`, if ipsec is desired for communication with external (to the cluster) entities (such as storage arrays), this is left to the user to configure.", + "full": "full defines configuration parameters for the IPsec `Full` mode. This is permitted only when mode is configured with `Full`, and forbidden otherwise.", } func (IPsecConfig) SwaggerDoc() map[string]string { return map_IPsecConfig } +var map_IPsecFullModeConfig = map[string]string{ + "": "IPsecFullModeConfig defines configuration parameters for the IPsec `Full` mode.", + "encapsulation": "encapsulation option to configure libreswan on how inter-pod traffic across nodes are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 for the encapsulation. Valid values are Always, Auto and omitted. Always means enable UDP encapsulation regardless of whether NAT is detected. Auto means enable UDP encapsulation based on the detection of NAT. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is Auto.", +} + +func (IPsecFullModeConfig) SwaggerDoc() map[string]string { + return map_IPsecFullModeConfig +} + var map_IPv4GatewayConfig = map[string]string{ "": "IPV4GatewayConfig holds the configuration paramaters for IPV4 connections in the GatewayConfig for OVN-Kubernetes", "internalMasqueradeSubnet": "internalMasqueradeSubnet contains the masquerade addresses in IPV4 CIDR format used internally by ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these addresses, as well as the shared gateway bridge interface. The values can be changed after installation. The subnet chosen should not overlap with other networks specified for OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must be large enough to accommodate 6 IPs (maximum prefix length /29). When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. The current default subnet is 169.254.169.0/29 The value must be in proper IPV4 CIDR format", diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go b/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go index f29385b9fa..748834ca99 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/types_olm.go @@ -17,6 +17,8 @@ import ( // +kubebuilder:object:root=true // +kubebuilder:resource:path=olms,scope=Cluster // +kubebuilder:subresource:status +// +kubebuilder:metadata:annotations=include.release.openshift.io/ibm-cloud-managed=false +// +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1504 // +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=operator-lifecycle-manager,operatorOrdering=01 // +openshift:enable:FeatureGate=NewOLM diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 30c058236d..53d8ff23c3 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -44,7 +44,9 @@ imagecontentsourcepolicies.operator.openshift.io: Version: v1alpha1 olms.operator.openshift.io: - Annotations: {} + Annotations: + include.release.openshift.io/ibm-cloud-managed: "false" + include.release.openshift.io/self-managed-high-availability: "true" ApprovedPRNumber: https://github.com/openshift/api/pull/1504 CRDName: olms.operator.openshift.io Capability: "" diff --git a/vendor/modules.txt b/vendor/modules.txt index 54e8f30740..032989016f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -76,7 +76,7 @@ github.com/modern-go/reflect2 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 ## explicit github.com/munnerz/goautoneg -# github.com/openshift/api v0.0.0-20241107155230-d37bb9f7e380 +# github.com/openshift/api v0.0.0-20250711200046-c86d80652a9e ## explicit; go 1.22.0 github.com/openshift/api/apiserver/v1 github.com/openshift/api/apps/v1