From a5917687e071c9e6c1268a92e51bc24d84ba66bd Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Wed, 25 Mar 2026 14:14:07 -0400 Subject: [PATCH 01/13] add MCD IRI manager --- cmd/machine-config-daemon/start.go | 13 + pkg/daemon/internalreleaseimage/OWNERS | 14 + .../internalreleaseimage_manager.go | 394 ++++++++++++++++++ .../internalreleaseimage/iriregistry.go | 171 ++++++++ 4 files changed, 592 insertions(+) create mode 100644 pkg/daemon/internalreleaseimage/OWNERS create mode 100644 pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go create mode 100644 pkg/daemon/internalreleaseimage/iriregistry.go diff --git a/cmd/machine-config-daemon/start.go b/cmd/machine-config-daemon/start.go index 16c639fee0..462b73c3f8 100644 --- a/cmd/machine-config-daemon/start.go +++ b/cmd/machine-config-daemon/start.go @@ -12,11 +12,13 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "k8s.io/client-go/tools/clientcmd" + "github.com/openshift/api/features" "github.com/openshift/machine-config-operator/internal/clients" ctrlcommon "github.com/openshift/machine-config-operator/pkg/controller/common" "github.com/openshift/machine-config-operator/pkg/daemon" "github.com/openshift/machine-config-operator/pkg/daemon/constants" "github.com/openshift/machine-config-operator/pkg/daemon/cri" + "github.com/openshift/machine-config-operator/pkg/daemon/internalreleaseimage" "github.com/openshift/machine-config-operator/pkg/version" "github.com/spf13/cobra" "k8s.io/klog/v2" @@ -233,10 +235,21 @@ func runStartCmd(_ *cobra.Command, _ []string) { ) go pinnedImageSetManager.Run(2, stopCh) + if ctrlctx.FeatureGatesHandler.Enabled(features.FeatureGateNoRegistryClusterInstall) { + internalReleaseImageManager := internalreleaseimage.New( + startOpts.nodeName, + ctrlctx.ClientBuilder.MachineConfigClientOrDie(componentName), + ctrlctx.InformerFactory.Machineconfiguration().V1alpha1().InternalReleaseImages(), + nodeScopedInformer, + ) + go internalReleaseImageManager.Run(2, stopCh) + } + ctrlctx.KubeInformerFactory.Start(stopCh) ctrlctx.KubeNamespacedInformerFactory.Start(stopCh) ctrlctx.InformerFactory.Start(stopCh) ctrlctx.OperatorInformerFactory.Start(stopCh) + ctrlctx.ConfigInformerFactory.Start(stopCh) nodeScopedInformerStartFunc(ctrlctx.Stop) close(ctrlctx.InformersStarted) diff --git a/pkg/daemon/internalreleaseimage/OWNERS b/pkg/daemon/internalreleaseimage/OWNERS new file mode 100644 index 0000000000..74e8b7eee0 --- /dev/null +++ b/pkg/daemon/internalreleaseimage/OWNERS @@ -0,0 +1,14 @@ +# See the OWNERS docs: https://git.k8s.io/community/contributors/guide/owners.md + +approvers: + - andfasano + - bfournie + - pawanpinjarkar + - rwsu + - zaneb +reviewers: + - andfasano + - bfournie + - pawanpinjarkar + - rwsu + - zaneb \ No newline at end of file diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go new file mode 100644 index 0000000000..24ef7aa786 --- /dev/null +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go @@ -0,0 +1,394 @@ +package internalreleaseimage + +import ( + "context" + "fmt" + "reflect" + "time" + + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apimachinery/pkg/util/wait" + coreinformersv1 "k8s.io/client-go/informers/core/v1" + corev1lister "k8s.io/client-go/listers/core/v1" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + "k8s.io/klog/v2" + + v1 "github.com/openshift/api/machineconfiguration/v1" + mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" + mcfgclientset "github.com/openshift/client-go/machineconfiguration/clientset/versioned" + mcfginformersv1alpha1 "github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1" + mcfglistersv1alpha1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1" + "github.com/openshift/machine-config-operator/pkg/controller/common" +) + +const ( + // backoff configuration + maxRetries = 5 + retryDuration = 1 * time.Second + retryFactor = 2.0 + retryCap = 10 * time.Second + + // controller configuration + maxRetriesController = 15 + syncRetryInterval = 30 * time.Second + + // mcn looks for conditions with this prefix if seen will degrade the pool + degradeMessagePrefix = "Error:" +) + +// Manager manages the IRI registry data on disk +// and takes care of updating the MCN status IRI fields for the current node. +type Manager struct { + nodeName string + backoff wait.Backoff + + mcfgClient mcfgclientset.Interface + + syncHandler func(mcp string) error + enqueueInternalReleaseImage func(*mcfgv1alpha1.InternalReleaseImage) + queue workqueue.TypedRateLimitingInterface[string] + + iriLister mcfglistersv1alpha1.InternalReleaseImageLister + iriListerSynced cache.InformerSynced + + nodeLister corev1lister.NodeLister + nodeListerSynced cache.InformerSynced +} + +// NewInternalReleaseImageManager creates a new internal release image manager. +func New( + nodeName string, + mcfgClient mcfgclientset.Interface, + iriInformer mcfginformersv1alpha1.InternalReleaseImageInformer, + nodeInformer coreinformersv1.NodeInformer, +) *Manager { + i := &Manager{ + nodeName: nodeName, + queue: workqueue.NewTypedRateLimitingQueueWithConfig[string]( + workqueue.DefaultTypedControllerRateLimiter[string](), + workqueue.TypedRateLimitingQueueConfig[string]{Name: "internal-release-image-manager"}), + backoff: wait.Backoff{ + Steps: maxRetries, + Duration: retryDuration, + Factor: retryFactor, + Cap: retryCap, + }, + } + + i.mcfgClient = mcfgClient + + i.syncHandler = i.syncInternalReleaseImage + i.enqueueInternalReleaseImage = i.enqueue + + i.iriLister = iriInformer.Lister() + i.iriListerSynced = iriInformer.Informer().HasSynced + + i.nodeLister = nodeInformer.Lister() + i.nodeListerSynced = nodeInformer.Informer().HasSynced + + iriInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ + AddFunc: i.addInternalReleaseImage, + UpdateFunc: i.updateInternalReleaseImage, + DeleteFunc: i.deleteInternalReleaseImage, + }) + + return i +} + +func (i *Manager) Run(workers int, stopCh <-chan struct{}) { + defer utilruntime.HandleCrash() + defer i.queue.ShutDown() + + if !cache.WaitForCacheSync( + stopCh, + i.iriListerSynced, + i.nodeListerSynced, + ) { + klog.Errorf("failed to sync initial listers cache") + return + } + + klog.Infof("Starting InternalReleaseImage Manager") + defer klog.Infof("Shutting down InternalReleaseImage Manager") + + for range workers { + go wait.Until(i.worker, time.Second, stopCh) + } + + <-stopCh +} + +func (i *Manager) enqueue(iri *mcfgv1alpha1.InternalReleaseImage) { + key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(iri) + if err != nil { + utilruntime.HandleError(fmt.Errorf("couldn't get key for object %#v: %w", iri, err)) + return + } + i.queue.Add(key) +} + +// worker runs a worker thread that just dequeues items, processes them, and marks them done. +// It enforces that the syncHandler is never invoked concurrently with the same key. +func (i *Manager) worker() { + for i.processNextItem() { + } +} + +func (i *Manager) processNextItem() bool { + key, quit := i.queue.Get() + if quit { + return false + } + defer i.queue.Done(key) + + err := i.syncHandler(key) + i.handleErr(err, key) + return true +} + +func (i *Manager) handleErr(err error, key string) { + if err == nil { + i.queue.Forget(key) + return + } + + if i.queue.NumRequeues(key) < maxRetriesController { + klog.V(4).Infof("Requeue InternalReleaseImage %v: %v", key, err) + i.queue.AddRateLimited(key) + return + } + utilruntime.HandleError(err) + + klog.Warningf("failed: %s max retries: %d", key, maxRetriesController) + i.queue.Forget(key) + i.queue.AddAfter(key, 1*time.Minute) +} + +func (i *Manager) addInternalReleaseImage(obj interface{}) { + iri := obj.(*mcfgv1alpha1.InternalReleaseImage) + klog.V(4).Infof("Adding InternalReleaseImage %s", iri.Name) + i.enqueueInternalReleaseImage(iri) +} + +func (i *Manager) updateInternalReleaseImage(old, cur interface{}) { + oldInternalReleaseImage := old.(*mcfgv1alpha1.InternalReleaseImage) + newInternalReleaseImage := cur.(*mcfgv1alpha1.InternalReleaseImage) + + if i.internalReleaseImageChanged(oldInternalReleaseImage, newInternalReleaseImage) { + klog.V(4).Infof("mcfgv1alpha1.InternalReleaseImage %s updated", newInternalReleaseImage.Name) + i.enqueueInternalReleaseImage(newInternalReleaseImage) + } +} + +func (i *Manager) internalReleaseImageChanged(old, newIRI *mcfgv1alpha1.InternalReleaseImage) bool { + if old.DeletionTimestamp != newIRI.DeletionTimestamp { + return true + } + if !reflect.DeepEqual(old.Spec, newIRI.Spec) { + return true + } + return false +} + +func (i *Manager) deleteInternalReleaseImage(obj interface{}) { + iri, ok := obj.(*mcfgv1alpha1.InternalReleaseImage) + if !ok { + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("failed to get object from tombstone %#v", obj)) + return + } + iri, ok = tombstone.Obj.(*mcfgv1alpha1.InternalReleaseImage) + if !ok { + utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a InternalReleaseImage %#v", obj)) + return + } + } + + klog.V(4).Infof("InternalReleaseImage %s deleted", iri.Name) + i.enqueueInternalReleaseImage(iri) +} + +// getNodeWithRetry gets the node with retries. This avoids some races when the local node +// is new but not found during startup. +func (i *Manager) getNodeWithRetry(nodeName string) (*corev1.Node, + error) { + var node *corev1.Node + err := wait.ExponentialBackoff(i.backoff, func() (bool, error) { + var err error + node, err = i.nodeLister.Get(nodeName) + if err != nil { + if apierrors.IsNotFound(err) { + // log warning and retry because we are tolerating unexpected behavior from the informer + klog.Warningf("Node %q not found, retrying", nodeName) + return false, nil + } + return false, err + } + return true, nil + }) + return node, err +} + +func (i *Manager) updateMCNStatus(mcn *v1.MachineConfigNode) error { + _, err := i.mcfgClient.MachineconfigurationV1().MachineConfigNodes().UpdateStatus(context.Background(), mcn, metav1.UpdateOptions{}) + if err != nil { + return fmt.Errorf("failed to update MCN %s InternalReleaseImage Status conditions: %w", mcn.Name, err) + } + return nil +} + +func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriReg *iriRegistry) error { + // Get the current OCP releases bundles stored in the local IRI registry. + registryBundles, err := iriReg.GetOCPBundlesTags() + if err != nil { + return err + } + + // Check if there is any new release bundle in the registry not yet reported in the status. + newBundles := []string{} + for _, bundleName := range registryBundles.Tags { + found := false + for _, r := range mcn.Status.InternalReleaseImage.Releases { + if bundleName == r.Name { + found = true + break + } + } + if found { + continue + } + + klog.V(2).Infof("New release bundle found: %s", bundleName) + newBundles = append(newBundles, bundleName) + } + + // Add new bundles, if any. + mcnUpdated := mcn.DeepCopy() + for _, bundle := range newBundles { + ocpReleaseTag, err := iriReg.GetOCPBundleReleaseTag(bundle) + if err != nil { + return err + } + pullSpec := iriReg.GetOCPReleasePullSpec(ocpReleaseTag) + + iriRelease := v1.MachineConfigNodeStatusInternalReleaseImageRef{ + Name: bundle, + Image: pullSpec, + } + mcnUpdated.Status.InternalReleaseImage.Releases = append(mcnUpdated.Status.InternalReleaseImage.Releases, iriRelease) + } + + // Check release availability for each bundle + for n := range mcnUpdated.Status.InternalReleaseImage.Releases { + r := &mcnUpdated.Status.InternalReleaseImage.Releases[n] + + err := iriReg.CheckImageAvailability(r.Image) + if err == nil { + meta.SetStatusCondition(&r.Conditions, metav1.Condition{ + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), + Status: metav1.ConditionFalse, + Reason: "ReleaseImageAvailable", + Message: "ReleaseImageAvailable", + }) + meta.SetStatusCondition(&r.Conditions, metav1.Condition{ + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), + Status: metav1.ConditionTrue, + Reason: "ReleaseImageAvailable", + Message: "The specified release image is available", + }) + } else { + meta.SetStatusCondition(&r.Conditions, metav1.Condition{ + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), + Status: metav1.ConditionTrue, + Reason: "ReleaseImageNotFound", + Message: err.Error(), + }) + meta.SetStatusCondition(&r.Conditions, metav1.Condition{ + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), + Status: metav1.ConditionFalse, + Reason: "ReleaseImageNotFound", + Message: "The specified release image was not found in the registry", + }) + } + } + + return i.updateMCNStatus(mcnUpdated) +} + +func (i *Manager) setMachineConfigNodeAsDegraded(mcn *v1.MachineConfigNode, registryErr error) error { + reason := "RegistryUnreachable" + + mcnUpdated := mcn.DeepCopy() + // TODO: Update mcnUpdated.Status.Conditions with InternalReleaseImageDegraded + // Mark all the current releases as Degraded and not Available. + for n := range mcnUpdated.Status.InternalReleaseImage.Releases { + r := &mcnUpdated.Status.InternalReleaseImage.Releases[n] + + meta.SetStatusCondition(&r.Conditions, metav1.Condition{ + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), + Status: metav1.ConditionTrue, + Reason: reason, + Message: registryErr.Error(), + }) + meta.SetStatusCondition(&r.Conditions, metav1.Condition{ + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), + Status: metav1.ConditionFalse, + Reason: reason, + Message: "Release bundle is unavailable: failed to reach the registry", + }) + } + + return i.updateMCNStatus(mcnUpdated) +} + +func (i *Manager) syncInternalReleaseImage(key string) error { + klog.V(4).Infof("Syncing InternalReleaseImage %q", key) + + // Fetch the InternalReleaseImage. + _, err := i.iriLister.Get(common.InternalReleaseImageInstanceName) + if errors.IsNotFound(err) { + // Manage the feature only when the IRI resource was defined. + return nil + } + if err != nil { + return err + } + + // Get the current node. + node, err := i.getNodeWithRetry(i.nodeName) + if err != nil { + return fmt.Errorf("failed to get node %q: %v", i.nodeName, err) + } + + // Get the MachineConfigNode for the current node. + mcn, err := i.mcfgClient.MachineconfigurationV1().MachineConfigNodes().Get(context.TODO(), i.nodeName, metav1.GetOptions{}) + if err != nil { + if apierrors.IsNotFound(err) { + klog.V(2).Infof("MachineConfigNode %s not yet present, waiting for its creation", i.nodeName) + return nil + } + return err + } + + iriReg := newIRIRegistry(node) + if registryErr := iriReg.CheckLocalRegistry(); registryErr != nil { + klog.Errorf("No available local InternalReleaseImage registry found for node %s. Error: %v", i.nodeName, registryErr) + err = i.setMachineConfigNodeAsDegraded(mcn, registryErr) + } else { + err = i.refreshMachineConfigNodeStatus(mcn, iriReg) + } + if err != nil { + klog.Errorf("failed to update MachineConfigNode status: %v", err) + return err + } + + i.queue.AddAfter(key, syncRetryInterval) + return nil +} diff --git a/pkg/daemon/internalreleaseimage/iriregistry.go b/pkg/daemon/internalreleaseimage/iriregistry.go new file mode 100644 index 0000000000..6d42ef0cee --- /dev/null +++ b/pkg/daemon/internalreleaseimage/iriregistry.go @@ -0,0 +1,171 @@ +package internalreleaseimage + +import ( + "context" + "encoding/json" + "fmt" + "io" + "net/http" + "regexp" + "time" + + corev1 "k8s.io/api/core/v1" + "k8s.io/klog/v2" +) + +const ( + iriRegistryHost = "localhost" + iriRegistryPort = 22625 + + ocpReleasesRepo = "/openshift/release-images" + ocpBundlesRepo = "/openshift/release-bundles" +) + +type iriRegistry struct { + node *corev1.Node + registryHostPort string + client *http.Client +} + +type registryTagsList struct { + Name string `json:"name"` + Tags []string `json:"tags"` +} + +func newIRIRegistry(node *corev1.Node) *iriRegistry { + return &iriRegistry{ + node: node, + client: &http.Client{ + Timeout: 3 * time.Second, + }, + // The IRI registry runs on the current node. + registryHostPort: fmt.Sprintf("%s:%d", iriRegistryHost, iriRegistryPort), + } +} + +func (r *iriRegistry) query(endpoint string, headers ...map[string]string) (*http.Response, error) { + regURL := fmt.Sprintf("https://%s/v2%s", r.registryHostPort, endpoint) + + req, err := http.NewRequestWithContext(context.Background(), http.MethodGet, regURL, nil) + if err != nil { + return nil, err + } + if len(headers) > 0 { + for k, v := range headers[0] { + req.Header.Set(k, v) + } + } + resp, err := r.client.Do(req) + if err != nil { + return nil, err + } + return resp, nil +} + +func (r *iriRegistry) CheckLocalRegistry() error { + klog.V(2).Infof("Checking local InternalReleaseImage registry status for node %s at %s", r.node.Name, r.registryHostPort) + + resp, err := r.query("") + if err != nil { + return err + } + statusCode := resp.StatusCode + resp.Body.Close() + + if statusCode != http.StatusOK { + return fmt.Errorf("Registry check for for node %s (%s) failed with status code %d", r.node.Name, r.registryHostPort, statusCode) + } + + klog.V(2).Infof("The local InternalReleaseImage registry is available for node %s (%s)", r.node.Name, r.registryHostPort) + return nil +} + +func (r *iriRegistry) parseTagsList(reader io.Reader) (*registryTagsList, error) { + var resp registryTagsList + + dec := json.NewDecoder(reader) + dec.DisallowUnknownFields() + + if err := dec.Decode(&resp); err != nil { + return nil, fmt.Errorf("decode tags list response: %w", err) + } + if resp.Name == "" { + return nil, fmt.Errorf("missing or empty field %q", "name") + } + if resp.Tags == nil { + resp.Tags = []string{} + } + return &resp, nil +} + +func (r *iriRegistry) getRepositoryTags(repo string) (*registryTagsList, error) { + endpoint := fmt.Sprintf("/%s/tags/list", repo) + + klog.V(2).Infof("Retrieving repository tags for %s", repo) + resp, err := r.query(endpoint) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + if resp.StatusCode != http.StatusOK { + return nil, fmt.Errorf("error while retrieving registry tags for %s. Status code: %d", repo, resp.StatusCode) + } + releaseTags, err := r.parseTagsList(resp.Body) + if err != nil { + return nil, err + } + return releaseTags, nil +} + +func (r *iriRegistry) GetOCPBundlesTags() (*registryTagsList, error) { + return r.getRepositoryTags(ocpBundlesRepo) +} + +func (r *iriRegistry) GetOCPBundleReleaseTag(_ string) (string, error) { + // Currently the IRI resource supports only one release bundle, and thus one OCP release. Since the release bundle + // image does not yet contain the necessary release metadata (see https://redhat.atlassian.net/browse/AGENT-1312), + // let's fetch directly the current release image. + ocpReleases, err := r.getRepositoryTags(ocpReleasesRepo) + if err != nil { + return "", err + } + if len(ocpReleases.Tags) > 1 { + return "", fmt.Errorf("only one OCP release image is currently supported") + } + return ocpReleases.Tags[0], nil +} + +func (r *iriRegistry) GetOCPReleasePullSpec(releaseTag string) string { + return fmt.Sprintf("%s%s@sha256:%s", r.registryHostPort, ocpReleasesRepo, releaseTag) +} + +func (r *iriRegistry) CheckImageAvailability(pullspec string) error { + var pullspecRe = regexp.MustCompile(`^([^/]+)/(.+)@(sha256:[a-f0-9]{64})$`) + m := pullspecRe.FindStringSubmatch(pullspec) + if m == nil { + return fmt.Errorf("invalid pullspec: %s", pullspec) + } + registry := m[1] + repo := m[2] + digest := m[3] + + if registry != r.registryHostPort { + return fmt.Errorf("pullspec %s not owned by the current registry", pullspec) + } + + manifestsQuery := fmt.Sprintf("/%s/manifests/%s", repo, digest) + resp, err := r.query(manifestsQuery, map[string]string{ + "Accept": "application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v2+json", + }) + if err != nil { + return err + } + statusCode := resp.StatusCode + resp.Body.Close() + + if statusCode != http.StatusOK { + return fmt.Errorf("error while checking release availability: %w", err) + } + return nil +} From 85777fdddb34b10e91dae15cfaba7e26b681e49f Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Mon, 30 Mar 2026 14:11:14 -0400 Subject: [PATCH 02/13] allows MCD to get IRI resource --- manifests/machineconfigdaemon/clusterrole.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/machineconfigdaemon/clusterrole.yaml b/manifests/machineconfigdaemon/clusterrole.yaml index 0a174c0a2c..64467892bf 100644 --- a/manifests/machineconfigdaemon/clusterrole.yaml +++ b/manifests/machineconfigdaemon/clusterrole.yaml @@ -13,7 +13,7 @@ rules: resources: ["machineconfigs", "controllerconfigs"] verbs: ["get", "list", "watch"] - apiGroups: ["machineconfiguration.openshift.io"] - resources: ["machineconfigpools", "pinnedimagesets"] + resources: ["machineconfigpools", "pinnedimagesets", "internalreleaseimages"] verbs: ["get", "list", "watch"] - apiGroups: ["machineconfiguration.openshift.io"] resources: ["machineconfignodes", "machineconfignodes/status"] From db039712280dd3d5755b5b9fc394a966731ab003 Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Mon, 30 Mar 2026 15:37:56 -0400 Subject: [PATCH 03/13] bump openshift/api and openshift/client-go required to include MachineConfigNodeInternalReleaseImageDegraded --- go.mod | 4 +- go.sum | 8 +- .../github.com/openshift/api/.coderabbit.yaml | 1 + vendor/github.com/openshift/api/Makefile | 2 +- .../types_compatibilityrequirement.go | 4 +- .../api/config/v1/types_apiserver.go | 63 + .../api/config/v1/types_authentication.go | 64 +- .../api/config/v1/types_cluster_version.go | 26 + .../api/config/v1/types_infrastructure.go | 8 +- ...1_clusterversions-CustomNoUpgrade.crd.yaml | 17 + ...usterversions-DevPreviewNoUpgrade.crd.yaml | 17 + ...tor_01_apiservers-CustomNoUpgrade.crd.yaml | 39 + ...01_apiservers-DevPreviewNoUpgrade.crd.yaml | 39 + ...1_apiservers-TechPreviewNoUpgrade.crd.yaml | 39 + ...1_authentications-CustomNoUpgrade.crd.yaml | 69 +- ...erator_01_authentications-Default.crd.yaml | 30 +- ...thentications-DevPreviewNoUpgrade.crd.yaml | 69 +- ...g-operator_01_authentications-OKD.crd.yaml | 30 +- ...hentications-TechPreviewNoUpgrade.crd.yaml | 69 +- ...1_infrastructures-CustomNoUpgrade.crd.yaml | 2 + ...erator_01_infrastructures-Default.crd.yaml | 2 + ...frastructures-DevPreviewNoUpgrade.crd.yaml | 2 + ...g-operator_01_infrastructures-OKD.crd.yaml | 2 + ...rastructures-TechPreviewNoUpgrade.crd.yaml | 2 + ..._generated.featuregated-crd-manifests.yaml | 4 +- .../v1/zz_generated.swagger_doc_generated.go | 16 +- .../openshift/api/config/v1alpha1/register.go | 6 +- .../v1alpha1/types_cluster_image_policy.go | 80 - .../v1alpha1/types_cluster_monitoring.go | 1213 ++- .../api/config/v1alpha1/types_image_policy.go | 289 - .../api/config/v1alpha1/types_pki.go | 274 + ...-operator_01_clusterimagepolicies.crd.yaml | 442 -- ...ig-operator_01_clustermonitorings.crd.yaml | 2723 ++++++- ..._config-operator_01_imagepolicies.crd.yaml | 442 -- .../0000_10_config-operator_01_pkis.crd.yaml | 441 ++ .../config/v1alpha1/zz_generated.deepcopy.go | 944 ++- ..._generated.featuregated-crd-manifests.yaml | 61 +- .../zz_generated.swagger_doc_generated.go | 557 +- .../openshift/api/envtest-releases.yaml | 13 + vendor/github.com/openshift/api/features.md | 23 +- .../openshift/api/features/features.go | 147 +- .../api/features/legacyfeaturegates.go | 2 - .../api/machineconfiguration/v1/types.go | 5 - .../v1/types_machineconfignode.go | 4 +- .../v1/types_pinnedimageset.go | 3 +- ...controllerconfigs-CustomNoUpgrade.crd.yaml | 2 + ...nfig_01_controllerconfigs-Default.crd.yaml | 2 + ...rollerconfigs-DevPreviewNoUpgrade.crd.yaml | 2 + ...e-config_01_controllerconfigs-OKD.crd.yaml | 2 + ...ollerconfigs-TechPreviewNoUpgrade.crd.yaml | 2 + ...fig_01_machineconfignodes-Default.crd.yaml | 1 + ...gnodes-Hypershift-CustomNoUpgrade.crd.yaml | 1 + ...es-Hypershift-DevPreviewNoUpgrade.crd.yaml | 1 + ...s-Hypershift-TechPreviewNoUpgrade.crd.yaml | 1 + ...-config_01_machineconfignodes-OKD.crd.yaml | 1 + ...des-SelfManagedHA-CustomNoUpgrade.crd.yaml | 1 + ...SelfManagedHA-DevPreviewNoUpgrade.crd.yaml | 1 + ...elfManagedHA-TechPreviewNoUpgrade.crd.yaml | 1 + ..._generated.featuregated-crd-manifests.yaml | 13 +- .../v1/zz_generated.swagger_doc_generated.go | 2 +- .../machineconfiguration/v1alpha1/register.go | 4 - .../v1alpha1/types_machineconfignode.go | 273 - .../v1alpha1/types_osimagestream.go | 13 + .../v1alpha1/types_pinnedimageset.go | 91 - ...hine-config_01_machineconfignodes.crd.yaml | 377 - ..._machine-config_01_osimagestreams.crd.yaml | 18 + ...machine-config_01_pinnedimagesets.crd.yaml | 167 - .../v1alpha1/zz_generated.deepcopy.go | 294 - ..._generated.featuregated-crd-manifests.yaml | 100 - .../zz_generated.swagger_doc_generated.go | 132 +- .../operator/v1/types_machineconfiguration.go | 8 +- .../api/operator/v1/types_network.go | 115 + ...twork_01_networks-CustomNoUpgrade.crd.yaml | 1152 +++ ...00_70_network_01_networks-Default.crd.yaml | 1045 +++ ...k_01_networks-DevPreviewNoUpgrade.crd.yaml | 1152 +++ ... 0000_70_network_01_networks-OKD.crd.yaml} | 1 + ..._01_networks-TechPreviewNoUpgrade.crd.yaml | 1152 +++ ..._01_machineconfigurations-Default.crd.yaml | 252 + ...nfig_01_machineconfigurations-OKD.crd.yaml | 252 + .../api/operator/v1/zz_generated.deepcopy.go | 34 + ..._generated.featuregated-crd-manifests.yaml | 6 +- .../v1/zz_generated.swagger_doc_generated.go | 23 + .../render/legacyfeaturegates.go | 2 - .../applyconfigurations/internal/internal.go | 2096 ++--- .../applyconfigurations/internal/internal.go | 436 +- .../applyconfigurations/internal/internal.go | 1474 ++-- .../config/v1/apiserverspec.go | 43 + .../config/v1/infrastructurestatus.go | 2 + .../config/v1/prefixedclaimmapping.go | 11 +- .../config/v1/tokenclaimmapping.go | 23 +- .../applyconfigurations/config/v1/update.go | 21 + .../config/v1/usernameclaimmapping.go | 25 +- .../v1alpha1/additionalalertmanagerconfig.go | 119 + .../v1alpha1/alertmanagercustomconfig.go | 6 +- .../config/v1alpha1/authorizationconfig.go | 44 + .../config/v1alpha1/basicauth.go | 38 + .../config/v1alpha1/certificateconfig.go | 29 + .../config/v1alpha1/clusterimagepolicy.go | 277 - .../config/v1alpha1/clusterimagepolicyspec.go | 53 - .../v1alpha1/clusterimagepolicystatus.go | 33 - .../config/v1alpha1/clustermonitoringspec.go | 33 + .../config/v1alpha1/custompkipolicy.go | 51 + .../v1alpha1/defaultcertificateconfig.go | 30 + .../config/v1alpha1/dropequalactionconfig.go | 29 + .../config/v1alpha1/ecdsakeyconfig.go | 40 + .../config/v1alpha1/hashmodactionconfig.go | 40 + ...imagepolicyfulciocawithrekorrootoftrust.go | 52 - .../v1alpha1/imagepolicypkirootoftrust.go | 51 - .../imagepolicypublickeyrootoftrust.go | 42 - .../config/v1alpha1/imagepolicyspec.go | 53 - .../config/v1alpha1/imagepolicystatus.go | 33 - .../imagesigstoreverificationpolicy.go | 36 - .../config/v1alpha1/keepequalactionconfig.go | 29 + .../config/v1alpha1/keyconfig.go | 59 + .../config/v1alpha1/label.go | 39 + .../config/v1alpha1/labelmapactionconfig.go | 30 + .../config/v1alpha1/lowercaseactionconfig.go | 29 + .../config/v1alpha1/metadataconfig.go | 42 + .../config/v1alpha1/metadataconfigcustom.go | 29 + .../config/v1alpha1/oauth2.go | 82 + .../config/v1alpha1/oauth2endpointparam.go | 39 + .../v1alpha1/openshiftstatemetricsconfig.go | 117 + .../v1alpha1/{imagepolicy.go => pki.go} | 111 +- .../v1alpha1/pkicertificatemanagement.go | 65 + .../config/v1alpha1/pkicertificatesubject.go | 39 - .../config/v1alpha1/pkiprofile.go | 68 + .../config/v1alpha1/pkispec.go | 28 + .../config/v1alpha1/policyfulciosubject.go | 38 - .../config/v1alpha1/policyidentity.go | 57 - .../v1alpha1/policymatchexactrepository.go | 29 - .../v1alpha1/policymatchremapidentity.go | 45 - .../config/v1alpha1/policyrootoftrust.go | 65 - .../config/v1alpha1/prometheusconfig.go | 276 + .../v1alpha1/prometheusremotewriteheader.go | 40 + .../config/v1alpha1/queueconfig.go | 129 + .../config/v1alpha1/relabelactionconfig.go | 135 + .../config/v1alpha1/relabelconfig.go | 89 + .../v1alpha1/remotewriteauthorization.go | 100 + .../config/v1alpha1/remotewritespec.go | 175 + .../config/v1alpha1/replaceactionconfig.go | 41 + .../config/v1alpha1/retention.go | 46 + .../config/v1alpha1/rsakeyconfig.go | 27 + .../config/v1alpha1/secretkeyselector.go | 40 + .../config/v1alpha1/sigv4.go | 78 + .../config/v1alpha1/tlsconfig.go | 81 + .../config/v1alpha1/uppercaseactionconfig.go | 29 + .../applyconfigurations/internal/internal.go | 6824 +++++++++-------- .../config/applyconfigurations/utils.go | 106 +- .../config/v1alpha1/clusterimagepolicy.go | 58 - .../typed/config/v1alpha1/config_client.go | 15 +- .../v1alpha1/fake/fake_clusterimagepolicy.go | 37 - .../v1alpha1/fake/fake_config_client.go | 12 +- .../config/v1alpha1/fake/fake_imagepolicy.go | 37 - .../typed/config/v1alpha1/fake/fake_pki.go | 33 + .../config/v1alpha1/generated_expansion.go | 6 +- .../typed/config/v1alpha1/imagepolicy.go | 58 - .../versioned/typed/config/v1alpha1/pki.go | 54 + .../config/v1alpha1/clusterimagepolicy.go | 85 - .../config/v1alpha1/interface.go | 21 +- .../v1alpha1/{imagepolicy.go => pki.go} | 43 +- .../informers/externalversions/generic.go | 6 +- .../config/v1alpha1/clusterimagepolicy.go | 32 - .../config/v1alpha1/expansion_generated.go | 16 +- .../listers/config/v1alpha1/imagepolicy.go | 54 - .../config/listers/config/v1alpha1/pki.go | 32 + .../applyconfigurations/internal/internal.go | 350 +- .../applyconfigurations/internal/internal.go | 548 +- .../applyconfigurations/internal/internal.go | 481 +- .../v1/additionalartifactstore.go | 36 + .../v1/additionalimagestore.go | 36 + .../v1/additionallayerstore.go | 36 + .../v1/containerruntimeconfiguration.go | 69 + .../v1/machineconfignodestatus.go | 1 + .../v1alpha1/machineconfignode.go | 275 - .../v1alpha1/machineconfignodespec.go | 49 - ...chineconfignodespecmachineconfigversion.go | 35 - .../v1alpha1/machineconfignodestatus.go | 71 - ...ineconfignodestatusmachineconfigversion.go | 50 - .../machineconfignodestatuspinnedimageset.go | 70 - .../v1alpha1/mcoobjectreference.go | 31 - .../v1alpha1/osimagestreamspec.go | 11 + .../v1alpha1/pinnedimageref.go | 31 - .../v1alpha1/pinnedimageset.go | 276 - .../v1alpha1/pinnedimagesetspec.go | 43 - .../v1alpha1/pinnedimagesetstatus.go | 35 - .../applyconfigurations/utils.go | 28 +- .../v1alpha1/fake/fake_machineconfignode.go | 37 - .../fake/fake_machineconfiguration_client.go | 8 - .../v1alpha1/fake/fake_pinnedimageset.go | 37 - .../v1alpha1/generated_expansion.go | 4 - .../v1alpha1/machineconfignode.go | 62 - .../v1alpha1/machineconfiguration_client.go | 10 - .../v1alpha1/pinnedimageset.go | 62 - .../informers/externalversions/generic.go | 4 - .../v1alpha1/interface.go | 14 - .../v1alpha1/machineconfignode.go | 85 - .../v1alpha1/pinnedimageset.go | 85 - .../v1alpha1/expansion_generated.go | 8 - .../v1alpha1/machineconfignode.go | 32 - .../v1alpha1/pinnedimageset.go | 32 - .../applyconfigurations/internal/internal.go | 264 +- .../applyconfigurations/internal/internal.go | 3874 +++++----- .../operator/v1/bgpmanagedconfig.go | 46 + .../operator/v1/nooverlayconfig.go | 50 + .../operator/v1/ovnkubernetesconfig.go | 45 + .../operator/applyconfigurations/utils.go | 4 + .../applyconfigurations/internal/internal.go | 186 +- .../applyconfigurations/internal/internal.go | 280 +- .../applyconfigurations/internal/internal.go | 264 +- .../applyconfigurations/internal/internal.go | 290 +- .../applyconfigurations/internal/internal.go | 362 +- .../applyconfigurations/internal/internal.go | 226 +- vendor/modules.txt | 4 +- 213 files changed, 23895 insertions(+), 15110 deletions(-) delete mode 100644 vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go delete mode 100644 vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go create mode 100644 vendor/github.com/openshift/api/config/v1alpha1/types_pki.go delete mode 100644 vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies.crd.yaml delete mode 100644 vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies.crd.yaml create mode 100644 vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_pkis.crd.yaml delete mode 100644 vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go delete mode 100644 vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go delete mode 100644 vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes.crd.yaml delete mode 100644 vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets.crd.yaml create mode 100644 vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml create mode 100644 vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-Default.crd.yaml create mode 100644 vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml rename vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/{0000_70_network_01_networks.crd.yaml => 0000_70_network_01_networks-OKD.crd.yaml} (99%) create mode 100644 vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-TechPreviewNoUpgrade.crd.yaml create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/certificateconfig.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/custompkipolicy.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/defaultcertificateconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/ecdsakeyconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keyconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go rename vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/{imagepolicy.go => pki.go} (65%) create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatemanagement.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkiprofile.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkispec.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go delete mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/rsakeyconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go create mode 100644 vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go delete mode 100644 vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go delete mode 100644 vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go delete mode 100644 vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go create mode 100644 vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go delete mode 100644 vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go create mode 100644 vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/pki.go delete mode 100644 vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go rename vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/{imagepolicy.go => pki.go} (51%) delete mode 100644 vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go delete mode 100644 vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go create mode 100644 vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/pki.go create mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalartifactstore.go create mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalimagestore.go create mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionallayerstore.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfignode.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/machineconfignode.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/machineconfignode.go delete mode 100644 vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go create mode 100644 vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go create mode 100644 vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go diff --git a/go.mod b/go.mod index 9e29b34a8d..eddb5feb91 100644 --- a/go.mod +++ b/go.mod @@ -37,8 +37,8 @@ require ( github.com/onsi/gomega v1.38.2 github.com/opencontainers/go-digest v1.0.0 github.com/openshift-eng/openshift-tests-extension v0.0.0-20260127124016-0fed2b824818 - github.com/openshift/api v0.0.0-20260304160726-df03ea1d00f4 - github.com/openshift/client-go v0.0.0-20260302182750-20813ce71ca6 + github.com/openshift/api v0.0.0-20260326111139-30c2ef7a272e + github.com/openshift/client-go v0.0.0-20260330134249-7e1499aaacd7 github.com/openshift/library-go v0.0.0-20260303171201-5d9eb6295ff6 github.com/openshift/runtime-utils v0.0.0-20230921210328-7bdb5b9c177b github.com/prometheus/client_golang v1.23.2 diff --git a/go.sum b/go.sum index eaaa5e54bf..dc62481233 100644 --- a/go.sum +++ b/go.sum @@ -623,10 +623,10 @@ github.com/opencontainers/selinux v1.13.0 h1:Zza88GWezyT7RLql12URvoxsbLfjFx988+L github.com/opencontainers/selinux v1.13.0/go.mod h1:XxWTed+A/s5NNq4GmYScVy+9jzXhGBVEOAyucdRUY8s= github.com/openshift-eng/openshift-tests-extension v0.0.0-20260127124016-0fed2b824818 h1:jJLE/aCAqDf8U4wc3bE1IEKgIxbb0ICjCNVFA49x/8s= github.com/openshift-eng/openshift-tests-extension v0.0.0-20260127124016-0fed2b824818/go.mod h1:6gkP5f2HL0meusT0Aim8icAspcD1cG055xxBZ9yC68M= -github.com/openshift/api v0.0.0-20260304160726-df03ea1d00f4 h1:ftsNdfcCuNp7Ft0gv7qXkwskggQlIyJoNKA8jPdBlLI= -github.com/openshift/api v0.0.0-20260304160726-df03ea1d00f4/go.mod h1:pyVjK0nZ4sRs4fuQVQ4rubsJdahI1PB94LnQ8sGdvxo= -github.com/openshift/client-go v0.0.0-20260302182750-20813ce71ca6 h1:wJv4Ia+R4OxoaJcTUyvMtBc5rWFvfTiEA8d5f1MBPqI= -github.com/openshift/client-go v0.0.0-20260302182750-20813ce71ca6/go.mod h1:3lkVff575BlbDUUhMsrD1IyvfkZ+oKUB7iZuVy1m0W0= +github.com/openshift/api v0.0.0-20260326111139-30c2ef7a272e h1:SbgwHvkc6vgiqHOfGrbumjPvtOvJmCwJoFEwr7rAKzY= +github.com/openshift/api v0.0.0-20260326111139-30c2ef7a272e/go.mod h1:pyVjK0nZ4sRs4fuQVQ4rubsJdahI1PB94LnQ8sGdvxo= +github.com/openshift/client-go v0.0.0-20260330134249-7e1499aaacd7 h1:5GSoQlywIwYsRCw3qN+ZDmN6HrXTMZfI33bdRNm2jRQ= +github.com/openshift/client-go v0.0.0-20260330134249-7e1499aaacd7/go.mod h1:HhXTUIMhgzxR3Ln/zEkr4QjTL0NN7A+t9Py/we9j2ug= github.com/openshift/kubernetes v1.30.1-0.20260305123649-d18f3f005eaa h1:/gPMWR7fdCC3S4wHALD6Em+vztl1q9/cOpdMkFZwDus= github.com/openshift/kubernetes v1.30.1-0.20260305123649-d18f3f005eaa/go.mod h1:1r2FIoYrPU0110cjYlWAwNcbiqRPLWAgmZK4d0YeEZw= github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20260305123649-d18f3f005eaa h1:ifOqAFthJWnT1HS6Sq2AcLQWNSJ1+XEiyA9eo+PIcR0= diff --git a/vendor/github.com/openshift/api/.coderabbit.yaml b/vendor/github.com/openshift/api/.coderabbit.yaml index a3ee2d122e..4f015d3cb0 100644 --- a/vendor/github.com/openshift/api/.coderabbit.yaml +++ b/vendor/github.com/openshift/api/.coderabbit.yaml @@ -1,3 +1,4 @@ +inheritance: true language: en-US reviews: profile: chill diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 9b32b58e43..ac20137fad 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -4,7 +4,7 @@ all: build update: update-non-codegen update-codegen RUNTIME ?= podman -RUNTIME_IMAGE_NAME ?= registry.ci.openshift.org/openshift/release:rhel-9-release-golang-1.24-openshift-4.20 +RUNTIME_IMAGE_NAME ?= registry.ci.openshift.org/openshift/release:rhel-9-release-golang-1.25-openshift-4.22 EXCLUDE_DIRS := _output/ dependencymagnet/ hack/ third_party/ tls/ tools/ vendor/ tests/ GO_PACKAGES :=$(addsuffix ...,$(addprefix ./,$(filter-out $(EXCLUDE_DIRS), $(wildcard */)))) diff --git a/vendor/github.com/openshift/api/apiextensions/v1alpha1/types_compatibilityrequirement.go b/vendor/github.com/openshift/api/apiextensions/v1alpha1/types_compatibilityrequirement.go index ef1a10b5f5..b8dfcc7ac8 100644 --- a/vendor/github.com/openshift/api/apiextensions/v1alpha1/types_compatibilityrequirement.go +++ b/vendor/github.com/openshift/api/apiextensions/v1alpha1/types_compatibilityrequirement.go @@ -222,13 +222,13 @@ type ObjectSchemaValidation struct { // filtered by namespace. // +kubebuilder:validation:XValidation:rule="size(self.matchLabels) > 0 || size(self.matchExpressions) > 0",message="must have at least one of matchLabels or matchExpressions when specified" // +optional - NamespaceSelector metav1.LabelSelector `json:"namespaceSelector,omitempty"` + NamespaceSelector metav1.LabelSelector `json:"namespaceSelector,omitempty,omitzero"` // objectSelector defines a label selector for objects. If defined, only // objects with matching labels will be subject to validation. When not // specified, objects for validation will not be filtered by label. // +kubebuilder:validation:XValidation:rule="size(self.matchLabels) > 0 || size(self.matchExpressions) > 0",message="must have at least one of matchLabels or matchExpressions when specified" // +optional - ObjectSelector metav1.LabelSelector `json:"objectSelector,omitempty"` + ObjectSelector metav1.LabelSelector `json:"objectSelector,omitempty,omitzero"` // matchConditions defines the matchConditions field of the resulting ValidatingWebhookConfiguration. // When present, must contain between 1 and 64 match conditions. diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go index 31d8881858..b8a4399dbc 100644 --- a/vendor/github.com/openshift/api/config/v1/types_apiserver.go +++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go @@ -34,6 +34,7 @@ type APIServer struct { Status APIServerStatus `json:"status"` } +// +openshift:validation:FeatureGateAwareXValidation:featureGate=TLSAdherence,rule="has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true",message="tlsAdherence may not be removed once set" type APIServerSpec struct { // servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates // will be used for serving secure traffic. @@ -62,6 +63,39 @@ type APIServerSpec struct { // The current default is the Intermediate profile. // +optional TLSSecurityProfile *TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + // +openshift:enable:FeatureGate=TLSAdherence + // +optional + TLSAdherence TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. // +optional @@ -237,6 +271,35 @@ const ( type APIServerStatus struct { } +// TLSAdherencePolicy defines which components adhere to the TLS security profile. +// Implementors should use the ShouldHonorClusterTLSProfile helper function from library-go +// rather than checking these values directly. +// +kubebuilder:validation:Enum=LegacyAdheringComponentsOnly;StrictAllComponents +type TLSAdherencePolicy string + +const ( + // TLSAdherencePolicyNoOpinion represents an empty/unset value for tlsAdherence. + // This value cannot be explicitly set and is only present when the field is omitted. + // When the field is omitted, the cluster defaults to LegacyAdheringComponentsOnly + // behavior. Components should treat this the same as LegacyAdheringComponentsOnly. + TLSAdherencePolicyNoOpinion TLSAdherencePolicy = "" + + // TLSAdherencePolicyLegacyAdheringComponentsOnly maintains backward-compatible behavior. + // Components that already honor the cluster-wide TLS profile (such as kube-apiserver, + // openshift-apiserver, oauth-apiserver, and others) continue to do so. Components that do + // not already honor it continue to use their individual TLS configurations (e.g., + // IngressController.spec.tlsSecurityProfile, KubeletConfig.spec.tlsSecurityProfile, + // or component defaults). No additional components are required to start honoring the + // cluster-wide profile in this mode. + TLSAdherencePolicyLegacyAdheringComponentsOnly TLSAdherencePolicy = "LegacyAdheringComponentsOnly" + + // TLSAdherencePolicyStrictAllComponents means all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides it. + // This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + TLSAdherencePolicyStrictAllComponents TLSAdherencePolicy = "StrictAllComponents" +) + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index e7433281f4..75e57c3709 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -350,11 +350,35 @@ type TokenClaimMappings struct { } // TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities. +// +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUIDAndExtraClaimMappings,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="(size(self.?claim.orValue(\"\")) > 0) ? !has(self.expression) : true",message="expression must not be set if claim is specified and is not an empty string" type TokenClaimMapping struct { - // claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is an optional field for specifying the JWT token claim that is used in the mapping. + // The value of this claim will be assigned to the field in which this mapping is associated. + // claim must not exceed 256 characters in length. + // When set to the empty string `""`, this means that no named claim should be used for the group mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. // - // +required + // +optional + // +kubebuilder:validation:MaxLength=256 Claim string `json:"claim"` + + // expression is an optional CEL expression used to derive + // group values from JWT claims. + // + // CEL expressions have access to the token claims through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length . + // + // When specified, claim must not be set or be explicitly set to the empty string (`""`). + // + // +optional + // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` } // TokenClaimOrExpressionMapping allows specifying either a JWT token claim or CEL expression to be used when mapping claims from an authentication token to cluster identities. @@ -590,26 +614,46 @@ type OIDCClientReference struct { // +kubebuilder:validation:XValidation:rule="has(self.prefixPolicy) && self.prefixPolicy == 'Prefix' ? (has(self.prefix) && size(self.prefix.prefixString) > 0) : !has(self.prefix)",message="prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise" // +union +// +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUIDAndExtraClaimMappings,rule="has(self.claim)",message="claim is required" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.claim) ? !has(self.expression) : has(self.expression)",message="precisely one of claim or expression must be set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? !has(self.prefixPolicy) || self.prefixPolicy != 'Prefix' : true",message="prefixPolicy must not be set to 'Prefix' when expression is set" type UsernameClaimMapping struct { - // claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + // When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. // // claim must not be an empty string ("") and must not exceed 256 characters. // - // +required + // +optional // +kubebuilder:validation:MinLength:=1 // +kubebuilder:validation:MaxLength:=256 - Claim string `json:"claim"` + Claim string `json:"claim,omitempty"` + + // expression is an optional CEL expression used to derive + // the username from JWT claims. + // + // CEL expressions have access to the token claims + // through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // expression must not be set when claim is set. + // + // +optional + // +openshift:enable:FeatureGate=ExternalOIDCWithUpstreamParity + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Expression string `json:"expression,omitempty"` // prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field. // // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // @@ -665,12 +709,14 @@ type UsernamePrefix struct { // PrefixedClaimMapping configures a claim mapping // that allows for an optional prefix. +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? (!has(self.prefix) || size(self.prefix) == 0) : true",message="prefix must not be set to a non-empty value when expression is set" type PrefixedClaimMapping struct { TokenClaimMapping `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". // diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index 5f36f693de..f8d45114a8 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -283,6 +283,16 @@ type UpdateHistory struct { // ClusterID is string RFC4122 uuid. type ClusterID string +// UpdateMode defines how an update should be processed. +// +enum +// +kubebuilder:validation:Enum=Preflight +type UpdateMode string + +const ( + // UpdateModePreflight allows an update to be checked for compatibility without committing to updating the cluster. + UpdateModePreflight UpdateMode = "Preflight" +) + // ClusterVersionArchitecture enumerates valid cluster architectures. // +kubebuilder:validation:Enum="Multi";"" type ClusterVersionArchitecture string @@ -760,6 +770,22 @@ type Update struct { // +listMapKey=name // +optional AcceptRisks []AcceptRisk `json:"acceptRisks,omitempty"` + + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + // +openshift:enable:FeatureGate=ClusterUpdatePreflight + // +optional + Mode UpdateMode `json:"mode,omitempty"` } // AcceptRisk represents a risk that is considered acceptable. diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 369ba1e7a0..160f8fd4c0 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -102,11 +102,11 @@ type InfrastructureStatus struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. // +kubebuilder:default=HighlyAvailable - // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=HighlyAvailableArbiter,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;SingleReplica;DualReplica;External - // +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=HighlyAvailableArbiter;DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External // +optional ControlPlaneTopology TopologyMode `json:"controlPlaneTopology"` diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml index c89d45ddcd..0deb9ba086 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml @@ -218,6 +218,23 @@ spec: When image is set, architecture cannot be specified. If both version and image are set, the version extracted from the referenced image must match the specified version. type: string + mode: + description: |- + mode determines how an update should be processed. + The only valid value is "Preflight". + When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + This is the standard update behavior. + When set to "Preflight", the cluster runs compatibility checks against the target release without + performing an actual update. Compatibility results, including any detected risks, are reported + in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + recommendation service. + This allows administrators to assess update readiness and address issues before committing to the update. + Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + verified across multiple minor versions. + When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + enum: + - Preflight + type: string version: description: |- version is a semantic version identifying the update version. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml index f24b2a16a1..70a09d3ff0 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml @@ -218,6 +218,23 @@ spec: When image is set, architecture cannot be specified. If both version and image are set, the version extracted from the referenced image must match the specified version. type: string + mode: + description: |- + mode determines how an update should be processed. + The only valid value is "Preflight". + When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + This is the standard update behavior. + When set to "Preflight", the cluster runs compatibility checks against the target release without + performing an actual update. Compatibility results, including any detected risks, are reported + in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + recommendation service. + This allows administrators to assess update readiness and address issues before committing to the update. + Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + verified across multiple minor versions. + When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + enum: + - Preflight + type: string version: description: |- version is a semantic version identifying the update version. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-CustomNoUpgrade.crd.yaml index 2e45da09e5..d2ba7fc325 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-CustomNoUpgrade.crd.yaml @@ -292,6 +292,42 @@ spec: type: array x-kubernetes-list-type: atomic type: object + tlsAdherence: + description: |- + tlsAdherence controls if components in the cluster adhere to the TLS security profile + configured on this APIServer resource. + + Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + + When set to "LegacyAdheringComponentsOnly", components that already honor the + cluster-wide TLS profile continue to do so. Components that do not already honor + it continue to use their individual TLS configurations. + + When set to "StrictAllComponents", all components must honor the configured TLS + profile unless they have a component-specific TLS configuration that overrides + it. This mode is recommended for security-conscious deployments and is required + for certain compliance frameworks. + + Note: Some components such as Kubelet and IngressController have their own + dedicated TLS configuration mechanisms via KubeletConfig and IngressController + CRs respectively. When these component-specific TLS configurations are set, + they take precedence over the cluster-wide tlsSecurityProfile. When not set, + these components fall back to the cluster-wide default. + + Components that encounter an unknown value for tlsAdherence should treat it + as "StrictAllComponents" and log a warning to ensure forward compatibility + while defaulting to the more secure behavior. + + This field is optional. + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default is LegacyAdheringComponentsOnly. + + Once set, this field may be changed to a different value, but may not be removed. + enum: + - LegacyAdheringComponentsOnly + - StrictAllComponents + type: string tlsSecurityProfile: description: |- tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. @@ -427,6 +463,9 @@ spec: type: string type: object type: object + x-kubernetes-validations: + - message: tlsAdherence may not be removed once set + rule: 'has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true' status: description: status holds observed values from the cluster. They may not be overridden. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-DevPreviewNoUpgrade.crd.yaml index 23c4381442..cabbd04bb7 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-DevPreviewNoUpgrade.crd.yaml @@ -292,6 +292,42 @@ spec: type: array x-kubernetes-list-type: atomic type: object + tlsAdherence: + description: |- + tlsAdherence controls if components in the cluster adhere to the TLS security profile + configured on this APIServer resource. + + Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + + When set to "LegacyAdheringComponentsOnly", components that already honor the + cluster-wide TLS profile continue to do so. Components that do not already honor + it continue to use their individual TLS configurations. + + When set to "StrictAllComponents", all components must honor the configured TLS + profile unless they have a component-specific TLS configuration that overrides + it. This mode is recommended for security-conscious deployments and is required + for certain compliance frameworks. + + Note: Some components such as Kubelet and IngressController have their own + dedicated TLS configuration mechanisms via KubeletConfig and IngressController + CRs respectively. When these component-specific TLS configurations are set, + they take precedence over the cluster-wide tlsSecurityProfile. When not set, + these components fall back to the cluster-wide default. + + Components that encounter an unknown value for tlsAdherence should treat it + as "StrictAllComponents" and log a warning to ensure forward compatibility + while defaulting to the more secure behavior. + + This field is optional. + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default is LegacyAdheringComponentsOnly. + + Once set, this field may be changed to a different value, but may not be removed. + enum: + - LegacyAdheringComponentsOnly + - StrictAllComponents + type: string tlsSecurityProfile: description: |- tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. @@ -427,6 +463,9 @@ spec: type: string type: object type: object + x-kubernetes-validations: + - message: tlsAdherence may not be removed once set + rule: 'has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true' status: description: status holds observed values from the cluster. They may not be overridden. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-TechPreviewNoUpgrade.crd.yaml index 1d75d68e5a..b21c31dd43 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_apiservers-TechPreviewNoUpgrade.crd.yaml @@ -224,6 +224,42 @@ spec: type: array x-kubernetes-list-type: atomic type: object + tlsAdherence: + description: |- + tlsAdherence controls if components in the cluster adhere to the TLS security profile + configured on this APIServer resource. + + Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + + When set to "LegacyAdheringComponentsOnly", components that already honor the + cluster-wide TLS profile continue to do so. Components that do not already honor + it continue to use their individual TLS configurations. + + When set to "StrictAllComponents", all components must honor the configured TLS + profile unless they have a component-specific TLS configuration that overrides + it. This mode is recommended for security-conscious deployments and is required + for certain compliance frameworks. + + Note: Some components such as Kubelet and IngressController have their own + dedicated TLS configuration mechanisms via KubeletConfig and IngressController + CRs respectively. When these component-specific TLS configurations are set, + they take precedence over the cluster-wide tlsSecurityProfile. When not set, + these components fall back to the cluster-wide default. + + Components that encounter an unknown value for tlsAdherence should treat it + as "StrictAllComponents" and log a warning to ensure forward compatibility + while defaulting to the more secure behavior. + + This field is optional. + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default is LegacyAdheringComponentsOnly. + + Once set, this field may be changed to a different value, but may not be removed. + enum: + - LegacyAdheringComponentsOnly + - StrictAllComponents + type: string tlsSecurityProfile: description: |- tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. @@ -359,6 +395,9 @@ spec: type: string type: object type: object + x-kubernetes-validations: + - message: tlsAdherence may not be removed once set + rule: 'has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true' status: description: status holds observed values from the cluster. They may not be overridden. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-CustomNoUpgrade.crd.yaml index e3c2202ea6..cd737e2727 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-CustomNoUpgrade.crd.yaml @@ -187,21 +187,47 @@ spec: For example - '"example"' and '"exampleOne", "exampleTwo", "exampleThree"' are valid claim values. properties: claim: - description: claim is a required field that configures - the JWT token claim whose value is assigned to the - cluster identity field associated with this mapping. + description: |- + claim is an optional field for specifying the JWT token claim that is used in the mapping. + The value of this claim will be assigned to the field in which this mapping is associated. + claim must not exceed 256 characters in length. + When set to the empty string `""`, this means that no named claim should be used for the group mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + maxLength: 256 + type: string + expression: + description: |- + expression is an optional CEL expression used to derive + group values from JWT claims. + + CEL expressions have access to the token claims through a CEL variable, 'claims'. + + expression must be at least 1 character and must not exceed 1024 characters in length . + + When specified, claim must not be set or be explicitly set to the empty string (`""`). + maxLength: 1024 + minLength: 1 type: string prefix: description: |- prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. - When omitted (""), no prefix is applied to the cluster identity attribute. + When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + Must not be set to a non-empty value when expression is set. Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". type: string - required: - - claim type: object + x-kubernetes-validations: + - message: prefix must not be set to a non-empty value when + expression is set + rule: 'has(self.expression) && size(self.expression) > + 0 ? (!has(self.prefix) || size(self.prefix) == 0) : + true' + - message: expression must not be set if claim is specified + and is not an empty string + rule: '(size(self.?claim.orValue("")) > 0) ? !has(self.expression) + : true' uid: description: |- uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity. @@ -252,12 +278,27 @@ spec: properties: claim: description: |- - claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. claim must not be an empty string ("") and must not exceed 256 characters. maxLength: 256 minLength: 1 type: string + expression: + description: |- + expression is an optional CEL expression used to derive + the username from JWT claims. + + CEL expressions have access to the token claims + through a CEL variable, 'claims'. + + expression must be at least 1 character and must not exceed 1024 characters in length. + expression must not be set when claim is set. + maxLength: 1024 + minLength: 1 + type: string prefix: description: |- prefix configures the prefix that should be prepended to the value of the JWT claim. @@ -281,11 +322,9 @@ spec: Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - The prefix field must be set when prefixPolicy is 'Prefix'. - + Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. @@ -301,10 +340,16 @@ spec: - NoPrefix - Prefix type: string - required: - - claim type: object x-kubernetes-validations: + - message: precisely one of claim or expression must be + set + rule: 'has(self.claim) ? !has(self.expression) : has(self.expression)' + - message: prefixPolicy must not be set to 'Prefix' when + expression is set + rule: 'has(self.expression) && size(self.expression) > + 0 ? !has(self.prefixPolicy) || self.prefixPolicy != + ''Prefix'' : true' - message: prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise rule: 'has(self.prefixPolicy) && self.prefixPolicy == diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Default.crd.yaml index 64b6502323..5e6be8db9f 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Default.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-Default.crd.yaml @@ -187,21 +187,27 @@ spec: For example - '"example"' and '"exampleOne", "exampleTwo", "exampleThree"' are valid claim values. properties: claim: - description: claim is a required field that configures - the JWT token claim whose value is assigned to the - cluster identity field associated with this mapping. + description: |- + claim is an optional field for specifying the JWT token claim that is used in the mapping. + The value of this claim will be assigned to the field in which this mapping is associated. + claim must not exceed 256 characters in length. + When set to the empty string `""`, this means that no named claim should be used for the group mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + maxLength: 256 type: string prefix: description: |- prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. - When omitted (""), no prefix is applied to the cluster identity attribute. + When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + Must not be set to a non-empty value when expression is set. Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". type: string - required: - - claim type: object + x-kubernetes-validations: + - message: claim is required + rule: has(self.claim) uid: description: |- uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity. @@ -252,7 +258,9 @@ spec: properties: claim: description: |- - claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. claim must not be an empty string ("") and must not exceed 256 characters. maxLength: 256 @@ -281,11 +289,9 @@ spec: Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - The prefix field must be set when prefixPolicy is 'Prefix'. - + Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. @@ -301,10 +307,10 @@ spec: - NoPrefix - Prefix type: string - required: - - claim type: object x-kubernetes-validations: + - message: claim is required + rule: has(self.claim) - message: prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise rule: 'has(self.prefixPolicy) && self.prefixPolicy == diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-DevPreviewNoUpgrade.crd.yaml index 2f4c3180dc..bf116984ff 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-DevPreviewNoUpgrade.crd.yaml @@ -187,21 +187,47 @@ spec: For example - '"example"' and '"exampleOne", "exampleTwo", "exampleThree"' are valid claim values. properties: claim: - description: claim is a required field that configures - the JWT token claim whose value is assigned to the - cluster identity field associated with this mapping. + description: |- + claim is an optional field for specifying the JWT token claim that is used in the mapping. + The value of this claim will be assigned to the field in which this mapping is associated. + claim must not exceed 256 characters in length. + When set to the empty string `""`, this means that no named claim should be used for the group mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + maxLength: 256 + type: string + expression: + description: |- + expression is an optional CEL expression used to derive + group values from JWT claims. + + CEL expressions have access to the token claims through a CEL variable, 'claims'. + + expression must be at least 1 character and must not exceed 1024 characters in length . + + When specified, claim must not be set or be explicitly set to the empty string (`""`). + maxLength: 1024 + minLength: 1 type: string prefix: description: |- prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. - When omitted (""), no prefix is applied to the cluster identity attribute. + When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + Must not be set to a non-empty value when expression is set. Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". type: string - required: - - claim type: object + x-kubernetes-validations: + - message: prefix must not be set to a non-empty value when + expression is set + rule: 'has(self.expression) && size(self.expression) > + 0 ? (!has(self.prefix) || size(self.prefix) == 0) : + true' + - message: expression must not be set if claim is specified + and is not an empty string + rule: '(size(self.?claim.orValue("")) > 0) ? !has(self.expression) + : true' uid: description: |- uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity. @@ -252,12 +278,27 @@ spec: properties: claim: description: |- - claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. claim must not be an empty string ("") and must not exceed 256 characters. maxLength: 256 minLength: 1 type: string + expression: + description: |- + expression is an optional CEL expression used to derive + the username from JWT claims. + + CEL expressions have access to the token claims + through a CEL variable, 'claims'. + + expression must be at least 1 character and must not exceed 1024 characters in length. + expression must not be set when claim is set. + maxLength: 1024 + minLength: 1 + type: string prefix: description: |- prefix configures the prefix that should be prepended to the value of the JWT claim. @@ -281,11 +322,9 @@ spec: Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - The prefix field must be set when prefixPolicy is 'Prefix'. - + Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. @@ -301,10 +340,16 @@ spec: - NoPrefix - Prefix type: string - required: - - claim type: object x-kubernetes-validations: + - message: precisely one of claim or expression must be + set + rule: 'has(self.claim) ? !has(self.expression) : has(self.expression)' + - message: prefixPolicy must not be set to 'Prefix' when + expression is set + rule: 'has(self.expression) && size(self.expression) > + 0 ? !has(self.prefixPolicy) || self.prefixPolicy != + ''Prefix'' : true' - message: prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise rule: 'has(self.prefixPolicy) && self.prefixPolicy == diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-OKD.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-OKD.crd.yaml index 2aff1f514b..dcfe61e693 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-OKD.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-OKD.crd.yaml @@ -187,21 +187,27 @@ spec: For example - '"example"' and '"exampleOne", "exampleTwo", "exampleThree"' are valid claim values. properties: claim: - description: claim is a required field that configures - the JWT token claim whose value is assigned to the - cluster identity field associated with this mapping. + description: |- + claim is an optional field for specifying the JWT token claim that is used in the mapping. + The value of this claim will be assigned to the field in which this mapping is associated. + claim must not exceed 256 characters in length. + When set to the empty string `""`, this means that no named claim should be used for the group mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + maxLength: 256 type: string prefix: description: |- prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. - When omitted (""), no prefix is applied to the cluster identity attribute. + When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + Must not be set to a non-empty value when expression is set. Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". type: string - required: - - claim type: object + x-kubernetes-validations: + - message: claim is required + rule: has(self.claim) uid: description: |- uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity. @@ -252,7 +258,9 @@ spec: properties: claim: description: |- - claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. claim must not be an empty string ("") and must not exceed 256 characters. maxLength: 256 @@ -281,11 +289,9 @@ spec: Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - The prefix field must be set when prefixPolicy is 'Prefix'. - + Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. @@ -301,10 +307,10 @@ spec: - NoPrefix - Prefix type: string - required: - - claim type: object x-kubernetes-validations: + - message: claim is required + rule: has(self.claim) - message: prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise rule: 'has(self.prefixPolicy) && self.prefixPolicy == diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-TechPreviewNoUpgrade.crd.yaml index 11281f286c..de0dd293a8 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_authentications-TechPreviewNoUpgrade.crd.yaml @@ -187,21 +187,47 @@ spec: For example - '"example"' and '"exampleOne", "exampleTwo", "exampleThree"' are valid claim values. properties: claim: - description: claim is a required field that configures - the JWT token claim whose value is assigned to the - cluster identity field associated with this mapping. + description: |- + claim is an optional field for specifying the JWT token claim that is used in the mapping. + The value of this claim will be assigned to the field in which this mapping is associated. + claim must not exceed 256 characters in length. + When set to the empty string `""`, this means that no named claim should be used for the group mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + maxLength: 256 + type: string + expression: + description: |- + expression is an optional CEL expression used to derive + group values from JWT claims. + + CEL expressions have access to the token claims through a CEL variable, 'claims'. + + expression must be at least 1 character and must not exceed 1024 characters in length . + + When specified, claim must not be set or be explicitly set to the empty string (`""`). + maxLength: 1024 + minLength: 1 type: string prefix: description: |- prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. - When omitted (""), no prefix is applied to the cluster identity attribute. + When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + Must not be set to a non-empty value when expression is set. Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". type: string - required: - - claim type: object + x-kubernetes-validations: + - message: prefix must not be set to a non-empty value when + expression is set + rule: 'has(self.expression) && size(self.expression) > + 0 ? (!has(self.prefix) || size(self.prefix) == 0) : + true' + - message: expression must not be set if claim is specified + and is not an empty string + rule: '(size(self.?claim.orValue("")) > 0) ? !has(self.expression) + : true' uid: description: |- uid is an optional field for configuring the claim mapping used to construct the uid for the cluster identity. @@ -252,12 +278,27 @@ spec: properties: claim: description: |- - claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. claim must not be an empty string ("") and must not exceed 256 characters. maxLength: 256 minLength: 1 type: string + expression: + description: |- + expression is an optional CEL expression used to derive + the username from JWT claims. + + CEL expressions have access to the token claims + through a CEL variable, 'claims'. + + expression must be at least 1 character and must not exceed 1024 characters in length. + expression must not be set when claim is set. + maxLength: 1024 + minLength: 1 + type: string prefix: description: |- prefix configures the prefix that should be prepended to the value of the JWT claim. @@ -281,11 +322,9 @@ spec: Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - The prefix field must be set when prefixPolicy is 'Prefix'. - + Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. @@ -301,10 +340,16 @@ spec: - NoPrefix - Prefix type: string - required: - - claim type: object x-kubernetes-validations: + - message: precisely one of claim or expression must be + set + rule: 'has(self.claim) ? !has(self.expression) : has(self.expression)' + - message: prefixPolicy must not be set to 'Prefix' when + expression is set + rule: 'has(self.expression) && size(self.expression) > + 0 ? !has(self.prefixPolicy) || self.prefixPolicy != + ''Prefix'' : true' - message: prefix must be set if prefixPolicy is 'Prefix', but must remain unset otherwise rule: 'has(self.prefixPolicy) && self.prefixPolicy == diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml index 9086d4a572..69e9d1108a 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml @@ -1127,6 +1127,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml index 803c48a1e2..3caa584943 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml @@ -1050,6 +1050,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml index de1a68c90a..7d1ecbc19b 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml @@ -1127,6 +1127,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml index 245bc3ea63..15a2f8e559 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-OKD.crd.yaml @@ -1050,6 +1050,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml index c45b7d6e83..02f367409b 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml @@ -1127,6 +1127,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index eb7c485e03..b10ff7bd33 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -8,6 +8,7 @@ apiservers.config.openshift.io: FeatureGates: - KMSEncryption - KMSEncryptionProvider + - TLSAdherence FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -144,6 +145,7 @@ clusterversions.config.openshift.io: Category: "" FeatureGates: - ClusterUpdateAcceptRisks + - ClusterUpdatePreflight - ImageStreamImportMode - SignatureStores FilenameOperatorName: cluster-version-operator @@ -371,8 +373,6 @@ infrastructures.config.openshift.io: - DualReplica - DyanmicServiceEndpointIBMCloud - GCPClusterHostedDNSInstall - - HighlyAvailableArbiter - - HighlyAvailableArbiter+DualReplica - NutanixMultiSubnets - OnPremDNSRecords - VSphereHostVMGroupZonal diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 69fb37c523..2869558afc 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -319,6 +319,7 @@ var map_APIServerSpec = map[string]string{ "additionalCORSAllowedOrigins": "additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth server from JavaScript applications. The values are regular expressions that correspond to the Golang regular expression language.", "encryption": "encryption allows the configuration of encryption of resources at the datastore layer.", "tlsSecurityProfile": "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is the Intermediate profile.", + "tlsAdherence": "tlsAdherence controls if components in the cluster adhere to the TLS security profile configured on this APIServer resource.\n\nValid values are \"LegacyAdheringComponentsOnly\" and \"StrictAllComponents\".\n\nWhen set to \"LegacyAdheringComponentsOnly\", components that already honor the cluster-wide TLS profile continue to do so. Components that do not already honor it continue to use their individual TLS configurations.\n\nWhen set to \"StrictAllComponents\", all components must honor the configured TLS profile unless they have a component-specific TLS configuration that overrides it. This mode is recommended for security-conscious deployments and is required for certain compliance frameworks.\n\nNote: Some components such as Kubelet and IngressController have their own dedicated TLS configuration mechanisms via KubeletConfig and IngressController CRs respectively. When these component-specific TLS configurations are set, they take precedence over the cluster-wide tlsSecurityProfile. When not set, these components fall back to the cluster-wide default.\n\nComponents that encounter an unknown value for tlsAdherence should treat it as \"StrictAllComponents\" and log a warning to ensure forward compatibility while defaulting to the more secure behavior.\n\nThis field is optional. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is LegacyAdheringComponentsOnly.\n\nOnce set, this field may be changed to a different value, but may not be removed.", "audit": "audit specifies the settings for audit configuration to be applied to all OpenShift-provided API servers in the cluster.", } @@ -458,7 +459,7 @@ func (OIDCProvider) SwaggerDoc() map[string]string { var map_PrefixedClaimMapping = map[string]string{ "": "PrefixedClaimMapping configures a claim mapping that allows for an optional prefix.", - "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted (\"\"), no prefix is applied to the cluster identity attribute.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", + "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted or set to an empty string (\"\"), no prefix is applied to the cluster identity attribute. Must not be set to a non-empty value when expression is set.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", } func (PrefixedClaimMapping) SwaggerDoc() map[string]string { @@ -466,8 +467,9 @@ func (PrefixedClaimMapping) SwaggerDoc() map[string]string { } var map_TokenClaimMapping = map[string]string{ - "": "TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities.", - "claim": "claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping.", + "": "TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities.", + "claim": "claim is an optional field for specifying the JWT token claim that is used in the mapping. The value of this claim will be assigned to the field in which this mapping is associated. claim must not exceed 256 characters in length. When set to the empty string `\"\"`, this means that no named claim should be used for the group mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled.", + "expression": "expression is an optional CEL expression used to derive group values from JWT claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length .\n\nWhen specified, claim must not be set or be explicitly set to the empty string (`\"\"`).", } func (TokenClaimMapping) SwaggerDoc() map[string]string { @@ -546,8 +548,9 @@ func (TokenUserValidationRule) SwaggerDoc() map[string]string { } var map_UsernameClaimMapping = map[string]string{ - "claim": "claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping.\n\nclaim must not be an empty string (\"\") and must not exceed 256 characters.", - "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim.\n\nThe prefix field must be set when prefixPolicy is 'Prefix'.\n\nWhen set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim.\n\nWhen omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", + "claim": "claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set.\n\nclaim must not be an empty string (\"\") and must not exceed 256 characters.", + "expression": "expression is an optional CEL expression used to derive the username from JWT claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length. expression must not be set when claim is set.", + "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. The prefix field must be set when prefixPolicy is 'Prefix'. Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", "prefix": "prefix configures the prefix that should be prepended to the value of the JWT claim.\n\nprefix must be set when prefixPolicy is set to 'Prefix' and must be unset otherwise.", } @@ -915,6 +918,7 @@ var map_Update = map[string]string{ "image": "image is a container image location that contains the update. image should be used when the desired version does not exist in availableUpdates or history. When image is set, architecture cannot be specified. If both version and image are set, the version extracted from the referenced image must match the specified version.", "force": "force allows an administrator to update to an image that has failed verification or upgradeable checks that are designed to keep your cluster safe. Only use this if: * you are testing unsigned release images in short-lived test clusters or * you are working around a known bug in the cluster-version\n operator and you have verified the authenticity of the provided\n image yourself.\nThe provided image will run with full administrative access to the cluster. Do not use this flag with images that come from unknown or potentially malicious sources.", "acceptRisks": "acceptRisks is an optional set of names of conditional update risks that are considered acceptable. A conditional update is performed only if all of its risks are acceptable. This list may contain entries that apply to current, previous or future updates. The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. acceptRisks must not contain more than 1000 entries. Entries in this list must be unique.", + "mode": "mode determines how an update should be processed. The only valid value is \"Preflight\". When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. This is the standard update behavior. When set to \"Preflight\", the cluster runs compatibility checks against the target release without performing an actual update. Compatibility results, including any detected risks, are reported in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update recommendation service. This allows administrators to assess update readiness and address issues before committing to the update. Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be verified across multiple minor versions. When mode is set to \"Preflight\", the same rules for version, image, and architecture apply as for normal updates.", } func (Update) SwaggerDoc() map[string]string { @@ -1750,7 +1754,7 @@ var map_InfrastructureStatus = map[string]string{ "etcdDiscoveryDomain": "etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.", "apiServerURL": "apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API.", "apiServerInternalURI": "apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking.", - "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster.", + "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum.", "infrastructureTopology": "infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.", "cpuPartitioning": "cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are \"None\" and \"AllNodes\". When omitted, the default value is \"None\". The default value of \"None\" indicates that no nodes will be setup with CPU partitioning. The \"AllNodes\" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API.", } diff --git a/vendor/github.com/openshift/api/config/v1alpha1/register.go b/vendor/github.com/openshift/api/config/v1alpha1/register.go index c909624950..1d84b71079 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/register.go @@ -36,12 +36,10 @@ func addKnownTypes(scheme *runtime.Scheme) error { &InsightsDataGatherList{}, &Backup{}, &BackupList{}, - &ImagePolicy{}, - &ImagePolicyList{}, - &ClusterImagePolicy{}, - &ClusterImagePolicyList{}, &CRIOCredentialProviderConfig{}, &CRIOCredentialProviderConfigList{}, + &PKI{}, + &PKIList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go deleted file mode 100644 index e8d7603d7b..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go +++ /dev/null @@ -1,80 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicy holds cluster-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterimagepolicies,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec contains the configuration for the cluster image policy. - // +required - Spec ClusterImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ClusterImagePolicyStatus `json:"status,omitempty"` -} - -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +k8s:deepcopy-gen=true -type ClusterImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicyList is a list of ClusterImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ClusterImagePolicy `json:"items"` -} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go index e72f537f99..48ca1aed8a 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go @@ -89,6 +89,19 @@ type ClusterMonitoringSpec struct { // The current default value is `DefaultConfig`. // +optional AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + // +optional + PrometheusConfig PrometheusConfig `json:"prometheusConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -107,6 +120,85 @@ type ClusterMonitoringSpec struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional PrometheusOperatorAdmissionWebhookConfig PrometheusOperatorAdmissionWebhookConfig `json:"prometheusOperatorAdmissionWebhookConfig,omitempty,omitzero"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + OpenShiftStateMetricsConfig OpenShiftStateMetricsConfig `json:"openShiftStateMetricsConfig,omitempty,omitzero"` +} + +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. +// +kubebuilder:validation:MinProperties=1 +type OpenShiftStateMetricsConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the openshift-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } // UserDefinedMonitoring config for user-defined projects. @@ -258,14 +350,12 @@ type AlertmanagerCustomConfig struct { // +listMapKey=whenUnsatisfiable // +optional TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. // If omitted, the Pod uses ephemeral storage and alert data will not persist // across restarts. - // This field is optional. // +optional - VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` } // AlertManagerDeployMode defines the deployment state of the platform Alertmanager instance. @@ -286,19 +376,19 @@ const ( AlertManagerDeployModeCustomConfig AlertManagerDeployMode = "CustomConfig" ) -// logLevel defines the verbosity of logs emitted by Alertmanager. +// LogLevel defines the verbosity of logs emitted by Alertmanager. // Valid values are Error, Warn, Info and Debug. // +kubebuilder:validation:Enum=Error;Warn;Info;Debug type LogLevel string const ( - // Error only errors will be logged. + // LogLevelError only errors will be logged. LogLevelError LogLevel = "Error" - // Warn, both warnings and errors will be logged. + // LogLevelWarn, both warnings and errors will be logged. LogLevelWarn LogLevel = "Warn" - // Info, general information, warnings, and errors will all be logged. + // LogLevelInfo, general information, warnings, and errors will all be logged. LogLevelInfo LogLevel = "Info" - // Debug, detailed debugging information will be logged. + // LogLevelDebug, detailed debugging information will be logged. LogLevelDebug LogLevel = "Debug" ) @@ -322,7 +412,7 @@ type ContainerResource struct { // +kubebuilder:validation:XIntOrString // +kubebuilder:validation:MaxLength=20 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" Request resource.Quantity `json:"request,omitempty"` // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). @@ -333,7 +423,7 @@ type ContainerResource struct { // +kubebuilder:validation:XIntOrString // +kubebuilder:validation:MaxLength=20 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" Limit resource.Quantity `json:"limit,omitempty"` } @@ -566,6 +656,1084 @@ type PrometheusOperatorAdmissionWebhookConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +// +kubebuilder:validation:MinProperties=1 +type PrometheusConfig struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + // +kubebuilder:validation:Minimum=10240 + // +kubebuilder:validation:Maximum=1073741824 + // +optional + EnforcedBodySizeLimitBytes int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=map + // +listMapKey=key + ExternalLabels []Label `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._/-]+$')",message="must contain only alphanumeric characters, '.', '_', '-', or '/'" + // +kubebuilder:validation:XValidation:rule="self.startsWith('/') || !self.contains('/')",message="must be an absolute path starting with '/' or a simple filename without '/'" + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/dev/') || self in ['/dev/stdout', '/dev/stderr', '/dev/null']",message="only /dev/stdout, /dev/stderr, and /dev/null are allowed as /dev/ paths" + // +kubebuilder:validation:XValidation:rule="!self.contains('//') && !self.endsWith('/') && !self.contains('..')",message="must not contain '//', end with '/', or contain '..'" + QueryLogFile string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + // +optional + RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // Each entry must have a unique resource name. + // Minimum of 1 and maximum of 10 resource entries can be specified. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // - name: memory + // request: 40Mi + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit). + // +optional + Retention Retention `json:"retention,omitempty,omitzero"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + // +optional + CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` +} + +// AlertmanagerScheme defines the URL scheme to use when communicating with Alertmanager instances. +// +kubebuilder:validation:Enum=HTTP;HTTPS +type AlertmanagerScheme string + +const ( + AlertmanagerSchemeHTTP AlertmanagerScheme = "HTTP" + AlertmanagerSchemeHTTPS AlertmanagerScheme = "HTTPS" +) + +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfig struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + // +optional + Authorization AuthorizationConfig `json:"authorization,omitempty,omitzero"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:MinLength=2 + // +kubebuilder:validation:XValidation:rule="self.startsWith('/')",message="pathPrefix must start with '/'" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="pathPrefix must not end with '/'" + // +kubebuilder:validation:XValidation:rule="self != '/'",message="pathPrefix must not be '/' (would produce double slashes in request path); omit for no prefix" + // +kubebuilder:validation:XValidation:rule="!self.contains('?') && !self.contains('#')",message="pathPrefix must not contain '?' or '#'" + // +optional + PathPrefix string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + // +optional + Scheme AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=255 + // +kubebuilder:validation:items:XValidation:rule="isURL('http://' + self) && size(url('http://' + self).getHostname()) > 0 && size(url('http://' + self).getPort()) > 0 && int(url('http://' + self).getPort()) >= 1 && int(url('http://' + self).getPort()) <= 65535",message="must be a valid 'host:port' where host is a DNS name, IPv4, or IPv6 address (in brackets), and port is 1-65535" + // +listType=set + // +required + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + // +optional + TimeoutSeconds int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` +} + +// Label represents a key/value pair for external labels. +type Label struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Key string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Value string `json:"value,omitempty"` +} + +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpec struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || size(url(self).getHostname()) > 0",message="must have a non-empty hostname" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getQuery().size() == 0",message="query parameters are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*#.*')",message="fragments are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*@.*')",message="user information (e.g. user:password@host) is not allowed" + URL string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + // +optional + AuthorizationConfig RemoteWriteAuthorization `json:"authorization,omitzero"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:XValidation:rule="self.name.matches('^[a-zA-Z0-9_-]+$')",message="header name must contain only alphanumeric characters, hyphens, and underscores" + // +kubebuilder:validation:items:XValidation:rule="!self.name.matches('(?i)^(host|authorization|content-encoding|content-type|x-prometheus-remote-write-version|user-agent|connection|keep-alive|proxy-authenticate|proxy-authorization|www-authenticate)$')",message="header name must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate)" + // +listType=map + // +listMapKey=name + Headers []PrometheusRemoteWriteHeader `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + // +optional + MetadataConfig MetadataConfig `json:"metadataConfig,omitempty,omitzero"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +optional + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getScheme() == 'http' || url(self).getScheme() == 'https')",message="must be a valid URL with http or https scheme" + ProxyURL string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + // +optional + QueueConfig QueueConfig `json:"queueConfig,omitempty,omitzero"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + RemoteTimeoutSeconds int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + // +optional + ExemplarsMode ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"` +} + +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeader struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=4096 + Value *string `json:"value,omitempty"` +} + +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuth struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Username SecretKeySelector `json:"username,omitzero,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Password SecretKeySelector `json:"password,omitzero,omitempty"` +} + +// RemoteWriteAuthorizationType defines the authorization method for remote write endpoints. +// +kubebuilder:validation:Enum=BearerToken;BasicAuth;OAuth2;SigV4;SafeAuthorization;ServiceAccount +type RemoteWriteAuthorizationType string + +const ( + // RemoteWriteAuthorizationTypeBearerToken indicates bearer token from a secret. + RemoteWriteAuthorizationTypeBearerToken RemoteWriteAuthorizationType = "BearerToken" + // RemoteWriteAuthorizationTypeBasicAuth indicates HTTP basic authentication. + RemoteWriteAuthorizationTypeBasicAuth RemoteWriteAuthorizationType = "BasicAuth" + // RemoteWriteAuthorizationTypeOAuth2 indicates OAuth2 client credentials. + RemoteWriteAuthorizationTypeOAuth2 RemoteWriteAuthorizationType = "OAuth2" + // RemoteWriteAuthorizationTypeSigV4 indicates AWS Signature Version 4. + RemoteWriteAuthorizationTypeSigV4 RemoteWriteAuthorizationType = "SigV4" + // RemoteWriteAuthorizationTypeSafeAuthorization indicates authorization from a secret (Prometheus SafeAuthorization pattern). + // The secret key contains the credentials (e.g. a Bearer token). Use the safeAuthorization field. + RemoteWriteAuthorizationTypeSafeAuthorization RemoteWriteAuthorizationType = "SafeAuthorization" + // RemoteWriteAuthorizationTypeServiceAccount indicates use of the pod's service account token for machine identity. + // No additional field is required; the operator configures the token path. + RemoteWriteAuthorizationTypeServiceAccount RemoteWriteAuthorizationType = "ServiceAccount" +) + +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BasicAuth' ? has(self.basicAuth) : !has(self.basicAuth)",message="basicAuth is required when type is BasicAuth, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'OAuth2' ? has(self.oauth2) : !has(self.oauth2)",message="oauth2 is required when type is OAuth2, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SigV4' ? has(self.sigv4) : !has(self.sigv4)",message="sigv4 is required when type is SigV4, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SafeAuthorization' ? has(self.safeAuthorization) : !has(self.safeAuthorization)",message="safeAuthorization is required when type is SafeAuthorization, and forbidden otherwise" +// +union +type RemoteWriteAuthorization struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + // +unionDiscriminator + // +required + Type RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + // +unionMember + // +optional + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // +unionMember + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + // +unionMember + // +optional + BasicAuth BasicAuth `json:"basicAuth,omitempty,omitzero"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + // +unionMember + // +optional + OAuth2 OAuth2 `json:"oauth2,omitempty,omitzero"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + // +unionMember + // +optional + Sigv4 Sigv4 `json:"sigv4,omitempty,omitzero"` +} + +// MetadataConfigSendPolicy defines whether to send metadata with platform defaults or with custom settings. +// +kubebuilder:validation:Enum=Default;Custom +type MetadataConfigSendPolicy string + +const ( + // MetadataConfigSendPolicyDefault indicates metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + MetadataConfigSendPolicyDefault MetadataConfigSendPolicy = "Default" + // MetadataConfigSendPolicyCustom indicates metadata is sent using the settings in the custom field. + MetadataConfigSendPolicyCustom MetadataConfigSendPolicy = "Custom" +) + +// MetadataConfig defines whether and how to send series metadata to remote write storage. +// +kubebuilder:validation:XValidation:rule="self.sendPolicy == 'Default' ? self.custom.sendIntervalSeconds == 0 : true",message="custom is forbidden when sendPolicy is Default" +type MetadataConfig struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + // +required + SendPolicy MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + // +optional + Custom MetadataConfigCustom `json:"custom,omitempty,omitzero"` +} + +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +// +kubebuilder:validation:MinProperties=1 +type MetadataConfigCustom struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=86400 + SendIntervalSeconds int32 `json:"sendIntervalSeconds,omitempty"` +} + +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2 struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientID SecretKeySelector `json:"clientId,omitzero,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientSecret SecretKeySelector `json:"clientSecret,omitzero,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + TokenURL string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +listType=atomic + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +listType=map + // +listMapKey=name + EndpointParams []OAuth2EndpointParam `json:"endpointParams,omitempty"` +} + +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParam struct { + // name is the parameter name. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + // +optional + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=2048 + Value *string `json:"value,omitempty"` +} + +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +// +kubebuilder:validation:MinProperties=1 +type QueueConfig struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Capacity int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MaxShards int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MinShards int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=100000 + MaxSamplesPerSend int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600 + BatchSendDeadlineSeconds int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MinBackoffMilliseconds int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MaxBackoffMilliseconds int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + // +optional + RateLimitedAction RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +// +kubebuilder:validation:MinProperties=1 +type Sigv4 struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Region string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + // +optional + AccessKey SecretKeySelector `json:"accessKey,omitempty,omitzero"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + // +optional + SecretKey SecretKeySelector `json:"secretKey,omitempty,omitzero"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Profile string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule=`self.startsWith('arn:aws') && self.matches('^arn:aws(-[a-z]+)?:iam::[0-9]{12}:role/.+$')`,message="must be a valid AWS IAM role ARN (e.g., arn:aws:iam::123456789012:role/MyRole)" + RoleArn string `json:"roleArn,omitempty"` +} + +// RelabelConfig represents a relabeling rule. +type RelabelConfig struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=128 + // +kubebuilder:validation:items:XValidation:rule="!self.startsWith('__')",message="label names beginning with '__' (two underscores) are reserved for internal Prometheus use and are not allowed" + // +listType=set + SourceLabels []string `json:"sourceLabels,omitempty"` + + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=5 + Separator string `json:"separator,omitempty"` + + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1000 + Regex string `json:"regex,omitempty"` + + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + // +required + Action RelabelActionConfig `json:"action,omitzero"` +} + +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Replace' ? has(self.replace) : !has(self.replace)",message="replace is required when type is Replace, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'HashMod' ? has(self.hashMod) : !has(self.hashMod)",message="hashMod is required when type is HashMod, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Lowercase' ? has(self.lowercase) : !has(self.lowercase)",message="lowercase is required when type is Lowercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Uppercase' ? has(self.uppercase) : !has(self.uppercase)",message="uppercase is required when type is Uppercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'KeepEqual' ? has(self.keepEqual) : !has(self.keepEqual)",message="keepEqual is required when type is KeepEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'DropEqual' ? has(self.dropEqual) : !has(self.dropEqual)",message="dropEqual is required when type is DropEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'LabelMap' ? has(self.labelMap) : !has(self.labelMap)",message="labelMap is required when type is LabelMap, and forbidden otherwise" +// +union +type RelabelActionConfig struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + // +required + // +unionDiscriminator + Type RelabelAction `json:"type,omitempty"` + + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + // +unionMember + // +optional + Replace ReplaceActionConfig `json:"replace,omitempty,omitzero"` + + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + // +unionMember + // +optional + HashMod HashModActionConfig `json:"hashMod,omitempty,omitzero"` + + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + // +unionMember + // +optional + LabelMap LabelMapActionConfig `json:"labelMap,omitempty,omitzero"` + + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Lowercase LowercaseActionConfig `json:"lowercase,omitempty,omitzero"` + + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Uppercase UppercaseActionConfig `json:"uppercase,omitempty,omitzero"` + + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + KeepEqual KeepEqualActionConfig `json:"keepEqual,omitempty,omitzero"` + + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + DropEqual DropEqualActionConfig `json:"dropEqual,omitempty,omitzero"` +} + +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfig struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=255 + Replacement *string `json:"replacement,omitempty"` +} + +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfig struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + // +required + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Modulus int64 `json:"modulus,omitempty"` +} + +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfig struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfig struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfig struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + Replacement string `json:"replacement,omitempty"` +} + +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +// +kubebuilder:validation:MinProperties=1 +// +kubebuilder:validation:XValidation:rule="(has(self.cert) && has(self.key)) || (!has(self.cert) && !has(self.key))",message="cert and key must both be specified together for mutual TLS, or both be omitted" +type TLSConfig struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + // +optional + CA SecretKeySelector `json:"ca,omitempty,omitzero"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. + // +optional + Cert SecretKeySelector `json:"cert,omitempty,omitzero"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. + // +optional + Key SecretKeySelector `json:"key,omitempty,omitzero"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid DNS subdomain (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" + ServerName string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". + // +optional + CertificateVerification CertificateVerificationType `json:"certificateVerification,omitempty"` +} + +// CertificateVerificationType defines the TLS certificate verification policy. +// +kubebuilder:validation:Enum=Verify;SkipVerify +type CertificateVerificationType string + +const ( + // CertificateVerificationVerify performs certificate verification (secure, recommended). + CertificateVerificationVerify CertificateVerificationType = "Verify" + // CertificateVerificationSkipVerify skips certificate verification (insecure, use with caution). + CertificateVerificationSkipVerify CertificateVerificationType = "SkipVerify" +) + +// AuthorizationType defines the type of authentication to use. +// +kubebuilder:validation:Enum=BearerToken +type AuthorizationType string + +const ( + // AuthorizationTypeBearerToken indicates bearer token authentication. + AuthorizationTypeBearerToken AuthorizationType = "BearerToken" +) + +// AuthorizationConfig defines the authentication method for Alertmanager connections. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken" +// +union +type AuthorizationConfig struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + // +unionDiscriminator + // +required + Type AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` +} + +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +// +structType=atomic +type SecretKeySelector struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid secret name (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" + Name string `json:"name,omitempty"` + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="must contain only alphanumeric characters, '-', '_', or '.'" + Key string `json:"key,omitempty"` +} + +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +// +kubebuilder:validation:MinProperties=1 +type Retention struct { + // durationInDays specifies how many days Prometheus will retain metrics data. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 15. + // Minimum value is 1 day. + // Maximum value is 365 days (1 year). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=365 + // +optional + DurationInDays int32 `json:"durationInDays,omitempty"` + // sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // When the limit is reached, Prometheus will delete oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + // Minimum value is 1 GiB. + // Maximum value is 16384 GiB (16 TiB). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=16384 + // +optional + SizeInGiB int32 `json:"sizeInGiB,omitempty"` +} + +// RelabelAction defines the action to perform in a relabeling rule. +// +kubebuilder:validation:Enum=Replace;Keep;Drop;HashMod;LabelMap;LabelDrop;LabelKeep;Lowercase;Uppercase;KeepEqual;DropEqual +type RelabelAction string + +const ( + // RelabelActionReplace: match regex against concatenated source_labels; set target_label to replacement with ${1}, ${2}, ... substituted. No replacement if regex does not match. + RelabelActionReplace RelabelAction = "Replace" + // RelabelActionLowercase: map the concatenated source_labels to their lower case. + RelabelActionLowercase RelabelAction = "Lowercase" + // RelabelActionUppercase: map the concatenated source_labels to their upper case. + RelabelActionUppercase RelabelAction = "Uppercase" + // RelabelActionKeep: drop targets for which regex does not match the concatenated source_labels. + RelabelActionKeep RelabelAction = "Keep" + // RelabelActionDrop: drop targets for which regex matches the concatenated source_labels. + RelabelActionDrop RelabelAction = "Drop" + // RelabelActionKeepEqual: drop targets for which the concatenated source_labels do not match target_label. + RelabelActionKeepEqual RelabelAction = "KeepEqual" + // RelabelActionDropEqual: drop targets for which the concatenated source_labels do match target_label. + RelabelActionDropEqual RelabelAction = "DropEqual" + // RelabelActionHashMod: set target_label to the modulus of a hash of the concatenated source_labels. + RelabelActionHashMod RelabelAction = "HashMod" + // RelabelActionLabelMap: match regex against all source label names; copy matching label values to new names given by replacement with ${1}, ${2}, ... substituted. + RelabelActionLabelMap RelabelAction = "LabelMap" + // RelabelActionLabelDrop: match regex against all label names; any label that matches is removed. + RelabelActionLabelDrop RelabelAction = "LabelDrop" + // RelabelActionLabelKeep: match regex against all label names; any label that does not match is removed. + RelabelActionLabelKeep RelabelAction = "LabelKeep" +) + +// CollectionProfile defines the metrics collection profile for Prometheus. +// +kubebuilder:validation:Enum=Full;Minimal +type CollectionProfile string + +const ( + // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components. + CollectionProfileFull CollectionProfile = "Full" + // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + CollectionProfileMinimal CollectionProfile = "Minimal" +) + // AuditProfile defines the audit log level for the Metrics Server. // +kubebuilder:validation:Enum=None;Metadata;Request;RequestResponse type AuditProfile string @@ -596,6 +1764,27 @@ const ( VerbosityLevelTraceAll VerbosityLevel = "TraceAll" ) +// ExemplarsMode defines whether exemplars are sent via remote write. +// +kubebuilder:validation:Enum=Send;DoNotSend +type ExemplarsMode string + +const ( + // ExemplarsModeSend means exemplars are sent via remote write. + ExemplarsModeSend ExemplarsMode = "Send" + // ExemplarsModeDoNotSend means exemplars are not sent via remote write. + ExemplarsModeDoNotSend ExemplarsMode = "DoNotSend" +) + +// RateLimitedAction defines what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). +// Omission of this field means do not retry. When set, the only valid value is Retry. +// +kubebuilder:validation:Enum=Retry +type RateLimitedAction string + +const ( + // RateLimitedActionRetry means requests will be retried on HTTP 429 responses. + RateLimitedActionRetry RateLimitedAction = "Retry" +) + // Audit profile configurations type Audit struct { // profile is a required field for configuring the audit log level of the Kubernetes Metrics Server. diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go deleted file mode 100644 index 977ca3dde3..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go +++ /dev/null @@ -1,289 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicy holds namespace-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=imagepolicies,scope=Namespaced -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec holds user settable values for configuration - // +required - Spec ImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ImagePolicyStatus `json:"status,omitempty"` -} - -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +kubebuilder:validation:XValidation:rule="size(self.split('/')[0].split('.')) == 1 ? self.split('/')[0].split('.')[0].split(':')[0] == 'localhost' : true",message="invalid image scope format, scope must contain a fully qualified domain name or 'localhost'" -// +kubebuilder:validation:XValidation:rule=`self.contains('*') ? self.matches('^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$') : true`,message="invalid image scope with wildcard, a wildcard can only be at the start of the domain and is only supported for subdomain matching, not path matching" -// +kubebuilder:validation:XValidation:rule=`!self.contains('*') ? self.matches('^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$') : true`,message="invalid repository namespace or image specification in the image scope" -// +kubebuilder:validation:MaxLength=512 -type ImageScope string - -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicy struct { - // rootOfTrust specifies the root of trust for the policy. - // +required - RootOfTrust PolicyRootOfTrust `json:"rootOfTrust"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - // +optional - SignedIdentity PolicyIdentity `json:"signedIdentity,omitempty"` -} - -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -// +union -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'PublicKey' ? has(self.publicKey) : !has(self.publicKey)",message="publicKey is required when policyType is PublicKey, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'FulcioCAWithRekor' ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)",message="fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, and forbidden otherwise" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=SigstoreImageVerificationPKI,rule="has(self.policyType) && self.policyType == 'PKI' ? has(self.pki) : !has(self.pki)",message="pki is required when policyType is PKI, and forbidden otherwise" -type PolicyRootOfTrust struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - // +unionDiscriminator - // +required - PolicyType PolicyType `json:"policyType"` - // publicKey defines the root of trust based on a sigstore public key. - // +optional - PublicKey *ImagePolicyPublicKeyRootOfTrust `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - // +optional - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrust `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - // +optional - // +openshift:enable:FeatureGate=SigstoreImageVerificationPKI - PKI *ImagePolicyPKIRootOfTrust `json:"pki,omitempty"` -} - -// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=PublicKey;FulcioCAWithRekor -// +openshift:validation:FeatureGateAwareEnum:featureGate=SigstoreImageVerificationPKI,enum=PublicKey;FulcioCAWithRekor;PKI -type PolicyType string - -const ( - PublicKeyRootOfTrust PolicyType = "PublicKey" - FulcioCAWithRekorRootOfTrust PolicyType = "FulcioCAWithRekor" - PKIRootOfTrust PolicyType = "PKI" -) - -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrust struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - KeyData []byte `json:"keyData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +optional - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrust struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - FulcioCAData []byte `json:"fulcioCAData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - // +required - FulcioSubject PolicyFulcioSubject `json:"fulcioSubject"` -} - -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubject struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - // +required - // +kubebuilder:validation:XValidation:rule="isURL(self)",message="oidcIssuer must be a valid URL" - OIDCIssuer string `json:"oidcIssuer"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - // +required - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address" - SignedEmail string `json:"signedEmail"` -} - -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrust struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caRootsData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caRootsData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caRootsData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - CertificateAuthorityRootsData []byte `json:"caRootsData"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - // +optional - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caIntermediatesData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caIntermediatesData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caIntermediatesData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - // +kubebuilder:validation:MaxLength=8192 - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - // +required - PKICertificateSubject PKICertificateSubject `json:"pkiCertificateSubject"` -} - -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -// +kubebuilder:validation:XValidation:rule="has(self.email) || has(self.hostname)", message="at least one of email or hostname must be set in pkiCertificateSubject" -// +openshift:enable:FeatureGate=SigstoreImageVerificationPKI -type PKICertificateSubject struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - // +optional - // +kubebuilder:validation:MaxLength:=320 - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address in pkiCertificateSubject" - Email string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - // +optional - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="self.startsWith('*.') ? !format.dns1123Subdomain().validate(self.replace('*.', '', 1)).hasValue() : !format.dns1123Subdomain().validate(self).hasValue()",message="hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.'. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk." - Hostname string `json:"hostname,omitempty"` -} - -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'ExactRepository') ? has(self.exactRepository) : !has(self.exactRepository)",message="exactRepository is required when matchPolicy is ExactRepository, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'RemapIdentity') ? has(self.remapIdentity) : !has(self.remapIdentity)",message="remapIdentity is required when matchPolicy is RemapIdentity, and forbidden otherwise" -// +union -type PolicyIdentity struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - // +unionDiscriminator - // +required - MatchPolicy IdentityMatchPolicy `json:"matchPolicy"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - // +optional - PolicyMatchExactRepository *PolicyMatchExactRepository `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - // +optional - PolicyMatchRemapIdentity *PolicyMatchRemapIdentity `json:"remapIdentity,omitempty"` -} - -// +kubebuilder:validation:MaxLength=512 -// +kubebuilder:validation:XValidation:rule=`self.matches('.*:([\\w][\\w.-]{0,127})$')? self.matches('^(localhost:[0-9]+)$'): true`,message="invalid repository or prefix in the signedIdentity, should not include the tag or digest" -// +kubebuilder:validation:XValidation:rule=`self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')`,message="invalid repository or prefix in the signedIdentity" -type IdentityRepositoryPrefix string - -type PolicyMatchExactRepository struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - // +required - Repository IdentityRepositoryPrefix `json:"repository"` -} - -type PolicyMatchRemapIdentity struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - Prefix IdentityRepositoryPrefix `json:"prefix"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - SignedPrefix IdentityRepositoryPrefix `json:"signedPrefix"` -} - -// IdentityMatchPolicy defines the type of matching for "matchPolicy". -// +kubebuilder:validation:Enum=MatchRepoDigestOrExact;MatchRepository;ExactRepository;RemapIdentity -type IdentityMatchPolicy string - -const ( - IdentityMatchPolicyMatchRepoDigestOrExact IdentityMatchPolicy = "MatchRepoDigestOrExact" - IdentityMatchPolicyMatchRepository IdentityMatchPolicy = "MatchRepository" - IdentityMatchPolicyExactRepository IdentityMatchPolicy = "ExactRepository" - IdentityMatchPolicyRemapIdentity IdentityMatchPolicy = "RemapIdentity" -) - -// +k8s:deepcopy-gen=true -type ImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicyList is a list of ImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ImagePolicy `json:"items"` -} - -const ( - // ImagePolicyPending indicates that the customer resource contains a policy that cannot take effect. It is either overwritten by a global policy or the image scope is not valid. - ImagePolicyPending = "Pending" - // ImagePolicyApplied indicates that the policy has been applied - ImagePolicyApplied = "Applied" -) diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_pki.go b/vendor/github.com/openshift/api/config/v1alpha1/types_pki.go new file mode 100644 index 0000000000..c5be8b5bc9 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_pki.go @@ -0,0 +1,274 @@ +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// PKI configures cryptographic parameters for certificates generated +// internally by OpenShift components. +// +// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. +// +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=pkis,scope=Cluster +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2645 +// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 +// +openshift:enable:FeatureGate=ConfigurablePKI +// +openshift:compatibility-gen:level=4 +type PKI struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +optional + metav1.ObjectMeta `json:"metadata,omitempty"` + + // spec holds user settable values for configuration + // +required + Spec PKISpec `json:"spec,omitzero"` +} + +// PKISpec holds the specification for PKI configuration. +type PKISpec struct { + // certificateManagement specifies how PKI configuration is managed for internally-generated certificates. + // This controls the certificate generation approach for all OpenShift components that create + // certificates internally, including certificate authorities, serving certificates, and client certificates. + // + // +required + CertificateManagement PKICertificateManagement `json:"certificateManagement,omitzero"` +} + +// PKICertificateManagement determines whether components use hardcoded defaults (Unmanaged), follow +// OpenShift best practices (Default), or use administrator-specified cryptographic parameters (Custom). +// This provides flexibility for organizations with specific compliance requirements or security policies +// while maintaining backwards compatibility for existing clusters. +// +// +kubebuilder:validation:XValidation:rule="self.mode == 'Custom' ? has(self.custom) : !has(self.custom)",message="custom is required when mode is Custom, and forbidden otherwise" +// +union +type PKICertificateManagement struct { + // mode determines how PKI configuration is managed. + // Valid values are "Unmanaged", "Default", and "Custom". + // + // When set to Unmanaged, components use their existing hardcoded certificate + // generation behavior, exactly as if this feature did not exist. Each component + // generates certificates using whatever parameters it was using before this + // feature. While most components use RSA 2048, some may use different + // parameters. Use of this mode might prevent upgrading to the next major + // OpenShift release. + // + // When set to Default, OpenShift-recommended best practices for certificate + // generation are applied. The specific parameters may evolve across OpenShift + // releases to adopt improved cryptographic standards. In the initial release, + // this matches Unmanaged behavior for each component. In future releases, this + // may adopt ECDSA or larger RSA keys based on industry best practices. + // Recommended for most customers who want to benefit from security improvements + // automatically. + // + // When set to Custom, the certificate management parameters can be set + // explicitly. Use the custom field to specify certificate generation parameters. + // + // +required + // +unionDiscriminator + Mode PKICertificateManagementMode `json:"mode,omitempty"` + + // custom contains administrator-specified cryptographic configuration. + // Use the defaults and category override fields + // to specify certificate generation parameters. + // Required when mode is Custom, and forbidden otherwise. + // + // +optional + // +unionMember + Custom CustomPKIPolicy `json:"custom,omitzero"` +} + +// CustomPKIPolicy contains administrator-specified cryptographic configuration. +// Administrators must specify defaults for all certificates and may optionally +// override specific categories of certificates. +// +// +kubebuilder:validation:MinProperties=1 +type CustomPKIPolicy struct { + PKIProfile `json:",inline"` +} + +// PKICertificateManagementMode specifies the mode for PKI certificate management. +// +// +kubebuilder:validation:Enum=Unmanaged;Default;Custom +type PKICertificateManagementMode string + +const ( + // PKICertificateManagementModeUnmanaged uses each component's existing hardcoded defaults. + // Most components currently use RSA 2048, but parameters may differ by component. + PKICertificateManagementModeUnmanaged PKICertificateManagementMode = "Unmanaged" + + // PKICertificateManagementModeDefault uses OpenShift-recommended best practices. + // Specific parameters may evolve across OpenShift releases. + PKICertificateManagementModeDefault PKICertificateManagementMode = "Default" + + // PKICertificateManagementModeCustom uses administrator-specified configuration. + PKICertificateManagementModeCustom PKICertificateManagementMode = "Custom" +) + +// PKIProfile defines the certificate generation parameters that OpenShift +// components use to create certificates. Category overrides take precedence +// over defaults. +type PKIProfile struct { + // defaults specifies the default certificate configuration that applies + // to all certificates unless overridden by a category override. + // + // +required + Defaults DefaultCertificateConfig `json:"defaults,omitzero"` + + // signerCertificates optionally overrides certificate parameters for + // certificate authority (CA) certificates that sign other certificates. + // When set, these parameters take precedence over defaults for all signer certificates. + // When omitted, the defaults are used for signer certificates. + // + // +optional + SignerCertificates CertificateConfig `json:"signerCertificates,omitempty,omitzero"` + + // servingCertificates optionally overrides certificate parameters for + // TLS server certificates used to serve HTTPS endpoints. + // When set, these parameters take precedence over defaults for all serving certificates. + // When omitted, the defaults are used for serving certificates. + // + // +optional + ServingCertificates CertificateConfig `json:"servingCertificates,omitempty,omitzero"` + + // clientCertificates optionally overrides certificate parameters for + // client authentication certificates used to authenticate to servers. + // When set, these parameters take precedence over defaults for all client certificates. + // When omitted, the defaults are used for client certificates. + // + // +optional + ClientCertificates CertificateConfig `json:"clientCertificates,omitempty,omitzero"` +} + +// DefaultCertificateConfig specifies the default certificate configuration +// parameters. All fields are required to ensure that defaults are fully +// specified for all certificates. +type DefaultCertificateConfig struct { + // key specifies the cryptographic parameters for the certificate's key pair. + // This field is required in defaults to ensure all certificates have a + // well-defined key configuration. + // +required + Key KeyConfig `json:"key,omitzero"` +} + +// CertificateConfig specifies configuration parameters for certificates. +// At least one property must be specified. +// +kubebuilder:validation:MinProperties=1 +type CertificateConfig struct { + // key specifies the cryptographic parameters for the certificate's key pair. + // Currently this is the only configurable parameter. When omitted in an + // overrides entry, the key configuration from defaults is used. + // +optional + Key KeyConfig `json:"key,omitzero"` +} + +// KeyConfig specifies cryptographic parameters for key generation. +// +// +kubebuilder:validation:XValidation:rule="has(self.algorithm) && self.algorithm == 'RSA' ? has(self.rsa) : !has(self.rsa)",message="rsa is required when algorithm is RSA, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.algorithm) && self.algorithm == 'ECDSA' ? has(self.ecdsa) : !has(self.ecdsa)",message="ecdsa is required when algorithm is ECDSA, and forbidden otherwise" +// +union +type KeyConfig struct { + // algorithm specifies the key generation algorithm. + // Valid values are "RSA" and "ECDSA". + // + // When set to RSA, the rsa field must be specified and the generated key + // will be an RSA key with the configured key size. + // + // When set to ECDSA, the ecdsa field must be specified and the generated key + // will be an ECDSA key using the configured elliptic curve. + // + // +required + // +unionDiscriminator + Algorithm KeyAlgorithm `json:"algorithm,omitempty"` + + // rsa specifies RSA key parameters. + // Required when algorithm is RSA, and forbidden otherwise. + // +optional + // +unionMember + RSA RSAKeyConfig `json:"rsa,omitzero"` + + // ecdsa specifies ECDSA key parameters. + // Required when algorithm is ECDSA, and forbidden otherwise. + // +optional + // +unionMember + ECDSA ECDSAKeyConfig `json:"ecdsa,omitzero"` +} + +// RSAKeyConfig specifies parameters for RSA key generation. +type RSAKeyConfig struct { + // keySize specifies the size of RSA keys in bits. + // Valid values are multiples of 1024 from 2048 to 8192. + // +required + // +kubebuilder:validation:Minimum=2048 + // +kubebuilder:validation:Maximum=8192 + // +kubebuilder:validation:MultipleOf=1024 + KeySize int32 `json:"keySize,omitempty"` +} + +// ECDSAKeyConfig specifies parameters for ECDSA key generation. +type ECDSAKeyConfig struct { + // curve specifies the NIST elliptic curve for ECDSA keys. + // Valid values are "P256", "P384", and "P521". + // + // When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + // providing 128-bit security. + // + // When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + // providing 192-bit security. + // + // When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + // providing 256-bit security. + // + // +required + Curve ECDSACurve `json:"curve,omitempty"` +} + +// KeyAlgorithm specifies the cryptographic algorithm used for key generation. +// +// +kubebuilder:validation:Enum=RSA;ECDSA +type KeyAlgorithm string + +const ( + // KeyAlgorithmRSA specifies the RSA (Rivest-Shamir-Adleman) algorithm for key generation. + KeyAlgorithmRSA KeyAlgorithm = "RSA" + + // KeyAlgorithmECDSA specifies the ECDSA (Elliptic Curve Digital Signature Algorithm) for key generation. + KeyAlgorithmECDSA KeyAlgorithm = "ECDSA" +) + +// ECDSACurve specifies the elliptic curve used for ECDSA key generation. +// +// +kubebuilder:validation:Enum=P256;P384;P521 +type ECDSACurve string + +const ( + // ECDSACurveP256 specifies the NIST P-256 curve (also known as secp256r1), providing 128-bit security. + ECDSACurveP256 ECDSACurve = "P256" + + // ECDSACurveP384 specifies the NIST P-384 curve (also known as secp384r1), providing 192-bit security. + ECDSACurveP384 ECDSACurve = "P384" + + // ECDSACurveP521 specifies the NIST P-521 curve (also known as secp521r1), providing 256-bit security. + ECDSACurveP521 ECDSACurve = "P521" +) + +// PKIList is a collection of PKI resources. +// +// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. +// +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +openshift:compatibility-gen:level=4 +type PKIList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + + // items is a list of PKI resources + Items []PKI `json:"items"` +} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies.crd.yaml deleted file mode 100644 index acd885a131..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clusterimagepolicies.crd.yaml +++ /dev/null @@ -1,442 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1457 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - name: clusterimagepolicies.config.openshift.io -spec: - group: config.openshift.io - names: - kind: ClusterImagePolicy - listKind: ClusterImagePolicyList - plural: clusterimagepolicies - singular: clusterimagepolicy - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - ClusterImagePolicy holds cluster-wide configuration for image signature verification - - Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec contains the configuration for the cluster image policy. - properties: - policy: - description: |- - policy contains configuration to allow scopes to be verified, and defines how - images not matching the verification policy will be treated. - properties: - rootOfTrust: - description: rootOfTrust specifies the root of trust for the policy. - properties: - fulcioCAWithRekor: - description: |- - fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - For more information about Fulcio and Rekor, please refer to the document at: - https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - properties: - fulcioCAData: - description: |- - fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - fulcioCAData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - fulcioSubject: - description: fulcioSubject specifies OIDC issuer and the - email of the Fulcio authentication configuration. - properties: - oidcIssuer: - description: |- - oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - Example: "https://expected.OIDC.issuer/" - type: string - x-kubernetes-validations: - - message: oidcIssuer must be a valid URL - rule: isURL(self) - signedEmail: - description: |- - signedEmail holds the email address the the Fulcio certificate is issued for. - Example: "expected-signing-user@example.com" - type: string - x-kubernetes-validations: - - message: invalid email address - rule: self.matches('^\\S+@\\S+$') - required: - - oidcIssuer - - signedEmail - type: object - rekorKeyData: - description: |- - rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - rekorKeyData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - required: - - fulcioCAData - - fulcioSubject - - rekorKeyData - type: object - pki: - description: pki defines the root of trust based on Bring - Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and - corresponding intermediate certificates. - properties: - caIntermediatesData: - description: |- - caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - caIntermediatesData requires caRootsData to be set. - format: byte - maxLength: 8192 - type: string - x-kubernetes-validations: - - message: the caIntermediatesData must start with base64 - encoding of '-----BEGIN CERTIFICATE-----'. - rule: string(self).startsWith('-----BEGIN CERTIFICATE-----') - - message: the caIntermediatesData must end with base64 - encoding of '-----END CERTIFICATE-----'. - rule: string(self).endsWith('-----END CERTIFICATE-----\n') - || string(self).endsWith('-----END CERTIFICATE-----') - - message: caIntermediatesData must be base64 encoding - of valid PEM format data contain the same number of - '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' - markers. - rule: string(self).findAll('-----BEGIN CERTIFICATE-----').size() - == string(self).findAll('-----END CERTIFICATE-----').size() - caRootsData: - description: caRootsData contains base64-encoded data - of a certificate bundle PEM file, which contains one - or more CA roots in the PEM format. The total length - of the data must not exceed 8192 characters. - format: byte - maxLength: 8192 - type: string - x-kubernetes-validations: - - message: the caRootsData must start with base64 encoding - of '-----BEGIN CERTIFICATE-----'. - rule: string(self).startsWith('-----BEGIN CERTIFICATE-----') - - message: the caRootsData must end with base64 encoding - of '-----END CERTIFICATE-----'. - rule: string(self).endsWith('-----END CERTIFICATE-----\n') - || string(self).endsWith('-----END CERTIFICATE-----') - - message: caRootsData must be base64 encoding of valid - PEM format data contain the same number of '-----BEGIN - CERTIFICATE-----' and '-----END CERTIFICATE-----' - markers. - rule: string(self).findAll('-----BEGIN CERTIFICATE-----').size() - == string(self).findAll('-----END CERTIFICATE-----').size() - pkiCertificateSubject: - description: pkiCertificateSubject defines the requirements - imposed on the subject to which the certificate was - issued. - properties: - email: - description: |- - email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - The email should be a valid email address and at most 320 characters in length. - maxLength: 320 - type: string - x-kubernetes-validations: - - message: invalid email address in pkiCertificateSubject - rule: self.matches('^\\S+@\\S+$') - hostname: - description: |- - hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: hostname should be a valid dns 1123 subdomain - name, optionally prefixed by '*.'. It should consist - only of lowercase alphanumeric characters, hyphens, - periods and the optional preceding asterisk. - rule: 'self.startsWith(''*.'') ? !format.dns1123Subdomain().validate(self.replace(''*.'', - '''', 1)).hasValue() : !format.dns1123Subdomain().validate(self).hasValue()' - type: object - x-kubernetes-validations: - - message: at least one of email or hostname must be set - in pkiCertificateSubject - rule: has(self.email) || has(self.hostname) - required: - - caRootsData - - pkiCertificateSubject - type: object - policyType: - description: |- - policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - enum: - - PublicKey - - FulcioCAWithRekor - - PKI - type: string - publicKey: - description: publicKey defines the root of trust based on - a sigstore public key. - properties: - keyData: - description: |- - keyData contains inline base64-encoded data for the PEM format public key. - KeyData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - rekorKeyData: - description: |- - rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - rekorKeyData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - required: - - keyData - type: object - required: - - policyType - type: object - x-kubernetes-validations: - - message: pki is required when policyType is PKI, and forbidden - otherwise - rule: 'has(self.policyType) && self.policyType == ''PKI'' ? - has(self.pki) : !has(self.pki)' - - message: publicKey is required when policyType is PublicKey, - and forbidden otherwise - rule: 'has(self.policyType) && self.policyType == ''PublicKey'' - ? has(self.publicKey) : !has(self.publicKey)' - - message: fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, - and forbidden otherwise - rule: 'has(self.policyType) && self.policyType == ''FulcioCAWithRekor'' - ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)' - signedIdentity: - description: signedIdentity specifies what image identity the - signature claims about the image. The required matchPolicy field - specifies the approach used in the verification process to verify - the identity in the signature and the actual image identity, - the default matchPolicy is "MatchRepoDigestOrExact". - properties: - exactRepository: - description: exactRepository is required if matchPolicy is - set to "ExactRepository". - properties: - repository: - description: |- - repository is the reference of the image identity to be matched. - The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid repository or prefix in the signedIdentity, - should not include the tag or digest - rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? - self.matches(''^(localhost:[0-9]+)$''): true' - - message: invalid repository or prefix in the signedIdentity - rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') - required: - - repository - type: object - matchPolicy: - description: |- - matchPolicy sets the type of matching to be used. - Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - If set matchPolicy to ExactRepository, then the exactRepository must be specified. - If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - enum: - - MatchRepoDigestOrExact - - MatchRepository - - ExactRepository - - RemapIdentity - type: string - remapIdentity: - description: remapIdentity is required if matchPolicy is set - to "RemapIdentity". - properties: - prefix: - description: |- - prefix is the prefix of the image identity to be matched. - If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid repository or prefix in the signedIdentity, - should not include the tag or digest - rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? - self.matches(''^(localhost:[0-9]+)$''): true' - - message: invalid repository or prefix in the signedIdentity - rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') - signedPrefix: - description: |- - signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid repository or prefix in the signedIdentity, - should not include the tag or digest - rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? - self.matches(''^(localhost:[0-9]+)$''): true' - - message: invalid repository or prefix in the signedIdentity - rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') - required: - - prefix - - signedPrefix - type: object - required: - - matchPolicy - type: object - x-kubernetes-validations: - - message: exactRepository is required when matchPolicy is ExactRepository, - and forbidden otherwise - rule: '(has(self.matchPolicy) && self.matchPolicy == ''ExactRepository'') - ? has(self.exactRepository) : !has(self.exactRepository)' - - message: remapIdentity is required when matchPolicy is RemapIdentity, - and forbidden otherwise - rule: '(has(self.matchPolicy) && self.matchPolicy == ''RemapIdentity'') - ? has(self.remapIdentity) : !has(self.remapIdentity)' - required: - - rootOfTrust - type: object - scopes: - description: |- - scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - For additional details about the format, please refer to the document explaining the docker transport field, - which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - items: - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid image scope format, scope must contain a fully - qualified domain name or 'localhost' - rule: 'size(self.split(''/'')[0].split(''.'')) == 1 ? self.split(''/'')[0].split(''.'')[0].split('':'')[0] - == ''localhost'' : true' - - message: invalid image scope with wildcard, a wildcard can only - be at the start of the domain and is only supported for subdomain - matching, not path matching - rule: 'self.contains(''*'') ? self.matches(''^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$'') - : true' - - message: invalid repository namespace or image specification in - the image scope - rule: '!self.contains(''*'') ? self.matches(''^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$'') - : true' - maxItems: 256 - type: array - x-kubernetes-list-type: set - required: - - policy - - scopes - type: object - status: - description: status contains the observed state of the resource. - properties: - conditions: - description: conditions provide details on the status of this API - Resource. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitorings.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitorings.crd.yaml index 1243cf142c..88eb7d9a87 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitorings.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_clustermonitorings.crd.yaml @@ -132,7 +132,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: limit must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) name: description: |- name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). @@ -160,7 +160,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: request must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) required: - name type: object @@ -454,12 +454,10 @@ spec: x-kubernetes-list-type: map volumeClaimTemplate: description: |- - volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - configure the persistent volume claim, including storage class, volume - size, and name. + volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts. - This field is optional. properties: apiVersion: description: |- @@ -982,7 +980,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: limit must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) name: description: |- name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). @@ -1010,7 +1008,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: request must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) required: - name type: object @@ -1286,6 +1284,2707 @@ spec: - TraceAll type: string type: object + openShiftStateMetricsConfig: + description: |- + openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled. + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + maxProperties: 10 + minProperties: 1 + type: object + resources: + description: |- + resources defines the compute resource requests and limits for the openshift-state-metrics container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + This field is optional. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + This is a simplified API that maps to Kubernetes ResourceRequirements. + The current default values are: + resources: + - name: cpu + request: 1m + limit: null + - name: memory + request: 32Mi + limit: null + Maximum length for this list is 10. + Minimum length for this list is 1. + Each resource name must be unique within this list. + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10. + Minimum length for this list is 1. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1. + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + type: object + prometheusConfig: + description: |- + prometheusConfig provides configuration options for the default platform Prometheus instance + that runs in the `openshift-monitoring` namespace. This configuration applies only to the + platform Prometheus instance; user-workload Prometheus instances are configured separately. + + This field allows you to customize how the platform Prometheus is deployed and operated, including: + - Pod scheduling (node selectors, tolerations, topology spread constraints) + - Resource allocation (CPU, memory requests/limits) + - Retention policies (how long metrics are stored) + - External integrations (remote write, additional alertmanagers) + + This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + minProperties: 1 + properties: + additionalAlertmanagerConfigs: + description: |- + additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + the Prometheus component. This is useful for organizations that need to: + - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + - Route different types of alerts to different teams or systems + - Integrate with existing enterprise alerting infrastructure + - Maintain separate alert routing for compliance or organizational requirements + When omitted, no additional Alertmanager instances are configured (default behavior). + When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + Entries must have unique names (name is the list key). + items: + description: |- + AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. + The `AdditionalAlertmanagerConfig` resource defines settings for how a + component communicates with additional Alertmanager instances. + properties: + authorization: + description: |- + authorization configures the authentication method for Alertmanager connections. + Supports bearer token authentication. When omitted, no authentication is used. + properties: + bearerToken: + description: |- + bearerToken defines the secret reference containing the bearer token. + Required when type is "BearerToken", and forbidden otherwise. + The secret must exist in the openshift-monitoring namespace. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + type: + description: |- + type specifies the authentication type to use. + Valid value is "BearerToken" (bearer token authentication). + When set to BearerToken, the bearerToken field must be specified. + enum: + - BearerToken + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: bearerToken is required when type is BearerToken + rule: 'has(self.type) && self.type == ''BearerToken'' + ? has(self.bearerToken) : !has(self.bearerToken)' + name: + description: |- + name is a unique identifier for this Alertmanager configuration entry. + The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + hyphens, or periods, and must start and end with an alphanumeric character. + Minimum length is 1 character (empty string is invalid). + Maximum length is 253 characters. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: a lowercase RFC 1123 subdomain must consist of + lower case alphanumeric characters, '-' or '.', and + must start and end with an alphanumeric character. + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + pathPrefix: + description: |- + pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + Must start with "/", must not end with "/", and must not be exactly "/". + Must not contain query strings ("?") or fragments ("#"). + maxLength: 255 + minLength: 2 + type: string + x-kubernetes-validations: + - message: pathPrefix must start with '/' + rule: self.startsWith('/') + - message: pathPrefix must not end with '/' + rule: '!self.endsWith(''/'')' + - message: pathPrefix must not be '/' (would produce double + slashes in request path); omit for no prefix + rule: self != '/' + - message: pathPrefix must not contain '?' or '#' + rule: '!self.contains(''?'') && !self.contains(''#'')' + scheme: + description: |- + scheme defines the URL scheme to use when communicating with Alertmanager + instances. + Possible values are `HTTP` or `HTTPS`. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is `HTTP`. + enum: + - HTTP + - HTTPS + type: string + staticConfigs: + description: |- + staticConfigs is a list of statically configured Alertmanager endpoints in the form + of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + (in brackets) followed by a colon and a valid port number (1-65535). + Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + Each entry must be unique and non-empty (empty string is invalid). + items: + maxLength: 255 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid 'host:port' where host is a + DNS name, IPv4, or IPv6 address (in brackets), and + port is 1-65535 + rule: isURL('http://' + self) && size(url('http://' + + self).getHostname()) > 0 && size(url('http://' + + self).getPort()) > 0 && int(url('http://' + self).getPort()) + >= 1 && int(url('http://' + self).getPort()) <= 65535 + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: set + timeoutSeconds: + description: |- + timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + Currently the default is 10 seconds. + Minimum value is 1 second. + Maximum value is 600 seconds (10 minutes). + format: int32 + maximum: 600 + minimum: 1 + type: integer + tlsConfig: + description: |- + tlsConfig defines the TLS settings to use for Alertmanager connections. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + ca: + description: |- + ca is an optional CA certificate to use for TLS connections. + When omitted, the system's default CA bundle is used. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + cert: + description: |- + cert is an optional client certificate to use for mutual TLS connections. + When omitted, no client certificate is presented. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + certificateVerification: + description: |- + certificateVerification determines the policy for TLS certificate verification. + Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is "Verify". + enum: + - Verify + - SkipVerify + type: string + key: + description: |- + key is an optional client key to use for mutual TLS connections. + When omitted, no client key is used. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + serverName: + description: |- + serverName is an optional server name to use for TLS connections. + When specified, must be a valid DNS subdomain as per RFC 1123. + When omitted, the server name is derived from the URL. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid DNS subdomain (lowercase + alphanumeric characters, '-' or '.', start and end + with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + type: object + x-kubernetes-validations: + - message: cert and key must both be specified together + for mutual TLS, or both be omitted + rule: (has(self.cert) && has(self.key)) || (!has(self.cert) + && !has(self.key)) + required: + - name + - staticConfigs + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + collectionProfile: + description: |- + collectionProfile defines the metrics collection profile that Prometheus uses to collect + metrics from the platform components. Supported values are `Full` or + `Minimal`. In the `Full` profile (default), Prometheus collects all + metrics that are exposed by the platform components. In the `Minimal` + profile, Prometheus only collects metrics necessary for the default + platform alerts, recording rules, telemetry and console dashboards. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is `Full`. + enum: + - Full + - Minimal + type: string + enforcedBodySizeLimitBytes: + description: |- + enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + If a scraped target's body response is larger than the limit, the scrape will fail. + This helps protect Prometheus from targets that return excessively large responses. + The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + limit based on cluster capacity. Set an explicit value to override the automatic calculation. + Minimum value is 10240 (10kB). + Maximum value is 1073741824 (1GB). + format: int64 + maximum: 1073741824 + minimum: 10240 + type: integer + externalLabels: + description: |- + externalLabels defines labels to be attached to time series and alerts + when communicating with external systems such as federation, remote storage, + and Alertmanager. These labels are not stored with metrics on disk; they are + only added when data leaves Prometheus (e.g., during federation queries, + remote write, or alert notifications). + At least 1 label must be specified when set, with a maximum of 50 labels allowed. + Each label key must be unique within this list. + When omitted, no external labels are applied. + items: + description: Label represents a key/value pair for external + labels. + properties: + key: + description: |- + key is the name of the label. + Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + value: + description: |- + value is the value of the label. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 50 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - key + x-kubernetes-list-type: map + logLevel: + description: |- + logLevel defines the verbosity of logs emitted by Prometheus. + This field allows users to control the amount and severity of logs generated, which can be useful + for debugging issues or reducing noise in production environments. + Allowed values are Error, Warn, Info, and Debug. + When set to Error, only errors will be logged. + When set to Warn, both warnings and errors will be logged. + When set to Info, general information, warnings, and errors will all be logged. + When set to Debug, detailed debugging information will be logged. + When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + The current default value is `Info`. + enum: + - Error + - Warn + - Info + - Debug + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + nodeSelector defines the nodes on which the Pods are scheduled. + nodeSelector is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + The current default value is `kubernetes.io/os: linux`. + When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + and must not contain more than 10 entries. + maxProperties: 10 + minProperties: 1 + type: object + queryLogFile: + description: |- + queryLogFile specifies the file to which PromQL queries are logged. + This setting can be either a filename, in which + case the queries are saved to an `emptyDir` volume + at `/var/log/prometheus`, or a full path to a location where + an `emptyDir` volume will be mounted and the queries saved. + Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + writing to any other `/dev/` path is not supported. Relative paths are + also not supported. + By default, PromQL queries are not logged. + Must be an absolute path starting with `/` or a simple filename without path separators. + Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + Must contain only alphanumeric characters, '.', '_', '-', or '/'. + Must be between 1 and 255 characters in length. + maxLength: 255 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, '.', '_', + '-', or '/' + rule: self.matches('^[a-zA-Z0-9._/-]+$') + - message: must be an absolute path starting with '/' or a simple + filename without '/' + rule: self.startsWith('/') || !self.contains('/') + - message: only /dev/stdout, /dev/stderr, and /dev/null are allowed + as /dev/ paths + rule: '!self.startsWith(''/dev/'') || self in [''/dev/stdout'', + ''/dev/stderr'', ''/dev/null'']' + - message: must not contain '//', end with '/', or contain '..' + rule: '!self.contains(''//'') && !self.endsWith(''/'') && !self.contains(''..'')' + remoteWrite: + description: |- + remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + When omitted, no remote write endpoints are configured. + When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + Entries must have unique names (name is the list key). + items: + description: RemoteWriteSpec represents configuration for remote + write endpoints. + properties: + authorization: + description: |- + authorization defines the authorization method for the remote write endpoint. + When omitted, no authorization is performed. + When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + properties: + basicAuth: + description: |- + basicAuth defines HTTP basic authentication credentials. + Required when type is "BasicAuth", and forbidden otherwise. + properties: + password: + description: |- + password defines the secret reference containing the password for basic authentication. + The secret must exist in the openshift-monitoring namespace. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start + and end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + username: + description: |- + username defines the secret reference containing the username for basic authentication. + The secret must exist in the openshift-monitoring namespace. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start + and end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + required: + - password + - username + type: object + bearerToken: + description: |- + bearerToken defines the secret reference containing the bearer token. + Required when type is "BearerToken", and forbidden otherwise. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + oauth2: + description: |- + oauth2 defines OAuth2 client credentials authentication. + Required when type is "OAuth2", and forbidden otherwise. + properties: + clientId: + description: |- + clientId defines the secret reference containing the OAuth2 client ID. + The secret must exist in the openshift-monitoring namespace. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start + and end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + clientSecret: + description: |- + clientSecret defines the secret reference containing the OAuth2 client secret. + The secret must exist in the openshift-monitoring namespace. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start + and end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + endpointParams: + description: |- + endpointParams defines additional parameters to append to the token URL. + When omitted, no additional parameters are sent. + Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + items: + description: OAuth2EndpointParam defines a name/value + parameter for the OAuth2 token URL. + properties: + name: + description: name is the parameter name. Must + be between 1 and 256 characters. + maxLength: 256 + minLength: 1 + type: string + value: + description: |- + value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + external system expects a parameter with an empty value (e.g. ?parameter=""). + Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + maxLength: 2048 + minLength: 0 + type: string + required: + - name + type: object + maxItems: 20 + minItems: 0 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + scopes: + description: |- + scopes is a list of OAuth2 scopes to request. + When omitted, no scopes are requested. + Maximum of 20 scopes can be specified. + Each scope must be between 1 and 256 characters. + items: + maxLength: 256 + minLength: 1 + type: string + maxItems: 20 + minItems: 0 + type: array + x-kubernetes-list-type: atomic + tokenUrl: + description: |- + tokenUrl is the URL to fetch the token from. + Must be a valid URL with http or https scheme. + Must be between 1 and 2048 characters in length. + maxLength: 2048 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid URL + rule: isURL(self) + - message: must use http or https scheme + rule: '!isURL(self) || url(self).getScheme() == + ''http'' || url(self).getScheme() == ''https''' + required: + - clientId + - clientSecret + - tokenUrl + type: object + safeAuthorization: + description: |- + safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sigv4: + description: |- + sigv4 defines AWS Signature Version 4 authentication. + Required when type is "SigV4", and forbidden otherwise. + minProperties: 1 + properties: + accessKey: + description: |- + accessKey defines the secret reference containing the AWS access key ID. + The secret must exist in the openshift-monitoring namespace. + When omitted, the access key is derived from the environment or instance metadata. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start + and end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + profile: + description: |- + profile is the named AWS profile used to authenticate. + When omitted, the default profile is used. + Must be between 1 and 128 characters. + maxLength: 128 + minLength: 1 + type: string + region: + description: |- + region is the AWS region. + When omitted, the region is derived from the environment or instance metadata. + Must be between 1 and 128 characters. + maxLength: 128 + minLength: 1 + type: string + roleArn: + description: |- + roleArn is the AWS Role ARN, an alternative to using AWS API keys. + When omitted, API keys are used for authentication. + Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + Must be between 1 and 512 characters. + maxLength: 512 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid AWS IAM role ARN (e.g., + arn:aws:iam::123456789012:role/MyRole) + rule: self.startsWith('arn:aws') && self.matches('^arn:aws(-[a-z]+)?:iam::[0-9]{12}:role/.+$') + secretKey: + description: |- + secretKey defines the secret reference containing the AWS secret access key. + The secret must exist in the openshift-monitoring namespace. + When omitted, the secret key is derived from the environment or instance metadata. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start + and end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + type: object + type: + description: |- + type specifies the authorization method to use. + Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + + When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + + When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + + When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + + When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + + When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + + When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + enum: + - BearerToken + - BasicAuth + - OAuth2 + - SigV4 + - SafeAuthorization + - ServiceAccount + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: bearerToken is required when type is BearerToken, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''BearerToken'' + ? has(self.bearerToken) : !has(self.bearerToken)' + - message: basicAuth is required when type is BasicAuth, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''BasicAuth'' ? + has(self.basicAuth) : !has(self.basicAuth)' + - message: oauth2 is required when type is OAuth2, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''OAuth2'' ? has(self.oauth2) + : !has(self.oauth2)' + - message: sigv4 is required when type is SigV4, and forbidden + otherwise + rule: 'has(self.type) && self.type == ''SigV4'' ? has(self.sigv4) + : !has(self.sigv4)' + - message: safeAuthorization is required when type is SafeAuthorization, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''SafeAuthorization'' + ? has(self.safeAuthorization) : !has(self.safeAuthorization)' + exemplarsMode: + description: |- + exemplarsMode controls whether exemplars are sent via remote write. + Valid values are "Send", "DoNotSend" and omitted. + When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + When omitted or set to "DoNotSend", exemplars are not sent. + enum: + - Send + - DoNotSend + type: string + headers: + description: |- + headers specifies the custom HTTP headers to be sent along with each remote write request. + Sending custom headers makes the configuration of a proxy in between optional and helps the + receiver recognize the given source better. + Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + When omitted, no custom headers are sent. + Maximum of 50 headers can be specified. Each header name must be unique. + Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + items: + description: |- + PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. + The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. + Validation is enforced on the Headers field in RemoteWriteSpec. + properties: + name: + description: |- + name is the HTTP header name. Must not be a reserved header (see type documentation). + Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + maxLength: 256 + minLength: 1 + type: string + value: + description: value is the HTTP header value. Must + be at most 4096 characters. + maxLength: 4096 + minLength: 0 + type: string + required: + - name + - value + type: object + x-kubernetes-validations: + - message: header name must contain only alphanumeric + characters, hyphens, and underscores + rule: self.name.matches('^[a-zA-Z0-9_-]+$') + - message: header name must not be a reserved Prometheus + header (Host, Authorization, Content-Encoding, Content-Type, + X-Prometheus-Remote-Write-Version, User-Agent, Connection, + Keep-Alive, Proxy-Authenticate, Proxy-Authorization, + WWW-Authenticate) + rule: '!self.name.matches(''(?i)^(host|authorization|content-encoding|content-type|x-prometheus-remote-write-version|user-agent|connection|keep-alive|proxy-authenticate|proxy-authorization|www-authenticate)$'')' + maxItems: 50 + minItems: 0 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + metadataConfig: + description: |- + metadataConfig configures the sending of series metadata to remote storage. + When omitted, no metadata is sent. + When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + properties: + custom: + description: custom defines custom metadata send settings. + Required when sendPolicy is Custom (must have at least + one property), and forbidden when sendPolicy is Default. + minProperties: 1 + properties: + sendIntervalSeconds: + description: |- + sendIntervalSeconds is the interval in seconds at which metadata is sent. + When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + format: int32 + maximum: 86400 + minimum: 1 + type: integer + type: object + sendPolicy: + description: |- + sendPolicy specifies whether to send metadata and how it is configured. + Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + Custom: send metadata using the settings in the custom field. + enum: + - Default + - Custom + type: string + required: + - sendPolicy + type: object + x-kubernetes-validations: + - message: custom is forbidden when sendPolicy is Default + rule: 'self.sendPolicy == ''Default'' ? self.custom.sendIntervalSeconds + == 0 : true' + name: + description: |- + name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + This name is used in metrics and logging to differentiate remote write queues. + Must contain only alphanumeric characters, hyphens, and underscores. + Must be between 1 and 63 characters in length. + maxLength: 63 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, hyphens, + and underscores + rule: self.matches('^[a-zA-Z0-9_-]+$') + proxyUrl: + description: |- + proxyUrl defines an optional proxy URL. + If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + When omitted, no proxy is used. + Must be a valid URL with http or https scheme. + Must be between 1 and 2048 characters in length. + maxLength: 2048 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid URL with http or https scheme + rule: isURL(self) && (url(self).getScheme() == 'http' + || url(self).getScheme() == 'https') + queueConfig: + description: |- + queueConfig allows tuning configuration for remote write queue parameters. + When omitted, default queue configuration is used. + minProperties: 1 + properties: + batchSendDeadlineSeconds: + description: |- + batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + Minimum value is 1 second. + Maximum value is 3600 seconds (1 hour). + format: int32 + maximum: 3600 + minimum: 1 + type: integer + capacity: + description: |- + capacity is the number of samples to buffer per shard before we start dropping them. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is 10000. + Minimum value is 1. + Maximum value is 1000000. + format: int32 + maximum: 1000000 + minimum: 1 + type: integer + maxBackoffMilliseconds: + description: |- + maxBackoffMilliseconds is the maximum retry delay in milliseconds. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + Minimum value is 1 millisecond. + Maximum value is 3600000 milliseconds (1 hour). + format: int32 + maximum: 3600000 + minimum: 1 + type: integer + maxSamplesPerSend: + description: |- + maxSamplesPerSend is the maximum number of samples per send. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is 1000. + Minimum value is 1. + Maximum value is 100000. + format: int32 + maximum: 100000 + minimum: 1 + type: integer + maxShards: + description: |- + maxShards is the maximum number of shards, i.e. amount of concurrency. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is 200. + Minimum value is 1. + Maximum value is 10000. + format: int32 + maximum: 10000 + minimum: 1 + type: integer + minBackoffMilliseconds: + description: |- + minBackoffMilliseconds is the minimum retry delay in milliseconds. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + Minimum value is 1 millisecond. + Maximum value is 3600000 milliseconds (1 hour). + format: int32 + maximum: 3600000 + minimum: 1 + type: integer + minShards: + description: |- + minShards is the minimum number of shards, i.e. amount of concurrency. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is 1. + Minimum value is 1. + Maximum value is 10000. + format: int32 + maximum: 10000 + minimum: 1 + type: integer + rateLimitedAction: + description: |- + rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + When omitted, no retries are performed on rate limit responses. + When set to "Retry", Prometheus will retry such requests using the backoff settings above. + Valid value when set is "Retry". + enum: + - Retry + type: string + type: object + remoteTimeoutSeconds: + description: |- + remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + Minimum value is 1 second. + Maximum value is 600 seconds (10 minutes). + format: int32 + maximum: 600 + minimum: 1 + type: integer + tlsConfig: + description: |- + tlsConfig defines TLS authentication settings for the remote write endpoint. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + minProperties: 1 + properties: + ca: + description: |- + ca is an optional CA certificate to use for TLS connections. + When omitted, the system's default CA bundle is used. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + cert: + description: |- + cert is an optional client certificate to use for mutual TLS connections. + When omitted, no client certificate is presented. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + certificateVerification: + description: |- + certificateVerification determines the policy for TLS certificate verification. + Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is "Verify". + enum: + - Verify + - SkipVerify + type: string + key: + description: |- + key is an optional client key to use for mutual TLS connections. + When omitted, no client key is used. + properties: + key: + description: |- + key is the key of the secret to select from. + Must consist of alphanumeric characters, '-', '_', or '.'. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + '-', '_', or '.' + rule: self.matches('^[a-zA-Z0-9._-]+$') + name: + description: |- + name is the name of the secret in the `openshift-monitoring` namespace to select from. + Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid secret name (lowercase + alphanumeric characters, '-' or '.', start and + end with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + required: + - key + - name + type: object + x-kubernetes-map-type: atomic + serverName: + description: |- + serverName is an optional server name to use for TLS connections. + When specified, must be a valid DNS subdomain as per RFC 1123. + When omitted, the server name is derived from the URL. + Must be between 1 and 253 characters in length. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid DNS subdomain (lowercase + alphanumeric characters, '-' or '.', start and end + with alphanumeric) + rule: '!format.dns1123Subdomain().validate(self).hasValue()' + type: object + x-kubernetes-validations: + - message: cert and key must both be specified together + for mutual TLS, or both be omitted + rule: (has(self.cert) && has(self.key)) || (!has(self.cert) + && !has(self.key)) + url: + description: |- + url is the URL of the remote write endpoint. + Must be a valid URL with http or https scheme and a non-empty hostname. + Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + Empty string is invalid. Must be between 1 and 2048 characters in length. + maxLength: 2048 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must be a valid URL + rule: isURL(self) + - message: must use http or https scheme + rule: '!isURL(self) || url(self).getScheme() == ''http'' + || url(self).getScheme() == ''https''' + - message: must have a non-empty hostname + rule: '!isURL(self) || size(url(self).getHostname()) > + 0' + - message: query parameters are not allowed + rule: '!isURL(self) || url(self).getQuery().size() == + 0' + - message: fragments are not allowed + rule: '!self.matches(''.*#.*'')' + - message: user information (e.g. user:password@host) is + not allowed + rule: '!self.matches(''.*@.*'')' + writeRelabelConfigs: + description: |- + writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + When omitted, no relabeling is performed and all metrics are sent as-is. + Minimum of 1 and maximum of 10 relabeling rules can be specified. + Each rule must have a unique name. + items: + description: RelabelConfig represents a relabeling rule. + properties: + action: + description: |- + action defines the action to perform on the matched labels and its configuration. + Exactly one action-specific configuration must be specified based on the action type. + properties: + dropEqual: + description: |- + dropEqual configures the DropEqual action. + Required when type is DropEqual, and forbidden otherwise. + Requires Prometheus >= v2.41.0. + properties: + targetLabel: + description: |- + targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - targetLabel + type: object + hashMod: + description: |- + hashMod configures the HashMod action. + Required when type is HashMod, and forbidden otherwise. + properties: + modulus: + description: |- + modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + Required when using the HashMod action so the intended behavior is explicit. + Must be between 1 and 1000000. + format: int64 + maximum: 1000000 + minimum: 1 + type: integer + targetLabel: + description: |- + targetLabel is the label name where the hash modulus result is written. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - modulus + - targetLabel + type: object + keepEqual: + description: |- + keepEqual configures the KeepEqual action. + Required when type is KeepEqual, and forbidden otherwise. + Requires Prometheus >= v2.41.0. + properties: + targetLabel: + description: |- + targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - targetLabel + type: object + labelMap: + description: |- + labelMap configures the LabelMap action. + Required when type is LabelMap, and forbidden otherwise. + properties: + replacement: + description: |- + replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + Use "$1" for the first capture group, "$2" for the second, etc. + Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + maxLength: 255 + minLength: 1 + type: string + required: + - replacement + type: object + lowercase: + description: |- + lowercase configures the Lowercase action. + Required when type is Lowercase, and forbidden otherwise. + Requires Prometheus >= v2.36.0. + properties: + targetLabel: + description: |- + targetLabel is the label name where the lower-cased value is written. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - targetLabel + type: object + replace: + description: |- + replace configures the Replace action. + Required when type is Replace, and forbidden otherwise. + properties: + replacement: + description: |- + replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + Must be between 0 and 255 characters in length. + maxLength: 255 + minLength: 0 + type: string + targetLabel: + description: |- + targetLabel is the label name where the replacement result is written. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - replacement + - targetLabel + type: object + type: + description: |- + type specifies the action to perform on the matched labels. + Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + + When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + + When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + + When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + + When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + + When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + + When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + + When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + + When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + + When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + + When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + + When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + enum: + - Replace + - Keep + - Drop + - HashMod + - LabelMap + - LabelDrop + - LabelKeep + - Lowercase + - Uppercase + - KeepEqual + - DropEqual + type: string + uppercase: + description: |- + uppercase configures the Uppercase action. + Required when type is Uppercase, and forbidden otherwise. + Requires Prometheus >= v2.36.0. + properties: + targetLabel: + description: |- + targetLabel is the label name where the upper-cased value is written. + Must be between 1 and 128 characters in length. + maxLength: 128 + minLength: 1 + type: string + required: + - targetLabel + type: object + required: + - type + type: object + x-kubernetes-validations: + - message: replace is required when type is Replace, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Replace'' + ? has(self.replace) : !has(self.replace)' + - message: hashMod is required when type is HashMod, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''HashMod'' + ? has(self.hashMod) : !has(self.hashMod)' + - message: lowercase is required when type is Lowercase, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Lowercase'' + ? has(self.lowercase) : !has(self.lowercase)' + - message: uppercase is required when type is Uppercase, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''Uppercase'' + ? has(self.uppercase) : !has(self.uppercase)' + - message: keepEqual is required when type is KeepEqual, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''KeepEqual'' + ? has(self.keepEqual) : !has(self.keepEqual)' + - message: dropEqual is required when type is DropEqual, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''DropEqual'' + ? has(self.dropEqual) : !has(self.dropEqual)' + - message: labelMap is required when type is LabelMap, + and forbidden otherwise + rule: 'has(self.type) && self.type == ''LabelMap'' + ? has(self.labelMap) : !has(self.labelMap)' + name: + description: |- + name is a unique identifier for this relabel configuration. + Must contain only alphanumeric characters, hyphens, and underscores. + Must be between 1 and 63 characters in length. + maxLength: 63 + minLength: 1 + type: string + x-kubernetes-validations: + - message: must contain only alphanumeric characters, + hyphens, and underscores + rule: self.matches('^[a-zA-Z0-9_-]+$') + regex: + description: |- + regex is the regular expression to match against the concatenated source label values. + Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is "(.*)" to match everything. + Must be between 1 and 1000 characters in length when specified. + maxLength: 1000 + minLength: 1 + type: string + separator: + description: |- + separator is the character sequence used to join source label values. + Common examples: ";", ",", "::", "|||". + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is ";". + Must be between 1 and 5 characters in length when specified. + maxLength: 5 + minLength: 1 + type: string + sourceLabels: + description: |- + sourceLabels specifies which label names to extract from each series for this relabeling rule. + The values of these labels are joined together using the configured separator, + and the resulting string is then matched against the regular expression. + If a referenced label does not exist on a series, Prometheus substitutes an empty string. + When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + Each entry must be unique. + Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + items: + maxLength: 128 + minLength: 1 + type: string + x-kubernetes-validations: + - message: label names beginning with '__' (two + underscores) are reserved for internal Prometheus + use and are not allowed + rule: '!self.startsWith(''__'')' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: set + required: + - action + - name + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + required: + - name + - url + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + resources: + description: |- + resources defines the compute resource requests and limits for the Prometheus container. + This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + When not specified, defaults are used by the platform. Requests cannot exceed limits. + Each entry must have a unique resource name. + Minimum of 1 and maximum of 10 resource entries can be specified. + The current default values are: + resources: + - name: cpu + request: 4m + - name: memory + request: 40Mi + items: + description: ContainerResource defines a single resource requirement + for a container. + properties: + limit: + anyOf: + - type: integer + - type: string + description: |- + limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + This field is optional. + When request is specified, limit cannot be less than request. + The value must be greater than 0 when specified. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: limit must be a positive, non-zero quantity + rule: quantity(self).isGreaterThan(quantity('0')) + name: + description: |- + name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + This field is required. + name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + maxLength: 253 + minLength: 1 + type: string + x-kubernetes-validations: + - message: name must consist only of alphanumeric characters, + `-`, `_` and `.` and must start and end with an alphanumeric + character + rule: '!format.qualifiedName().validate(self).hasValue()' + request: + anyOf: + - type: integer + - type: string + description: |- + request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + This field is optional. + When limit is specified, request cannot be greater than limit. + maxLength: 20 + minLength: 1 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + x-kubernetes-validations: + - message: request must be a positive, non-zero quantity + rule: quantity(self).isGreaterThan(quantity('0')) + required: + - name + type: object + x-kubernetes-validations: + - message: at least one of request or limit must be set + rule: has(self.request) || has(self.limit) + - message: limit must be greater than or equal to request + rule: '!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) + >= 0' + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + retention: + description: |- + retention configures how long Prometheus retains metrics data and how much storage it can use. + When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit). + minProperties: 1 + properties: + durationInDays: + description: |- + durationInDays specifies how many days Prometheus will retain metrics data. + Prometheus automatically deletes data older than this duration. + When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The default value is 15. + Minimum value is 1 day. + Maximum value is 365 days (1 year). + format: int32 + maximum: 365 + minimum: 1 + type: integer + sizeInGiB: + description: |- + sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + can use for data blocks and the write-ahead log (WAL). + When the limit is reached, Prometheus will delete oldest data first. + When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + Minimum value is 1 GiB. + Maximum value is 16384 GiB (16 TiB). + format: int32 + maximum: 16384 + minimum: 1 + type: integer + type: object + tolerations: + description: |- + tolerations defines tolerations for the pods. + tolerations is optional. + + When omitted, this means the user has no opinion and the platform is left + to choose reasonable defaults. These defaults are subject to change over time. + Defaults are empty/unset. + Maximum length for this list is 10 + Minimum length for this list is 1 + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators). + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + topologySpreadConstraints: + description: |- + topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + across topology domains such as zones, nodes, or other user-defined labels. + topologySpreadConstraints is optional. + This helps improve high availability and resource efficiency by avoiding placing + too many replicas in the same failure domain. + + When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + Default is empty list. + Maximum length for this list is 10. + Minimum length for this list is 1 + Entries must have unique topologyKey and whenUnsatisfiable pairs. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + If this value is nil, the behavior is equivalent to the Honor policy. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + If this value is nil, the behavior is equivalent to the Ignore policy. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumeClaimTemplate: + description: |- + volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + configure the persistent volume claim, including storage class and volume size. + If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + across restarts. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + Users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nClaimResourceStatus can be in any + of following states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState set + when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState + set when resizing has failed in kubelet with a terminal + error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor + example: if expanding a PVC for more capacity - this + field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage - + the capacity of the volume.\n\t* Custom resources must + use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart + from above values - keys that are unprefixed or have + kubernetes.io prefix are considered\nreserved and hence + may not be used.\n\nCapacity reported here may be larger + than the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources alone + is used for quota calculation.\nIf a volume expansion + capacity request is lowered, allocatedResources is only\nlowered + if there are no expansion operations in progress and + if the actual volume capacity\nis equal or lower than + the requested capacity.\n\nA controller that receives + PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. For + example - a controller that\nonly is responsible for + resizing capacity of the volume, should ignore PVC updates + that change other valid\nresources associated with PVC." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as\n the specified VolumeAttributesClass not existing.\n + - InProgress\n InProgress indicates that the volume + is being modified.\n - Infeasible\n Infeasible + indicates that the request has been rejected as + invalid by the CSI driver. To\n\t resolve the error, + a valid VolumeAttributesClass needs to be specified.\nNote: + New statuses can be added in the future. Consumers + should check for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: object prometheusOperatorAdmissionWebhookConfig: description: |- prometheusOperatorAdmissionWebhookConfig is an optional field that can be used to configure the @@ -1335,7 +4034,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: limit must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) name: description: |- name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). @@ -1363,7 +4062,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: request must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) required: - name type: object @@ -1649,7 +4348,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: limit must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) name: description: |- name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). @@ -1677,7 +4376,7 @@ spec: x-kubernetes-int-or-string: true x-kubernetes-validations: - message: request must be a positive, non-zero quantity - rule: isQuantity(self) && quantity(self).isGreaterThan(quantity('0')) + rule: quantity(self).isGreaterThan(quantity('0')) required: - name type: object diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies.crd.yaml deleted file mode 100644 index 1b5c0cc4a4..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_imagepolicies.crd.yaml +++ /dev/null @@ -1,442 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1457 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - name: imagepolicies.config.openshift.io -spec: - group: config.openshift.io - names: - kind: ImagePolicy - listKind: ImagePolicyList - plural: imagepolicies - singular: imagepolicy - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - ImagePolicy holds namespace-wide configuration for image signature verification - - Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - properties: - policy: - description: |- - policy contains configuration to allow scopes to be verified, and defines how - images not matching the verification policy will be treated. - properties: - rootOfTrust: - description: rootOfTrust specifies the root of trust for the policy. - properties: - fulcioCAWithRekor: - description: |- - fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - For more information about Fulcio and Rekor, please refer to the document at: - https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - properties: - fulcioCAData: - description: |- - fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - fulcioCAData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - fulcioSubject: - description: fulcioSubject specifies OIDC issuer and the - email of the Fulcio authentication configuration. - properties: - oidcIssuer: - description: |- - oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - Example: "https://expected.OIDC.issuer/" - type: string - x-kubernetes-validations: - - message: oidcIssuer must be a valid URL - rule: isURL(self) - signedEmail: - description: |- - signedEmail holds the email address the the Fulcio certificate is issued for. - Example: "expected-signing-user@example.com" - type: string - x-kubernetes-validations: - - message: invalid email address - rule: self.matches('^\\S+@\\S+$') - required: - - oidcIssuer - - signedEmail - type: object - rekorKeyData: - description: |- - rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - rekorKeyData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - required: - - fulcioCAData - - fulcioSubject - - rekorKeyData - type: object - pki: - description: pki defines the root of trust based on Bring - Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and - corresponding intermediate certificates. - properties: - caIntermediatesData: - description: |- - caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - caIntermediatesData requires caRootsData to be set. - format: byte - maxLength: 8192 - type: string - x-kubernetes-validations: - - message: the caIntermediatesData must start with base64 - encoding of '-----BEGIN CERTIFICATE-----'. - rule: string(self).startsWith('-----BEGIN CERTIFICATE-----') - - message: the caIntermediatesData must end with base64 - encoding of '-----END CERTIFICATE-----'. - rule: string(self).endsWith('-----END CERTIFICATE-----\n') - || string(self).endsWith('-----END CERTIFICATE-----') - - message: caIntermediatesData must be base64 encoding - of valid PEM format data contain the same number of - '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' - markers. - rule: string(self).findAll('-----BEGIN CERTIFICATE-----').size() - == string(self).findAll('-----END CERTIFICATE-----').size() - caRootsData: - description: caRootsData contains base64-encoded data - of a certificate bundle PEM file, which contains one - or more CA roots in the PEM format. The total length - of the data must not exceed 8192 characters. - format: byte - maxLength: 8192 - type: string - x-kubernetes-validations: - - message: the caRootsData must start with base64 encoding - of '-----BEGIN CERTIFICATE-----'. - rule: string(self).startsWith('-----BEGIN CERTIFICATE-----') - - message: the caRootsData must end with base64 encoding - of '-----END CERTIFICATE-----'. - rule: string(self).endsWith('-----END CERTIFICATE-----\n') - || string(self).endsWith('-----END CERTIFICATE-----') - - message: caRootsData must be base64 encoding of valid - PEM format data contain the same number of '-----BEGIN - CERTIFICATE-----' and '-----END CERTIFICATE-----' - markers. - rule: string(self).findAll('-----BEGIN CERTIFICATE-----').size() - == string(self).findAll('-----END CERTIFICATE-----').size() - pkiCertificateSubject: - description: pkiCertificateSubject defines the requirements - imposed on the subject to which the certificate was - issued. - properties: - email: - description: |- - email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - The email should be a valid email address and at most 320 characters in length. - maxLength: 320 - type: string - x-kubernetes-validations: - - message: invalid email address in pkiCertificateSubject - rule: self.matches('^\\S+@\\S+$') - hostname: - description: |- - hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: hostname should be a valid dns 1123 subdomain - name, optionally prefixed by '*.'. It should consist - only of lowercase alphanumeric characters, hyphens, - periods and the optional preceding asterisk. - rule: 'self.startsWith(''*.'') ? !format.dns1123Subdomain().validate(self.replace(''*.'', - '''', 1)).hasValue() : !format.dns1123Subdomain().validate(self).hasValue()' - type: object - x-kubernetes-validations: - - message: at least one of email or hostname must be set - in pkiCertificateSubject - rule: has(self.email) || has(self.hostname) - required: - - caRootsData - - pkiCertificateSubject - type: object - policyType: - description: |- - policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - enum: - - PublicKey - - FulcioCAWithRekor - - PKI - type: string - publicKey: - description: publicKey defines the root of trust based on - a sigstore public key. - properties: - keyData: - description: |- - keyData contains inline base64-encoded data for the PEM format public key. - KeyData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - rekorKeyData: - description: |- - rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - rekorKeyData must be at most 8192 characters. - format: byte - maxLength: 8192 - type: string - required: - - keyData - type: object - required: - - policyType - type: object - x-kubernetes-validations: - - message: pki is required when policyType is PKI, and forbidden - otherwise - rule: 'has(self.policyType) && self.policyType == ''PKI'' ? - has(self.pki) : !has(self.pki)' - - message: publicKey is required when policyType is PublicKey, - and forbidden otherwise - rule: 'has(self.policyType) && self.policyType == ''PublicKey'' - ? has(self.publicKey) : !has(self.publicKey)' - - message: fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, - and forbidden otherwise - rule: 'has(self.policyType) && self.policyType == ''FulcioCAWithRekor'' - ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)' - signedIdentity: - description: signedIdentity specifies what image identity the - signature claims about the image. The required matchPolicy field - specifies the approach used in the verification process to verify - the identity in the signature and the actual image identity, - the default matchPolicy is "MatchRepoDigestOrExact". - properties: - exactRepository: - description: exactRepository is required if matchPolicy is - set to "ExactRepository". - properties: - repository: - description: |- - repository is the reference of the image identity to be matched. - The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid repository or prefix in the signedIdentity, - should not include the tag or digest - rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? - self.matches(''^(localhost:[0-9]+)$''): true' - - message: invalid repository or prefix in the signedIdentity - rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') - required: - - repository - type: object - matchPolicy: - description: |- - matchPolicy sets the type of matching to be used. - Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - If set matchPolicy to ExactRepository, then the exactRepository must be specified. - If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - enum: - - MatchRepoDigestOrExact - - MatchRepository - - ExactRepository - - RemapIdentity - type: string - remapIdentity: - description: remapIdentity is required if matchPolicy is set - to "RemapIdentity". - properties: - prefix: - description: |- - prefix is the prefix of the image identity to be matched. - If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid repository or prefix in the signedIdentity, - should not include the tag or digest - rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? - self.matches(''^(localhost:[0-9]+)$''): true' - - message: invalid repository or prefix in the signedIdentity - rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') - signedPrefix: - description: |- - signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid repository or prefix in the signedIdentity, - should not include the tag or digest - rule: 'self.matches(''.*:([\\w][\\w.-]{0,127})$'')? - self.matches(''^(localhost:[0-9]+)$''): true' - - message: invalid repository or prefix in the signedIdentity - rule: self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$') - required: - - prefix - - signedPrefix - type: object - required: - - matchPolicy - type: object - x-kubernetes-validations: - - message: exactRepository is required when matchPolicy is ExactRepository, - and forbidden otherwise - rule: '(has(self.matchPolicy) && self.matchPolicy == ''ExactRepository'') - ? has(self.exactRepository) : !has(self.exactRepository)' - - message: remapIdentity is required when matchPolicy is RemapIdentity, - and forbidden otherwise - rule: '(has(self.matchPolicy) && self.matchPolicy == ''RemapIdentity'') - ? has(self.remapIdentity) : !has(self.remapIdentity)' - required: - - rootOfTrust - type: object - scopes: - description: |- - scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - For additional details about the format, please refer to the document explaining the docker transport field, - which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - items: - maxLength: 512 - type: string - x-kubernetes-validations: - - message: invalid image scope format, scope must contain a fully - qualified domain name or 'localhost' - rule: 'size(self.split(''/'')[0].split(''.'')) == 1 ? self.split(''/'')[0].split(''.'')[0].split('':'')[0] - == ''localhost'' : true' - - message: invalid image scope with wildcard, a wildcard can only - be at the start of the domain and is only supported for subdomain - matching, not path matching - rule: 'self.contains(''*'') ? self.matches(''^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$'') - : true' - - message: invalid repository namespace or image specification in - the image scope - rule: '!self.contains(''*'') ? self.matches(''^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$'') - : true' - maxItems: 256 - type: array - x-kubernetes-list-type: set - required: - - policy - - scopes - type: object - status: - description: status contains the observed state of the resource. - properties: - conditions: - description: conditions provide details on the status of this API - Resource. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_pkis.crd.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_pkis.crd.yaml new file mode 100644 index 0000000000..6c93b0ece8 --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.crd-manifests/0000_10_config-operator_01_pkis.crd.yaml @@ -0,0 +1,441 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/2645 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: CustomNoUpgrade,DevPreviewNoUpgrade,TechPreviewNoUpgrade + name: pkis.config.openshift.io +spec: + group: config.openshift.io + names: + kind: PKI + listKind: PKIList + plural: pkis + singular: pki + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + PKI configures cryptographic parameters for certificates generated + internally by OpenShift components. + + Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + certificateManagement: + description: |- + certificateManagement specifies how PKI configuration is managed for internally-generated certificates. + This controls the certificate generation approach for all OpenShift components that create + certificates internally, including certificate authorities, serving certificates, and client certificates. + properties: + custom: + description: |- + custom contains administrator-specified cryptographic configuration. + Use the defaults and category override fields + to specify certificate generation parameters. + Required when mode is Custom, and forbidden otherwise. + minProperties: 1 + properties: + clientCertificates: + description: |- + clientCertificates optionally overrides certificate parameters for + client authentication certificates used to authenticate to servers. + When set, these parameters take precedence over defaults for all client certificates. + When omitted, the defaults are used for client certificates. + minProperties: 1 + properties: + key: + description: |- + key specifies the cryptographic parameters for the certificate's key pair. + Currently this is the only configurable parameter. When omitted in an + overrides entry, the key configuration from defaults is used. + properties: + algorithm: + description: |- + algorithm specifies the key generation algorithm. + Valid values are "RSA" and "ECDSA". + + When set to RSA, the rsa field must be specified and the generated key + will be an RSA key with the configured key size. + + When set to ECDSA, the ecdsa field must be specified and the generated key + will be an ECDSA key using the configured elliptic curve. + enum: + - RSA + - ECDSA + type: string + ecdsa: + description: |- + ecdsa specifies ECDSA key parameters. + Required when algorithm is ECDSA, and forbidden otherwise. + properties: + curve: + description: |- + curve specifies the NIST elliptic curve for ECDSA keys. + Valid values are "P256", "P384", and "P521". + + When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + providing 128-bit security. + + When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + providing 192-bit security. + + When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + providing 256-bit security. + enum: + - P256 + - P384 + - P521 + type: string + required: + - curve + type: object + rsa: + description: |- + rsa specifies RSA key parameters. + Required when algorithm is RSA, and forbidden otherwise. + properties: + keySize: + description: |- + keySize specifies the size of RSA keys in bits. + Valid values are multiples of 1024 from 2048 to 8192. + format: int32 + maximum: 8192 + minimum: 2048 + multipleOf: 1024 + type: integer + required: + - keySize + type: object + required: + - algorithm + type: object + x-kubernetes-validations: + - message: rsa is required when algorithm is RSA, and + forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''RSA'' + ? has(self.rsa) : !has(self.rsa)' + - message: ecdsa is required when algorithm is ECDSA, + and forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''ECDSA'' + ? has(self.ecdsa) : !has(self.ecdsa)' + type: object + defaults: + description: |- + defaults specifies the default certificate configuration that applies + to all certificates unless overridden by a category override. + properties: + key: + description: |- + key specifies the cryptographic parameters for the certificate's key pair. + This field is required in defaults to ensure all certificates have a + well-defined key configuration. + properties: + algorithm: + description: |- + algorithm specifies the key generation algorithm. + Valid values are "RSA" and "ECDSA". + + When set to RSA, the rsa field must be specified and the generated key + will be an RSA key with the configured key size. + + When set to ECDSA, the ecdsa field must be specified and the generated key + will be an ECDSA key using the configured elliptic curve. + enum: + - RSA + - ECDSA + type: string + ecdsa: + description: |- + ecdsa specifies ECDSA key parameters. + Required when algorithm is ECDSA, and forbidden otherwise. + properties: + curve: + description: |- + curve specifies the NIST elliptic curve for ECDSA keys. + Valid values are "P256", "P384", and "P521". + + When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + providing 128-bit security. + + When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + providing 192-bit security. + + When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + providing 256-bit security. + enum: + - P256 + - P384 + - P521 + type: string + required: + - curve + type: object + rsa: + description: |- + rsa specifies RSA key parameters. + Required when algorithm is RSA, and forbidden otherwise. + properties: + keySize: + description: |- + keySize specifies the size of RSA keys in bits. + Valid values are multiples of 1024 from 2048 to 8192. + format: int32 + maximum: 8192 + minimum: 2048 + multipleOf: 1024 + type: integer + required: + - keySize + type: object + required: + - algorithm + type: object + x-kubernetes-validations: + - message: rsa is required when algorithm is RSA, and + forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''RSA'' + ? has(self.rsa) : !has(self.rsa)' + - message: ecdsa is required when algorithm is ECDSA, + and forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''ECDSA'' + ? has(self.ecdsa) : !has(self.ecdsa)' + required: + - key + type: object + servingCertificates: + description: |- + servingCertificates optionally overrides certificate parameters for + TLS server certificates used to serve HTTPS endpoints. + When set, these parameters take precedence over defaults for all serving certificates. + When omitted, the defaults are used for serving certificates. + minProperties: 1 + properties: + key: + description: |- + key specifies the cryptographic parameters for the certificate's key pair. + Currently this is the only configurable parameter. When omitted in an + overrides entry, the key configuration from defaults is used. + properties: + algorithm: + description: |- + algorithm specifies the key generation algorithm. + Valid values are "RSA" and "ECDSA". + + When set to RSA, the rsa field must be specified and the generated key + will be an RSA key with the configured key size. + + When set to ECDSA, the ecdsa field must be specified and the generated key + will be an ECDSA key using the configured elliptic curve. + enum: + - RSA + - ECDSA + type: string + ecdsa: + description: |- + ecdsa specifies ECDSA key parameters. + Required when algorithm is ECDSA, and forbidden otherwise. + properties: + curve: + description: |- + curve specifies the NIST elliptic curve for ECDSA keys. + Valid values are "P256", "P384", and "P521". + + When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + providing 128-bit security. + + When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + providing 192-bit security. + + When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + providing 256-bit security. + enum: + - P256 + - P384 + - P521 + type: string + required: + - curve + type: object + rsa: + description: |- + rsa specifies RSA key parameters. + Required when algorithm is RSA, and forbidden otherwise. + properties: + keySize: + description: |- + keySize specifies the size of RSA keys in bits. + Valid values are multiples of 1024 from 2048 to 8192. + format: int32 + maximum: 8192 + minimum: 2048 + multipleOf: 1024 + type: integer + required: + - keySize + type: object + required: + - algorithm + type: object + x-kubernetes-validations: + - message: rsa is required when algorithm is RSA, and + forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''RSA'' + ? has(self.rsa) : !has(self.rsa)' + - message: ecdsa is required when algorithm is ECDSA, + and forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''ECDSA'' + ? has(self.ecdsa) : !has(self.ecdsa)' + type: object + signerCertificates: + description: |- + signerCertificates optionally overrides certificate parameters for + certificate authority (CA) certificates that sign other certificates. + When set, these parameters take precedence over defaults for all signer certificates. + When omitted, the defaults are used for signer certificates. + minProperties: 1 + properties: + key: + description: |- + key specifies the cryptographic parameters for the certificate's key pair. + Currently this is the only configurable parameter. When omitted in an + overrides entry, the key configuration from defaults is used. + properties: + algorithm: + description: |- + algorithm specifies the key generation algorithm. + Valid values are "RSA" and "ECDSA". + + When set to RSA, the rsa field must be specified and the generated key + will be an RSA key with the configured key size. + + When set to ECDSA, the ecdsa field must be specified and the generated key + will be an ECDSA key using the configured elliptic curve. + enum: + - RSA + - ECDSA + type: string + ecdsa: + description: |- + ecdsa specifies ECDSA key parameters. + Required when algorithm is ECDSA, and forbidden otherwise. + properties: + curve: + description: |- + curve specifies the NIST elliptic curve for ECDSA keys. + Valid values are "P256", "P384", and "P521". + + When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + providing 128-bit security. + + When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + providing 192-bit security. + + When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + providing 256-bit security. + enum: + - P256 + - P384 + - P521 + type: string + required: + - curve + type: object + rsa: + description: |- + rsa specifies RSA key parameters. + Required when algorithm is RSA, and forbidden otherwise. + properties: + keySize: + description: |- + keySize specifies the size of RSA keys in bits. + Valid values are multiples of 1024 from 2048 to 8192. + format: int32 + maximum: 8192 + minimum: 2048 + multipleOf: 1024 + type: integer + required: + - keySize + type: object + required: + - algorithm + type: object + x-kubernetes-validations: + - message: rsa is required when algorithm is RSA, and + forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''RSA'' + ? has(self.rsa) : !has(self.rsa)' + - message: ecdsa is required when algorithm is ECDSA, + and forbidden otherwise + rule: 'has(self.algorithm) && self.algorithm == ''ECDSA'' + ? has(self.ecdsa) : !has(self.ecdsa)' + type: object + required: + - defaults + type: object + mode: + description: |- + mode determines how PKI configuration is managed. + Valid values are "Unmanaged", "Default", and "Custom". + + When set to Unmanaged, components use their existing hardcoded certificate + generation behavior, exactly as if this feature did not exist. Each component + generates certificates using whatever parameters it was using before this + feature. While most components use RSA 2048, some may use different + parameters. Use of this mode might prevent upgrading to the next major + OpenShift release. + + When set to Default, OpenShift-recommended best practices for certificate + generation are applied. The specific parameters may evolve across OpenShift + releases to adopt improved cryptographic standards. In the initial release, + this matches Unmanaged behavior for each component. In future releases, this + may adopt ECDSA or larger RSA keys based on industry best practices. + Recommended for most customers who want to benefit from security improvements + automatically. + + When set to Custom, the certificate management parameters can be set + explicitly. Use the custom field to specify certificate generation parameters. + enum: + - Unmanaged + - Default + - Custom + type: string + required: + - mode + type: object + x-kubernetes-validations: + - message: custom is required when mode is Custom, and forbidden otherwise + rule: 'self.mode == ''Custom'' ? has(self.custom) : !has(self.custom)' + required: + - certificateManagement + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go index d648413ab5..ad6afabff9 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go @@ -11,6 +11,29 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { + *out = *in + out.Authorization = in.Authorization + if in.StaticConfigs != nil { + in, out := &in.StaticConfigs, &out.StaticConfigs + *out = make([]string, len(*in)) + copy(*out, *in) + } + out.TLSConfig = in.TLSConfig + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalAlertmanagerConfig. +func (in *AdditionalAlertmanagerConfig) DeepCopy() *AdditionalAlertmanagerConfig { + if in == nil { + return nil + } + out := new(AdditionalAlertmanagerConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AlertmanagerConfig) DeepCopyInto(out *AlertmanagerConfig) { *out = *in @@ -98,6 +121,23 @@ func (in *Audit) DeepCopy() *Audit { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthorizationConfig) DeepCopyInto(out *AuthorizationConfig) { + *out = *in + out.BearerToken = in.BearerToken + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationConfig. +func (in *AuthorizationConfig) DeepCopy() *AuthorizationConfig { + if in == nil { + return nil + } + out := new(AuthorizationConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Backup) DeepCopyInto(out *Backup) { *out = *in @@ -192,6 +232,24 @@ func (in *BackupStatus) DeepCopy() *BackupStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BasicAuth) DeepCopyInto(out *BasicAuth) { + *out = *in + out.Username = in.Username + out.Password = in.Password + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuth. +func (in *BasicAuth) DeepCopy() *BasicAuth { + if in == nil { + return nil + } + out := new(BasicAuth) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CRIOCredentialProviderConfig) DeepCopyInto(out *CRIOCredentialProviderConfig) { *out = *in @@ -302,27 +360,44 @@ func (in *CRIOCredentialProviderConfigStatus) DeepCopy() *CRIOCredentialProvider } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicy) DeepCopyInto(out *ClusterImagePolicy) { +func (in *CertificateConfig) DeepCopyInto(out *CertificateConfig) { + *out = *in + out.Key = in.Key + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateConfig. +func (in *CertificateConfig) DeepCopy() *CertificateConfig { + if in == nil { + return nil + } + out := new(CertificateConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterMonitoring) DeepCopyInto(out *ClusterMonitoring) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicy. -func (in *ClusterImagePolicy) DeepCopy() *ClusterImagePolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoring. +func (in *ClusterMonitoring) DeepCopy() *ClusterMonitoring { if in == nil { return nil } - out := new(ClusterImagePolicy) + out := new(ClusterMonitoring) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicy) DeepCopyObject() runtime.Object { +func (in *ClusterMonitoring) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -330,13 +405,13 @@ func (in *ClusterImagePolicy) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyList) DeepCopyInto(out *ClusterImagePolicyList) { +func (in *ClusterMonitoringList) DeepCopyInto(out *ClusterMonitoringList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]ClusterImagePolicy, len(*in)) + *out = make([]ClusterMonitoring, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -344,18 +419,18 @@ func (in *ClusterImagePolicyList) DeepCopyInto(out *ClusterImagePolicyList) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyList. -func (in *ClusterImagePolicyList) DeepCopy() *ClusterImagePolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoringList. +func (in *ClusterMonitoringList) DeepCopy() *ClusterMonitoringList { if in == nil { return nil } - out := new(ClusterImagePolicyList) + out := new(ClusterMonitoringList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicyList) DeepCopyObject() runtime.Object { +func (in *ClusterMonitoringList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -363,162 +438,124 @@ func (in *ClusterImagePolicyList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicySpec) DeepCopyInto(out *ClusterImagePolicySpec) { +func (in *ClusterMonitoringSpec) DeepCopyInto(out *ClusterMonitoringSpec) { *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) - } - in.Policy.DeepCopyInto(&out.Policy) + out.UserDefined = in.UserDefined + in.AlertmanagerConfig.DeepCopyInto(&out.AlertmanagerConfig) + in.PrometheusConfig.DeepCopyInto(&out.PrometheusConfig) + in.MetricsServerConfig.DeepCopyInto(&out.MetricsServerConfig) + in.PrometheusOperatorConfig.DeepCopyInto(&out.PrometheusOperatorConfig) + in.PrometheusOperatorAdmissionWebhookConfig.DeepCopyInto(&out.PrometheusOperatorAdmissionWebhookConfig) + in.OpenShiftStateMetricsConfig.DeepCopyInto(&out.OpenShiftStateMetricsConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicySpec. -func (in *ClusterImagePolicySpec) DeepCopy() *ClusterImagePolicySpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoringSpec. +func (in *ClusterMonitoringSpec) DeepCopy() *ClusterMonitoringSpec { if in == nil { return nil } - out := new(ClusterImagePolicySpec) + out := new(ClusterMonitoringSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyStatus) DeepCopyInto(out *ClusterImagePolicyStatus) { +func (in *ClusterMonitoringStatus) DeepCopyInto(out *ClusterMonitoringStatus) { *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyStatus. -func (in *ClusterImagePolicyStatus) DeepCopy() *ClusterImagePolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoringStatus. +func (in *ClusterMonitoringStatus) DeepCopy() *ClusterMonitoringStatus { if in == nil { return nil } - out := new(ClusterImagePolicyStatus) + out := new(ClusterMonitoringStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterMonitoring) DeepCopyInto(out *ClusterMonitoring) { +func (in *ContainerResource) DeepCopyInto(out *ContainerResource) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status + out.Request = in.Request.DeepCopy() + out.Limit = in.Limit.DeepCopy() return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoring. -func (in *ClusterMonitoring) DeepCopy() *ClusterMonitoring { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerResource. +func (in *ContainerResource) DeepCopy() *ContainerResource { if in == nil { return nil } - out := new(ClusterMonitoring) + out := new(ContainerResource) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterMonitoring) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterMonitoringList) DeepCopyInto(out *ClusterMonitoringList) { +func (in *CustomPKIPolicy) DeepCopyInto(out *CustomPKIPolicy) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterMonitoring, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + out.PKIProfile = in.PKIProfile return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoringList. -func (in *ClusterMonitoringList) DeepCopy() *ClusterMonitoringList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPKIPolicy. +func (in *CustomPKIPolicy) DeepCopy() *CustomPKIPolicy { if in == nil { return nil } - out := new(ClusterMonitoringList) + out := new(CustomPKIPolicy) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterMonitoringList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterMonitoringSpec) DeepCopyInto(out *ClusterMonitoringSpec) { +func (in *DefaultCertificateConfig) DeepCopyInto(out *DefaultCertificateConfig) { *out = *in - out.UserDefined = in.UserDefined - in.AlertmanagerConfig.DeepCopyInto(&out.AlertmanagerConfig) - in.MetricsServerConfig.DeepCopyInto(&out.MetricsServerConfig) - in.PrometheusOperatorConfig.DeepCopyInto(&out.PrometheusOperatorConfig) - in.PrometheusOperatorAdmissionWebhookConfig.DeepCopyInto(&out.PrometheusOperatorAdmissionWebhookConfig) + out.Key = in.Key return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoringSpec. -func (in *ClusterMonitoringSpec) DeepCopy() *ClusterMonitoringSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultCertificateConfig. +func (in *DefaultCertificateConfig) DeepCopy() *DefaultCertificateConfig { if in == nil { return nil } - out := new(ClusterMonitoringSpec) + out := new(DefaultCertificateConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterMonitoringStatus) DeepCopyInto(out *ClusterMonitoringStatus) { +func (in *DropEqualActionConfig) DeepCopyInto(out *DropEqualActionConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMonitoringStatus. -func (in *ClusterMonitoringStatus) DeepCopy() *ClusterMonitoringStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropEqualActionConfig. +func (in *DropEqualActionConfig) DeepCopy() *DropEqualActionConfig { if in == nil { return nil } - out := new(ClusterMonitoringStatus) + out := new(DropEqualActionConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ContainerResource) DeepCopyInto(out *ContainerResource) { +func (in *ECDSAKeyConfig) DeepCopyInto(out *ECDSAKeyConfig) { *out = *in - out.Request = in.Request.DeepCopy() - out.Limit = in.Limit.DeepCopy() return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContainerResource. -func (in *ContainerResource) DeepCopy() *ContainerResource { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ECDSAKeyConfig. +func (in *ECDSAKeyConfig) DeepCopy() *ECDSAKeyConfig { if in == nil { return nil } - out := new(ContainerResource) + out := new(ECDSAKeyConfig) in.DeepCopyInto(out) return out } @@ -567,68 +604,57 @@ func (in *GatherConfig) DeepCopy() *GatherConfig { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicy) DeepCopyInto(out *ImagePolicy) { +func (in *HashModActionConfig) DeepCopyInto(out *HashModActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicy. -func (in *ImagePolicy) DeepCopy() *ImagePolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HashModActionConfig. +func (in *HashModActionConfig) DeepCopy() *HashModActionConfig { if in == nil { return nil } - out := new(ImagePolicy) + out := new(HashModActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopyInto(out *ImagePolicyFulcioCAWithRekorRootOfTrust) { +func (in *InsightsDataGather) DeepCopyInto(out *InsightsDataGather) { *out = *in - if in.FulcioCAData != nil { - in, out := &in.FulcioCAData, &out.FulcioCAData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.FulcioSubject = in.FulcioSubject + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyFulcioCAWithRekorRootOfTrust. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopy() *ImagePolicyFulcioCAWithRekorRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGather. +func (in *InsightsDataGather) DeepCopy() *InsightsDataGather { if in == nil { return nil } - out := new(ImagePolicyFulcioCAWithRekorRootOfTrust) + out := new(InsightsDataGather) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *InsightsDataGather) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { +func (in *InsightsDataGatherList) DeepCopyInto(out *InsightsDataGatherList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]ImagePolicy, len(*in)) + *out = make([]InsightsDataGather, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -636,18 +662,18 @@ func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyList. -func (in *ImagePolicyList) DeepCopy() *ImagePolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherList. +func (in *InsightsDataGatherList) DeepCopy() *InsightsDataGatherList { if in == nil { return nil } - out := new(ImagePolicyList) + out := new(InsightsDataGatherList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicyList) DeepCopyObject() runtime.Object { +func (in *InsightsDataGatherList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -655,211 +681,149 @@ func (in *ImagePolicyList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPKIRootOfTrust) DeepCopyInto(out *ImagePolicyPKIRootOfTrust) { +func (in *InsightsDataGatherSpec) DeepCopyInto(out *InsightsDataGatherSpec) { *out = *in - if in.CertificateAuthorityRootsData != nil { - in, out := &in.CertificateAuthorityRootsData, &out.CertificateAuthorityRootsData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CertificateAuthorityIntermediatesData != nil { - in, out := &in.CertificateAuthorityIntermediatesData, &out.CertificateAuthorityIntermediatesData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.PKICertificateSubject = in.PKICertificateSubject + in.GatherConfig.DeepCopyInto(&out.GatherConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPKIRootOfTrust. -func (in *ImagePolicyPKIRootOfTrust) DeepCopy() *ImagePolicyPKIRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherSpec. +func (in *InsightsDataGatherSpec) DeepCopy() *InsightsDataGatherSpec { if in == nil { return nil } - out := new(ImagePolicyPKIRootOfTrust) + out := new(InsightsDataGatherSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopyInto(out *ImagePolicyPublicKeyRootOfTrust) { +func (in *InsightsDataGatherStatus) DeepCopyInto(out *InsightsDataGatherStatus) { *out = *in - if in.KeyData != nil { - in, out := &in.KeyData, &out.KeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPublicKeyRootOfTrust. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopy() *ImagePolicyPublicKeyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherStatus. +func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { if in == nil { return nil } - out := new(ImagePolicyPublicKeyRootOfTrust) + out := new(InsightsDataGatherStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicySpec) DeepCopyInto(out *ImagePolicySpec) { +func (in *KeepEqualActionConfig) DeepCopyInto(out *KeepEqualActionConfig) { *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) - } - in.Policy.DeepCopyInto(&out.Policy) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicySpec. -func (in *ImagePolicySpec) DeepCopy() *ImagePolicySpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeepEqualActionConfig. +func (in *KeepEqualActionConfig) DeepCopy() *KeepEqualActionConfig { if in == nil { return nil } - out := new(ImagePolicySpec) + out := new(KeepEqualActionConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyStatus) DeepCopyInto(out *ImagePolicyStatus) { +func (in *KeyConfig) DeepCopyInto(out *KeyConfig) { *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + out.RSA = in.RSA + out.ECDSA = in.ECDSA return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyStatus. -func (in *ImagePolicyStatus) DeepCopy() *ImagePolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyConfig. +func (in *KeyConfig) DeepCopy() *KeyConfig { if in == nil { return nil } - out := new(ImagePolicyStatus) + out := new(KeyConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImageSigstoreVerificationPolicy) DeepCopyInto(out *ImageSigstoreVerificationPolicy) { +func (in *Label) DeepCopyInto(out *Label) { *out = *in - in.RootOfTrust.DeepCopyInto(&out.RootOfTrust) - in.SignedIdentity.DeepCopyInto(&out.SignedIdentity) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSigstoreVerificationPolicy. -func (in *ImageSigstoreVerificationPolicy) DeepCopy() *ImageSigstoreVerificationPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Label. +func (in *Label) DeepCopy() *Label { if in == nil { return nil } - out := new(ImageSigstoreVerificationPolicy) + out := new(Label) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGather) DeepCopyInto(out *InsightsDataGather) { +func (in *LabelMapActionConfig) DeepCopyInto(out *LabelMapActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGather. -func (in *InsightsDataGather) DeepCopy() *InsightsDataGather { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LabelMapActionConfig. +func (in *LabelMapActionConfig) DeepCopy() *LabelMapActionConfig { if in == nil { return nil } - out := new(InsightsDataGather) + out := new(LabelMapActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *InsightsDataGather) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherList) DeepCopyInto(out *InsightsDataGatherList) { +func (in *LowercaseActionConfig) DeepCopyInto(out *LowercaseActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]InsightsDataGather, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherList. -func (in *InsightsDataGatherList) DeepCopy() *InsightsDataGatherList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LowercaseActionConfig. +func (in *LowercaseActionConfig) DeepCopy() *LowercaseActionConfig { if in == nil { return nil } - out := new(InsightsDataGatherList) + out := new(LowercaseActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *InsightsDataGatherList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherSpec) DeepCopyInto(out *InsightsDataGatherSpec) { +func (in *MetadataConfig) DeepCopyInto(out *MetadataConfig) { *out = *in - in.GatherConfig.DeepCopyInto(&out.GatherConfig) + out.Custom = in.Custom return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherSpec. -func (in *InsightsDataGatherSpec) DeepCopy() *InsightsDataGatherSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfig. +func (in *MetadataConfig) DeepCopy() *MetadataConfig { if in == nil { return nil } - out := new(InsightsDataGatherSpec) + out := new(MetadataConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherStatus) DeepCopyInto(out *InsightsDataGatherStatus) { +func (in *MetadataConfigCustom) DeepCopyInto(out *MetadataConfigCustom) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherStatus. -func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfigCustom. +func (in *MetadataConfigCustom) DeepCopy() *MetadataConfigCustom { if in == nil { return nil } - out := new(InsightsDataGatherStatus) + out := new(MetadataConfigCustom) in.DeepCopyInto(out) return out } @@ -910,155 +874,312 @@ func (in *MetricsServerConfig) DeepCopy() *MetricsServerConfig { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKICertificateSubject) DeepCopyInto(out *PKICertificateSubject) { +func (in *OAuth2) DeepCopyInto(out *OAuth2) { *out = *in + out.ClientID = in.ClientID + out.ClientSecret = in.ClientSecret + if in.Scopes != nil { + in, out := &in.Scopes, &out.Scopes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.EndpointParams != nil { + in, out := &in.EndpointParams, &out.EndpointParams + *out = make([]OAuth2EndpointParam, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateSubject. -func (in *PKICertificateSubject) DeepCopy() *PKICertificateSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2. +func (in *OAuth2) DeepCopy() *OAuth2 { if in == nil { return nil } - out := new(PKICertificateSubject) + out := new(OAuth2) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { +func (in *OAuth2EndpointParam) DeepCopyInto(out *OAuth2EndpointParam) { *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. -func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2EndpointParam. +func (in *OAuth2EndpointParam) DeepCopy() *OAuth2EndpointParam { if in == nil { return nil } - out := new(PersistentVolumeClaimReference) + out := new(OAuth2EndpointParam) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { +func (in *OpenShiftStateMetricsConfig) DeepCopyInto(out *OpenShiftStateMetricsConfig) { *out = *in - out.Claim = in.Claim + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. -func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenShiftStateMetricsConfig. +func (in *OpenShiftStateMetricsConfig) DeepCopy() *OpenShiftStateMetricsConfig { if in == nil { return nil } - out := new(PersistentVolumeConfig) + out := new(OpenShiftStateMetricsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyFulcioSubject) DeepCopyInto(out *PolicyFulcioSubject) { +func (in *PKI) DeepCopyInto(out *PKI) { *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyFulcioSubject. -func (in *PolicyFulcioSubject) DeepCopy() *PolicyFulcioSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKI. +func (in *PKI) DeepCopy() *PKI { if in == nil { return nil } - out := new(PolicyFulcioSubject) + out := new(PKI) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKI) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIdentity) DeepCopyInto(out *PolicyIdentity) { +func (in *PKICertificateManagement) DeepCopyInto(out *PKICertificateManagement) { *out = *in - if in.PolicyMatchExactRepository != nil { - in, out := &in.PolicyMatchExactRepository, &out.PolicyMatchExactRepository - *out = new(PolicyMatchExactRepository) - **out = **in + out.Custom = in.Custom + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateManagement. +func (in *PKICertificateManagement) DeepCopy() *PKICertificateManagement { + if in == nil { + return nil } - if in.PolicyMatchRemapIdentity != nil { - in, out := &in.PolicyMatchRemapIdentity, &out.PolicyMatchRemapIdentity - *out = new(PolicyMatchRemapIdentity) - **out = **in + out := new(PKICertificateManagement) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PKIList) DeepCopyInto(out *PKIList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PKI, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIdentity. -func (in *PolicyIdentity) DeepCopy() *PolicyIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIList. +func (in *PKIList) DeepCopy() *PKIList { if in == nil { return nil } - out := new(PolicyIdentity) + out := new(PKIList) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKIList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchExactRepository) DeepCopyInto(out *PolicyMatchExactRepository) { +func (in *PKIProfile) DeepCopyInto(out *PKIProfile) { *out = *in + out.Defaults = in.Defaults + out.SignerCertificates = in.SignerCertificates + out.ServingCertificates = in.ServingCertificates + out.ClientCertificates = in.ClientCertificates return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchExactRepository. -func (in *PolicyMatchExactRepository) DeepCopy() *PolicyMatchExactRepository { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIProfile. +func (in *PKIProfile) DeepCopy() *PKIProfile { if in == nil { return nil } - out := new(PolicyMatchExactRepository) + out := new(PKIProfile) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchRemapIdentity) DeepCopyInto(out *PolicyMatchRemapIdentity) { +func (in *PKISpec) DeepCopyInto(out *PKISpec) { *out = *in + out.CertificateManagement = in.CertificateManagement return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchRemapIdentity. -func (in *PolicyMatchRemapIdentity) DeepCopy() *PolicyMatchRemapIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKISpec. +func (in *PKISpec) DeepCopy() *PKISpec { if in == nil { return nil } - out := new(PolicyMatchRemapIdentity) + out := new(PKISpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRootOfTrust) DeepCopyInto(out *PolicyRootOfTrust) { +func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { *out = *in - if in.PublicKey != nil { - in, out := &in.PublicKey, &out.PublicKey - *out = new(ImagePolicyPublicKeyRootOfTrust) - (*in).DeepCopyInto(*out) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. +func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { + if in == nil { + return nil } - if in.FulcioCAWithRekor != nil { - in, out := &in.FulcioCAWithRekor, &out.FulcioCAWithRekor - *out = new(ImagePolicyFulcioCAWithRekorRootOfTrust) - (*in).DeepCopyInto(*out) + out := new(PersistentVolumeClaimReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { + *out = *in + out.Claim = in.Claim + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. +func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { + if in == nil { + return nil + } + out := new(PersistentVolumeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) { + *out = *in + if in.AdditionalAlertmanagerConfigs != nil { + in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs + *out = make([]AdditionalAlertmanagerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExternalLabels != nil { + in, out := &in.ExternalLabels, &out.ExternalLabels + *out = make([]Label, len(*in)) + copy(*out, *in) } - if in.PKI != nil { - in, out := &in.PKI, &out.PKI - *out = new(ImagePolicyPKIRootOfTrust) + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.RemoteWrite != nil { + in, out := &in.RemoteWrite, &out.RemoteWrite + *out = make([]RemoteWriteSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.Retention = in.Retention + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.VolumeClaimTemplate != nil { + in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate + *out = new(v1.PersistentVolumeClaim) (*in).DeepCopyInto(*out) } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRootOfTrust. -func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig. +func (in *PrometheusConfig) DeepCopy() *PrometheusConfig { if in == nil { return nil } - out := new(PolicyRootOfTrust) + out := new(PrometheusConfig) in.DeepCopyInto(out) return out } @@ -1137,6 +1258,200 @@ func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusRemoteWriteHeader) DeepCopyInto(out *PrometheusRemoteWriteHeader) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusRemoteWriteHeader. +func (in *PrometheusRemoteWriteHeader) DeepCopy() *PrometheusRemoteWriteHeader { + if in == nil { + return nil + } + out := new(PrometheusRemoteWriteHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *QueueConfig) DeepCopyInto(out *QueueConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueueConfig. +func (in *QueueConfig) DeepCopy() *QueueConfig { + if in == nil { + return nil + } + out := new(QueueConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RSAKeyConfig) DeepCopyInto(out *RSAKeyConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RSAKeyConfig. +func (in *RSAKeyConfig) DeepCopy() *RSAKeyConfig { + if in == nil { + return nil + } + out := new(RSAKeyConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelActionConfig) DeepCopyInto(out *RelabelActionConfig) { + *out = *in + in.Replace.DeepCopyInto(&out.Replace) + out.HashMod = in.HashMod + out.LabelMap = in.LabelMap + out.Lowercase = in.Lowercase + out.Uppercase = in.Uppercase + out.KeepEqual = in.KeepEqual + out.DropEqual = in.DropEqual + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelActionConfig. +func (in *RelabelActionConfig) DeepCopy() *RelabelActionConfig { + if in == nil { + return nil + } + out := new(RelabelActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelConfig) DeepCopyInto(out *RelabelConfig) { + *out = *in + if in.SourceLabels != nil { + in, out := &in.SourceLabels, &out.SourceLabels + *out = make([]string, len(*in)) + copy(*out, *in) + } + in.Action.DeepCopyInto(&out.Action) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelConfig. +func (in *RelabelConfig) DeepCopy() *RelabelConfig { + if in == nil { + return nil + } + out := new(RelabelConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteAuthorization) DeepCopyInto(out *RemoteWriteAuthorization) { + *out = *in + if in.SafeAuthorization != nil { + in, out := &in.SafeAuthorization, &out.SafeAuthorization + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + out.BearerToken = in.BearerToken + out.BasicAuth = in.BasicAuth + in.OAuth2.DeepCopyInto(&out.OAuth2) + out.Sigv4 = in.Sigv4 + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteAuthorization. +func (in *RemoteWriteAuthorization) DeepCopy() *RemoteWriteAuthorization { + if in == nil { + return nil + } + out := new(RemoteWriteAuthorization) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { + *out = *in + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]PrometheusRemoteWriteHeader, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.MetadataConfig = in.MetadataConfig + out.QueueConfig = in.QueueConfig + out.TLSConfig = in.TLSConfig + if in.WriteRelabelConfigs != nil { + in, out := &in.WriteRelabelConfigs, &out.WriteRelabelConfigs + *out = make([]RelabelConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteSpec. +func (in *RemoteWriteSpec) DeepCopy() *RemoteWriteSpec { + if in == nil { + return nil + } + out := new(RemoteWriteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReplaceActionConfig) DeepCopyInto(out *ReplaceActionConfig) { + *out = *in + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplaceActionConfig. +func (in *ReplaceActionConfig) DeepCopy() *ReplaceActionConfig { + if in == nil { + return nil + } + out := new(ReplaceActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Retention) DeepCopyInto(out *Retention) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Retention. +func (in *Retention) DeepCopy() *Retention { + if in == nil { + return nil + } + out := new(Retention) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RetentionNumberConfig) DeepCopyInto(out *RetentionNumberConfig) { *out = *in @@ -1195,6 +1510,40 @@ func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. +func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { + if in == nil { + return nil + } + out := new(SecretKeySelector) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Sigv4) DeepCopyInto(out *Sigv4) { + *out = *in + out.AccessKey = in.AccessKey + out.SecretKey = in.SecretKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Sigv4. +func (in *Sigv4) DeepCopy() *Sigv4 { + if in == nil { + return nil + } + out := new(Sigv4) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Storage) DeepCopyInto(out *Storage) { *out = *in @@ -1216,6 +1565,41 @@ func (in *Storage) DeepCopy() *Storage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { + *out = *in + out.CA = in.CA + out.Cert = in.Cert + out.Key = in.Key + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig. +func (in *TLSConfig) DeepCopy() *TLSConfig { + if in == nil { + return nil + } + out := new(TLSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UppercaseActionConfig) DeepCopyInto(out *UppercaseActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UppercaseActionConfig. +func (in *UppercaseActionConfig) DeepCopy() *UppercaseActionConfig { + if in == nil { + return nil + } + out := new(UppercaseActionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserDefinedMonitoring) DeepCopyInto(out *UserDefinedMonitoring) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 14091b5872..b2a1241937 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -44,30 +44,6 @@ criocredentialproviderconfigs.config.openshift.io: - CRIOCredentialProviderConfig Version: v1alpha1 -clusterimagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: clusterimagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ClusterImagePolicy - Labels: {} - PluralName: clusterimagepolicies - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - SigstoreImageVerification - Version: v1alpha1 - clustermonitorings.config.openshift.io: Annotations: description: Cluster Monitoring Operators configuration API @@ -92,50 +68,49 @@ clustermonitorings.config.openshift.io: - ClusterMonitoringConfig Version: v1alpha1 -imagepolicies.config.openshift.io: +insightsdatagathers.config.openshift.io: Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: imagepolicies.config.openshift.io - Capability: "" + ApprovedPRNumber: https://github.com/openshift/api/pull/1245 + CRDName: insightsdatagathers.config.openshift.io + Capability: Insights Category: "" FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI + - InsightsConfig FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" GroupName: config.openshift.io HasStatus: true - KindName: ImagePolicy + KindName: InsightsDataGather Labels: {} - PluralName: imagepolicies + PluralName: insightsdatagathers PrinterColumns: [] - Scope: Namespaced + Scope: Cluster ShortNames: null TopLevelFeatureGates: - - SigstoreImageVerification + - InsightsConfig Version: v1alpha1 -insightsdatagathers.config.openshift.io: +pkis.config.openshift.io: Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1245 - CRDName: insightsdatagathers.config.openshift.io - Capability: Insights + ApprovedPRNumber: https://github.com/openshift/api/pull/2645 + CRDName: pkis.config.openshift.io + Capability: "" Category: "" FeatureGates: - - InsightsConfig + - ConfigurablePKI FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" GroupName: config.openshift.io - HasStatus: true - KindName: InsightsDataGather + HasStatus: false + KindName: PKI Labels: {} - PluralName: insightsdatagathers + PluralName: pkis PrinterColumns: [] Scope: Cluster ShortNames: null TopLevelFeatureGates: - - InsightsConfig + - ConfigurablePKI Version: v1alpha1 diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go index 343947f591..b79cbbf774 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -80,42 +80,19 @@ func (RetentionSizeConfig) SwaggerDoc() map[string]string { return map_RetentionSizeConfig } -var map_ClusterImagePolicy = map[string]string{ - "": "ClusterImagePolicy holds cluster-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec contains the configuration for the cluster image policy.", - "status": "status contains the observed state of the resource.", -} - -func (ClusterImagePolicy) SwaggerDoc() map[string]string { - return map_ClusterImagePolicy -} - -var map_ClusterImagePolicyList = map[string]string{ - "": "ClusterImagePolicyList is a list of ClusterImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (ClusterImagePolicyList) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyList -} - -var map_ClusterImagePolicySpec = map[string]string{ - "": "CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", -} - -func (ClusterImagePolicySpec) SwaggerDoc() map[string]string { - return map_ClusterImagePolicySpec +var map_AdditionalAlertmanagerConfig = map[string]string{ + "": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + "name": "name is a unique identifier for this Alertmanager configuration entry. The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, hyphens, or periods, and must start and end with an alphanumeric character. Minimum length is 1 character (empty string is invalid). Maximum length is 253 characters.", + "authorization": "authorization configures the authentication method for Alertmanager connections. Supports bearer token authentication. When omitted, no authentication is used.", + "pathPrefix": "pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. For example, if your Alertmanager is behind a reverse proxy at \"/alertmanager/\", set this to \"/alertmanager\" so requests go to \"/alertmanager/api/v1/alerts\" instead of \"/api/v1/alerts\". This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. When no prefix is needed, omit this field; do not set it to \"/\" as that would produce paths with double slashes (e.g. \"//api/v1/alerts\"). Must start with \"/\", must not end with \"/\", and must not be exactly \"/\". Must not contain query strings (\"?\") or fragments (\"#\").", + "scheme": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `HTTP` or `HTTPS`. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `HTTP`.", + "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address (in brackets) followed by a colon and a valid port number (1-65535). Examples: \"alertmanager.example.com:9093\", \"192.168.1.100:9093\", \"[::1]:9093\" At least one endpoint must be specified (minimum 1, maximum 10 endpoints). Each entry must be unique and non-empty (empty string is invalid).", + "timeoutSeconds": "timeoutSeconds defines the timeout in seconds for requests to Alertmanager. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently the default is 10 seconds. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } -var map_ClusterImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", -} - -func (ClusterImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyStatus +func (AdditionalAlertmanagerConfig) SwaggerDoc() map[string]string { + return map_AdditionalAlertmanagerConfig } var map_AlertmanagerConfig = map[string]string{ @@ -136,7 +113,7 @@ var map_AlertmanagerCustomConfig = map[string]string{ "secrets": "secrets defines a list of secrets that need to be mounted into the Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They will be added as volumes named secret- and mounted at /etc/alertmanager/secrets/ within the 'alertmanager' container of the Alertmanager Pods.\n\nThese secrets can be used to authenticate Alertmanager with endpoint receivers. For example, you can use secrets to: - Provide certificates for TLS authentication with receivers that require private CA certificates - Store credentials for Basic HTTP authentication with receivers that require password-based auth - Store any other authentication credentials needed by your alert receivers\n\nThis field is optional. Maximum length for this list is 10. Minimum length for this list is 1. Entries in this list must be unique.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts. This field is optional.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts.", } func (AlertmanagerCustomConfig) SwaggerDoc() map[string]string { @@ -152,6 +129,26 @@ func (Audit) SwaggerDoc() map[string]string { return map_Audit } +var map_AuthorizationConfig = map[string]string{ + "": "AuthorizationConfig defines the authentication method for Alertmanager connections.", + "type": "type specifies the authentication type to use. Valid value is \"BearerToken\" (bearer token authentication). When set to BearerToken, the bearerToken field must be specified.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise. The secret must exist in the openshift-monitoring namespace.", +} + +func (AuthorizationConfig) SwaggerDoc() map[string]string { + return map_AuthorizationConfig +} + +var map_BasicAuth = map[string]string{ + "": "BasicAuth defines basic authentication settings for the remote write endpoint URL.", + "username": "username defines the secret reference containing the username for basic authentication. The secret must exist in the openshift-monitoring namespace.", + "password": "password defines the secret reference containing the password for basic authentication. The secret must exist in the openshift-monitoring namespace.", +} + +func (BasicAuth) SwaggerDoc() map[string]string { + return map_BasicAuth +} + var map_ClusterMonitoring = map[string]string{ "": "ClusterMonitoring is the Custom Resource object which holds the current status of Cluster Monitoring Operator. CMO is a central component of the monitoring stack.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. ClusterMonitoring is the Schema for the Cluster Monitoring Operators API", "metadata": "metadata is the standard object metadata.", @@ -177,9 +174,11 @@ var map_ClusterMonitoringSpec = map[string]string{ "": "ClusterMonitoringSpec defines the desired state of Cluster Monitoring Operator", "userDefined": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "alertmanagerConfig": "alertmanagerConfig allows users to configure how the default Alertmanager instance should be deployed in the `openshift-monitoring` namespace. alertmanagerConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `DefaultConfig`.", + "prometheusConfig": "prometheusConfig provides configuration options for the default platform Prometheus instance that runs in the `openshift-monitoring` namespace. This configuration applies only to the platform Prometheus instance; user-workload Prometheus instances are configured separately.\n\nThis field allows you to customize how the platform Prometheus is deployed and operated, including:\n - Pod scheduling (node selectors, tolerations, topology spread constraints)\n - Resource allocation (CPU, memory requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write, additional alertmanagers)\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "metricsServerConfig": "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorConfig": "prometheusOperatorConfig is an optional field that can be used to configure the Prometheus Operator component. Specifically, it can configure how the Prometheus Operator instance is deployed, pod scheduling, and resource allocation. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorAdmissionWebhookConfig": "prometheusOperatorAdmissionWebhookConfig is an optional field that can be used to configure the admission webhook component of Prometheus Operator that runs in the openshift-monitoring namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects to ensure they are semantically valid, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "openShiftStateMetricsConfig": "openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } func (ClusterMonitoringSpec) SwaggerDoc() map[string]string { @@ -205,6 +204,81 @@ func (ContainerResource) SwaggerDoc() map[string]string { return map_ContainerResource } +var map_DropEqualActionConfig = map[string]string{ + "": "DropEqualActionConfig configures the DropEqual action. Drops targets for which the concatenated source_labels do match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. Must be between 1 and 128 characters in length.", +} + +func (DropEqualActionConfig) SwaggerDoc() map[string]string { + return map_DropEqualActionConfig +} + +var map_HashModActionConfig = map[string]string{ + "": "HashModActionConfig configures the HashMod action. target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus).", + "targetLabel": "targetLabel is the label name where the hash modulus result is written. Must be between 1 and 128 characters in length.", + "modulus": "modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). Required when using the HashMod action so the intended behavior is explicit. Must be between 1 and 1000000.", +} + +func (HashModActionConfig) SwaggerDoc() map[string]string { + return map_HashModActionConfig +} + +var map_KeepEqualActionConfig = map[string]string{ + "": "KeepEqualActionConfig configures the KeepEqual action. Drops targets for which the concatenated source_labels do not match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. Must be between 1 and 128 characters in length.", +} + +func (KeepEqualActionConfig) SwaggerDoc() map[string]string { + return map_KeepEqualActionConfig +} + +var map_Label = map[string]string{ + "": "Label represents a key/value pair for external labels.", + "key": "key is the name of the label. Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. Must be between 1 and 128 characters in length.", + "value": "value is the value of the label. Must be between 1 and 128 characters in length.", +} + +func (Label) SwaggerDoc() map[string]string { + return map_Label +} + +var map_LabelMapActionConfig = map[string]string{ + "": "LabelMapActionConfig configures the LabelMap action. Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted.", + "replacement": "replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names.", +} + +func (LabelMapActionConfig) SwaggerDoc() map[string]string { + return map_LabelMapActionConfig +} + +var map_LowercaseActionConfig = map[string]string{ + "": "LowercaseActionConfig configures the Lowercase action. Maps the concatenated source_labels to their lower case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the lower-cased value is written. Must be between 1 and 128 characters in length.", +} + +func (LowercaseActionConfig) SwaggerDoc() map[string]string { + return map_LowercaseActionConfig +} + +var map_MetadataConfig = map[string]string{ + "": "MetadataConfig defines whether and how to send series metadata to remote write storage.", + "sendPolicy": "sendPolicy specifies whether to send metadata and how it is configured. Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). Custom: send metadata using the settings in the custom field.", + "custom": "custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default.", +} + +func (MetadataConfig) SwaggerDoc() map[string]string { + return map_MetadataConfig +} + +var map_MetadataConfigCustom = map[string]string{ + "": "MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds).", + "sendIntervalSeconds": "sendIntervalSeconds is the interval in seconds at which metadata is sent. When omitted, the platform chooses a reasonable default (e.g. 30 seconds). Minimum value is 1 second. Maximum value is 86400 seconds (24 hours).", +} + +func (MetadataConfigCustom) SwaggerDoc() map[string]string { + return map_MetadataConfigCustom +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", @@ -219,6 +293,62 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } +var map_OAuth2 = map[string]string{ + "": "OAuth2 defines OAuth2 authentication settings for the remote write endpoint.", + "clientId": "clientId defines the secret reference containing the OAuth2 client ID. The secret must exist in the openshift-monitoring namespace.", + "clientSecret": "clientSecret defines the secret reference containing the OAuth2 client secret. The secret must exist in the openshift-monitoring namespace.", + "tokenUrl": "tokenUrl is the URL to fetch the token from. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "scopes": "scopes is a list of OAuth2 scopes to request. When omitted, no scopes are requested. Maximum of 20 scopes can be specified. Each scope must be between 1 and 256 characters.", + "endpointParams": "endpointParams defines additional parameters to append to the token URL. When omitted, no additional parameters are sent. Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key).", +} + +func (OAuth2) SwaggerDoc() map[string]string { + return map_OAuth2 +} + +var map_OAuth2EndpointParam = map[string]string{ + "": "OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL.", + "name": "name is the parameter name. Must be between 1 and 256 characters.", + "value": "value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the external system expects a parameter with an empty value (e.g. ?parameter=\"\"). Must be between 0 and 2048 characters when present (aligned with common URL length recommendations).", +} + +func (OAuth2EndpointParam) SwaggerDoc() map[string]string { + return map_OAuth2EndpointParam +} + +var map_OpenShiftStateMetricsConfig = map[string]string{ + "": "OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the openshift-state-metrics container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 32Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", +} + +func (OpenShiftStateMetricsConfig) SwaggerDoc() map[string]string { + return map_OpenShiftStateMetricsConfig +} + +var map_PrometheusConfig = map[string]string{ + "": "PrometheusConfig provides configuration options for the Prometheus instance. Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. This is useful for organizations that need to:\n - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks)\n - Route different types of alerts to different teams or systems\n - Integrate with existing enterprise alerting infrastructure\n - Maintain separate alert routing for compliance or organizational requirements\nWhen omitted, no additional Alertmanager instances are configured (default behavior). When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "enforcedBodySizeLimitBytes": "enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. This helps protect Prometheus from targets that return excessively large responses. The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). When omitted, the Cluster Monitoring Operator automatically calculates an appropriate limit based on cluster capacity. Set an explicit value to override the automatic calculation. Minimum value is 10240 (10kB). Maximum value is 1073741824 (1GB).", + "externalLabels": "externalLabels defines labels to be attached to time series and alerts when communicating with external systems such as federation, remote storage, and Alertmanager. These labels are not stored with metrics on disk; they are only added when data leaves Prometheus (e.g., during federation queries, remote write, or alert notifications). At least 1 label must be specified when set, with a maximum of 50 labels allowed. Each label key must be unique within this list. When omitted, no external labels are applied.", + "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least one key-value pair (minimum of 1) and must not contain more than 10 entries.", + "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. Must be an absolute path starting with `/` or a simple filename without path separators. Must not contain consecutive slashes, end with a slash, or include '..' path traversal. Must contain only alphanumeric characters, '.', '_', '-', or '/'. Must be between 1 and 255 characters in length.", + "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. Remote write allows Prometheus to send metrics it collects to external long-term storage systems. When omitted, no remote write endpoints are configured. When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. Each entry must have a unique resource name. Minimum of 1 and maximum of 10 resource entries can be specified. The current default values are:\n resources:\n - name: cpu\n request: 4m\n - name: memory\n request: 40Mi", + "retention": "retention configures how long Prometheus retains metrics data and how much storage it can use. When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit).", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `Full` or `Minimal`. In the `Full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `Minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `Full`.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts.", +} + +func (PrometheusConfig) SwaggerDoc() map[string]string { + return map_PrometheusConfig +} + var map_PrometheusOperatorAdmissionWebhookConfig = map[string]string{ "": "PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions.", "resources": "resources defines the compute resource requests and limits for the prometheus-operator-admission-webhook container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n limit: null\n - name: memory\n request: 30Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", @@ -242,191 +372,204 @@ func (PrometheusOperatorConfig) SwaggerDoc() map[string]string { return map_PrometheusOperatorConfig } -var map_UserDefinedMonitoring = map[string]string{ - "": "UserDefinedMonitoring config for user-defined projects.", - "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", +var map_PrometheusRemoteWriteHeader = map[string]string{ + "": "PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. Validation is enforced on the Headers field in RemoteWriteSpec.", + "name": "name is the HTTP header name. Must not be a reserved header (see type documentation). Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters.", + "value": "value is the HTTP header value. Must be at most 4096 characters.", } -func (UserDefinedMonitoring) SwaggerDoc() map[string]string { - return map_UserDefinedMonitoring +func (PrometheusRemoteWriteHeader) SwaggerDoc() map[string]string { + return map_PrometheusRemoteWriteHeader } -var map_CRIOCredentialProviderConfig = map[string]string{ - "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", - "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", +var map_QueueConfig = map[string]string{ + "": "QueueConfig allows tuning configuration for remote write queue parameters. Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429.", + "capacity": "capacity is the number of samples to buffer per shard before we start dropping them. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 10000. Minimum value is 1. Maximum value is 1000000.", + "maxShards": "maxShards is the maximum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 200. Minimum value is 1. Maximum value is 10000.", + "minShards": "minShards is the minimum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1. Minimum value is 1. Maximum value is 10000.", + "maxSamplesPerSend": "maxSamplesPerSend is the maximum number of samples per send. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1000. Minimum value is 1. Maximum value is 100000.", + "batchSendDeadlineSeconds": "batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 3600 seconds (1 hour).", + "minBackoffMilliseconds": "minBackoffMilliseconds is the minimum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "maxBackoffMilliseconds": "maxBackoffMilliseconds is the maximum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "rateLimitedAction": "rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). When omitted, no retries are performed on rate limit responses. When set to \"Retry\", Prometheus will retry such requests using the backoff settings above. Valid value when set is \"Retry\".", } -func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfig +func (QueueConfig) SwaggerDoc() map[string]string { + return map_QueueConfig } -var map_CRIOCredentialProviderConfigList = map[string]string{ - "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_RelabelActionConfig = map[string]string{ + "": "RelabelActionConfig represents the action to perform and its configuration. Exactly one action-specific configuration must be specified based on the action type.", + "type": "type specifies the action to perform on the matched labels. Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep.\n\nWhen set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place.\n\nWhen set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0.\n\nWhen set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0.\n\nWhen set to Keep, targets for which regex does not match the concatenated source_labels are dropped.\n\nWhen set to Drop, targets for which regex matches the concatenated source_labels are dropped.\n\nWhen set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels.\n\nWhen set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted.\n\nWhen set to LabelDrop, regex is matched against all label names; any label that matches is removed.\n\nWhen set to LabelKeep, regex is matched against all label names; any label that does not match is removed.", + "replace": "replace configures the Replace action. Required when type is Replace, and forbidden otherwise.", + "hashMod": "hashMod configures the HashMod action. Required when type is HashMod, and forbidden otherwise.", + "labelMap": "labelMap configures the LabelMap action. Required when type is LabelMap, and forbidden otherwise.", + "lowercase": "lowercase configures the Lowercase action. Required when type is Lowercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "uppercase": "uppercase configures the Uppercase action. Required when type is Uppercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "keepEqual": "keepEqual configures the KeepEqual action. Required when type is KeepEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", + "dropEqual": "dropEqual configures the DropEqual action. Required when type is DropEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", } -func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigList +func (RelabelActionConfig) SwaggerDoc() map[string]string { + return map_RelabelActionConfig } -var map_CRIOCredentialProviderConfigSpec = map[string]string{ - "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", - "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", +var map_RelabelConfig = map[string]string{ + "": "RelabelConfig represents a relabeling rule.", + "name": "name is a unique identifier for this relabel configuration. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "sourceLabels": "sourceLabels specifies which label names to extract from each series for this relabeling rule. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression. If a referenced label does not exist on a series, Prometheus substitutes an empty string. When omitted, the rule operates without extracting source labels (useful for actions like labelmap). Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. Each entry must be unique. Label names beginning with \"__\" (two underscores) are reserved for internal Prometheus use and are not allowed. Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.).", + "separator": "separator is the character sequence used to join source label values. Common examples: \";\", \",\", \"::\", \"|||\". When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \";\". Must be between 1 and 5 characters in length when specified.", + "regex": "regex is the regular expression to match against the concatenated source label values. Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"(.*)\" to match everything. Must be between 1 and 1000 characters in length when specified.", + "action": "action defines the action to perform on the matched labels and its configuration. Exactly one action-specific configuration must be specified based on the action type.", } -func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigSpec -} - -var map_CRIOCredentialProviderConfigStatus = map[string]string{ - "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", - "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", +func (RelabelConfig) SwaggerDoc() map[string]string { + return map_RelabelConfig } -func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigStatus +var map_RemoteWriteAuthorization = map[string]string{ + "": "RemoteWriteAuthorization defines the authorization method for a remote write endpoint. Exactly one of the nested configs must be set according to the type discriminator.", + "type": "type specifies the authorization method to use. Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount.\n\nWhen set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field.\n\nWhen set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set.\n\nWhen set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set.\n\nWhen set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set.\n\nWhen set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field.\n\nWhen set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path.", + "safeAuthorization": "safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). Required when type is \"SafeAuthorization\", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise.", + "basicAuth": "basicAuth defines HTTP basic authentication credentials. Required when type is \"BasicAuth\", and forbidden otherwise.", + "oauth2": "oauth2 defines OAuth2 client credentials authentication. Required when type is \"OAuth2\", and forbidden otherwise.", + "sigv4": "sigv4 defines AWS Signature Version 4 authentication. Required when type is \"SigV4\", and forbidden otherwise.", } -var map_ImagePolicy = map[string]string{ - "": "ImagePolicy holds namespace-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec holds user settable values for configuration", - "status": "status contains the observed state of the resource.", +func (RemoteWriteAuthorization) SwaggerDoc() map[string]string { + return map_RemoteWriteAuthorization } -func (ImagePolicy) SwaggerDoc() map[string]string { - return map_ImagePolicy +var map_RemoteWriteSpec = map[string]string{ + "": "RemoteWriteSpec represents configuration for remote write endpoints.", + "url": "url is the URL of the remote write endpoint. Must be a valid URL with http or https scheme and a non-empty hostname. Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. Empty string is invalid. Must be between 1 and 2048 characters in length.", + "name": "name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). This name is used in metrics and logging to differentiate remote write queues. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "authorization": "authorization defines the authorization method for the remote write endpoint. When omitted, no authorization is performed. When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config).", + "headers": "headers specifies the custom HTTP headers to be sent along with each remote write request. Sending custom headers makes the configuration of a proxy in between optional and helps the receiver recognize the given source better. Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. When omitted, no custom headers are sent. Maximum of 50 headers can be specified. Each header name must be unique. Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate).", + "metadataConfig": "metadataConfig configures the sending of series metadata to remote storage. When omitted, no metadata is sent. When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds).", + "proxyUrl": "proxyUrl defines an optional proxy URL. If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. When omitted, no proxy is used. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "queueConfig": "queueConfig allows tuning configuration for remote write queue parameters. When omitted, default queue configuration is used.", + "remoteTimeoutSeconds": "remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "exemplarsMode": "exemplarsMode controls whether exemplars are sent via remote write. Valid values are \"Send\", \"DoNotSend\" and omitted. When set to \"Send\", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. When omitted or set to \"DoNotSend\", exemplars are not sent.", + "tlsConfig": "tlsConfig defines TLS authentication settings for the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "writeRelabelConfigs": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. When omitted, no relabeling is performed and all metrics are sent as-is. Minimum of 1 and maximum of 10 relabeling rules can be specified. Each rule must have a unique name.", } -var map_ImagePolicyFulcioCAWithRekorRootOfTrust = map[string]string{ - "": "ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key.", - "fulcioCAData": "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "fulcioSubject": "fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration.", +func (RemoteWriteSpec) SwaggerDoc() map[string]string { + return map_RemoteWriteSpec } -func (ImagePolicyFulcioCAWithRekorRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyFulcioCAWithRekorRootOfTrust +var map_ReplaceActionConfig = map[string]string{ + "": "ReplaceActionConfig configures the Replace action. Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match.", + "targetLabel": "targetLabel is the label name where the replacement result is written. Must be between 1 and 128 characters in length.", + "replacement": "replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Use an empty string (\"\") to explicitly clear the target label value. Must be between 0 and 255 characters in length.", } -var map_ImagePolicyList = map[string]string{ - "": "ImagePolicyList is a list of ImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +func (ReplaceActionConfig) SwaggerDoc() map[string]string { + return map_ReplaceActionConfig } -func (ImagePolicyList) SwaggerDoc() map[string]string { - return map_ImagePolicyList +var map_Retention = map[string]string{ + "": "Retention configures how long Prometheus retains metrics data and how much storage it can use.", + "durationInDays": "durationInDays specifies how many days Prometheus will retain metrics data. Prometheus automatically deletes data older than this duration. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 15. Minimum value is 1 day. Maximum value is 365 days (1 year).", + "sizeInGiB": "sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus can use for data blocks and the write-ahead log (WAL). When the limit is reached, Prometheus will delete oldest data first. When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. Minimum value is 1 GiB. Maximum value is 16384 GiB (16 TiB).", } -var map_ImagePolicyPKIRootOfTrust = map[string]string{ - "": "ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates.", - "caRootsData": "caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. ", - "caIntermediatesData": "caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. caIntermediatesData requires caRootsData to be set. ", - "pkiCertificateSubject": "pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", +func (Retention) SwaggerDoc() map[string]string { + return map_Retention } -func (ImagePolicyPKIRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPKIRootOfTrust +var map_SecretKeySelector = map[string]string{ + "": "SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace.", + "name": "name is the name of the secret in the `openshift-monitoring` namespace to select from. Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). Must be between 1 and 253 characters in length.", + "key": "key is the key of the secret to select from. Must consist of alphanumeric characters, '-', '_', or '.'. Must be between 1 and 253 characters in length.", } -var map_ImagePolicyPublicKeyRootOfTrust = map[string]string{ - "": "ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key.", - "keyData": "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", +func (SecretKeySelector) SwaggerDoc() map[string]string { + return map_SecretKeySelector } -func (ImagePolicyPublicKeyRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPublicKeyRootOfTrust +var map_Sigv4 = map[string]string{ + "": "Sigv4 defines AWS Signature Version 4 authentication settings. At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication.", + "region": "region is the AWS region. When omitted, the region is derived from the environment or instance metadata. Must be between 1 and 128 characters.", + "accessKey": "accessKey defines the secret reference containing the AWS access key ID. The secret must exist in the openshift-monitoring namespace. When omitted, the access key is derived from the environment or instance metadata.", + "secretKey": "secretKey defines the secret reference containing the AWS secret access key. The secret must exist in the openshift-monitoring namespace. When omitted, the secret key is derived from the environment or instance metadata.", + "profile": "profile is the named AWS profile used to authenticate. When omitted, the default profile is used. Must be between 1 and 128 characters.", + "roleArn": "roleArn is the AWS Role ARN, an alternative to using AWS API keys. When omitted, API keys are used for authentication. Must be a valid AWS ARN format (e.g., \"arn:aws:iam::123456789012:role/MyRole\"). Must be between 1 and 512 characters.", } -var map_ImagePolicySpec = map[string]string{ - "": "ImagePolicySpec is the specification of the ImagePolicy CRD.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", +func (Sigv4) SwaggerDoc() map[string]string { + return map_Sigv4 } -func (ImagePolicySpec) SwaggerDoc() map[string]string { - return map_ImagePolicySpec +var map_TLSConfig = map[string]string{ + "": "TLSConfig represents TLS configuration for Alertmanager connections. At least one TLS configuration option must be specified. For mutual TLS (mTLS), both cert and key must be specified together, or both omitted.", + "ca": "ca is an optional CA certificate to use for TLS connections. When omitted, the system's default CA bundle is used.", + "cert": "cert is an optional client certificate to use for mutual TLS connections. When omitted, no client certificate is presented.", + "key": "key is an optional client key to use for mutual TLS connections. When omitted, no client key is used.", + "serverName": "serverName is an optional server name to use for TLS connections. When specified, must be a valid DNS subdomain as per RFC 1123. When omitted, the server name is derived from the URL. Must be between 1 and 253 characters in length.", + "certificateVerification": "certificateVerification determines the policy for TLS certificate verification. Allowed values are \"Verify\" (performs certificate verification, secure) and \"SkipVerify\" (skips verification, insecure). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"Verify\".", } -var map_ImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", +func (TLSConfig) SwaggerDoc() map[string]string { + return map_TLSConfig } -func (ImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ImagePolicyStatus +var map_UppercaseActionConfig = map[string]string{ + "": "UppercaseActionConfig configures the Uppercase action. Maps the concatenated source_labels to their upper case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the upper-cased value is written. Must be between 1 and 128 characters in length.", } -var map_ImageSigstoreVerificationPolicy = map[string]string{ - "": "ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list.", - "rootOfTrust": "rootOfTrust specifies the root of trust for the policy.", - "signedIdentity": "signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is \"MatchRepoDigestOrExact\".", +func (UppercaseActionConfig) SwaggerDoc() map[string]string { + return map_UppercaseActionConfig } -func (ImageSigstoreVerificationPolicy) SwaggerDoc() map[string]string { - return map_ImageSigstoreVerificationPolicy -} - -var map_PKICertificateSubject = map[string]string{ - "": "PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", - "email": "email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. The email should be a valid email address and at most 320 characters in length.", - "hostname": "hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk.", -} - -func (PKICertificateSubject) SwaggerDoc() map[string]string { - return map_PKICertificateSubject -} - -var map_PolicyFulcioSubject = map[string]string{ - "": "PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration.", - "oidcIssuer": "oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. Example: \"https://expected.OIDC.issuer/\"", - "signedEmail": "signedEmail holds the email address the the Fulcio certificate is issued for. Example: \"expected-signing-user@example.com\"", +var map_UserDefinedMonitoring = map[string]string{ + "": "UserDefinedMonitoring config for user-defined projects.", + "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", } -func (PolicyFulcioSubject) SwaggerDoc() map[string]string { - return map_PolicyFulcioSubject +func (UserDefinedMonitoring) SwaggerDoc() map[string]string { + return map_UserDefinedMonitoring } -var map_PolicyIdentity = map[string]string{ - "": "PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is \"MatchRepoDigestOrExact\".", - "matchPolicy": "matchPolicy sets the type of matching to be used. Valid values are \"MatchRepoDigestOrExact\", \"MatchRepository\", \"ExactRepository\", \"RemapIdentity\". When omitted, the default value is \"MatchRepoDigestOrExact\". If set matchPolicy to ExactRepository, then the exactRepository must be specified. If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. \"MatchRepoDigestOrExact\" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. \"MatchRepository\" means that the identity in the signature must be in the same repository as the image identity. \"ExactRepository\" means that the identity in the signature must be in the same repository as a specific identity specified by \"repository\". \"RemapIdentity\" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the \"prefix\" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix.", - "exactRepository": "exactRepository is required if matchPolicy is set to \"ExactRepository\".", - "remapIdentity": "remapIdentity is required if matchPolicy is set to \"RemapIdentity\".", +var map_CRIOCredentialProviderConfig = map[string]string{ + "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", + "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", } -func (PolicyIdentity) SwaggerDoc() map[string]string { - return map_PolicyIdentity +func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfig } -var map_PolicyMatchExactRepository = map[string]string{ - "repository": "repository is the reference of the image identity to be matched. The value should be a repository name (by omitting the tag or digest) in a registry implementing the \"Docker Registry HTTP API V2\". For example, docker.io/library/busybox", +var map_CRIOCredentialProviderConfigList = map[string]string{ + "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", } -func (PolicyMatchExactRepository) SwaggerDoc() map[string]string { - return map_PolicyMatchExactRepository +func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigList } -var map_PolicyMatchRemapIdentity = map[string]string{ - "prefix": "prefix is the prefix of the image identity to be matched. If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", - "signedPrefix": "signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as \"prefix\". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", +var map_CRIOCredentialProviderConfigSpec = map[string]string{ + "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", + "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", } -func (PolicyMatchRemapIdentity) SwaggerDoc() map[string]string { - return map_PolicyMatchRemapIdentity +func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigSpec } -var map_PolicyRootOfTrust = map[string]string{ - "": "PolicyRootOfTrust defines the root of trust based on the selected policyType.", - "policyType": "policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. \"PublicKey\" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. \"FulcioCAWithRekor\" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. \"PKI\" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", - "publicKey": "publicKey defines the root of trust based on a sigstore public key.", - "fulcioCAWithRekor": "fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. For more information about Fulcio and Rekor, please refer to the document at: https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor", - "pki": "pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates.", +var map_CRIOCredentialProviderConfigStatus = map[string]string{ + "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", + "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", } -func (PolicyRootOfTrust) SwaggerDoc() map[string]string { - return map_PolicyRootOfTrust +func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigStatus } var map_GatherConfig = map[string]string{ @@ -497,4 +640,110 @@ func (Storage) SwaggerDoc() map[string]string { return map_Storage } +var map_CertificateConfig = map[string]string{ + "": "CertificateConfig specifies configuration parameters for certificates. At least one property must be specified.", + "key": "key specifies the cryptographic parameters for the certificate's key pair. Currently this is the only configurable parameter. When omitted in an overrides entry, the key configuration from defaults is used.", +} + +func (CertificateConfig) SwaggerDoc() map[string]string { + return map_CertificateConfig +} + +var map_CustomPKIPolicy = map[string]string{ + "": "CustomPKIPolicy contains administrator-specified cryptographic configuration. Administrators must specify defaults for all certificates and may optionally override specific categories of certificates.", +} + +func (CustomPKIPolicy) SwaggerDoc() map[string]string { + return map_CustomPKIPolicy +} + +var map_DefaultCertificateConfig = map[string]string{ + "": "DefaultCertificateConfig specifies the default certificate configuration parameters. All fields are required to ensure that defaults are fully specified for all certificates.", + "key": "key specifies the cryptographic parameters for the certificate's key pair. This field is required in defaults to ensure all certificates have a well-defined key configuration.", +} + +func (DefaultCertificateConfig) SwaggerDoc() map[string]string { + return map_DefaultCertificateConfig +} + +var map_ECDSAKeyConfig = map[string]string{ + "": "ECDSAKeyConfig specifies parameters for ECDSA key generation.", + "curve": "curve specifies the NIST elliptic curve for ECDSA keys. Valid values are \"P256\", \"P384\", and \"P521\".\n\nWhen set to P256, the NIST P-256 curve (also known as secp256r1) is used, providing 128-bit security.\n\nWhen set to P384, the NIST P-384 curve (also known as secp384r1) is used, providing 192-bit security.\n\nWhen set to P521, the NIST P-521 curve (also known as secp521r1) is used, providing 256-bit security.", +} + +func (ECDSAKeyConfig) SwaggerDoc() map[string]string { + return map_ECDSAKeyConfig +} + +var map_KeyConfig = map[string]string{ + "": "KeyConfig specifies cryptographic parameters for key generation.", + "algorithm": "algorithm specifies the key generation algorithm. Valid values are \"RSA\" and \"ECDSA\".\n\nWhen set to RSA, the rsa field must be specified and the generated key will be an RSA key with the configured key size.\n\nWhen set to ECDSA, the ecdsa field must be specified and the generated key will be an ECDSA key using the configured elliptic curve.", + "rsa": "rsa specifies RSA key parameters. Required when algorithm is RSA, and forbidden otherwise.", + "ecdsa": "ecdsa specifies ECDSA key parameters. Required when algorithm is ECDSA, and forbidden otherwise.", +} + +func (KeyConfig) SwaggerDoc() map[string]string { + return map_KeyConfig +} + +var map_PKI = map[string]string{ + "": "PKI configures cryptographic parameters for certificates generated internally by OpenShift components.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec holds user settable values for configuration", +} + +func (PKI) SwaggerDoc() map[string]string { + return map_PKI +} + +var map_PKICertificateManagement = map[string]string{ + "": "PKICertificateManagement determines whether components use hardcoded defaults (Unmanaged), follow OpenShift best practices (Default), or use administrator-specified cryptographic parameters (Custom). This provides flexibility for organizations with specific compliance requirements or security policies while maintaining backwards compatibility for existing clusters.", + "mode": "mode determines how PKI configuration is managed. Valid values are \"Unmanaged\", \"Default\", and \"Custom\".\n\nWhen set to Unmanaged, components use their existing hardcoded certificate generation behavior, exactly as if this feature did not exist. Each component generates certificates using whatever parameters it was using before this feature. While most components use RSA 2048, some may use different parameters. Use of this mode might prevent upgrading to the next major OpenShift release.\n\nWhen set to Default, OpenShift-recommended best practices for certificate generation are applied. The specific parameters may evolve across OpenShift releases to adopt improved cryptographic standards. In the initial release, this matches Unmanaged behavior for each component. In future releases, this may adopt ECDSA or larger RSA keys based on industry best practices. Recommended for most customers who want to benefit from security improvements automatically.\n\nWhen set to Custom, the certificate management parameters can be set explicitly. Use the custom field to specify certificate generation parameters.", + "custom": "custom contains administrator-specified cryptographic configuration. Use the defaults and category override fields to specify certificate generation parameters. Required when mode is Custom, and forbidden otherwise.", +} + +func (PKICertificateManagement) SwaggerDoc() map[string]string { + return map_PKICertificateManagement +} + +var map_PKIList = map[string]string{ + "": "PKIList is a collection of PKI resources.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "items": "items is a list of PKI resources", +} + +func (PKIList) SwaggerDoc() map[string]string { + return map_PKIList +} + +var map_PKIProfile = map[string]string{ + "": "PKIProfile defines the certificate generation parameters that OpenShift components use to create certificates. Category overrides take precedence over defaults.", + "defaults": "defaults specifies the default certificate configuration that applies to all certificates unless overridden by a category override.", + "signerCertificates": "signerCertificates optionally overrides certificate parameters for certificate authority (CA) certificates that sign other certificates. When set, these parameters take precedence over defaults for all signer certificates. When omitted, the defaults are used for signer certificates.", + "servingCertificates": "servingCertificates optionally overrides certificate parameters for TLS server certificates used to serve HTTPS endpoints. When set, these parameters take precedence over defaults for all serving certificates. When omitted, the defaults are used for serving certificates.", + "clientCertificates": "clientCertificates optionally overrides certificate parameters for client authentication certificates used to authenticate to servers. When set, these parameters take precedence over defaults for all client certificates. When omitted, the defaults are used for client certificates.", +} + +func (PKIProfile) SwaggerDoc() map[string]string { + return map_PKIProfile +} + +var map_PKISpec = map[string]string{ + "": "PKISpec holds the specification for PKI configuration.", + "certificateManagement": "certificateManagement specifies how PKI configuration is managed for internally-generated certificates. This controls the certificate generation approach for all OpenShift components that create certificates internally, including certificate authorities, serving certificates, and client certificates.", +} + +func (PKISpec) SwaggerDoc() map[string]string { + return map_PKISpec +} + +var map_RSAKeyConfig = map[string]string{ + "": "RSAKeyConfig specifies parameters for RSA key generation.", + "keySize": "keySize specifies the size of RSA keys in bits. Valid values are multiples of 1024 from 2048 to 8192.", +} + +func (RSAKeyConfig) SwaggerDoc() map[string]string { + return map_RSAKeyConfig +} + // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/envtest-releases.yaml b/vendor/github.com/openshift/api/envtest-releases.yaml index e495e02796..9ab6d63a6f 100644 --- a/vendor/github.com/openshift/api/envtest-releases.yaml +++ b/vendor/github.com/openshift/api/envtest-releases.yaml @@ -77,3 +77,16 @@ releases: envtest-v1.34.1-linux-arm64.tar.gz: hash: e2ee7e47ceeba56624fd869922ab9851200482ef835c09fe3dd57c9806a992a7e1f56641906510ebb095514953aa8a3af68d45a82be45b94981a50e894ac6e42 selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.34.1-linux-arm64.tar.gz + v1.35.1: + envtest-v1.35.1-darwin-amd64.tar.gz: + hash: 8b788ca564d0d2d49000b572b9c83a87f71978b7dcbb0c969dde5bf8923869dcb5860b8f905af9a3772431ba7e575c4215d1bcfa5d2857bd8db440272f252ddd + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-darwin-amd64.tar.gz + envtest-v1.35.1-darwin-arm64.tar.gz: + hash: d650d7a96c69efdc7321579d597b9dbd9ef71df5ea1e0f00815edb31eb0f4a40599fe223b9d0f2a114be32657ff842136a3ab65e646b08a0fce50d6871bcec71 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-darwin-arm64.tar.gz + envtest-v1.35.1-linux-amd64.tar.gz: + hash: 70e4e66f842d53cce174a3499feb04e0493ada374148c687da4e7ddc0e20e10dd6fa5e2cd765bd80b7d3dca3cd8388460503a0335e15f71212b333386fb3c2b1 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-linux-amd64.tar.gz + envtest-v1.35.1-linux-arm64.tar.gz: + hash: 309308f9c66f9e2e5192c65a333a388faaaa903841f26f8a96b8f13a5eb3039bcbb818ef6ddbb5803a9cfa9b25e37249a0aed5d472badb25539696569923f87f + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-linux-arm64.tar.gz diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md index e237ef4fd3..69bdc61b76 100644 --- a/vendor/github.com/openshift/api/features.md +++ b/vendor/github.com/openshift/api/features.md @@ -8,12 +8,17 @@ | ShortCertRotation| | | | | | | | | | ClusterAPIComputeInstall| | | Enabled | Enabled | | | | | | ClusterAPIControlPlaneInstall| | | Enabled | Enabled | | | | | +| ClusterUpdatePreflight| | | Enabled | Enabled | | | | | | Example2| | | Enabled | Enabled | | | | | +| ExternalOIDCExternalClaimsSourcing| | | Enabled | Enabled | | | | | | ExternalSnapshotMetadata| | | Enabled | Enabled | | | | | | KMSEncryptionProvider| | | Enabled | Enabled | | | | | +| MachineAPIMigrationVSphere| | | Enabled | Enabled | | | | | | NetworkConnect| | | Enabled | Enabled | | | | | | NewOLMBoxCutterRuntime| | | | Enabled | | | | Enabled | | NewOLMCatalogdAPIV1Metas| | | | Enabled | | | | Enabled | +| NewOLMConfigAPI| | | | Enabled | | | | Enabled | +| NewOLMOwnSingleNamespace| | | | Enabled | | | | Enabled | | NewOLMPreflightPermissionChecks| | | | Enabled | | | | Enabled | | NoRegistryClusterInstall| | | | Enabled | | | | Enabled | | ProvisioningRequestAvailable| | | Enabled | Enabled | | | | | @@ -21,14 +26,13 @@ | AWSClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AWSDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | | AWSDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | -| AWSServiceLBNetworkSecurityGroup| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSEuropeanSovereignCloudInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AdditionalStorageConfig| | | Enabled | Enabled | | | Enabled | Enabled | | AutomatedEtcdBackup| | | Enabled | Enabled | | | Enabled | Enabled | | AzureClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AzureDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | | AzureDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AzureMultiDisk| | | Enabled | Enabled | | | Enabled | Enabled | -| BootImageSkewEnforcement| | | Enabled | Enabled | | | Enabled | Enabled | | BootcNodeManagement| | | Enabled | Enabled | | | Enabled | Enabled | | CBORServingAndStorage| | | Enabled | Enabled | | | Enabled | Enabled | | CRDCompatibilityRequirementOperator| | | Enabled | Enabled | | | Enabled | Enabled | @@ -75,42 +79,35 @@ | MultiDiskSetup| | | Enabled | Enabled | | | Enabled | Enabled | | MutatingAdmissionPolicy| | | Enabled | Enabled | | | Enabled | Enabled | | NewOLM| | Enabled | | Enabled | | Enabled | | Enabled | -| NewOLMOwnSingleNamespace| | Enabled | | Enabled | | Enabled | | Enabled | | NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | | Enabled | +| NoOverlayMode| | | Enabled | Enabled | | | Enabled | Enabled | | NutanixMultiSubnets| | | Enabled | Enabled | | | Enabled | Enabled | | OSStreams| | | Enabled | Enabled | | | Enabled | Enabled | | OVNObservability| | | Enabled | Enabled | | | Enabled | Enabled | | OnPremDNSRecords| | | Enabled | Enabled | | | Enabled | Enabled | | SELinuxMount| | | Enabled | Enabled | | | Enabled | Enabled | | SignatureStores| | | Enabled | Enabled | | | Enabled | Enabled | +| TLSAdherence| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereConfigurableMaxAllowedBlockVolumesPerNode| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereHostVMGroupZonal| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereMixedNodeEnv| | | Enabled | Enabled | | | Enabled | Enabled | | VolumeGroupSnapshot| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSServiceLBNetworkSecurityGroup| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled | | AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| BootImageSkewEnforcement| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ConsolePluginContentSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDC| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDCWithUIDAndExtraClaimMappings| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | GCPClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GatewayAPI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GatewayAPIController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| HighlyAvailableArbiter| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ImageStreamImportMode| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ImageVolume| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsOnDemandDataGather| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| MachineConfigNodes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ManagedBootImagesCPMS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesvSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MetricsCollectionProfiles| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MutableCSINodeAllocatableCount| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PinnedImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | RouteExternalCertificate| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ServiceAccountTokenNodeBinding| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | SigstoreImageVerification| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/vendor/github.com/openshift/api/features/features.go b/vendor/github.com/openshift/api/features/features.go index acb93316d6..6715d9e8ad 100644 --- a/vendor/github.com/openshift/api/features/features.go +++ b/vendor/github.com/openshift/api/features/features.go @@ -99,14 +99,6 @@ var ( enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateGatewayAPI = newFeatureGate("GatewayAPI"). - reportProblemsToJiraComponent("Routing"). - contactPerson("miciah"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission"). reportProblemsToJiraComponent("auth"). contactPerson("ibihim"). @@ -210,6 +202,14 @@ var ( enable(inDevPreviewNoUpgrade()). mustRegister() + FeatureGateNoOverlayMode = newFeatureGate("NoOverlayMode"). + reportProblemsToJiraComponent("Networking/ovn-kubernetes"). + contactPerson("pliurh"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1859"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + FeatureGateEVPN = newFeatureGate("EVPN"). reportProblemsToJiraComponent("Networking/ovn-kubernetes"). contactPerson("jcaamano"). @@ -257,14 +257,6 @@ var ( enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateMachineConfigNodes = newFeatureGate("MachineConfigNodes"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("ijanssen"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1765"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateImageModeStatusReporting = newFeatureGate("ImageModeStatusReporting"). reportProblemsToJiraComponent("MachineConfigOperator"). contactPerson("ijanssen"). @@ -312,38 +304,6 @@ var ( enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateManagedBootImages = newFeatureGate("ManagedBootImages"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("djoshy"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - - FeatureGateManagedBootImagesAWS = newFeatureGate("ManagedBootImagesAWS"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("djoshy"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - - FeatureGateManagedBootImagesvSphere = newFeatureGate("ManagedBootImagesvSphere"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("rsaini"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1496"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - - FeatureGateManagedBootImagesAzure = newFeatureGate("ManagedBootImagesAzure"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("djoshy"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1761"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateManagedBootImagesCPMS = newFeatureGate("ManagedBootImagesCPMS"). reportProblemsToJiraComponent("MachineConfigOperator"). contactPerson("djoshy"). @@ -357,7 +317,7 @@ var ( contactPerson("djoshy"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1761"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateBootcNodeManagement = newFeatureGate("BootcNodeManagement"). @@ -384,14 +344,6 @@ var ( enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGatePinnedImages = newFeatureGate("PinnedImages"). - reportProblemsToJiraComponent("MachineConfigOperator"). - contactPerson("RishabhSaini"). - productScope(ocpSpecific). - enhancementPR(legacyFeatureGateWithoutEnhancement). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateAdditionalStorageConfig = newFeatureGate("AdditionalStorageConfig"). reportProblemsToJiraComponent("node"). contactPerson("saschagrunert"). @@ -448,6 +400,14 @@ var ( enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + FeatureGateExternalOIDCExternalClaimsSourcing = newFeatureGate("ExternalOIDCExternalClaimsSourcing"). + reportProblemsToJiraComponent("authentication"). + contactPerson("bpalmer"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1907"). + enable(inDevPreviewNoUpgrade()). + mustRegister() + FeatureGateExample = newFeatureGate("Example"). reportProblemsToJiraComponent("cluster-config"). contactPerson("deads"). @@ -493,7 +453,7 @@ var ( contactPerson("nschieder"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1849"). - enable(inClusterProfile(SelfManaged), inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(SelfManaged), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() FeatureGateNewOLMWebhookProviderOpenshiftServiceCA = newFeatureGate("NewOLMWebhookProviderOpenshiftServiceCA"). @@ -512,6 +472,14 @@ var ( enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + FeatureGateNewOLMConfigAPI = newFeatureGate("NewOLMConfigAPI"). + reportProblemsToJiraComponent("olm"). + contactPerson("tmshort"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1915"). + enable(inClusterProfile(SelfManaged), inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + FeatureGateInsightsOnDemandDataGather = newFeatureGate("InsightsOnDemandDataGather"). reportProblemsToJiraComponent("insights"). contactPerson("tremes"). @@ -567,6 +535,13 @@ var ( enhancementPR("https://github.com/openshift/enhancements/pull/1465"). enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() + FeatureGateMachineAPIMigrationVSphere = newFeatureGate("MachineAPIMigrationVSphere"). + reportProblemsToJiraComponent("SPLAT"). + contactPerson("jcpowermac"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1465"). + enable(inDevPreviewNoUpgrade()). + mustRegister() FeatureGateClusterAPIMachineManagement = newFeatureGate("ClusterAPIMachineManagement"). reportProblemsToJiraComponent("Cloud Compute / Cluster API Providers"). @@ -722,14 +697,6 @@ var ( enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() - FeatureGateHighlyAvailableArbiter = newFeatureGate("HighlyAvailableArbiter"). - reportProblemsToJiraComponent("Two Node with Arbiter"). - contactPerson("eggfoobar"). - productScope(ocpSpecific). - enhancementPR("https://github.com/openshift/enhancements/pull/1674"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateCVOConfiguration = newFeatureGate("ClusterVersionOperatorConfiguration"). reportProblemsToJiraComponent("Cluster Version Operator"). contactPerson("dhurta"). @@ -746,6 +713,14 @@ var ( enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + FeatureGateClusterUpdatePreflight = newFeatureGate("ClusterUpdatePreflight"). + reportProblemsToJiraComponent("Cluster Version Operator"). + contactPerson("fao89"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1930"). + enable(inDevPreviewNoUpgrade()). + mustRegister() + FeatureGateGCPCustomAPIEndpoints = newFeatureGate("GCPCustomAPIEndpoints"). reportProblemsToJiraComponent("Installer"). contactPerson("barbacbd"). @@ -778,19 +753,6 @@ var ( enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateGatewayAPIController = newFeatureGate("GatewayAPIController"). - reportProblemsToJiraComponent("Routing"). - contactPerson("miciah"). - productScope(ocpSpecific). - // Previously, the "GatewayAPI" feature gate managed both the GatewayAPI CRDs - // and the Gateway Controller. However, with the introduction of Gateway CRD - // lifecycle management (EP#1756), these responsibilities were separated. - // A dedicated feature gate now controls the Gateway Controller to distinguish - // its production readiness from that of the CRDs. - enhancementPR("https://github.com/openshift/enhancements/pull/1756"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureShortCertRotation = newFeatureGate("ShortCertRotation"). reportProblemsToJiraComponent("kube-apiserver"). contactPerson("vrutkovs"). @@ -851,17 +813,10 @@ var ( contactPerson("mtulio"). productScope(ocpSpecific). enhancementPR("https://github.com/openshift/enhancements/pull/1802"). - enable(inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(SelfManaged), inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). + enable(inClusterProfile(Hypershift), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). mustRegister() - FeatureGateImageVolume = newFeatureGate("ImageVolume"). - reportProblemsToJiraComponent("Node"). - contactPerson("haircommander"). - productScope(kubernetes). - enhancementPR("https://github.com/openshift/enhancements/pull/1792"). - enable(inDefault(), inOKD(), inTechPreviewNoUpgrade(), inDevPreviewNoUpgrade()). - mustRegister() - FeatureGateNoRegistryClusterInstall = newFeatureGate("NoRegistryClusterInstall"). reportProblemsToJiraComponent("Installer / Agent based installation"). contactPerson("andfasano"). @@ -1034,6 +989,14 @@ var ( enable(inDevPreviewNoUpgrade()). mustRegister() + FeatureGateAWSEuropeanSovereignCloudInstall = newFeatureGate("AWSEuropeanSovereignCloudInstall"). + reportProblemsToJiraComponent("Installer / openshift-installer"). + contactPerson("tthvo"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1952"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() + FeatureGateGatewayAPIWithoutOLM = newFeatureGate("GatewayAPIWithoutOLM"). reportProblemsToJiraComponent("Routing"). contactPerson("miciah"). @@ -1041,4 +1004,12 @@ var ( enhancementPR("https://github.com/openshift/enhancements/pull/1933"). enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). mustRegister() + + FeatureGateTLSAdherence = newFeatureGate("TLSAdherence"). + reportProblemsToJiraComponent("HPCASE / TLS Adherence"). + contactPerson("joelanford"). + productScope(ocpSpecific). + enhancementPR("https://github.com/openshift/enhancements/pull/1910"). + enable(inDevPreviewNoUpgrade(), inTechPreviewNoUpgrade()). + mustRegister() ) diff --git a/vendor/github.com/openshift/api/features/legacyfeaturegates.go b/vendor/github.com/openshift/api/features/legacyfeaturegates.go index a92c0b9bb9..a82089b9f7 100644 --- a/vendor/github.com/openshift/api/features/legacyfeaturegates.go +++ b/vendor/github.com/openshift/api/features/legacyfeaturegates.go @@ -33,8 +33,6 @@ var legacyFeatureGates = sets.New( // never add to this list, if you think you have an exception ask @deads2k "GCPClusterHostedDNS", // never add to this list, if you think you have an exception ask @deads2k - "GatewayAPI", - // never add to this list, if you think you have an exception ask @deads2k "HardwareSpeed", // never add to this list, if you think you have an exception ask @deads2k "ImageStreamImportMode", diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types.go index 7ffad174fb..713a4a944c 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types.go @@ -446,7 +446,6 @@ type MachineConfigPoolSpec struct { // Resolving these failures is the responsibility of the user. The admin // should be proactive in ensuring adequate storage and proper image // authentication exists in advance. - // +openshift:enable:FeatureGate=PinnedImages // +optional // +listType=map // +listMapKey=name @@ -489,7 +488,6 @@ type PinnedImageSetRef struct { // consists of alphanumeric characters and hyphens (-), must begin and end // with an alphanumeric character, and is at most 63 characters in length. // The total length of the name must not exceed 253 characters. - // +openshift:enable:FeatureGate=PinnedImages // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$` @@ -540,7 +538,6 @@ type MachineConfigPoolStatus struct { CertExpirys []CertExpiry `json:"certExpirys"` // poolSynchronizersStatus is the status of the machines managed by the pool synchronizers. - // +openshift:enable:FeatureGate=PinnedImages // +listType=map // +listMapKey=poolSynchronizerType // +optional @@ -676,11 +673,9 @@ const ( MachineConfigPoolImageBuildDegraded MachineConfigPoolConditionType = "ImageBuildDegraded" // MachineConfigPoolPinnedImageSetsDegraded means the pinned image sets for the pool cannot be populated because of an error - // +openshift:enable:FeatureGate=PinnedImages MachineConfigPoolPinnedImageSetsDegraded MachineConfigPoolConditionType = "PinnedImageSetsDegraded" // MachineConfigPoolSynchronizerDegraded means the pool synchronizer can not be updated because of an error - // +openshift:enable:FeatureGate=PinnedImages MachineConfigPoolSynchronizerDegraded MachineConfigPoolConditionType = "PoolSynchronizerDegraded" // MachineConfigPoolDegraded is the overall status of the pool based, today, on whether we fail with NodeDegraded, RenderDegraded, or ImageBuildDegraded diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go index a51620fc5a..306f1c4c28 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_machineconfignode.go @@ -12,7 +12,6 @@ import ( // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2255 // +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=MachineConfigNodes // +kubebuilder:printcolumn:name="PoolName",type="string",JSONPath=.spec.pool.name,priority=0 // +kubebuilder:printcolumn:name="DesiredConfig",type="string",JSONPath=.spec.configVersion.desired,priority=0 // +kubebuilder:printcolumn:name="CurrentConfig",type="string",JSONPath=.status.configVersion.current,priority=0 @@ -116,6 +115,7 @@ type MachineConfigNodeStatus struct { // and PinnedImageSetsDegraded. // The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, // AppliedOSImage, AppliedFiles + // The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded // +listType=map // +listMapKey=type // +kubebuilder:validation:MaxItems=20 @@ -418,4 +418,6 @@ const ( MachineConfigNodePinnedImageSetsProgressing StateProgress = "PinnedImageSetsProgressing" // MachineConfigNodePinnedImageSetsDegraded describes a machine that has failed to progress to the desired pinned image sets MachineConfigNodePinnedImageSetsDegraded StateProgress = "PinnedImageSetsDegraded" + // MachineConfigNodeInternalReleaseImageDegraded describes a machine where the local InternalReleaseImage registry is not properly working + MachineConfigNodeInternalReleaseImageDegraded StateProgress = "InternalReleaseImageDegraded" ) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go b/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go index 240b679b7a..7bad7478c7 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/types_pinnedimageset.go @@ -11,7 +11,6 @@ import ( // +kubebuilder:resource:path=pinnedimagesets,scope=Cluster // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2198 // +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=PinnedImages // +kubebuilder:metadata:labels=openshift.io/operator-managed= // PinnedImageSet describes a set of images that should be pinned by CRI-O and @@ -21,7 +20,7 @@ import ( // +openshift:compatibility-gen:level=1 type PinnedImageSet struct { metav1.TypeMeta `json:",inline"` - + // metadata is the standard object metadata. // +optional metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml index 24a77a81b5..e1d9a8a608 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml @@ -1412,6 +1412,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml index a921ed5d34..ce1f3424e8 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-Default.crd.yaml @@ -1331,6 +1331,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml index a8e3fcd21d..64c29db537 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml @@ -1412,6 +1412,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml index 678e5a4202..5871667293 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-OKD.crd.yaml @@ -1331,6 +1331,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml index 52f75fc841..ffc07a12c2 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-TechPreviewNoUpgrade.crd.yaml @@ -1412,6 +1412,8 @@ spec: and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. + The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. enum: - HighlyAvailable - HighlyAvailableArbiter diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Default.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Default.crd.yaml index 4e96be5ea9..85c7775046 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Default.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Default.crd.yaml @@ -187,6 +187,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-CustomNoUpgrade.crd.yaml index 9f06d0d9c2..741896b5fd 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-CustomNoUpgrade.crd.yaml @@ -210,6 +210,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-DevPreviewNoUpgrade.crd.yaml index 4e0cddf98e..43abd1e60e 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-DevPreviewNoUpgrade.crd.yaml @@ -210,6 +210,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-TechPreviewNoUpgrade.crd.yaml index 1022ae3ccb..0349fb712e 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-Hypershift-TechPreviewNoUpgrade.crd.yaml @@ -210,6 +210,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-OKD.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-OKD.crd.yaml index 42bfba9a7d..8263d17833 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-OKD.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-OKD.crd.yaml @@ -187,6 +187,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-CustomNoUpgrade.crd.yaml index 4d92526eb2..46e83ee0d7 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-CustomNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-CustomNoUpgrade.crd.yaml @@ -210,6 +210,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-DevPreviewNoUpgrade.crd.yaml index 1d9dd0d994..50c0a4ced1 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-DevPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-DevPreviewNoUpgrade.crd.yaml @@ -210,6 +210,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml index 620b175078..25ef051a9c 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes-SelfManagedHA-TechPreviewNoUpgrade.crd.yaml @@ -210,6 +210,7 @@ spec: and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles + The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded items: description: Condition contains details for one aspect of the current state of this API Resource. diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml index f82db003fc..e23a4d6005 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.featuregated-crd-manifests.yaml @@ -36,8 +36,6 @@ controllerconfigs.machineconfiguration.openshift.io: - DualReplica - DyanmicServiceEndpointIBMCloud - GCPClusterHostedDNSInstall - - HighlyAvailableArbiter - - HighlyAvailableArbiter+DualReplica - NutanixMultiSubnets - OnPremDNSRecords - VSphereHostVMGroupZonal @@ -123,7 +121,6 @@ machineconfignodes.machineconfiguration.openshift.io: FeatureGates: - ImageModeStatusReporting - IrreconcilableMachineConfig - - MachineConfigNodes - NoRegistryClusterInstall FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" @@ -192,8 +189,7 @@ machineconfignodes.machineconfiguration.openshift.io: type: string Scope: Cluster ShortNames: null - TopLevelFeatureGates: - - MachineConfigNodes + TopLevelFeatureGates: [] Version: v1 machineconfigpools.machineconfiguration.openshift.io: @@ -204,7 +200,6 @@ machineconfigpools.machineconfiguration.openshift.io: Category: "" FeatureGates: - OSStreams - - PinnedImages FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -327,8 +322,7 @@ pinnedimagesets.machineconfiguration.openshift.io: CRDName: pinnedimagesets.machineconfiguration.openshift.io Capability: "" Category: "" - FeatureGates: - - PinnedImages + FeatureGates: [] FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -341,7 +335,6 @@ pinnedimagesets.machineconfiguration.openshift.io: PrinterColumns: [] Scope: Cluster ShortNames: null - TopLevelFeatureGates: - - PinnedImages + TopLevelFeatureGates: [] Version: v1 diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go index 0391fcdd86..008e48c9f9 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1/zz_generated.swagger_doc_generated.go @@ -480,7 +480,7 @@ func (MachineConfigNodeSpecMachineConfigVersion) SwaggerDoc() map[string]string var map_MachineConfigNodeStatus = map[string]string{ "": "MachineConfigNodeStatus holds the reported information on a particular machine config node.", - "conditions": "conditions represent the observations of a machine config node's current state. Valid types are: UpdatePrepared, UpdateExecuted, UpdatePostActionComplete, UpdateComplete, Updated, Resumed, Drained, AppliedFilesAndOS, Cordoned, Uncordoned, RebootedNode, NodeDegraded, PinnedImageSetsProgressing, and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles", + "conditions": "conditions represent the observations of a machine config node's current state. Valid types are: UpdatePrepared, UpdateExecuted, UpdatePostActionComplete, UpdateComplete, Updated, Resumed, Drained, AppliedFilesAndOS, Cordoned, Uncordoned, RebootedNode, NodeDegraded, PinnedImageSetsProgressing, and PinnedImageSetsDegraded. The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, AppliedOSImage, AppliedFiles The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded", "observedGeneration": "observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec.", "configVersion": "configVersion describes the current and desired machine config version for this node.", "configImage": "configImage is an optional field for configuring the OS image to be used for this node. This field will only exist if the node belongs to a pool opted into on-cluster image builds, and will override any MachineConfig referenced OSImageURL fields. When omitted, this means that the Image Mode feature is not being used and the node will be up to date with the specific current rendered config version for the nodes MachinePool. When specified, the Image Mode feature is enabled and the contents of this field show the observed state of the node image. When Image Mode is enabled and a new MachineConfig is applied such that a new OS image build is not created, only the configVersion field will change. When Image Mode is enabled and a new MachineConfig is applied such that a new OS image build is created, then only the configImage field will change. It is also possible that both the configImage and configVersion change during the same update.", diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go index 27610a91bc..e640a51ea2 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/register.go @@ -24,10 +24,6 @@ var ( // Adds the list of known types to api.Scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(GroupVersion, - &MachineConfigNode{}, - &MachineConfigNodeList{}, - &PinnedImageSet{}, - &PinnedImageSetList{}, &OSImageStream{}, &OSImageStreamList{}, &InternalReleaseImage{}, diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go deleted file mode 100644 index fdb6509373..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go +++ /dev/null @@ -1,273 +0,0 @@ -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=machineconfignodes,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2256 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=MachineConfigNodes -// +kubebuilder:printcolumn:name="PoolName",type="string",JSONPath=.spec.pool.name,priority=0 -// +kubebuilder:printcolumn:name="DesiredConfig",type="string",JSONPath=.spec.configVersion.desired,priority=0 -// +kubebuilder:printcolumn:name="CurrentConfig",type="string",JSONPath=.status.configVersion.current,priority=0 -// +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status,priority=0 -// +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdateExecuted",type="string",JSONPath=.status.conditions[?(@.type=="UpdateExecuted")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdatePostActionComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePostActionComplete")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdateComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdateComplete")].status,priority=1 -// +kubebuilder:printcolumn:name="Resumed",type="string",JSONPath=.status.conditions[?(@.type=="Resumed")].status,priority=1 -// +kubebuilder:printcolumn:name="UpdatedFilesAndOS",type="string",JSONPath=.status.conditions[?(@.type=="AppliedFilesAndOS")].status,priority=1 -// +kubebuilder:printcolumn:name="CordonedNode",type="string",JSONPath=.status.conditions[?(@.type=="Cordoned")].status,priority=1 -// +kubebuilder:printcolumn:name="DrainedNode",type="string",JSONPath=.status.conditions[?(@.type=="Drained")].status,priority=1 -// +kubebuilder:printcolumn:name="RebootedNode",type="string",JSONPath=.status.conditions[?(@.type=="RebootedNode")].status,priority=1 -// +kubebuilder:printcolumn:name="UncordonedNode",type="string",JSONPath=.status.conditions[?(@.type=="Uncordoned")].status,priority=1 -// +kubebuilder:metadata:labels=openshift.io/operator-managed= - -// MachineConfigNode describes the health of the Machines on the system -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -// +kubebuilder:validation:XValidation:rule="self.metadata.name == self.spec.node.name",message="spec.node.name should match metadata.name" -type MachineConfigNode struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object metadata. - // +optional - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec describes the configuration of the machine config node. - // +required - Spec MachineConfigNodeSpec `json:"spec"` - - // status describes the last observed state of this machine config node. - // +optional - Status MachineConfigNodeStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// MachineConfigNodeList describes all of the MachinesStates on the system -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type MachineConfigNodeList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list metadata. - // +optional - metav1.ListMeta `json:"metadata"` - - // items contains a collection of MachineConfigNode resources. - // +kubebuilder:validation:MaxItems=100 - // +optional - Items []MachineConfigNode `json:"items"` -} - -// MCOObjectReference holds information about an object the MCO either owns -// or modifies in some way -type MCOObjectReference struct { - // name is the name of the object being referenced. For example, this can represent a machine - // config pool or node name. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Name string `json:"name"` -} - -// MachineConfigNodeSpec describes the MachineConfigNode we are managing. -type MachineConfigNodeSpec struct { - // node contains a reference to the node for this machine config node. - // +required - Node MCOObjectReference `json:"node"` - - // pool contains a reference to the machine config pool that this machine config node's - // referenced node belongs to. - // +required - Pool MCOObjectReference `json:"pool"` - - // configVersion holds the desired config version for the node targeted by this machine config node resource. - // The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates - // the new machine config against the current machine config. - // +required - ConfigVersion MachineConfigNodeSpecMachineConfigVersion `json:"configVersion"` - - // pinnedImageSets is a user defined value that holds the names of the desired image sets that the node should pull and pin. - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=100 - // +optional - // Tombstone: Functionality to correctly and consistely populate this field was not implemented in the MCO, so - // when applying a PIS, this field is not being updated. Since this field is not being used, it is being removed - // before this API is GAed. - // PinnedImageSets []MachineConfigNodeSpecPinnedImageSet `json:"pinnedImageSets,omitempty"` -} - -// MachineConfigNodeStatus holds the reported information on a particular machine config node. -type MachineConfigNodeStatus struct { - // conditions represent the observations of a machine config node's current state. - // +listType=map - // +listMapKey=type - // +kubebuilder:validation:MaxItems=20 - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` - // observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. - // This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="observedGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` - // configVersion describes the current and desired machine config version for this node. - // +required - ConfigVersion MachineConfigNodeStatusMachineConfigVersion `json:"configVersion"` - // pinnedImageSets describes the current and desired pinned image sets for this node. - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=100 - // +optional - PinnedImageSets []MachineConfigNodeStatusPinnedImageSet `json:"pinnedImageSets,omitempty"` -} - -// MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node. -// +kubebuilder:validation:XValidation:rule="has(self.desiredGeneration) && has(self.currentGeneration) ? self.desiredGeneration >= self.currentGeneration : true",message="desired generation must be greater than or equal to the current generation" -// +kubebuilder:validation:XValidation:rule="has(self.lastFailedGeneration) && has(self.desiredGeneration) ? self.desiredGeneration >= self.lastFailedGeneration : true",message="desired generation must be greater than or equal to the last failed generation" -// +kubebuilder:validation:XValidation:rule="has(self.lastFailedGeneration) ? has(self.lastFailedGenerationError) : true",message="last failed generation error must be defined on image pull and pin failure" -type MachineConfigNodeStatusPinnedImageSet struct { - // name is the name of the pinned image set. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Name string `json:"name"` - // currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="currentGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - CurrentGeneration int32 `json:"currentGeneration,omitempty"` - // desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="desiredGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - DesiredGeneration int32 `json:"desiredGeneration,omitempty"` - // lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node. - // +kubebuilder:validation:XValidation:rule="self >= oldSelf", message="lastFailedGeneration must not decrease" - // +kubebuilder:validation:Minimum=0 - // +optional - LastFailedGeneration int32 `json:"lastFailedGeneration,omitempty"` - // lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. - // The error is an empty string if the image pull and pin is successful. - // +kubebuilder:validation:MaxLength=32768 - // +optional - LastFailedGenerationError string `json:"lastFailedGenerationError,omitempty"` - // Previously, failures associated with pinning and pulling images where shared in a list of strings under `LastFailedGenerationErrors`. - // This field is being removed and a `LastFailedGenerationError` field of type string is being added in its place as this field will - // contain a single error and there is no need for a list anymore. - // Tombstone: legacy field no longer needed - // LastFailedGenerationErrors []string `json:"lastFailedGenerationErrors,omitempty"` -} - -// MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. -// When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will -// monitor the upgrade process. -// When the current and desired versions do match, the machine config node will ignore these events given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeStatusMachineConfigVersion struct { - // current is the name of the machine config currently in use on the node. - // This value is updated once the machine config daemon has completed the update of the configuration for the node. - // This value should match the desired version unless an upgrade is in progress. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +optional - Current string `json:"current"` - // desired is the MachineConfig the node wants to upgrade to. - // This value gets set in the machine config node status once the machine config has been validated - // against the current machine config. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Desired string `json:"desired"` -} - -// MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. -// When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will -// take account of upgrade related events. Otherwise, they will be ignored given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeSpecMachineConfigVersion struct { - // desired is the name of the machine config that the the node should be upgraded to. - // This value is set when the machine config pool generates a new version of its rendered configuration. - // When this value is changed, the machine config daemon starts the node upgrade process. - // This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." - // +required - Desired string `json:"desired"` -} - -// Tombstone: This struct defines the type of `Spec.PinnedImageSets`, which is being removed. Therefore, this field -// is also being tombstoned. -// MachineConfigNodeSpecPinnedImageSet holds information on the desired pinned image sets that the current observed machine config node -// should pin and pull. -// type MachineConfigNodeSpecPinnedImageSet struct { -// // name is the name of the pinned image set. -// // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting -// // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end -// // with an alphanumeric character, and be at most 253 characters in length. -// // +kubebuilder:validation:MaxLength:=253 -// // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." -// // +required -// Name string `json:"name"` -// } - -// StateProgress is each possible state for each possible MachineConfigNodeType -// Please note: These conditions are subject to change. Both additions and deletions may be made. -// +enum -type StateProgress string - -const ( - // MachineConfigNodeUpdatePrepared describes a machine that is preparing in the daemon to trigger an update - MachineConfigNodeUpdatePrepared StateProgress = "UpdatePrepared" - // MachineConfigNodeUpdateExecuted describes a machine that has executed the body of the upgrade - MachineConfigNodeUpdateExecuted StateProgress = "UpdateExecuted" - // MachineConfigNodeUpdatePostActionComplete describes a machine that has executed its post update action - MachineConfigNodeUpdatePostActionComplete StateProgress = "UpdatePostActionComplete" - // MachineConfigNodeUpdateComplete describes a machine that has completed the core parts of an upgrade - MachineConfigNodeUpdateComplete StateProgress = "UpdateComplete" - // MachineConfigNodeUpdated describes a machine that is fully updated and has a matching desired and current config - MachineConfigNodeUpdated StateProgress = "Updated" - // MachineConfigNodeUpdateResumed describes a machine that has resumed normal processes - MachineConfigNodeResumed StateProgress = "Resumed" - // MachineConfigNodeUpdateDrained describes the part of the in progress phase where the node drains - MachineConfigNodeUpdateDrained StateProgress = "Drained" - // MachineConfigNodeUpdateFilesAndOS describes the part of the in progress phase where the nodes files and OS config change - MachineConfigNodeUpdateFilesAndOS StateProgress = "AppliedFilesAndOS" - // MachineConfigNodeUpdateCordoned describes the part of the in progress phase where the node cordons - MachineConfigNodeUpdateCordoned StateProgress = "Cordoned" - // MachineConfigNodeUpdateUncordoned describes the part of the completing phase where the node uncordons - MachineConfigNodeUpdateUncordoned StateProgress = "Uncordoned" - // MachineConfigNodeUpdateRebooted describes the part of the post action phase where the node reboots itself - MachineConfigNodeUpdateRebooted StateProgress = "RebootedNode" - // MachineConfigNodeNodeDegraded describes a machine that has failed to update to the desired machine config and is in a degraded state - MachineConfigNodeNodeDegraded StateProgress = "NodeDegraded" - // MachineConfigNodePinnedImageSetsProgressing describes a machine currently progressing to the desired pinned image sets - MachineConfigNodePinnedImageSetsProgressing StateProgress = "PinnedImageSetsProgressing" - // MachineConfigNodePinnedImageSetsDegraded describes a machine that has failed to progress to the desired pinned image sets - MachineConfigNodePinnedImageSetsDegraded StateProgress = "PinnedImageSetsDegraded" -) diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go index 20cc963896..fccf6da8cb 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_osimagestream.go @@ -23,6 +23,7 @@ import ( // +openshift:enable:FeatureGate=OSStreams // +kubebuilder:metadata:labels=openshift.io/operator-managed= // +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="osimagestream is a singleton, .metadata.name must be 'cluster'" +// +kubebuilder:validation:XValidation:rule="self.spec == oldSelf.spec || !has(self.spec.defaultStream) || !has(self.status) || self.spec.defaultStream in self.status.availableStreams.map(s, s.name)",message="spec.defaultStream must reference an existing stream name from status.availableStreams" type OSImageStream struct { metav1.TypeMeta `json:",inline"` @@ -73,6 +74,7 @@ type OSImageStreamStatus struct { } // OSImageStreamSpec defines the desired state of a OSImageStream. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.defaultStream) || has(self.defaultStream)",message="spec.defaultStream cannot be removed once set" type OSImageStreamSpec struct { // defaultStream is the desired name of the stream that should be used as the // default when no specific stream is requested by a MachineConfigPool. @@ -84,6 +86,17 @@ type OSImageStreamSpec struct { // status.availableStreams to apply as the default for MachineConfigPools // that do not specify a stream override. // + // When status.availableStreams has been populated by the operator, updating + // this field requires that the new value references the name of one of the + // streams in status.availableStreams. Status-only updates by the operator + // are not subject to this constraint, allowing the operator to update + // availableStreams independently of this field. + // During initial creation, before the operator has populated status, any + // valid value is accepted. + // + // When omitted, the operator determines the default stream automatically. + // Once set, this field cannot be removed. + // // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). // diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go deleted file mode 100644 index 4708609fc5..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_pinnedimageset.go +++ /dev/null @@ -1,91 +0,0 @@ -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=pinnedimagesets,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1713 -// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 -// +openshift:enable:FeatureGate=PinnedImages -// +kubebuilder:metadata:labels=openshift.io/operator-managed= - -// PinnedImageSet describes a set of images that should be pinned by CRI-O and -// pulled to the nodes which are members of the declared MachineConfigPools. -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type PinnedImageSet struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec describes the configuration of this pinned image set. - // +required - Spec PinnedImageSetSpec `json:"spec"` - - // status describes the last observed state of this pinned image set. - // +optional - Status PinnedImageSetStatus `json:"status"` -} - -// PinnedImageSetStatus describes the current state of a PinnedImageSet. -type PinnedImageSetStatus struct { - // conditions represent the observations of a pinned image set's current state. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// PinnedImageSetSpec defines the desired state of a PinnedImageSet. -type PinnedImageSetSpec struct { - // pinnedImages is a list of OCI Image referenced by digest that should be - // pinned and pre-loaded by the nodes of a MachineConfigPool. - // Translates into a new file inside the /etc/crio/crio.conf.d directory - // with content similar to this: - // - // pinned_images = [ - // "quay.io/openshift-release-dev/ocp-release@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // ... - // ] - // - // These image references should all be by digest, tags aren't allowed. - // +required - // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=500 - // +listType=map - // +listMapKey=name - PinnedImages []PinnedImageRef `json:"pinnedImages"` -} - -type PinnedImageRef struct { - // name is an OCI Image referenced by digest. - // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, - // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. - // The length of the whole spec must be between 1 to 447 characters. - // +required - Name ImageDigestFormat `json:"name,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// PinnedImageSetList is a list of PinnedImageSet resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type PinnedImageSetList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []PinnedImageSet `json:"items"` -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes.crd.yaml deleted file mode 100644 index 21a3919ae9..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfignodes.crd.yaml +++ /dev/null @@ -1,377 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/2256 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - labels: - openshift.io/operator-managed: "" - name: machineconfignodes.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: MachineConfigNode - listKind: MachineConfigNodeList - plural: machineconfignodes - singular: machineconfignode - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.pool.name - name: PoolName - type: string - - jsonPath: .spec.configVersion.desired - name: DesiredConfig - type: string - - jsonPath: .status.configVersion.current - name: CurrentConfig - type: string - - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status - name: UpdatePrepared - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status - name: UpdateExecuted - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status - name: UpdatePostActionComplete - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status - name: UpdateComplete - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Resumed")].status - name: Resumed - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="AppliedFilesAndOS")].status - name: UpdatedFilesAndOS - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Cordoned")].status - name: CordonedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Drained")].status - name: DrainedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="RebootedNode")].status - name: RebootedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Uncordoned")].status - name: UncordonedNode - priority: 1 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - MachineConfigNode describes the health of the Machines on the system - Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec describes the configuration of the machine config node. - properties: - configVersion: - description: |- - configVersion holds the desired config version for the node targeted by this machine config node resource. - The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates - the new machine config against the current machine config. - properties: - desired: - description: |- - desired is the name of the machine config that the the node should be upgraded to. - This value is set when the machine config pool generates a new version of its rendered configuration. - When this value is changed, the machine config daemon starts the node upgrade process. - This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. - Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - with an alphanumeric character, and be at most 253 characters in length. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: a lowercase RFC 1123 subdomain must consist of lower - case alphanumeric characters, '-' or '.', and must start and - end with an alphanumeric character. - rule: '!format.dns1123Subdomain().validate(self).hasValue()' - required: - - desired - type: object - node: - description: node contains a reference to the node for this machine - config node. - properties: - name: - description: |- - name is the name of the object being referenced. For example, this can represent a machine - config pool or node name. - Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - with an alphanumeric character, and be at most 253 characters in length. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: a lowercase RFC 1123 subdomain must consist of lower - case alphanumeric characters, '-' or '.', and must start and - end with an alphanumeric character. - rule: '!format.dns1123Subdomain().validate(self).hasValue()' - required: - - name - type: object - pool: - description: |- - pool contains a reference to the machine config pool that this machine config node's - referenced node belongs to. - properties: - name: - description: |- - name is the name of the object being referenced. For example, this can represent a machine - config pool or node name. - Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - with an alphanumeric character, and be at most 253 characters in length. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: a lowercase RFC 1123 subdomain must consist of lower - case alphanumeric characters, '-' or '.', and must start and - end with an alphanumeric character. - rule: '!format.dns1123Subdomain().validate(self).hasValue()' - required: - - name - type: object - required: - - configVersion - - node - - pool - type: object - status: - description: status describes the last observed state of this machine - config node. - properties: - conditions: - description: conditions represent the observations of a machine config - node's current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 20 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - configVersion: - description: configVersion describes the current and desired machine - config version for this node. - properties: - current: - description: |- - current is the name of the machine config currently in use on the node. - This value is updated once the machine config daemon has completed the update of the configuration for the node. - This value should match the desired version unless an upgrade is in progress. - Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - with an alphanumeric character, and be at most 253 characters in length. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: a lowercase RFC 1123 subdomain must consist of lower - case alphanumeric characters, '-' or '.', and must start and - end with an alphanumeric character. - rule: '!format.dns1123Subdomain().validate(self).hasValue()' - desired: - description: |- - desired is the MachineConfig the node wants to upgrade to. - This value gets set in the machine config node status once the machine config has been validated - against the current machine config. - Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - with an alphanumeric character, and be at most 253 characters in length. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: a lowercase RFC 1123 subdomain must consist of lower - case alphanumeric characters, '-' or '.', and must start and - end with an alphanumeric character. - rule: '!format.dns1123Subdomain().validate(self).hasValue()' - required: - - desired - type: object - observedGeneration: - description: |- - observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. - This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. - format: int64 - minimum: 0 - type: integer - x-kubernetes-validations: - - message: observedGeneration must not decrease - rule: self >= oldSelf - pinnedImageSets: - description: pinnedImageSets describes the current and desired pinned - image sets for this node. - items: - description: MachineConfigNodeStatusPinnedImageSet holds information - about the current, desired, and failed pinned image sets for the - observed machine config node. - properties: - currentGeneration: - description: currentGeneration is the generation of the pinned - image set that has most recently been successfully pulled - and pinned on this node. - format: int32 - minimum: 0 - type: integer - x-kubernetes-validations: - - message: currentGeneration must not decrease - rule: self >= oldSelf - desiredGeneration: - description: desiredGeneration is the generation of the pinned - image set that is targeted to be pulled and pinned on this - node. - format: int32 - minimum: 0 - type: integer - x-kubernetes-validations: - - message: desiredGeneration must not decrease - rule: self >= oldSelf - lastFailedGeneration: - description: lastFailedGeneration is the generation of the most - recent pinned image set that failed to be pulled and pinned - on this node. - format: int32 - minimum: 0 - type: integer - x-kubernetes-validations: - - message: lastFailedGeneration must not decrease - rule: self >= oldSelf - lastFailedGenerationError: - description: |- - lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. - The error is an empty string if the image pull and pin is successful. - maxLength: 32768 - type: string - name: - description: |- - name is the name of the pinned image set. - Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - with an alphanumeric character, and be at most 253 characters in length. - maxLength: 253 - type: string - x-kubernetes-validations: - - message: a lowercase RFC 1123 subdomain must consist of lower - case alphanumeric characters, '-' or '.', and must start - and end with an alphanumeric character. - rule: '!format.dns1123Subdomain().validate(self).hasValue()' - required: - - name - type: object - x-kubernetes-validations: - - message: desired generation must be greater than or equal to the - current generation - rule: 'has(self.desiredGeneration) && has(self.currentGeneration) - ? self.desiredGeneration >= self.currentGeneration : true' - - message: desired generation must be greater than or equal to the - last failed generation - rule: 'has(self.lastFailedGeneration) && has(self.desiredGeneration) - ? self.desiredGeneration >= self.lastFailedGeneration : true' - - message: last failed generation error must be defined on image - pull and pin failure - rule: 'has(self.lastFailedGeneration) ? has(self.lastFailedGenerationError) - : true' - maxItems: 100 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - configVersion - type: object - required: - - spec - type: object - x-kubernetes-validations: - - message: spec.node.name should match metadata.name - rule: self.metadata.name == self.spec.node.name - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml index 50a36f06d4..d18a1ecaa3 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_osimagestreams.crd.yaml @@ -62,6 +62,17 @@ spec: status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override. + When status.availableStreams has been populated by the operator, updating + this field requires that the new value references the name of one of the + streams in status.availableStreams. Status-only updates by the operator + are not subject to this constraint, allowing the operator to update + availableStreams independently of this field. + During initial creation, before the operator has populated status, any + valid value is accepted. + + When omitted, the operator determines the default stream automatically. + Once set, this field cannot be removed. + It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). maxLength: 253 @@ -73,6 +84,9 @@ spec: character. rule: '!format.dns1123Subdomain().validate(self).hasValue()' type: object + x-kubernetes-validations: + - message: spec.defaultStream cannot be removed once set + rule: '!has(oldSelf.defaultStream) || has(self.defaultStream)' status: description: |- status describes the last observed state of this OSImageStream. @@ -184,6 +198,10 @@ spec: x-kubernetes-validations: - message: osimagestream is a singleton, .metadata.name must be 'cluster' rule: self.metadata.name == 'cluster' + - message: spec.defaultStream must reference an existing stream name from + status.availableStreams + rule: self.spec == oldSelf.spec || !has(self.spec.defaultStream) || !has(self.status) + || self.spec.defaultStream in self.status.availableStreams.map(s, s.name) served: true storage: true subresources: diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets.crd.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets.crd.yaml deleted file mode 100644 index c54b34a01b..0000000000 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.crd-manifests/0000_80_machine-config_01_pinnedimagesets.crd.yaml +++ /dev/null @@ -1,167 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.openshift.io: https://github.com/openshift/api/pull/1713 - api.openshift.io/merged-by-featuregates: "true" - include.release.openshift.io/ibm-cloud-managed: "true" - include.release.openshift.io/self-managed-high-availability: "true" - labels: - openshift.io/operator-managed: "" - name: pinnedimagesets.machineconfiguration.openshift.io -spec: - group: machineconfiguration.openshift.io - names: - kind: PinnedImageSet - listKind: PinnedImageSetList - plural: pinnedimagesets - singular: pinnedimageset - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - PinnedImageSet describes a set of images that should be pinned by CRI-O and - pulled to the nodes which are members of the declared MachineConfigPools. - - Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: spec describes the configuration of this pinned image set. - properties: - pinnedImages: - description: |- - pinnedImages is a list of OCI Image referenced by digest that should be - pinned and pre-loaded by the nodes of a MachineConfigPool. - Translates into a new file inside the /etc/crio/crio.conf.d directory - with content similar to this: - - pinned_images = [ - "quay.io/openshift-release-dev/ocp-release@sha256:...", - "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - ... - ] - - These image references should all be by digest, tags aren't allowed. - items: - properties: - name: - description: |- - name is an OCI Image referenced by digest. - The format of the image pull spec is: host[:port][/namespace]/name@sha256:, - where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. - The length of the whole spec must be between 1 to 447 characters. - maxLength: 447 - minLength: 1 - type: string - x-kubernetes-validations: - - message: the OCI Image reference must end with a valid '@sha256:' - suffix, where '' is 64 characters long - rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')) - - message: the OCI Image name should follow the host[:port][/namespace]/name - format, resembling a valid URL without the scheme - rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')) - required: - - name - type: object - maxItems: 500 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - pinnedImages - type: object - status: - description: status describes the last observed state of this pinned image - set. - properties: - conditions: - description: conditions represent the observations of a pinned image - set's current state. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go index 69b63f6778..72d1d4b32d 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.deepcopy.go @@ -161,179 +161,6 @@ func (in *InternalReleaseImageStatus) DeepCopy() *InternalReleaseImageStatus { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MCOObjectReference) DeepCopyInto(out *MCOObjectReference) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MCOObjectReference. -func (in *MCOObjectReference) DeepCopy() *MCOObjectReference { - if in == nil { - return nil - } - out := new(MCOObjectReference) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNode) DeepCopyInto(out *MachineConfigNode) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNode. -func (in *MachineConfigNode) DeepCopy() *MachineConfigNode { - if in == nil { - return nil - } - out := new(MachineConfigNode) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MachineConfigNode) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeList) DeepCopyInto(out *MachineConfigNodeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]MachineConfigNode, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeList. -func (in *MachineConfigNodeList) DeepCopy() *MachineConfigNodeList { - if in == nil { - return nil - } - out := new(MachineConfigNodeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *MachineConfigNodeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeSpec) DeepCopyInto(out *MachineConfigNodeSpec) { - *out = *in - out.Node = in.Node - out.Pool = in.Pool - out.ConfigVersion = in.ConfigVersion - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeSpec. -func (in *MachineConfigNodeSpec) DeepCopy() *MachineConfigNodeSpec { - if in == nil { - return nil - } - out := new(MachineConfigNodeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeSpecMachineConfigVersion) DeepCopyInto(out *MachineConfigNodeSpecMachineConfigVersion) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeSpecMachineConfigVersion. -func (in *MachineConfigNodeSpecMachineConfigVersion) DeepCopy() *MachineConfigNodeSpecMachineConfigVersion { - if in == nil { - return nil - } - out := new(MachineConfigNodeSpecMachineConfigVersion) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeStatus) DeepCopyInto(out *MachineConfigNodeStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - out.ConfigVersion = in.ConfigVersion - if in.PinnedImageSets != nil { - in, out := &in.PinnedImageSets, &out.PinnedImageSets - *out = make([]MachineConfigNodeStatusPinnedImageSet, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeStatus. -func (in *MachineConfigNodeStatus) DeepCopy() *MachineConfigNodeStatus { - if in == nil { - return nil - } - out := new(MachineConfigNodeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeStatusMachineConfigVersion) DeepCopyInto(out *MachineConfigNodeStatusMachineConfigVersion) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeStatusMachineConfigVersion. -func (in *MachineConfigNodeStatusMachineConfigVersion) DeepCopy() *MachineConfigNodeStatusMachineConfigVersion { - if in == nil { - return nil - } - out := new(MachineConfigNodeStatusMachineConfigVersion) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MachineConfigNodeStatusPinnedImageSet) DeepCopyInto(out *MachineConfigNodeStatusPinnedImageSet) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MachineConfigNodeStatusPinnedImageSet. -func (in *MachineConfigNodeStatusPinnedImageSet) DeepCopy() *MachineConfigNodeStatusPinnedImageSet { - if in == nil { - return nil - } - out := new(MachineConfigNodeStatusPinnedImageSet) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OSImageStream) DeepCopyInto(out *OSImageStream) { *out = *in @@ -451,124 +278,3 @@ func (in *OSImageStreamStatus) DeepCopy() *OSImageStreamStatus { in.DeepCopyInto(out) return out } - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageRef) DeepCopyInto(out *PinnedImageRef) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageRef. -func (in *PinnedImageRef) DeepCopy() *PinnedImageRef { - if in == nil { - return nil - } - out := new(PinnedImageRef) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSet) DeepCopyInto(out *PinnedImageSet) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSet. -func (in *PinnedImageSet) DeepCopy() *PinnedImageSet { - if in == nil { - return nil - } - out := new(PinnedImageSet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PinnedImageSet) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetList) DeepCopyInto(out *PinnedImageSetList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PinnedImageSet, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetList. -func (in *PinnedImageSetList) DeepCopy() *PinnedImageSetList { - if in == nil { - return nil - } - out := new(PinnedImageSetList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PinnedImageSetList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetSpec) DeepCopyInto(out *PinnedImageSetSpec) { - *out = *in - if in.PinnedImages != nil { - in, out := &in.PinnedImages, &out.PinnedImages - *out = make([]PinnedImageRef, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetSpec. -func (in *PinnedImageSetSpec) DeepCopy() *PinnedImageSetSpec { - if in == nil { - return nil - } - out := new(PinnedImageSetSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PinnedImageSetStatus) DeepCopyInto(out *PinnedImageSetStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnedImageSetStatus. -func (in *PinnedImageSetStatus) DeepCopy() *PinnedImageSetStatus { - if in == nil { - return nil - } - out := new(PinnedImageSetStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index dc82dc2049..57d3ff72ed 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -22,82 +22,6 @@ internalreleaseimages.machineconfiguration.openshift.io: - NoRegistryClusterInstall Version: v1alpha1 -machineconfignodes.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/2256 - CRDName: machineconfignodes.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: - - MachineConfigNodes - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: MachineConfigNode - Labels: - openshift.io/operator-managed: "" - PluralName: machineconfignodes - PrinterColumns: - - jsonPath: .spec.pool.name - name: PoolName - type: string - - jsonPath: .spec.configVersion.desired - name: DesiredConfig - type: string - - jsonPath: .status.configVersion.current - name: CurrentConfig - type: string - - jsonPath: .status.conditions[?(@.type=="Updated")].status - name: Updated - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status - name: UpdatePrepared - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status - name: UpdateExecuted - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status - name: UpdatePostActionComplete - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status - name: UpdateComplete - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Resumed")].status - name: Resumed - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="AppliedFilesAndOS")].status - name: UpdatedFilesAndOS - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Cordoned")].status - name: CordonedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Drained")].status - name: DrainedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="RebootedNode")].status - name: RebootedNode - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Uncordoned")].status - name: UncordonedNode - priority: 1 - type: string - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - MachineConfigNodes - Version: v1alpha1 - osimagestreams.machineconfiguration.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/2555 @@ -122,27 +46,3 @@ osimagestreams.machineconfiguration.openshift.io: - OSStreams Version: v1alpha1 -pinnedimagesets.machineconfiguration.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1713 - CRDName: pinnedimagesets.machineconfiguration.openshift.io - Capability: "" - Category: "" - FeatureGates: - - PinnedImages - FilenameOperatorName: machine-config - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_80" - GroupName: machineconfiguration.openshift.io - HasStatus: true - KindName: PinnedImageSet - Labels: - openshift.io/operator-managed: "" - PluralName: pinnedimagesets - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - PinnedImages - Version: v1alpha1 - diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go index 574d524ec9..f083032cb8 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.swagger_doc_generated.go @@ -69,91 +69,6 @@ func (InternalReleaseImageStatus) SwaggerDoc() map[string]string { return map_InternalReleaseImageStatus } -var map_MCOObjectReference = map[string]string{ - "": "MCOObjectReference holds information about an object the MCO either owns or modifies in some way", - "name": "name is the name of the object being referenced. For example, this can represent a machine config pool or node name. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", -} - -func (MCOObjectReference) SwaggerDoc() map[string]string { - return map_MCOObjectReference -} - -var map_MachineConfigNode = map[string]string{ - "": "MachineConfigNode describes the health of the Machines on the system Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object metadata.", - "spec": "spec describes the configuration of the machine config node.", - "status": "status describes the last observed state of this machine config node.", -} - -func (MachineConfigNode) SwaggerDoc() map[string]string { - return map_MachineConfigNode -} - -var map_MachineConfigNodeList = map[string]string{ - "": "MachineConfigNodeList describes all of the MachinesStates on the system\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list metadata.", - "items": "items contains a collection of MachineConfigNode resources.", -} - -func (MachineConfigNodeList) SwaggerDoc() map[string]string { - return map_MachineConfigNodeList -} - -var map_MachineConfigNodeSpec = map[string]string{ - "": "MachineConfigNodeSpec describes the MachineConfigNode we are managing.", - "node": "node contains a reference to the node for this machine config node.", - "pool": "pool contains a reference to the machine config pool that this machine config node's referenced node belongs to.", - "configVersion": "configVersion holds the desired config version for the node targeted by this machine config node resource. The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates the new machine config against the current machine config.", -} - -func (MachineConfigNodeSpec) SwaggerDoc() map[string]string { - return map_MachineConfigNodeSpec -} - -var map_MachineConfigNodeSpecMachineConfigVersion = map[string]string{ - "": "MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will take account of upgrade related events. Otherwise, they will be ignored given that certain operations happen both during the MCO's upgrade mode and the daily operations mode.", - "desired": "desired is the name of the machine config that the the node should be upgraded to. This value is set when the machine config pool generates a new version of its rendered configuration. When this value is changed, the machine config daemon starts the node upgrade process. This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", -} - -func (MachineConfigNodeSpecMachineConfigVersion) SwaggerDoc() map[string]string { - return map_MachineConfigNodeSpecMachineConfigVersion -} - -var map_MachineConfigNodeStatus = map[string]string{ - "": "MachineConfigNodeStatus holds the reported information on a particular machine config node.", - "conditions": "conditions represent the observations of a machine config node's current state.", - "observedGeneration": "observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec.", - "configVersion": "configVersion describes the current and desired machine config version for this node.", - "pinnedImageSets": "pinnedImageSets describes the current and desired pinned image sets for this node.", -} - -func (MachineConfigNodeStatus) SwaggerDoc() map[string]string { - return map_MachineConfigNodeStatus -} - -var map_MachineConfigNodeStatusMachineConfigVersion = map[string]string{ - "": "MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will monitor the upgrade process. When the current and desired versions do match, the machine config node will ignore these events given that certain operations happen both during the MCO's upgrade mode and the daily operations mode.", - "current": "current is the name of the machine config currently in use on the node. This value is updated once the machine config daemon has completed the update of the configuration for the node. This value should match the desired version unless an upgrade is in progress. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "desired": "desired is the MachineConfig the node wants to upgrade to. This value gets set in the machine config node status once the machine config has been validated against the current machine config. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", -} - -func (MachineConfigNodeStatusMachineConfigVersion) SwaggerDoc() map[string]string { - return map_MachineConfigNodeStatusMachineConfigVersion -} - -var map_MachineConfigNodeStatusPinnedImageSet = map[string]string{ - "": "MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node.", - "name": "name is the name of the pinned image set. Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end with an alphanumeric character, and be at most 253 characters in length.", - "currentGeneration": "currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node.", - "desiredGeneration": "desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node.", - "lastFailedGeneration": "lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node.", - "lastFailedGenerationError": "lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. The error is an empty string if the image pull and pin is successful.", -} - -func (MachineConfigNodeStatusPinnedImageSet) SwaggerDoc() map[string]string { - return map_MachineConfigNodeStatusPinnedImageSet -} - var map_OSImageStream = map[string]string{ "": "OSImageStream describes a set of streams and associated images available for the MachineConfigPools to be used as base OS images.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -186,7 +101,7 @@ func (OSImageStreamSet) SwaggerDoc() map[string]string { var map_OSImageStreamSpec = map[string]string{ "": "OSImageStreamSpec defines the desired state of a OSImageStream.", - "defaultStream": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", + "defaultStream": "defaultStream is the desired name of the stream that should be used as the default when no specific stream is requested by a MachineConfigPool.\n\nThis field is set by the installer during installation. Users may need to update it if the currently selected stream is no longer available, for example when the stream has reached its End of Life. The MachineConfigOperator uses this value to determine which stream from status.availableStreams to apply as the default for MachineConfigPools that do not specify a stream override.\n\nWhen status.availableStreams has been populated by the operator, updating this field requires that the new value references the name of one of the streams in status.availableStreams. Status-only updates by the operator are not subject to this constraint, allowing the operator to update availableStreams independently of this field. During initial creation, before the operator has populated status, any valid value is accepted.\n\nWhen omitted, the operator determines the default stream automatically. Once set, this field cannot be removed.\n\nIt must be a valid RFC 1123 subdomain between 1 and 253 characters in length, consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.').", } func (OSImageStreamSpec) SwaggerDoc() map[string]string { @@ -203,49 +118,4 @@ func (OSImageStreamStatus) SwaggerDoc() map[string]string { return map_OSImageStreamStatus } -var map_PinnedImageRef = map[string]string{ - "name": "name is an OCI Image referenced by digest. The format of the image pull spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters.", -} - -func (PinnedImageRef) SwaggerDoc() map[string]string { - return map_PinnedImageRef -} - -var map_PinnedImageSet = map[string]string{ - "": "PinnedImageSet describes a set of images that should be pinned by CRI-O and pulled to the nodes which are members of the declared MachineConfigPools.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "spec": "spec describes the configuration of this pinned image set.", - "status": "status describes the last observed state of this pinned image set.", -} - -func (PinnedImageSet) SwaggerDoc() map[string]string { - return map_PinnedImageSet -} - -var map_PinnedImageSetList = map[string]string{ - "": "PinnedImageSetList is a list of PinnedImageSet resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (PinnedImageSetList) SwaggerDoc() map[string]string { - return map_PinnedImageSetList -} - -var map_PinnedImageSetSpec = map[string]string{ - "": "PinnedImageSetSpec defines the desired state of a PinnedImageSet.", - "pinnedImages": "pinnedImages is a list of OCI Image referenced by digest that should be pinned and pre-loaded by the nodes of a MachineConfigPool. Translates into a new file inside the /etc/crio/crio.conf.d directory with content similar to this:\n\n pinned_images = [\n \"quay.io/openshift-release-dev/ocp-release@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n \"quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...\",\n ...\n ]\n\nThese image references should all be by digest, tags aren't allowed.", -} - -func (PinnedImageSetSpec) SwaggerDoc() map[string]string { - return map_PinnedImageSetSpec -} - -var map_PinnedImageSetStatus = map[string]string{ - "": "PinnedImageSetStatus describes the current state of a PinnedImageSet.", - "conditions": "conditions represent the observations of a pinned image set's current state.", -} - -func (PinnedImageSetStatus) SwaggerDoc() map[string]string { - return map_PinnedImageSetStatus -} - // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go b/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go index f5836af0f8..f0c1e01c78 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go +++ b/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go @@ -47,7 +47,6 @@ type MachineConfigurationSpec struct { // and the platform is left to choose a reasonable default, which is subject to change over time. // The default for each machine manager mode is All for GCP and AWS platforms, and None for all // other platforms. - // +openshift:enable:FeatureGate=ManagedBootImages // +optional ManagedBootImages ManagedBootImages `json:"managedBootImages"` @@ -288,7 +287,6 @@ type MachineConfigurationStatus struct { // managedBootImagesStatus reflects what the latest cluster-validated boot image configuration is // and will be used by Machine Config Controller while performing boot image updates. - // +openshift:enable:FeatureGate=ManagedBootImages // +optional ManagedBootImagesStatus ManagedBootImages `json:"managedBootImagesStatus"` @@ -367,7 +365,7 @@ type ManagedBootImages struct { // MachineManager describes a target machine resource that is registered for boot image updates. It stores identifying information // such as the resource type and the API Group of the resource. It also provides granular control via the selection field. -// +openshift:validation:FeatureGateAwareXValidation:requiredFeatureGate=ManagedBootImages;ManagedBootImagesCPMS,rule="self.resource != 'controlplanemachinesets' || self.selection.mode == 'All' || self.selection.mode == 'None'", message="Only All or None selection mode is permitted for ControlPlaneMachineSets" +// +openshift:validation:FeatureGateAwareXValidation:requiredFeatureGate=ManagedBootImagesCPMS,rule="self.resource != 'controlplanemachinesets' || self.selection.mode == 'All' || self.selection.mode == 'None'", message="Only All or None selection mode is permitted for ControlPlaneMachineSets" type MachineManager struct { // resource is the machine management resource's type. // Valid values are machinesets and controlplanemachinesets. @@ -431,8 +429,8 @@ const ( // MachineManagerManagedResourceType is a string enum used in the MachineManager type to describe the resource // type to be registered. -// +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=ManagedBootImages,enum=machinesets -// +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=ManagedBootImages;ManagedBootImagesCPMS,enum=machinesets;controlplanemachinesets +// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=machinesets +// +openshift:validation:FeatureGateAwareEnum:featureGate=ManagedBootImagesCPMS,enum=machinesets;controlplanemachinesets type MachineManagerMachineSetsResourceType string const ( diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 1cf56f549b..cd2e2f9e38 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -398,6 +398,12 @@ type OpenShiftSDNConfig struct { // ovnKubernetesConfig contains the configuration parameters for networks // using the ovn-kubernetes network project +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?transport.orValue('') == 'NoOverlay' ? self.?routeAdvertisements.orValue('') == 'Enabled' : true",message="routeAdvertisements must be Enabled when transport is NoOverlay" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?transport.orValue('') == 'NoOverlay' ? has(self.noOverlayConfig) : !has(self.noOverlayConfig)",message="noOverlayConfig must be set if transport is NoOverlay, and is forbidden otherwise" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?noOverlayConfig.routing.orValue('') == 'Managed' ? has(self.bgpManagedConfig) : true",message="bgpManagedConfig is required when noOverlayConfig.routing is Managed" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(self.transport) || self.transport == 'Geneve' || has(oldSelf.transport)",message="transport can only be set to Geneve after installation" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.transport) || has(self.transport)",message="transport may not be removed once set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.noOverlayConfig) || has(self.noOverlayConfig)",message="noOverlayConfig may not be removed once set" type OVNKubernetesConfig struct { // mtu is the MTU to use for the tunnel interface. This must be 100 // bytes smaller than the uplink mtu. @@ -466,6 +472,38 @@ type OVNKubernetesConfig struct { // current default is "Disabled". // +optional RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + + // transport sets the transport mode for pods on the default network. + // Allowed values are "NoOverlay" and "Geneve". + // "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + // "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + // When omitted, this means the user has no opinion and the platform chooses + // a reasonable default which is subject to change over time. + // The current default is "Geneve". + // "NoOverlay" can only be set at installation time and cannot be changed afterwards. + // "Geneve" may be set explicitly at any time to lock in the current default. + // +openshift:enable:FeatureGate=NoOverlayMode + // +kubebuilder:validation:Enum=NoOverlay;Geneve + // +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self == oldSelf",message="transport is immutable once set" + // +optional + Transport TransportOption `json:"transport,omitempty"` + + // noOverlayConfig contains configuration for no-overlay mode. + // This configuration applies to the default network only. + // It is required when transport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + // +openshift:enable:FeatureGate=NoOverlayMode + // +optional + NoOverlayConfig NoOverlayConfig `json:"noOverlayConfig,omitzero,omitempty"` + + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + // It is required when noOverlayConfig.routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // This field can be set at installation time or on day 2, and can be modified at any time. + // +openshift:enable:FeatureGate=NoOverlayMode + // +optional + BGPManagedConfig BGPManagedConfig `json:"bgpManagedConfig,omitzero,omitempty"` } type IPv4OVNKubernetesConfig struct { @@ -896,3 +934,80 @@ type AdditionalRoutingCapabilities struct { // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" Providers []RoutingCapabilitiesProvider `json:"providers"` } + +// TransportOption is the type for network transport options +type TransportOption string + +// SNATOption is the type for SNAT configuration options +type SNATOption string + +// RoutingOption is the type for routing configuration options +type RoutingOption string + +// BGPTopology is the type for BGP topology configuration +type BGPTopology string + +const ( + // TransportOptionNoOverlay indicates the network operates in no-overlay mode + TransportOptionNoOverlay TransportOption = "NoOverlay" + // TransportOptionGeneve indicates the network uses Geneve overlay + TransportOptionGeneve TransportOption = "Geneve" + + // SNATEnabled indicates outbound SNAT is enabled + SNATEnabled SNATOption = "Enabled" + // SNATDisabled indicates outbound SNAT is disabled + SNATDisabled SNATOption = "Disabled" + + // RoutingManaged indicates routing is managed by OVN-Kubernetes + RoutingManaged RoutingOption = "Managed" + // RoutingUnmanaged indicates routing is managed by users + RoutingUnmanaged RoutingOption = "Unmanaged" + + // BGPTopologyFullMesh indicates a full mesh BGP topology where every node peers directly with every other node + BGPTopologyFullMesh BGPTopology = "FullMesh" +) + +// NoOverlayConfig contains configuration options for networks operating in no-overlay mode. +type NoOverlayConfig struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // This field can be set to any value at installation time and can be changed afterwards. + // +kubebuilder:validation:Enum=Enabled;Disabled + // +required + OutboundSNAT SNATOption `json:"outboundSNAT,omitempty"` + + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // This field is immutable once set. + // +kubebuilder:validation:Enum=Managed;Unmanaged + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="routing is immutable once set" + // +required + Routing RoutingOption `json:"routing,omitempty"` +} + +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfig struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=4294967295 + // +default=64512 + // +optional + ASNumber int64 `json:"asNumber,omitempty"` + + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node peers directly with every other node via BGP. + // This field is required when BGPManagedConfig is specified. + // +kubebuilder:validation:Enum=FullMesh + // +required + BGPTopology BGPTopology `json:"bgpTopology,omitempty"` +} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml new file mode 100644 index 0000000000..4081fa837b --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-CustomNoUpgrade.crd.yaml @@ -0,0 +1,1152 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: CustomNoUpgrade + name: networks.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + Network describes the cluster's desired network configuration. It is + consumed by the cluster-network-operator. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NetworkSpec is the top-level network configuration object. + properties: + additionalNetworks: + description: |- + additionalNetworks is a list of extra networks to make available to pods + when multiple networks are enabled. + items: + description: |- + AdditionalNetworkDefinition configures an extra network that is available but not + created by default. Instead, pods must request them by name. + type must be specified, along with exactly one "Config" that matches the type. + properties: + name: + description: |- + name is the name of the network. This will be populated in the resulting CRD + This must be unique. + type: string + namespace: + description: |- + namespace is the namespace of the network. This will be populated in the resulting CRD + If not given the network will be created in the default namespace. + type: string + rawCNIConfig: + description: |- + rawCNIConfig is the raw CNI configuration json to create in the + NetworkAttachmentDefinition CRD + type: string + simpleMacvlanConfig: + description: simpleMacvlanConfig configures the macvlan interface + in case of type:NetworkTypeSimpleMacvlan + properties: + ipamConfig: + description: ipamConfig configures IPAM module will be used + for IP Address Management (IPAM). + properties: + staticIPAMConfig: + description: staticIPAMConfig configures the static + IP address in case of type:IPAMTypeStatic + properties: + addresses: + description: addresses configures IP address for + the interface + items: + description: StaticIPAMAddresses provides IP address + and Gateway for static IPAM addresses + properties: + address: + description: address is the IP address in + CIDR format + type: string + gateway: + description: gateway is IP inside of subnet + to designate as the gateway + type: string + type: object + type: array + x-kubernetes-list-type: atomic + dns: + description: dns configures DNS for the interface + properties: + domain: + description: domain configures the domainname + the local domain used for short hostname lookups + type: string + nameservers: + description: nameservers points DNS servers + for IP lookup + items: + type: string + type: array + x-kubernetes-list-type: atomic + search: + description: search configures priority ordered + search domains for short hostname lookups + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + routes: + description: routes configures IP routes for the + interface + items: + description: StaticIPAMRoutes provides Destination/Gateway + pairs for static IPAM routes + properties: + destination: + description: destination points the IP route + destination + type: string + gateway: + description: |- + gateway is the route's next-hop IP address + If unset, a default gateway is assumed (as determined by the CNI plugin). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: + description: |- + type is the type of IPAM module will be used for IP Address Management(IPAM). + The supported values are IPAMTypeDHCP, IPAMTypeStatic + type: string + type: object + master: + description: |- + master is the host interface to create the macvlan interface from. + If not specified, it will be default route interface + type: string + mode: + description: 'mode is the macvlan mode: bridge, private, + vepa, passthru. The default is bridge' + type: string + mtu: + description: |- + mtu is the mtu to use for the macvlan interface. if unset, host's + kernel will select the value. + format: int32 + minimum: 0 + type: integer + type: object + type: + description: |- + type is the type of network + The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalRoutingCapabilities: + description: |- + additionalRoutingCapabilities describes components and relevant + configuration providing additional routing capabilities. When set, it + enables such components and the usage of the routing capabilities they + provide for the machine network. Upstream operators, like MetalLB + operator, requiring these capabilities may rely on, or automatically set + this attribute. Network plugins may leverage advanced routing + capabilities acquired through the enablement of these components but may + require specific configuration on their side to do so; refer to their + respective documentation and configuration options. + properties: + providers: + description: |- + providers is a set of enabled components that provide additional routing + capabilities. Entries on this list must be unique. The only valid value + is currrently "FRR" which provides FRR routing capabilities through the + deployment of FRR. + items: + description: RoutingCapabilitiesProvider is a component providing + routing capabilities. + enum: + - FRR + type: string + maxItems: 1 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - rule: self.all(x, self.exists_one(y, x == y)) + required: + - providers + type: object + clusterNetwork: + description: |- + clusterNetwork is the IP address pool to use for pod IPs. + Some network providers support multiple ClusterNetworks. + Others only support one. This is equivalent to the cluster-cidr. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + defaultNetwork: + description: defaultNetwork is the "default" network that all pods + will receive + properties: + openshiftSDNConfig: + description: |- + openshiftSDNConfig was previously used to configure the openshift-sdn plugin. + DEPRECATED: OpenShift SDN is no longer supported. + properties: + enableUnidling: + description: |- + enableUnidling controls whether or not the service proxy will support idling + and unidling of services. By default, unidling is enabled. + type: boolean + mode: + description: mode is one of "Multitenant", "Subnet", or "NetworkPolicy" + type: string + mtu: + description: |- + mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. + This must be 50 bytes smaller than the machine's uplink. + format: int32 + minimum: 0 + type: integer + useExternalOpenvswitch: + description: |- + useExternalOpenvswitch used to control whether the operator would deploy an OVS + DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always + run as a system service, and this flag is ignored. + type: boolean + vxlanPort: + description: vxlanPort is the port to use for all vxlan packets. + The default is 4789. + format: int32 + minimum: 0 + type: integer + type: object + ovnKubernetesConfig: + description: ovnKubernetesConfig configures the ovn-kubernetes + plugin. + properties: + bgpManagedConfig: + description: |- + bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + It is required when noOverlayConfig.routing is set to "Managed". + When omitted, this means the user does not configure BGP for managed routing. + This field can be set at installation time or on day 2, and can be modified at any time. + properties: + asNumber: + default: 64512 + description: |- + asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + to be used in the generated FRR configuration. + Valid values are 1 to 4294967295. + When omitted, this defaults to 64512. + format: int64 + maximum: 4294967295 + minimum: 1 + type: integer + bgpTopology: + description: |- + bgpTopology defines the BGP topology to be used. + Allowed values are "FullMesh". + When set to "FullMesh", every node peers directly with every other node via BGP. + This field is required when BGPManagedConfig is specified. + enum: + - FullMesh + type: string + required: + - bgpTopology + type: object + egressIPConfig: + description: egressIPConfig holds the configuration for EgressIP + options. + properties: + reachabilityTotalTimeoutSeconds: + description: |- + reachabilityTotalTimeout configures the EgressIP node reachability check total timeout in seconds. + If the EgressIP node cannot be reached within this timeout, the node is declared down. + Setting a large value may cause the EgressIP feature to react slowly to node changes. + In particular, it may react slowly for EgressIP nodes that really have a genuine problem and are unreachable. + When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The current default is 1 second. + A value of 0 disables the EgressIP node's reachability check. + format: int32 + maximum: 60 + minimum: 0 + type: integer + type: object + gatewayConfig: + description: gatewayConfig holds the configuration for node + gateway options. + properties: + ipForwarding: + description: |- + ipForwarding controls IP forwarding for all traffic on OVN-Kubernetes managed interfaces (such as br-ex). + By default this is set to Restricted, and Kubernetes related traffic is still forwarded appropriately, but other + IP traffic will not be routed by the OCP node. If there is a desire to allow the host to forward traffic across + OVN-Kubernetes managed interfaces, then set this field to "Global". + The supported values are "Restricted" and "Global". + type: string + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv4 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV4 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /29). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is 169.254.0.0/17 + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 4 + - message: subnet must be in the range /0 to /29 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 29 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > + 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv6 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV6 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /125). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is fd69::/112 + Note that IPV6 dual addresses are not permitted + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 6 + - message: subnet must be in the range /0 to /125 + inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 125 + type: object + routingViaHost: + default: false + description: |- + routingViaHost allows pod egress traffic to exit via the ovn-k8s-mp0 management port + into the host before sending it out. If this is not set, traffic will always egress directly + from OVN to outside without touching the host stack. Setting this to true means hardware + offload will not be supported. Default is false if GatewayConfig is specified. + type: boolean + type: object + genevePort: + description: |- + geneve port is the UDP port to be used by geneve encapulation. + Default is 6081 + format: int32 + minimum: 1 + type: integer + hybridOverlayConfig: + description: |- + hybridOverlayConfig configures an additional overlay network for peers that are + not using OVN. + properties: + hybridClusterNetwork: + description: hybridClusterNetwork defines a network space + given to nodes on an additional overlay network. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + hybridOverlayVXLANPort: + description: |- + hybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network. + Default is 4789 + format: int32 + type: integer + type: object + ipsecConfig: + default: + mode: Disabled + description: |- + ipsecConfig enables and configures IPsec for pods on the pod network within the + cluster. + properties: + full: + description: |- + full defines configuration parameters for the IPsec `Full` mode. + This is permitted only when mode is configured with `Full`, + and forbidden otherwise. + minProperties: 1 + properties: + encapsulation: + description: |- + encapsulation option to configure libreswan on how inter-pod traffic across nodes + are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 + for the encapsulation. + Valid values are Always, Auto and omitted. + Always means enable UDP encapsulation regardless of whether NAT is detected. + Auto means enable UDP encapsulation based on the detection of NAT. + When omitted, this means no opinion and the platform is left to choose a reasonable + default, which is subject to change over time. The current default is Auto. + enum: + - Always + - Auto + type: string + type: object + mode: + description: |- + mode defines the behaviour of the ipsec configuration within the platform. + Valid values are `Disabled`, `External` and `Full`. + When 'Disabled', ipsec will not be enabled at the node level. + When 'External', ipsec is enabled on the node level but requires the user to configure the secure communication parameters. + This mode is for external secure communications and the configuration can be done using the k8s-nmstate operator. + When 'Full', ipsec is configured on the node level and inter-pod secure communication within the cluster is configured. + Note with `Full`, if ipsec is desired for communication with external (to the cluster) entities (such as storage arrays), + this is left to the user to configure. + enum: + - Disabled + - External + - Full + type: string + type: object + x-kubernetes-validations: + - message: ipsecConfig.mode is required + rule: self == oldSelf || has(self.mode) + - message: full is forbidden when mode is not Full + rule: 'has(self.mode) && self.mode == ''Full'' ? true : + !has(self.full)' + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The current default value is 100.64.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The current default subnet is 100.88.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default value is fd98::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default subnet is fd97::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + type: object + mtu: + description: |- + mtu is the MTU to use for the tunnel interface. This must be 100 + bytes smaller than the uplink mtu. + Default is 1400 + format: int32 + minimum: 0 + type: integer + noOverlayConfig: + description: |- + noOverlayConfig contains configuration for no-overlay mode. + This configuration applies to the default network only. + It is required when transport is "NoOverlay". + When omitted, this means the user does not configure no-overlay mode options. + properties: + outboundSNAT: + description: |- + outboundSNAT defines the SNAT behavior for outbound traffic from pods. + Allowed values are "Enabled" and "Disabled". + When set to "Enabled", SNAT is performed on outbound traffic from pods. + When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + This field is required when the network operates in no-overlay mode. + This field can be set to any value at installation time and can be changed afterwards. + enum: + - Enabled + - Disabled + type: string + routing: + description: |- + routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + Allowed values are "Managed" and "Unmanaged". + When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + When set to "Unmanaged", users are responsible for configuring the pod network routing. + This field is required when the network operates in no-overlay mode. + This field is immutable once set. + enum: + - Managed + - Unmanaged + type: string + x-kubernetes-validations: + - message: routing is immutable once set + rule: self == oldSelf + required: + - outboundSNAT + - routing + type: object + policyAuditConfig: + description: |- + policyAuditConfig is the configuration for network policy audit events. If unset, + reported defaults are used. + properties: + destination: + default: "null" + description: |- + destination is the location for policy log messages. + Regardless of this config, persistent logs will always be dumped to the host + at /var/log/ovn/ however + Additionally syslog output may be configured as follows. + Valid values are: + - "libc" -> to use the libc syslog() function of the host node's journdald process + - "udp:host:port" -> for sending syslog over UDP + - "unix:file" -> for using the UNIX domain socket directly + - "null" -> to discard all messages logged to syslog + The default is "null" + type: string + maxFileSize: + default: 50 + description: |- + maxFilesSize is the max size an ACL_audit log file is allowed to reach before rotation occurs + Units are in MB and the Default is 50MB + format: int32 + minimum: 1 + type: integer + maxLogFiles: + default: 5 + description: maxLogFiles specifies the maximum number + of ACL_audit log files that can be present. + format: int32 + minimum: 1 + type: integer + rateLimit: + default: 20 + description: |- + rateLimit is the approximate maximum number of messages to generate per-second per-node. If + unset the default of 20 msg/sec is used. + format: int32 + minimum: 1 + type: integer + syslogFacility: + default: local0 + description: syslogFacility the RFC5424 facility for generated + messages, e.g. "kern". Default is "local0" + type: string + type: object + routeAdvertisements: + description: |- + routeAdvertisements determines if the functionality to advertise cluster + network routes through a dynamic routing protocol, such as BGP, is + enabled or not. This functionality is configured through the + ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing + capability provider to be enabled as an additional routing capability. + Allowed values are "Enabled", "Disabled" and ommited. When omitted, this + means the user has no opinion and the platform is left to choose + reasonable defaults. These defaults are subject to change over time. The + current default is "Disabled". + enum: + - "" + - Enabled + - Disabled + type: string + transport: + description: |- + transport sets the transport mode for pods on the default network. + Allowed values are "NoOverlay" and "Geneve". + "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + When omitted, this means the user has no opinion and the platform chooses + a reasonable default which is subject to change over time. + The current default is "Geneve". + "NoOverlay" can only be set at installation time and cannot be changed afterwards. + "Geneve" may be set explicitly at any time to lock in the current default. + enum: + - NoOverlay + - Geneve + type: string + x-kubernetes-validations: + - message: transport is immutable once set + rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is 100.64.0.0/16 + type: string + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is fd98::/64 + type: string + type: object + x-kubernetes-validations: + - message: routeAdvertisements must be Enabled when transport + is NoOverlay + rule: 'self.?transport.orValue('''') == ''NoOverlay'' ? self.?routeAdvertisements.orValue('''') + == ''Enabled'' : true' + - message: noOverlayConfig must be set if transport is NoOverlay, + and is forbidden otherwise + rule: 'self.?transport.orValue('''') == ''NoOverlay'' ? has(self.noOverlayConfig) + : !has(self.noOverlayConfig)' + - message: bgpManagedConfig is required when noOverlayConfig.routing + is Managed + rule: 'self.?noOverlayConfig.routing.orValue('''') == ''Managed'' + ? has(self.bgpManagedConfig) : true' + - message: transport can only be set to Geneve after installation + rule: '!has(self.transport) || self.transport == ''Geneve'' + || has(oldSelf.transport)' + - message: transport may not be removed once set + rule: '!has(oldSelf.transport) || has(self.transport)' + - message: noOverlayConfig may not be removed once set + rule: '!has(oldSelf.noOverlayConfig) || has(self.noOverlayConfig)' + type: + description: |- + type is the type of network + All NetworkTypes are supported except for NetworkTypeRaw + type: string + type: object + deployKubeProxy: + description: |- + deployKubeProxy specifies whether or not a standalone kube-proxy should + be deployed by the operator. Some network providers include kube-proxy + or similar functionality. If unset, the plugin will attempt to select + the correct value, which is false when ovn-kubernetes is used and true + otherwise. + type: boolean + disableMultiNetwork: + description: |- + disableMultiNetwork defaults to 'false' and this setting enables the pod multi-networking capability. + disableMultiNetwork when set to 'true' at cluster install time does not install the components, typically the Multus CNI and the network-attachment-definition CRD, + that enable the pod multi-networking capability. Setting the parameter to 'true' might be useful when you need install third-party CNI plugins, + but these plugins are not supported by Red Hat. Changing the parameter value as a postinstallation cluster task has no effect. + type: boolean + disableNetworkDiagnostics: + default: false + description: |- + disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck + CRs from a test pod to every node, apiserver and LB should be disabled or not. + If unset, this property defaults to 'false' and network diagnostics is enabled. + Setting this to 'true' would reduce the additional load of the pods performing the checks. + type: boolean + exportNetworkFlows: + description: |- + exportNetworkFlows enables and configures the export of network flow metadata from the pod network + by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. + If unset, flows will not be exported to any collector. + properties: + ipfix: + description: ipfix defines IPFIX configuration. + properties: + collectors: + description: ipfixCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + netFlow: + description: netFlow defines the NetFlow configuration. + properties: + collectors: + description: |- + netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. + It is a list of strings formatted as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + sFlow: + description: sFlow defines the SFlow configuration. + properties: + collectors: + description: sFlowCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + type: object + kubeProxyConfig: + description: |- + kubeProxyConfig lets us configure desired proxy configuration, if + deployKubeProxy is true. If not specified, sensible defaults will be chosen by + OpenShift directly. + properties: + bindAddress: + description: |- + The address to "bind" on + Defaults to 0.0.0.0 + type: string + iptablesSyncPeriod: + description: |- + An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + in large clusters for performance reasons, but this is no longer necessary, and there is no reason + to change this from the default value. + Default: 30s + type: string + proxyArguments: + additionalProperties: + description: ProxyArgumentList is a list of arguments to pass + to the kubeproxy process + items: + type: string + type: array + x-kubernetes-list-type: atomic + description: Any additional arguments to pass to the kubeproxy + process + type: object + type: object + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + migration: + description: |- + migration enables and configures cluster network migration, for network changes + that cannot be made instantly. + properties: + features: + description: |- + features was previously used to configure which network plugin features + would be migrated in a network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + properties: + egressFirewall: + default: true + description: |- + egressFirewall specified whether or not the Egress Firewall configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + egressIP: + default: true + description: |- + egressIP specified whether or not the Egress IP configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + multicast: + default: true + description: |- + multicast specified whether or not the multicast configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + type: object + mode: + description: |- + mode indicates the mode of network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + enum: + - Live + - Offline + - "" + type: string + mtu: + description: |- + mtu contains the MTU migration configuration. Set this to allow changing + the MTU values for the default network. If unset, the operation of + changing the MTU for the default network will be rejected. + properties: + machine: + description: |- + machine contains MTU migration configuration for the machine's uplink. + Needs to be migrated along with the default network MTU unless the + current uplink MTU already accommodates the default network MTU. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + network: + description: |- + network contains information about MTU migration for the default network. + Migrations are only allowed to MTU values lower than the machine's uplink + MTU by the minimum appropriate offset. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + type: object + networkType: + description: |- + networkType was previously used when changing the default network type. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + type: string + type: object + x-kubernetes-validations: + - message: networkType migration in mode other than 'Live' may not + be configured at the same time as mtu migration + rule: '!has(self.mtu) || !has(self.networkType) || self.networkType + == "" || has(self.mode) && self.mode == ''Live''' + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + serviceNetwork: + description: |- + serviceNetwork is the ip address pool to use for Service IPs + Currently, all existing network providers only support a single value + here, but this is an array to allow for growth. + items: + type: string + type: array + x-kubernetes-list-type: atomic + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + useMultiNetworkPolicy: + description: |- + useMultiNetworkPolicy enables a controller which allows for + MultiNetworkPolicy objects to be used on additional networks as + created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy + objects, but NetworkPolicy objects only apply to the primary interface. + With MultiNetworkPolicy, you can control the traffic that a pod can receive + over the secondary interfaces. If unset, this property defaults to 'false' + and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is + 'true' then the value of this field is ignored. + type: boolean + type: object + x-kubernetes-validations: + - message: invalid value for IPForwarding, valid values are 'Restricted' + or 'Global' + rule: '!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || + !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Restricted'' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Global''' + - message: Route advertisements cannot be Enabled if 'FRR' routing capability + provider is not available + rule: (has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) + || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) + || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != + 'Enabled' + status: + description: |- + NetworkStatus is detailed operator status, which is distilled + up to the Network clusteroperator object. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-Default.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-Default.crd.yaml new file mode 100644 index 0000000000..2324d6d3b6 --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-Default.crd.yaml @@ -0,0 +1,1045 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: Default + name: networks.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + Network describes the cluster's desired network configuration. It is + consumed by the cluster-network-operator. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NetworkSpec is the top-level network configuration object. + properties: + additionalNetworks: + description: |- + additionalNetworks is a list of extra networks to make available to pods + when multiple networks are enabled. + items: + description: |- + AdditionalNetworkDefinition configures an extra network that is available but not + created by default. Instead, pods must request them by name. + type must be specified, along with exactly one "Config" that matches the type. + properties: + name: + description: |- + name is the name of the network. This will be populated in the resulting CRD + This must be unique. + type: string + namespace: + description: |- + namespace is the namespace of the network. This will be populated in the resulting CRD + If not given the network will be created in the default namespace. + type: string + rawCNIConfig: + description: |- + rawCNIConfig is the raw CNI configuration json to create in the + NetworkAttachmentDefinition CRD + type: string + simpleMacvlanConfig: + description: simpleMacvlanConfig configures the macvlan interface + in case of type:NetworkTypeSimpleMacvlan + properties: + ipamConfig: + description: ipamConfig configures IPAM module will be used + for IP Address Management (IPAM). + properties: + staticIPAMConfig: + description: staticIPAMConfig configures the static + IP address in case of type:IPAMTypeStatic + properties: + addresses: + description: addresses configures IP address for + the interface + items: + description: StaticIPAMAddresses provides IP address + and Gateway for static IPAM addresses + properties: + address: + description: address is the IP address in + CIDR format + type: string + gateway: + description: gateway is IP inside of subnet + to designate as the gateway + type: string + type: object + type: array + x-kubernetes-list-type: atomic + dns: + description: dns configures DNS for the interface + properties: + domain: + description: domain configures the domainname + the local domain used for short hostname lookups + type: string + nameservers: + description: nameservers points DNS servers + for IP lookup + items: + type: string + type: array + x-kubernetes-list-type: atomic + search: + description: search configures priority ordered + search domains for short hostname lookups + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + routes: + description: routes configures IP routes for the + interface + items: + description: StaticIPAMRoutes provides Destination/Gateway + pairs for static IPAM routes + properties: + destination: + description: destination points the IP route + destination + type: string + gateway: + description: |- + gateway is the route's next-hop IP address + If unset, a default gateway is assumed (as determined by the CNI plugin). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: + description: |- + type is the type of IPAM module will be used for IP Address Management(IPAM). + The supported values are IPAMTypeDHCP, IPAMTypeStatic + type: string + type: object + master: + description: |- + master is the host interface to create the macvlan interface from. + If not specified, it will be default route interface + type: string + mode: + description: 'mode is the macvlan mode: bridge, private, + vepa, passthru. The default is bridge' + type: string + mtu: + description: |- + mtu is the mtu to use for the macvlan interface. if unset, host's + kernel will select the value. + format: int32 + minimum: 0 + type: integer + type: object + type: + description: |- + type is the type of network + The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalRoutingCapabilities: + description: |- + additionalRoutingCapabilities describes components and relevant + configuration providing additional routing capabilities. When set, it + enables such components and the usage of the routing capabilities they + provide for the machine network. Upstream operators, like MetalLB + operator, requiring these capabilities may rely on, or automatically set + this attribute. Network plugins may leverage advanced routing + capabilities acquired through the enablement of these components but may + require specific configuration on their side to do so; refer to their + respective documentation and configuration options. + properties: + providers: + description: |- + providers is a set of enabled components that provide additional routing + capabilities. Entries on this list must be unique. The only valid value + is currrently "FRR" which provides FRR routing capabilities through the + deployment of FRR. + items: + description: RoutingCapabilitiesProvider is a component providing + routing capabilities. + enum: + - FRR + type: string + maxItems: 1 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - rule: self.all(x, self.exists_one(y, x == y)) + required: + - providers + type: object + clusterNetwork: + description: |- + clusterNetwork is the IP address pool to use for pod IPs. + Some network providers support multiple ClusterNetworks. + Others only support one. This is equivalent to the cluster-cidr. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + defaultNetwork: + description: defaultNetwork is the "default" network that all pods + will receive + properties: + openshiftSDNConfig: + description: |- + openshiftSDNConfig was previously used to configure the openshift-sdn plugin. + DEPRECATED: OpenShift SDN is no longer supported. + properties: + enableUnidling: + description: |- + enableUnidling controls whether or not the service proxy will support idling + and unidling of services. By default, unidling is enabled. + type: boolean + mode: + description: mode is one of "Multitenant", "Subnet", or "NetworkPolicy" + type: string + mtu: + description: |- + mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. + This must be 50 bytes smaller than the machine's uplink. + format: int32 + minimum: 0 + type: integer + useExternalOpenvswitch: + description: |- + useExternalOpenvswitch used to control whether the operator would deploy an OVS + DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always + run as a system service, and this flag is ignored. + type: boolean + vxlanPort: + description: vxlanPort is the port to use for all vxlan packets. + The default is 4789. + format: int32 + minimum: 0 + type: integer + type: object + ovnKubernetesConfig: + description: ovnKubernetesConfig configures the ovn-kubernetes + plugin. + properties: + egressIPConfig: + description: egressIPConfig holds the configuration for EgressIP + options. + properties: + reachabilityTotalTimeoutSeconds: + description: |- + reachabilityTotalTimeout configures the EgressIP node reachability check total timeout in seconds. + If the EgressIP node cannot be reached within this timeout, the node is declared down. + Setting a large value may cause the EgressIP feature to react slowly to node changes. + In particular, it may react slowly for EgressIP nodes that really have a genuine problem and are unreachable. + When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The current default is 1 second. + A value of 0 disables the EgressIP node's reachability check. + format: int32 + maximum: 60 + minimum: 0 + type: integer + type: object + gatewayConfig: + description: gatewayConfig holds the configuration for node + gateway options. + properties: + ipForwarding: + description: |- + ipForwarding controls IP forwarding for all traffic on OVN-Kubernetes managed interfaces (such as br-ex). + By default this is set to Restricted, and Kubernetes related traffic is still forwarded appropriately, but other + IP traffic will not be routed by the OCP node. If there is a desire to allow the host to forward traffic across + OVN-Kubernetes managed interfaces, then set this field to "Global". + The supported values are "Restricted" and "Global". + type: string + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv4 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV4 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /29). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is 169.254.0.0/17 + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 4 + - message: subnet must be in the range /0 to /29 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 29 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > + 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv6 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV6 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /125). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is fd69::/112 + Note that IPV6 dual addresses are not permitted + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 6 + - message: subnet must be in the range /0 to /125 + inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 125 + type: object + routingViaHost: + default: false + description: |- + routingViaHost allows pod egress traffic to exit via the ovn-k8s-mp0 management port + into the host before sending it out. If this is not set, traffic will always egress directly + from OVN to outside without touching the host stack. Setting this to true means hardware + offload will not be supported. Default is false if GatewayConfig is specified. + type: boolean + type: object + genevePort: + description: |- + geneve port is the UDP port to be used by geneve encapulation. + Default is 6081 + format: int32 + minimum: 1 + type: integer + hybridOverlayConfig: + description: |- + hybridOverlayConfig configures an additional overlay network for peers that are + not using OVN. + properties: + hybridClusterNetwork: + description: hybridClusterNetwork defines a network space + given to nodes on an additional overlay network. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + hybridOverlayVXLANPort: + description: |- + hybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network. + Default is 4789 + format: int32 + type: integer + type: object + ipsecConfig: + default: + mode: Disabled + description: |- + ipsecConfig enables and configures IPsec for pods on the pod network within the + cluster. + properties: + full: + description: |- + full defines configuration parameters for the IPsec `Full` mode. + This is permitted only when mode is configured with `Full`, + and forbidden otherwise. + minProperties: 1 + properties: + encapsulation: + description: |- + encapsulation option to configure libreswan on how inter-pod traffic across nodes + are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 + for the encapsulation. + Valid values are Always, Auto and omitted. + Always means enable UDP encapsulation regardless of whether NAT is detected. + Auto means enable UDP encapsulation based on the detection of NAT. + When omitted, this means no opinion and the platform is left to choose a reasonable + default, which is subject to change over time. The current default is Auto. + enum: + - Always + - Auto + type: string + type: object + mode: + description: |- + mode defines the behaviour of the ipsec configuration within the platform. + Valid values are `Disabled`, `External` and `Full`. + When 'Disabled', ipsec will not be enabled at the node level. + When 'External', ipsec is enabled on the node level but requires the user to configure the secure communication parameters. + This mode is for external secure communications and the configuration can be done using the k8s-nmstate operator. + When 'Full', ipsec is configured on the node level and inter-pod secure communication within the cluster is configured. + Note with `Full`, if ipsec is desired for communication with external (to the cluster) entities (such as storage arrays), + this is left to the user to configure. + enum: + - Disabled + - External + - Full + type: string + type: object + x-kubernetes-validations: + - message: ipsecConfig.mode is required + rule: self == oldSelf || has(self.mode) + - message: full is forbidden when mode is not Full + rule: 'has(self.mode) && self.mode == ''Full'' ? true : + !has(self.full)' + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The current default value is 100.64.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The current default subnet is 100.88.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default value is fd98::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default subnet is fd97::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + type: object + mtu: + description: |- + mtu is the MTU to use for the tunnel interface. This must be 100 + bytes smaller than the uplink mtu. + Default is 1400 + format: int32 + minimum: 0 + type: integer + policyAuditConfig: + description: |- + policyAuditConfig is the configuration for network policy audit events. If unset, + reported defaults are used. + properties: + destination: + default: "null" + description: |- + destination is the location for policy log messages. + Regardless of this config, persistent logs will always be dumped to the host + at /var/log/ovn/ however + Additionally syslog output may be configured as follows. + Valid values are: + - "libc" -> to use the libc syslog() function of the host node's journdald process + - "udp:host:port" -> for sending syslog over UDP + - "unix:file" -> for using the UNIX domain socket directly + - "null" -> to discard all messages logged to syslog + The default is "null" + type: string + maxFileSize: + default: 50 + description: |- + maxFilesSize is the max size an ACL_audit log file is allowed to reach before rotation occurs + Units are in MB and the Default is 50MB + format: int32 + minimum: 1 + type: integer + maxLogFiles: + default: 5 + description: maxLogFiles specifies the maximum number + of ACL_audit log files that can be present. + format: int32 + minimum: 1 + type: integer + rateLimit: + default: 20 + description: |- + rateLimit is the approximate maximum number of messages to generate per-second per-node. If + unset the default of 20 msg/sec is used. + format: int32 + minimum: 1 + type: integer + syslogFacility: + default: local0 + description: syslogFacility the RFC5424 facility for generated + messages, e.g. "kern". Default is "local0" + type: string + type: object + routeAdvertisements: + description: |- + routeAdvertisements determines if the functionality to advertise cluster + network routes through a dynamic routing protocol, such as BGP, is + enabled or not. This functionality is configured through the + ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing + capability provider to be enabled as an additional routing capability. + Allowed values are "Enabled", "Disabled" and ommited. When omitted, this + means the user has no opinion and the platform is left to choose + reasonable defaults. These defaults are subject to change over time. The + current default is "Disabled". + enum: + - "" + - Enabled + - Disabled + type: string + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is 100.64.0.0/16 + type: string + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is fd98::/64 + type: string + type: object + type: + description: |- + type is the type of network + All NetworkTypes are supported except for NetworkTypeRaw + type: string + type: object + deployKubeProxy: + description: |- + deployKubeProxy specifies whether or not a standalone kube-proxy should + be deployed by the operator. Some network providers include kube-proxy + or similar functionality. If unset, the plugin will attempt to select + the correct value, which is false when ovn-kubernetes is used and true + otherwise. + type: boolean + disableMultiNetwork: + description: |- + disableMultiNetwork defaults to 'false' and this setting enables the pod multi-networking capability. + disableMultiNetwork when set to 'true' at cluster install time does not install the components, typically the Multus CNI and the network-attachment-definition CRD, + that enable the pod multi-networking capability. Setting the parameter to 'true' might be useful when you need install third-party CNI plugins, + but these plugins are not supported by Red Hat. Changing the parameter value as a postinstallation cluster task has no effect. + type: boolean + disableNetworkDiagnostics: + default: false + description: |- + disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck + CRs from a test pod to every node, apiserver and LB should be disabled or not. + If unset, this property defaults to 'false' and network diagnostics is enabled. + Setting this to 'true' would reduce the additional load of the pods performing the checks. + type: boolean + exportNetworkFlows: + description: |- + exportNetworkFlows enables and configures the export of network flow metadata from the pod network + by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. + If unset, flows will not be exported to any collector. + properties: + ipfix: + description: ipfix defines IPFIX configuration. + properties: + collectors: + description: ipfixCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + netFlow: + description: netFlow defines the NetFlow configuration. + properties: + collectors: + description: |- + netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. + It is a list of strings formatted as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + sFlow: + description: sFlow defines the SFlow configuration. + properties: + collectors: + description: sFlowCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + type: object + kubeProxyConfig: + description: |- + kubeProxyConfig lets us configure desired proxy configuration, if + deployKubeProxy is true. If not specified, sensible defaults will be chosen by + OpenShift directly. + properties: + bindAddress: + description: |- + The address to "bind" on + Defaults to 0.0.0.0 + type: string + iptablesSyncPeriod: + description: |- + An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + in large clusters for performance reasons, but this is no longer necessary, and there is no reason + to change this from the default value. + Default: 30s + type: string + proxyArguments: + additionalProperties: + description: ProxyArgumentList is a list of arguments to pass + to the kubeproxy process + items: + type: string + type: array + x-kubernetes-list-type: atomic + description: Any additional arguments to pass to the kubeproxy + process + type: object + type: object + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + migration: + description: |- + migration enables and configures cluster network migration, for network changes + that cannot be made instantly. + properties: + features: + description: |- + features was previously used to configure which network plugin features + would be migrated in a network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + properties: + egressFirewall: + default: true + description: |- + egressFirewall specified whether or not the Egress Firewall configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + egressIP: + default: true + description: |- + egressIP specified whether or not the Egress IP configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + multicast: + default: true + description: |- + multicast specified whether or not the multicast configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + type: object + mode: + description: |- + mode indicates the mode of network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + enum: + - Live + - Offline + - "" + type: string + mtu: + description: |- + mtu contains the MTU migration configuration. Set this to allow changing + the MTU values for the default network. If unset, the operation of + changing the MTU for the default network will be rejected. + properties: + machine: + description: |- + machine contains MTU migration configuration for the machine's uplink. + Needs to be migrated along with the default network MTU unless the + current uplink MTU already accommodates the default network MTU. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + network: + description: |- + network contains information about MTU migration for the default network. + Migrations are only allowed to MTU values lower than the machine's uplink + MTU by the minimum appropriate offset. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + type: object + networkType: + description: |- + networkType was previously used when changing the default network type. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + type: string + type: object + x-kubernetes-validations: + - message: networkType migration in mode other than 'Live' may not + be configured at the same time as mtu migration + rule: '!has(self.mtu) || !has(self.networkType) || self.networkType + == "" || has(self.mode) && self.mode == ''Live''' + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + serviceNetwork: + description: |- + serviceNetwork is the ip address pool to use for Service IPs + Currently, all existing network providers only support a single value + here, but this is an array to allow for growth. + items: + type: string + type: array + x-kubernetes-list-type: atomic + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + useMultiNetworkPolicy: + description: |- + useMultiNetworkPolicy enables a controller which allows for + MultiNetworkPolicy objects to be used on additional networks as + created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy + objects, but NetworkPolicy objects only apply to the primary interface. + With MultiNetworkPolicy, you can control the traffic that a pod can receive + over the secondary interfaces. If unset, this property defaults to 'false' + and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is + 'true' then the value of this field is ignored. + type: boolean + type: object + x-kubernetes-validations: + - message: invalid value for IPForwarding, valid values are 'Restricted' + or 'Global' + rule: '!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || + !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Restricted'' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Global''' + - message: Route advertisements cannot be Enabled if 'FRR' routing capability + provider is not available + rule: (has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) + || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) + || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != + 'Enabled' + status: + description: |- + NetworkStatus is detailed operator status, which is distilled + up to the Network clusteroperator object. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..7fcb1ab52e --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-DevPreviewNoUpgrade.crd.yaml @@ -0,0 +1,1152 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: DevPreviewNoUpgrade + name: networks.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + Network describes the cluster's desired network configuration. It is + consumed by the cluster-network-operator. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NetworkSpec is the top-level network configuration object. + properties: + additionalNetworks: + description: |- + additionalNetworks is a list of extra networks to make available to pods + when multiple networks are enabled. + items: + description: |- + AdditionalNetworkDefinition configures an extra network that is available but not + created by default. Instead, pods must request them by name. + type must be specified, along with exactly one "Config" that matches the type. + properties: + name: + description: |- + name is the name of the network. This will be populated in the resulting CRD + This must be unique. + type: string + namespace: + description: |- + namespace is the namespace of the network. This will be populated in the resulting CRD + If not given the network will be created in the default namespace. + type: string + rawCNIConfig: + description: |- + rawCNIConfig is the raw CNI configuration json to create in the + NetworkAttachmentDefinition CRD + type: string + simpleMacvlanConfig: + description: simpleMacvlanConfig configures the macvlan interface + in case of type:NetworkTypeSimpleMacvlan + properties: + ipamConfig: + description: ipamConfig configures IPAM module will be used + for IP Address Management (IPAM). + properties: + staticIPAMConfig: + description: staticIPAMConfig configures the static + IP address in case of type:IPAMTypeStatic + properties: + addresses: + description: addresses configures IP address for + the interface + items: + description: StaticIPAMAddresses provides IP address + and Gateway for static IPAM addresses + properties: + address: + description: address is the IP address in + CIDR format + type: string + gateway: + description: gateway is IP inside of subnet + to designate as the gateway + type: string + type: object + type: array + x-kubernetes-list-type: atomic + dns: + description: dns configures DNS for the interface + properties: + domain: + description: domain configures the domainname + the local domain used for short hostname lookups + type: string + nameservers: + description: nameservers points DNS servers + for IP lookup + items: + type: string + type: array + x-kubernetes-list-type: atomic + search: + description: search configures priority ordered + search domains for short hostname lookups + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + routes: + description: routes configures IP routes for the + interface + items: + description: StaticIPAMRoutes provides Destination/Gateway + pairs for static IPAM routes + properties: + destination: + description: destination points the IP route + destination + type: string + gateway: + description: |- + gateway is the route's next-hop IP address + If unset, a default gateway is assumed (as determined by the CNI plugin). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: + description: |- + type is the type of IPAM module will be used for IP Address Management(IPAM). + The supported values are IPAMTypeDHCP, IPAMTypeStatic + type: string + type: object + master: + description: |- + master is the host interface to create the macvlan interface from. + If not specified, it will be default route interface + type: string + mode: + description: 'mode is the macvlan mode: bridge, private, + vepa, passthru. The default is bridge' + type: string + mtu: + description: |- + mtu is the mtu to use for the macvlan interface. if unset, host's + kernel will select the value. + format: int32 + minimum: 0 + type: integer + type: object + type: + description: |- + type is the type of network + The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalRoutingCapabilities: + description: |- + additionalRoutingCapabilities describes components and relevant + configuration providing additional routing capabilities. When set, it + enables such components and the usage of the routing capabilities they + provide for the machine network. Upstream operators, like MetalLB + operator, requiring these capabilities may rely on, or automatically set + this attribute. Network plugins may leverage advanced routing + capabilities acquired through the enablement of these components but may + require specific configuration on their side to do so; refer to their + respective documentation and configuration options. + properties: + providers: + description: |- + providers is a set of enabled components that provide additional routing + capabilities. Entries on this list must be unique. The only valid value + is currrently "FRR" which provides FRR routing capabilities through the + deployment of FRR. + items: + description: RoutingCapabilitiesProvider is a component providing + routing capabilities. + enum: + - FRR + type: string + maxItems: 1 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - rule: self.all(x, self.exists_one(y, x == y)) + required: + - providers + type: object + clusterNetwork: + description: |- + clusterNetwork is the IP address pool to use for pod IPs. + Some network providers support multiple ClusterNetworks. + Others only support one. This is equivalent to the cluster-cidr. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + defaultNetwork: + description: defaultNetwork is the "default" network that all pods + will receive + properties: + openshiftSDNConfig: + description: |- + openshiftSDNConfig was previously used to configure the openshift-sdn plugin. + DEPRECATED: OpenShift SDN is no longer supported. + properties: + enableUnidling: + description: |- + enableUnidling controls whether or not the service proxy will support idling + and unidling of services. By default, unidling is enabled. + type: boolean + mode: + description: mode is one of "Multitenant", "Subnet", or "NetworkPolicy" + type: string + mtu: + description: |- + mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. + This must be 50 bytes smaller than the machine's uplink. + format: int32 + minimum: 0 + type: integer + useExternalOpenvswitch: + description: |- + useExternalOpenvswitch used to control whether the operator would deploy an OVS + DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always + run as a system service, and this flag is ignored. + type: boolean + vxlanPort: + description: vxlanPort is the port to use for all vxlan packets. + The default is 4789. + format: int32 + minimum: 0 + type: integer + type: object + ovnKubernetesConfig: + description: ovnKubernetesConfig configures the ovn-kubernetes + plugin. + properties: + bgpManagedConfig: + description: |- + bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + It is required when noOverlayConfig.routing is set to "Managed". + When omitted, this means the user does not configure BGP for managed routing. + This field can be set at installation time or on day 2, and can be modified at any time. + properties: + asNumber: + default: 64512 + description: |- + asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + to be used in the generated FRR configuration. + Valid values are 1 to 4294967295. + When omitted, this defaults to 64512. + format: int64 + maximum: 4294967295 + minimum: 1 + type: integer + bgpTopology: + description: |- + bgpTopology defines the BGP topology to be used. + Allowed values are "FullMesh". + When set to "FullMesh", every node peers directly with every other node via BGP. + This field is required when BGPManagedConfig is specified. + enum: + - FullMesh + type: string + required: + - bgpTopology + type: object + egressIPConfig: + description: egressIPConfig holds the configuration for EgressIP + options. + properties: + reachabilityTotalTimeoutSeconds: + description: |- + reachabilityTotalTimeout configures the EgressIP node reachability check total timeout in seconds. + If the EgressIP node cannot be reached within this timeout, the node is declared down. + Setting a large value may cause the EgressIP feature to react slowly to node changes. + In particular, it may react slowly for EgressIP nodes that really have a genuine problem and are unreachable. + When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The current default is 1 second. + A value of 0 disables the EgressIP node's reachability check. + format: int32 + maximum: 60 + minimum: 0 + type: integer + type: object + gatewayConfig: + description: gatewayConfig holds the configuration for node + gateway options. + properties: + ipForwarding: + description: |- + ipForwarding controls IP forwarding for all traffic on OVN-Kubernetes managed interfaces (such as br-ex). + By default this is set to Restricted, and Kubernetes related traffic is still forwarded appropriately, but other + IP traffic will not be routed by the OCP node. If there is a desire to allow the host to forward traffic across + OVN-Kubernetes managed interfaces, then set this field to "Global". + The supported values are "Restricted" and "Global". + type: string + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv4 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV4 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /29). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is 169.254.0.0/17 + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 4 + - message: subnet must be in the range /0 to /29 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 29 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > + 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv6 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV6 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /125). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is fd69::/112 + Note that IPV6 dual addresses are not permitted + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 6 + - message: subnet must be in the range /0 to /125 + inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 125 + type: object + routingViaHost: + default: false + description: |- + routingViaHost allows pod egress traffic to exit via the ovn-k8s-mp0 management port + into the host before sending it out. If this is not set, traffic will always egress directly + from OVN to outside without touching the host stack. Setting this to true means hardware + offload will not be supported. Default is false if GatewayConfig is specified. + type: boolean + type: object + genevePort: + description: |- + geneve port is the UDP port to be used by geneve encapulation. + Default is 6081 + format: int32 + minimum: 1 + type: integer + hybridOverlayConfig: + description: |- + hybridOverlayConfig configures an additional overlay network for peers that are + not using OVN. + properties: + hybridClusterNetwork: + description: hybridClusterNetwork defines a network space + given to nodes on an additional overlay network. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + hybridOverlayVXLANPort: + description: |- + hybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network. + Default is 4789 + format: int32 + type: integer + type: object + ipsecConfig: + default: + mode: Disabled + description: |- + ipsecConfig enables and configures IPsec for pods on the pod network within the + cluster. + properties: + full: + description: |- + full defines configuration parameters for the IPsec `Full` mode. + This is permitted only when mode is configured with `Full`, + and forbidden otherwise. + minProperties: 1 + properties: + encapsulation: + description: |- + encapsulation option to configure libreswan on how inter-pod traffic across nodes + are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 + for the encapsulation. + Valid values are Always, Auto and omitted. + Always means enable UDP encapsulation regardless of whether NAT is detected. + Auto means enable UDP encapsulation based on the detection of NAT. + When omitted, this means no opinion and the platform is left to choose a reasonable + default, which is subject to change over time. The current default is Auto. + enum: + - Always + - Auto + type: string + type: object + mode: + description: |- + mode defines the behaviour of the ipsec configuration within the platform. + Valid values are `Disabled`, `External` and `Full`. + When 'Disabled', ipsec will not be enabled at the node level. + When 'External', ipsec is enabled on the node level but requires the user to configure the secure communication parameters. + This mode is for external secure communications and the configuration can be done using the k8s-nmstate operator. + When 'Full', ipsec is configured on the node level and inter-pod secure communication within the cluster is configured. + Note with `Full`, if ipsec is desired for communication with external (to the cluster) entities (such as storage arrays), + this is left to the user to configure. + enum: + - Disabled + - External + - Full + type: string + type: object + x-kubernetes-validations: + - message: ipsecConfig.mode is required + rule: self == oldSelf || has(self.mode) + - message: full is forbidden when mode is not Full + rule: 'has(self.mode) && self.mode == ''Full'' ? true : + !has(self.full)' + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The current default value is 100.64.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The current default subnet is 100.88.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default value is fd98::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default subnet is fd97::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + type: object + mtu: + description: |- + mtu is the MTU to use for the tunnel interface. This must be 100 + bytes smaller than the uplink mtu. + Default is 1400 + format: int32 + minimum: 0 + type: integer + noOverlayConfig: + description: |- + noOverlayConfig contains configuration for no-overlay mode. + This configuration applies to the default network only. + It is required when transport is "NoOverlay". + When omitted, this means the user does not configure no-overlay mode options. + properties: + outboundSNAT: + description: |- + outboundSNAT defines the SNAT behavior for outbound traffic from pods. + Allowed values are "Enabled" and "Disabled". + When set to "Enabled", SNAT is performed on outbound traffic from pods. + When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + This field is required when the network operates in no-overlay mode. + This field can be set to any value at installation time and can be changed afterwards. + enum: + - Enabled + - Disabled + type: string + routing: + description: |- + routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + Allowed values are "Managed" and "Unmanaged". + When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + When set to "Unmanaged", users are responsible for configuring the pod network routing. + This field is required when the network operates in no-overlay mode. + This field is immutable once set. + enum: + - Managed + - Unmanaged + type: string + x-kubernetes-validations: + - message: routing is immutable once set + rule: self == oldSelf + required: + - outboundSNAT + - routing + type: object + policyAuditConfig: + description: |- + policyAuditConfig is the configuration for network policy audit events. If unset, + reported defaults are used. + properties: + destination: + default: "null" + description: |- + destination is the location for policy log messages. + Regardless of this config, persistent logs will always be dumped to the host + at /var/log/ovn/ however + Additionally syslog output may be configured as follows. + Valid values are: + - "libc" -> to use the libc syslog() function of the host node's journdald process + - "udp:host:port" -> for sending syslog over UDP + - "unix:file" -> for using the UNIX domain socket directly + - "null" -> to discard all messages logged to syslog + The default is "null" + type: string + maxFileSize: + default: 50 + description: |- + maxFilesSize is the max size an ACL_audit log file is allowed to reach before rotation occurs + Units are in MB and the Default is 50MB + format: int32 + minimum: 1 + type: integer + maxLogFiles: + default: 5 + description: maxLogFiles specifies the maximum number + of ACL_audit log files that can be present. + format: int32 + minimum: 1 + type: integer + rateLimit: + default: 20 + description: |- + rateLimit is the approximate maximum number of messages to generate per-second per-node. If + unset the default of 20 msg/sec is used. + format: int32 + minimum: 1 + type: integer + syslogFacility: + default: local0 + description: syslogFacility the RFC5424 facility for generated + messages, e.g. "kern". Default is "local0" + type: string + type: object + routeAdvertisements: + description: |- + routeAdvertisements determines if the functionality to advertise cluster + network routes through a dynamic routing protocol, such as BGP, is + enabled or not. This functionality is configured through the + ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing + capability provider to be enabled as an additional routing capability. + Allowed values are "Enabled", "Disabled" and ommited. When omitted, this + means the user has no opinion and the platform is left to choose + reasonable defaults. These defaults are subject to change over time. The + current default is "Disabled". + enum: + - "" + - Enabled + - Disabled + type: string + transport: + description: |- + transport sets the transport mode for pods on the default network. + Allowed values are "NoOverlay" and "Geneve". + "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + When omitted, this means the user has no opinion and the platform chooses + a reasonable default which is subject to change over time. + The current default is "Geneve". + "NoOverlay" can only be set at installation time and cannot be changed afterwards. + "Geneve" may be set explicitly at any time to lock in the current default. + enum: + - NoOverlay + - Geneve + type: string + x-kubernetes-validations: + - message: transport is immutable once set + rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is 100.64.0.0/16 + type: string + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is fd98::/64 + type: string + type: object + x-kubernetes-validations: + - message: routeAdvertisements must be Enabled when transport + is NoOverlay + rule: 'self.?transport.orValue('''') == ''NoOverlay'' ? self.?routeAdvertisements.orValue('''') + == ''Enabled'' : true' + - message: noOverlayConfig must be set if transport is NoOverlay, + and is forbidden otherwise + rule: 'self.?transport.orValue('''') == ''NoOverlay'' ? has(self.noOverlayConfig) + : !has(self.noOverlayConfig)' + - message: bgpManagedConfig is required when noOverlayConfig.routing + is Managed + rule: 'self.?noOverlayConfig.routing.orValue('''') == ''Managed'' + ? has(self.bgpManagedConfig) : true' + - message: transport can only be set to Geneve after installation + rule: '!has(self.transport) || self.transport == ''Geneve'' + || has(oldSelf.transport)' + - message: transport may not be removed once set + rule: '!has(oldSelf.transport) || has(self.transport)' + - message: noOverlayConfig may not be removed once set + rule: '!has(oldSelf.noOverlayConfig) || has(self.noOverlayConfig)' + type: + description: |- + type is the type of network + All NetworkTypes are supported except for NetworkTypeRaw + type: string + type: object + deployKubeProxy: + description: |- + deployKubeProxy specifies whether or not a standalone kube-proxy should + be deployed by the operator. Some network providers include kube-proxy + or similar functionality. If unset, the plugin will attempt to select + the correct value, which is false when ovn-kubernetes is used and true + otherwise. + type: boolean + disableMultiNetwork: + description: |- + disableMultiNetwork defaults to 'false' and this setting enables the pod multi-networking capability. + disableMultiNetwork when set to 'true' at cluster install time does not install the components, typically the Multus CNI and the network-attachment-definition CRD, + that enable the pod multi-networking capability. Setting the parameter to 'true' might be useful when you need install third-party CNI plugins, + but these plugins are not supported by Red Hat. Changing the parameter value as a postinstallation cluster task has no effect. + type: boolean + disableNetworkDiagnostics: + default: false + description: |- + disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck + CRs from a test pod to every node, apiserver and LB should be disabled or not. + If unset, this property defaults to 'false' and network diagnostics is enabled. + Setting this to 'true' would reduce the additional load of the pods performing the checks. + type: boolean + exportNetworkFlows: + description: |- + exportNetworkFlows enables and configures the export of network flow metadata from the pod network + by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. + If unset, flows will not be exported to any collector. + properties: + ipfix: + description: ipfix defines IPFIX configuration. + properties: + collectors: + description: ipfixCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + netFlow: + description: netFlow defines the NetFlow configuration. + properties: + collectors: + description: |- + netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. + It is a list of strings formatted as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + sFlow: + description: sFlow defines the SFlow configuration. + properties: + collectors: + description: sFlowCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + type: object + kubeProxyConfig: + description: |- + kubeProxyConfig lets us configure desired proxy configuration, if + deployKubeProxy is true. If not specified, sensible defaults will be chosen by + OpenShift directly. + properties: + bindAddress: + description: |- + The address to "bind" on + Defaults to 0.0.0.0 + type: string + iptablesSyncPeriod: + description: |- + An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + in large clusters for performance reasons, but this is no longer necessary, and there is no reason + to change this from the default value. + Default: 30s + type: string + proxyArguments: + additionalProperties: + description: ProxyArgumentList is a list of arguments to pass + to the kubeproxy process + items: + type: string + type: array + x-kubernetes-list-type: atomic + description: Any additional arguments to pass to the kubeproxy + process + type: object + type: object + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + migration: + description: |- + migration enables and configures cluster network migration, for network changes + that cannot be made instantly. + properties: + features: + description: |- + features was previously used to configure which network plugin features + would be migrated in a network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + properties: + egressFirewall: + default: true + description: |- + egressFirewall specified whether or not the Egress Firewall configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + egressIP: + default: true + description: |- + egressIP specified whether or not the Egress IP configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + multicast: + default: true + description: |- + multicast specified whether or not the multicast configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + type: object + mode: + description: |- + mode indicates the mode of network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + enum: + - Live + - Offline + - "" + type: string + mtu: + description: |- + mtu contains the MTU migration configuration. Set this to allow changing + the MTU values for the default network. If unset, the operation of + changing the MTU for the default network will be rejected. + properties: + machine: + description: |- + machine contains MTU migration configuration for the machine's uplink. + Needs to be migrated along with the default network MTU unless the + current uplink MTU already accommodates the default network MTU. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + network: + description: |- + network contains information about MTU migration for the default network. + Migrations are only allowed to MTU values lower than the machine's uplink + MTU by the minimum appropriate offset. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + type: object + networkType: + description: |- + networkType was previously used when changing the default network type. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + type: string + type: object + x-kubernetes-validations: + - message: networkType migration in mode other than 'Live' may not + be configured at the same time as mtu migration + rule: '!has(self.mtu) || !has(self.networkType) || self.networkType + == "" || has(self.mode) && self.mode == ''Live''' + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + serviceNetwork: + description: |- + serviceNetwork is the ip address pool to use for Service IPs + Currently, all existing network providers only support a single value + here, but this is an array to allow for growth. + items: + type: string + type: array + x-kubernetes-list-type: atomic + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + useMultiNetworkPolicy: + description: |- + useMultiNetworkPolicy enables a controller which allows for + MultiNetworkPolicy objects to be used on additional networks as + created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy + objects, but NetworkPolicy objects only apply to the primary interface. + With MultiNetworkPolicy, you can control the traffic that a pod can receive + over the secondary interfaces. If unset, this property defaults to 'false' + and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is + 'true' then the value of this field is ignored. + type: boolean + type: object + x-kubernetes-validations: + - message: invalid value for IPForwarding, valid values are 'Restricted' + or 'Global' + rule: '!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || + !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Restricted'' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Global''' + - message: Route advertisements cannot be Enabled if 'FRR' routing capability + provider is not available + rule: (has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) + || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) + || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != + 'Enabled' + status: + description: |- + NetworkStatus is detailed operator status, which is distilled + up to the Network clusteroperator object. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-OKD.crd.yaml similarity index 99% rename from vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-OKD.crd.yaml index 60459deca7..85f957f0da 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-OKD.crd.yaml @@ -6,6 +6,7 @@ metadata: api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: OKD name: networks.operator.openshift.io spec: group: operator.openshift.io diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-TechPreviewNoUpgrade.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-TechPreviewNoUpgrade.crd.yaml new file mode 100644 index 0000000000..e6a3bedceb --- /dev/null +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_70_network_01_networks-TechPreviewNoUpgrade.crd.yaml @@ -0,0 +1,1152 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.openshift.io: https://github.com/openshift/api/pull/475 + api.openshift.io/merged-by-featuregates: "true" + include.release.openshift.io/ibm-cloud-managed: "true" + include.release.openshift.io/self-managed-high-availability: "true" + release.openshift.io/feature-set: TechPreviewNoUpgrade + name: networks.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: |- + Network describes the cluster's desired network configuration. It is + consumed by the cluster-network-operator. + + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NetworkSpec is the top-level network configuration object. + properties: + additionalNetworks: + description: |- + additionalNetworks is a list of extra networks to make available to pods + when multiple networks are enabled. + items: + description: |- + AdditionalNetworkDefinition configures an extra network that is available but not + created by default. Instead, pods must request them by name. + type must be specified, along with exactly one "Config" that matches the type. + properties: + name: + description: |- + name is the name of the network. This will be populated in the resulting CRD + This must be unique. + type: string + namespace: + description: |- + namespace is the namespace of the network. This will be populated in the resulting CRD + If not given the network will be created in the default namespace. + type: string + rawCNIConfig: + description: |- + rawCNIConfig is the raw CNI configuration json to create in the + NetworkAttachmentDefinition CRD + type: string + simpleMacvlanConfig: + description: simpleMacvlanConfig configures the macvlan interface + in case of type:NetworkTypeSimpleMacvlan + properties: + ipamConfig: + description: ipamConfig configures IPAM module will be used + for IP Address Management (IPAM). + properties: + staticIPAMConfig: + description: staticIPAMConfig configures the static + IP address in case of type:IPAMTypeStatic + properties: + addresses: + description: addresses configures IP address for + the interface + items: + description: StaticIPAMAddresses provides IP address + and Gateway for static IPAM addresses + properties: + address: + description: address is the IP address in + CIDR format + type: string + gateway: + description: gateway is IP inside of subnet + to designate as the gateway + type: string + type: object + type: array + x-kubernetes-list-type: atomic + dns: + description: dns configures DNS for the interface + properties: + domain: + description: domain configures the domainname + the local domain used for short hostname lookups + type: string + nameservers: + description: nameservers points DNS servers + for IP lookup + items: + type: string + type: array + x-kubernetes-list-type: atomic + search: + description: search configures priority ordered + search domains for short hostname lookups + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + routes: + description: routes configures IP routes for the + interface + items: + description: StaticIPAMRoutes provides Destination/Gateway + pairs for static IPAM routes + properties: + destination: + description: destination points the IP route + destination + type: string + gateway: + description: |- + gateway is the route's next-hop IP address + If unset, a default gateway is assumed (as determined by the CNI plugin). + type: string + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: + description: |- + type is the type of IPAM module will be used for IP Address Management(IPAM). + The supported values are IPAMTypeDHCP, IPAMTypeStatic + type: string + type: object + master: + description: |- + master is the host interface to create the macvlan interface from. + If not specified, it will be default route interface + type: string + mode: + description: 'mode is the macvlan mode: bridge, private, + vepa, passthru. The default is bridge' + type: string + mtu: + description: |- + mtu is the mtu to use for the macvlan interface. if unset, host's + kernel will select the value. + format: int32 + minimum: 0 + type: integer + type: object + type: + description: |- + type is the type of network + The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalRoutingCapabilities: + description: |- + additionalRoutingCapabilities describes components and relevant + configuration providing additional routing capabilities. When set, it + enables such components and the usage of the routing capabilities they + provide for the machine network. Upstream operators, like MetalLB + operator, requiring these capabilities may rely on, or automatically set + this attribute. Network plugins may leverage advanced routing + capabilities acquired through the enablement of these components but may + require specific configuration on their side to do so; refer to their + respective documentation and configuration options. + properties: + providers: + description: |- + providers is a set of enabled components that provide additional routing + capabilities. Entries on this list must be unique. The only valid value + is currrently "FRR" which provides FRR routing capabilities through the + deployment of FRR. + items: + description: RoutingCapabilitiesProvider is a component providing + routing capabilities. + enum: + - FRR + type: string + maxItems: 1 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + x-kubernetes-validations: + - rule: self.all(x, self.exists_one(y, x == y)) + required: + - providers + type: object + clusterNetwork: + description: |- + clusterNetwork is the IP address pool to use for pod IPs. + Some network providers support multiple ClusterNetworks. + Others only support one. This is equivalent to the cluster-cidr. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + defaultNetwork: + description: defaultNetwork is the "default" network that all pods + will receive + properties: + openshiftSDNConfig: + description: |- + openshiftSDNConfig was previously used to configure the openshift-sdn plugin. + DEPRECATED: OpenShift SDN is no longer supported. + properties: + enableUnidling: + description: |- + enableUnidling controls whether or not the service proxy will support idling + and unidling of services. By default, unidling is enabled. + type: boolean + mode: + description: mode is one of "Multitenant", "Subnet", or "NetworkPolicy" + type: string + mtu: + description: |- + mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. + This must be 50 bytes smaller than the machine's uplink. + format: int32 + minimum: 0 + type: integer + useExternalOpenvswitch: + description: |- + useExternalOpenvswitch used to control whether the operator would deploy an OVS + DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always + run as a system service, and this flag is ignored. + type: boolean + vxlanPort: + description: vxlanPort is the port to use for all vxlan packets. + The default is 4789. + format: int32 + minimum: 0 + type: integer + type: object + ovnKubernetesConfig: + description: ovnKubernetesConfig configures the ovn-kubernetes + plugin. + properties: + bgpManagedConfig: + description: |- + bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + It is required when noOverlayConfig.routing is set to "Managed". + When omitted, this means the user does not configure BGP for managed routing. + This field can be set at installation time or on day 2, and can be modified at any time. + properties: + asNumber: + default: 64512 + description: |- + asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + to be used in the generated FRR configuration. + Valid values are 1 to 4294967295. + When omitted, this defaults to 64512. + format: int64 + maximum: 4294967295 + minimum: 1 + type: integer + bgpTopology: + description: |- + bgpTopology defines the BGP topology to be used. + Allowed values are "FullMesh". + When set to "FullMesh", every node peers directly with every other node via BGP. + This field is required when BGPManagedConfig is specified. + enum: + - FullMesh + type: string + required: + - bgpTopology + type: object + egressIPConfig: + description: egressIPConfig holds the configuration for EgressIP + options. + properties: + reachabilityTotalTimeoutSeconds: + description: |- + reachabilityTotalTimeout configures the EgressIP node reachability check total timeout in seconds. + If the EgressIP node cannot be reached within this timeout, the node is declared down. + Setting a large value may cause the EgressIP feature to react slowly to node changes. + In particular, it may react slowly for EgressIP nodes that really have a genuine problem and are unreachable. + When omitted, this means the user has no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + The current default is 1 second. + A value of 0 disables the EgressIP node's reachability check. + format: int32 + maximum: 60 + minimum: 0 + type: integer + type: object + gatewayConfig: + description: gatewayConfig holds the configuration for node + gateway options. + properties: + ipForwarding: + description: |- + ipForwarding controls IP forwarding for all traffic on OVN-Kubernetes managed interfaces (such as br-ex). + By default this is set to Restricted, and Kubernetes related traffic is still forwarded appropriately, but other + IP traffic will not be routed by the OCP node. If there is a desire to allow the host to forward traffic across + OVN-Kubernetes managed interfaces, then set this field to "Global". + The supported values are "Restricted" and "Global". + type: string + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv4 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV4 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /29). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is 169.254.0.0/17 + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 4 + - message: subnet must be in the range /0 to /29 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 29 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > + 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When omitted, this means no opinion and the default + configuration is used. Check individual members fields within ipv6 for details of default values. + properties: + internalMasqueradeSubnet: + description: |- + internalMasqueradeSubnet contains the masquerade addresses in IPV6 CIDR format used internally by + ovn-kubernetes to enable host to service traffic. Each host in the cluster is configured with these + addresses, as well as the shared gateway bridge interface. The values can be changed after + installation. The subnet chosen should not overlap with other networks specified for + OVN-Kubernetes as well as other networks used on the host. Additionally the subnet must + be large enough to accommodate 6 IPs (maximum prefix length /125). + When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. + The current default subnet is fd69::/112 + Note that IPV6 dual addresses are not permitted + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == + 6 + - message: subnet must be in the range /0 to /125 + inclusive + rule: isCIDR(self) && cidr(self).prefixLength() + <= 125 + type: object + routingViaHost: + default: false + description: |- + routingViaHost allows pod egress traffic to exit via the ovn-k8s-mp0 management port + into the host before sending it out. If this is not set, traffic will always egress directly + from OVN to outside without touching the host stack. Setting this to true means hardware + offload will not be supported. Default is false if GatewayConfig is specified. + type: boolean + type: object + genevePort: + description: |- + geneve port is the UDP port to be used by geneve encapulation. + Default is 6081 + format: int32 + minimum: 1 + type: integer + hybridOverlayConfig: + description: |- + hybridOverlayConfig configures an additional overlay network for peers that are + not using OVN. + properties: + hybridClusterNetwork: + description: hybridClusterNetwork defines a network space + given to nodes on an additional overlay network. + items: + description: |- + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size + HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If + the HostPrefix field is not used by the plugin, it can be left unset. + Not all network providers support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + x-kubernetes-list-type: atomic + hybridOverlayVXLANPort: + description: |- + hybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network. + Default is 4789 + format: int32 + type: integer + type: object + ipsecConfig: + default: + mode: Disabled + description: |- + ipsecConfig enables and configures IPsec for pods on the pod network within the + cluster. + properties: + full: + description: |- + full defines configuration parameters for the IPsec `Full` mode. + This is permitted only when mode is configured with `Full`, + and forbidden otherwise. + minProperties: 1 + properties: + encapsulation: + description: |- + encapsulation option to configure libreswan on how inter-pod traffic across nodes + are encapsulated to handle NAT traversal. When configured it uses UDP port 4500 + for the encapsulation. + Valid values are Always, Auto and omitted. + Always means enable UDP encapsulation regardless of whether NAT is detected. + Auto means enable UDP encapsulation based on the detection of NAT. + When omitted, this means no opinion and the platform is left to choose a reasonable + default, which is subject to change over time. The current default is Auto. + enum: + - Always + - Auto + type: string + type: object + mode: + description: |- + mode defines the behaviour of the ipsec configuration within the platform. + Valid values are `Disabled`, `External` and `Full`. + When 'Disabled', ipsec will not be enabled at the node level. + When 'External', ipsec is enabled on the node level but requires the user to configure the secure communication parameters. + This mode is for external secure communications and the configuration can be done using the k8s-nmstate operator. + When 'Full', ipsec is configured on the node level and inter-pod secure communication within the cluster is configured. + Note with `Full`, if ipsec is desired for communication with external (to the cluster) entities (such as storage arrays), + this is left to the user to configure. + enum: + - Disabled + - External + - Full + type: string + type: object + x-kubernetes-validations: + - message: ipsecConfig.mode is required + rule: self == oldSelf || has(self.mode) + - message: full is forbidden when mode is not Full + rule: 'has(self.mode) && self.mode == ''Full'' ? true : + !has(self.full)' + ipv4: + description: |- + ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The current default value is 100.64.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The current default subnet is 100.88.0.0/16 + The subnet must be large enough to accommodate one IP per node in your cluster + The value must be in proper IPV4 CIDR format + maxLength: 18 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV4 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 4 + - message: subnet must be in the range /0 to /30 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 30 + - message: first IP address octet must not be 0 + rule: isCIDR(self) && int(self.split('.')[0]) > 0 + type: object + ipv6: + description: |- + ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, + this means no opinions and the default configuration is used. Check individual + fields within ipv4 for details of default values. + properties: + internalJoinSubnet: + description: |- + internalJoinSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default value is fd98::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + internalTransitSwitchSubnet: + description: |- + internalTransitSwitchSubnet is a v4 subnet in IPV4 CIDR format used internally + by OVN-Kubernetes for the distributed transit switch in the OVN Interconnect + architecture that connects the cluster routers on each node together to enable + east west traffic. The subnet chosen should not overlap with other networks + specified for OVN-Kubernetes as well as other networks used on the host. + When ommitted, this means no opinion and the platform is left to choose a reasonable + default which is subject to change over time. + The subnet must be large enough to accommodate one IP per node in your cluster + The current default subnet is fd97::/64 + The value must be in proper IPV6 CIDR format + Note that IPV6 dual addresses are not permitted + maxLength: 48 + type: string + x-kubernetes-validations: + - message: Subnet must be in valid IPV6 CIDR format + rule: isCIDR(self) && cidr(self).ip().family() == 6 + - message: subnet must be in the range /0 to /125 inclusive + rule: isCIDR(self) && cidr(self).prefixLength() <= 125 + type: object + mtu: + description: |- + mtu is the MTU to use for the tunnel interface. This must be 100 + bytes smaller than the uplink mtu. + Default is 1400 + format: int32 + minimum: 0 + type: integer + noOverlayConfig: + description: |- + noOverlayConfig contains configuration for no-overlay mode. + This configuration applies to the default network only. + It is required when transport is "NoOverlay". + When omitted, this means the user does not configure no-overlay mode options. + properties: + outboundSNAT: + description: |- + outboundSNAT defines the SNAT behavior for outbound traffic from pods. + Allowed values are "Enabled" and "Disabled". + When set to "Enabled", SNAT is performed on outbound traffic from pods. + When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + This field is required when the network operates in no-overlay mode. + This field can be set to any value at installation time and can be changed afterwards. + enum: + - Enabled + - Disabled + type: string + routing: + description: |- + routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + Allowed values are "Managed" and "Unmanaged". + When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + When set to "Unmanaged", users are responsible for configuring the pod network routing. + This field is required when the network operates in no-overlay mode. + This field is immutable once set. + enum: + - Managed + - Unmanaged + type: string + x-kubernetes-validations: + - message: routing is immutable once set + rule: self == oldSelf + required: + - outboundSNAT + - routing + type: object + policyAuditConfig: + description: |- + policyAuditConfig is the configuration for network policy audit events. If unset, + reported defaults are used. + properties: + destination: + default: "null" + description: |- + destination is the location for policy log messages. + Regardless of this config, persistent logs will always be dumped to the host + at /var/log/ovn/ however + Additionally syslog output may be configured as follows. + Valid values are: + - "libc" -> to use the libc syslog() function of the host node's journdald process + - "udp:host:port" -> for sending syslog over UDP + - "unix:file" -> for using the UNIX domain socket directly + - "null" -> to discard all messages logged to syslog + The default is "null" + type: string + maxFileSize: + default: 50 + description: |- + maxFilesSize is the max size an ACL_audit log file is allowed to reach before rotation occurs + Units are in MB and the Default is 50MB + format: int32 + minimum: 1 + type: integer + maxLogFiles: + default: 5 + description: maxLogFiles specifies the maximum number + of ACL_audit log files that can be present. + format: int32 + minimum: 1 + type: integer + rateLimit: + default: 20 + description: |- + rateLimit is the approximate maximum number of messages to generate per-second per-node. If + unset the default of 20 msg/sec is used. + format: int32 + minimum: 1 + type: integer + syslogFacility: + default: local0 + description: syslogFacility the RFC5424 facility for generated + messages, e.g. "kern". Default is "local0" + type: string + type: object + routeAdvertisements: + description: |- + routeAdvertisements determines if the functionality to advertise cluster + network routes through a dynamic routing protocol, such as BGP, is + enabled or not. This functionality is configured through the + ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing + capability provider to be enabled as an additional routing capability. + Allowed values are "Enabled", "Disabled" and ommited. When omitted, this + means the user has no opinion and the platform is left to choose + reasonable defaults. These defaults are subject to change over time. The + current default is "Disabled". + enum: + - "" + - Enabled + - Disabled + type: string + transport: + description: |- + transport sets the transport mode for pods on the default network. + Allowed values are "NoOverlay" and "Geneve". + "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + When omitted, this means the user has no opinion and the platform chooses + a reasonable default which is subject to change over time. + The current default is "Geneve". + "NoOverlay" can only be set at installation time and cannot be changed afterwards. + "Geneve" may be set explicitly at any time to lock in the current default. + enum: + - NoOverlay + - Geneve + type: string + x-kubernetes-validations: + - message: transport is immutable once set + rule: self == oldSelf + v4InternalSubnet: + description: |- + v4InternalSubnet is a v4 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is 100.64.0.0/16 + type: string + v6InternalSubnet: + description: |- + v6InternalSubnet is a v6 subnet used internally by ovn-kubernetes in case the + default one is being already used by something else. It must not overlap with + any other subnet being used by OpenShift or by the node network. The size of the + subnet must be larger than the number of nodes. + Default is fd98::/64 + type: string + type: object + x-kubernetes-validations: + - message: routeAdvertisements must be Enabled when transport + is NoOverlay + rule: 'self.?transport.orValue('''') == ''NoOverlay'' ? self.?routeAdvertisements.orValue('''') + == ''Enabled'' : true' + - message: noOverlayConfig must be set if transport is NoOverlay, + and is forbidden otherwise + rule: 'self.?transport.orValue('''') == ''NoOverlay'' ? has(self.noOverlayConfig) + : !has(self.noOverlayConfig)' + - message: bgpManagedConfig is required when noOverlayConfig.routing + is Managed + rule: 'self.?noOverlayConfig.routing.orValue('''') == ''Managed'' + ? has(self.bgpManagedConfig) : true' + - message: transport can only be set to Geneve after installation + rule: '!has(self.transport) || self.transport == ''Geneve'' + || has(oldSelf.transport)' + - message: transport may not be removed once set + rule: '!has(oldSelf.transport) || has(self.transport)' + - message: noOverlayConfig may not be removed once set + rule: '!has(oldSelf.noOverlayConfig) || has(self.noOverlayConfig)' + type: + description: |- + type is the type of network + All NetworkTypes are supported except for NetworkTypeRaw + type: string + type: object + deployKubeProxy: + description: |- + deployKubeProxy specifies whether or not a standalone kube-proxy should + be deployed by the operator. Some network providers include kube-proxy + or similar functionality. If unset, the plugin will attempt to select + the correct value, which is false when ovn-kubernetes is used and true + otherwise. + type: boolean + disableMultiNetwork: + description: |- + disableMultiNetwork defaults to 'false' and this setting enables the pod multi-networking capability. + disableMultiNetwork when set to 'true' at cluster install time does not install the components, typically the Multus CNI and the network-attachment-definition CRD, + that enable the pod multi-networking capability. Setting the parameter to 'true' might be useful when you need install third-party CNI plugins, + but these plugins are not supported by Red Hat. Changing the parameter value as a postinstallation cluster task has no effect. + type: boolean + disableNetworkDiagnostics: + default: false + description: |- + disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck + CRs from a test pod to every node, apiserver and LB should be disabled or not. + If unset, this property defaults to 'false' and network diagnostics is enabled. + Setting this to 'true' would reduce the additional load of the pods performing the checks. + type: boolean + exportNetworkFlows: + description: |- + exportNetworkFlows enables and configures the export of network flow metadata from the pod network + by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. + If unset, flows will not be exported to any collector. + properties: + ipfix: + description: ipfix defines IPFIX configuration. + properties: + collectors: + description: ipfixCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + netFlow: + description: netFlow defines the NetFlow configuration. + properties: + collectors: + description: |- + netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. + It is a list of strings formatted as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + sFlow: + description: sFlow defines the SFlow configuration. + properties: + collectors: + description: sFlowCollectors is list of strings formatted + as ip:port with a maximum of ten items + items: + pattern: ^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]):([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + type: string + maxItems: 10 + minItems: 1 + type: array + x-kubernetes-list-type: atomic + type: object + type: object + kubeProxyConfig: + description: |- + kubeProxyConfig lets us configure desired proxy configuration, if + deployKubeProxy is true. If not specified, sensible defaults will be chosen by + OpenShift directly. + properties: + bindAddress: + description: |- + The address to "bind" on + Defaults to 0.0.0.0 + type: string + iptablesSyncPeriod: + description: |- + An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + in large clusters for performance reasons, but this is no longer necessary, and there is no reason + to change this from the default value. + Default: 30s + type: string + proxyArguments: + additionalProperties: + description: ProxyArgumentList is a list of arguments to pass + to the kubeproxy process + items: + type: string + type: array + x-kubernetes-list-type: atomic + description: Any additional arguments to pass to the kubeproxy + process + type: object + type: object + logLevel: + default: Normal + description: |- + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for their operands. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + migration: + description: |- + migration enables and configures cluster network migration, for network changes + that cannot be made instantly. + properties: + features: + description: |- + features was previously used to configure which network plugin features + would be migrated in a network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + properties: + egressFirewall: + default: true + description: |- + egressFirewall specified whether or not the Egress Firewall configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + egressIP: + default: true + description: |- + egressIP specified whether or not the Egress IP configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + multicast: + default: true + description: |- + multicast specified whether or not the multicast configuration was migrated. + DEPRECATED: network type migration is no longer supported. + type: boolean + type: object + mode: + description: |- + mode indicates the mode of network type migration. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + enum: + - Live + - Offline + - "" + type: string + mtu: + description: |- + mtu contains the MTU migration configuration. Set this to allow changing + the MTU values for the default network. If unset, the operation of + changing the MTU for the default network will be rejected. + properties: + machine: + description: |- + machine contains MTU migration configuration for the machine's uplink. + Needs to be migrated along with the default network MTU unless the + current uplink MTU already accommodates the default network MTU. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + network: + description: |- + network contains information about MTU migration for the default network. + Migrations are only allowed to MTU values lower than the machine's uplink + MTU by the minimum appropriate offset. + properties: + from: + description: from is the MTU to migrate from. + format: int32 + minimum: 0 + type: integer + to: + description: to is the MTU to migrate to. + format: int32 + minimum: 0 + type: integer + type: object + type: object + networkType: + description: |- + networkType was previously used when changing the default network type. + DEPRECATED: network type migration is no longer supported, and setting + this to a non-empty value will result in the network operator rejecting + the configuration. + type: string + type: object + x-kubernetes-validations: + - message: networkType migration in mode other than 'Live' may not + be configured at the same time as mtu migration + rule: '!has(self.mtu) || !has(self.networkType) || self.networkType + == "" || has(self.mode) && self.mode == ''Live''' + observedConfig: + description: |- + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + default: Normal + description: |- + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a + simple way to manage coarse grained logging choices that operators have to interpret for themselves. + + Valid values are: "Normal", "Debug", "Trace", "TraceAll". + Defaults to "Normal". + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll + type: string + serviceNetwork: + description: |- + serviceNetwork is the ip address pool to use for Service IPs + Currently, all existing network providers only support a single value + here, but this is an array to allow for growth. + items: + type: string + type: array + x-kubernetes-list-type: atomic + unsupportedConfigOverrides: + description: |- + unsupportedConfigOverrides overrides the final configuration that was computed by the operator. + Red Hat does not support the use of this field. + Misuse of this field could lead to unexpected behavior or conflict with other configuration options. + Seek guidance from the Red Hat support before using this field. + Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + useMultiNetworkPolicy: + description: |- + useMultiNetworkPolicy enables a controller which allows for + MultiNetworkPolicy objects to be used on additional networks as + created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy + objects, but NetworkPolicy objects only apply to the primary interface. + With MultiNetworkPolicy, you can control the traffic that a pod can receive + over the secondary interfaces. If unset, this property defaults to 'false' + and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is + 'true' then the value of this field is ignored. + type: boolean + type: object + x-kubernetes-validations: + - message: invalid value for IPForwarding, valid values are 'Restricted' + or 'Global' + rule: '!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || + !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Restricted'' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding + == ''Global''' + - message: Route advertisements cannot be Enabled if 'FRR' routing capability + provider is not available + rule: (has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) + || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) + || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) + || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != + 'Enabled' + status: + description: |- + NetworkStatus is detailed operator status, which is distilled + up to the Network clusteroperator object. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + type: string + reason: + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - namespace + - name + x-kubernetes-list-type: map + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + x-kubernetes-validations: + - message: must only increase + rule: self >= oldSelf + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml index 2e65e97c84..58dcee7c30 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-Default.crd.yaml @@ -46,6 +46,98 @@ spec: description: spec is the specification of the desired behavior of the Machine Config Operator properties: + bootImageSkewEnforcement: + description: |- + bootImageSkewEnforcement allows an admin to configure how boot image version skew is + enforced on the cluster. + When omitted, this will default to Automatic for clusters that support automatic boot image updates. + For clusters that do not support automatic boot image updates, cluster upgrades will be disabled until + a skew enforcement mode has been specified. + When version skew is being enforced, cluster upgrades will be disabled until the version skew is deemed + acceptable for the current release payload. + properties: + manual: + description: |- + manual describes the current boot image of the cluster. + This should be set to the oldest boot image used amongst all machine resources in the cluster. + This must include either the RHCOS version of the boot image or the OCP release version which shipped with that + RHCOS boot image. + Required when mode is set to "Manual" and forbidden otherwise. + properties: + mode: + description: |- + mode is used to configure which boot image field is defined in Manual mode. + Valid values are OCPVersion and RHCOSVersion. + OCPVersion means that the cluster admin is expected to set the OCP version associated with the last boot image update + in the OCPVersion field. + RHCOSVersion means that the cluster admin is expected to set the RHCOS version associated with the last boot image update + in the RHCOSVersion field. + This field is required. + enum: + - OCPVersion + - RHCOSVersion + type: string + ocpVersion: + description: |- + ocpVersion provides a string which represents the OCP version of the boot image. + This field must match the OCP semver compatible format of x.y.z. This field must be between + 5 and 10 characters long. + Required when mode is set to "OCPVersion" and forbidden otherwise. + maxLength: 10 + minLength: 5 + type: string + x-kubernetes-validations: + - message: ocpVersion must match the OCP semver compatible + format of x.y.z + rule: self.matches('^[0-9]+\\.[0-9]+\\.[0-9]+$') + rhcosVersion: + description: |- + rhcosVersion provides a string which represents the RHCOS version of the boot image + This field must match rhcosVersion formatting of [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] or the legacy + format of [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber]. This field must be between + 14 and 21 characters long. + Required when mode is set to "RHCOSVersion" and forbidden otherwise. + maxLength: 21 + minLength: 14 + type: string + x-kubernetes-validations: + - message: rhcosVersion must match format [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] + or must match legacy format [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber] + rule: self.matches('^[0-9]+\\.[0-9]+\\.([0-9]{8}|[0-9]{12})-[0-9]+$') + required: + - mode + type: object + x-kubernetes-validations: + - message: ocpVersion is required when mode is OCPVersion, and + forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''OCPVersion'') ? has(self.ocpVersion) + : !has(self.ocpVersion)' + - message: rhcosVersion is required when mode is RHCOSVersion, + and forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''RHCOSVersion'') ? has(self.rhcosVersion) + : !has(self.rhcosVersion)' + mode: + description: |- + mode determines the underlying behavior of skew enforcement mechanism. + Valid values are Manual and None. + Manual means that the cluster admin is expected to perform manual boot image updates and store the OCP + & RHCOS version associated with the last boot image update in the manual field. + In Manual mode, the MCO will prevent upgrades when the boot image skew exceeds the + skew limit described by the release image. + None means that the MCO will no longer monitor the boot image skew. This may affect + the cluster's ability to scale. + This field is required. + enum: + - Manual + - None + type: string + required: + - mode + type: object + x-kubernetes-validations: + - message: manual is required when mode is Manual, and forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''Manual'') ? has(self.manual) + : !has(self.manual)' failedRevisionLimit: description: |- failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api @@ -657,6 +749,140 @@ spec: description: status is the most recently observed status of the Machine Config Operator properties: + bootImageSkewEnforcementStatus: + description: |- + bootImageSkewEnforcementStatus reflects what the latest cluster-validated boot image skew enforcement + configuration is and will be used by Machine Config Controller while performing boot image skew enforcement. + When omitted, the MCO has no knowledge of how to enforce boot image skew. When the MCO does not know how + boot image skew should be enforced, cluster upgrades will be blocked until it can either automatically + determine skew enforcement or there is an explicit skew enforcement configuration provided in the + spec.bootImageSkewEnforcement field. + properties: + automatic: + description: |- + automatic describes the current boot image of the cluster. + This will be populated by the MCO when performing boot image updates. This value will be compared against + the cluster's skew limit to determine skew compliance. + Required when mode is set to "Automatic" and forbidden otherwise. + minProperties: 1 + properties: + ocpVersion: + description: |- + ocpVersion provides a string which represents the OCP version of the boot image. + This field must match the OCP semver compatible format of x.y.z. This field must be between + 5 and 10 characters long. + maxLength: 10 + minLength: 5 + type: string + x-kubernetes-validations: + - message: ocpVersion must match the OCP semver compatible + format of x.y.z + rule: self.matches('^[0-9]+\\.[0-9]+\\.[0-9]+$') + rhcosVersion: + description: |- + rhcosVersion provides a string which represents the RHCOS version of the boot image + This field must match rhcosVersion formatting of [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] or the legacy + format of [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber]. This field must be between + 14 and 21 characters long. + maxLength: 21 + minLength: 14 + type: string + x-kubernetes-validations: + - message: rhcosVersion must match format [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] + or must match legacy format [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber] + rule: self.matches('^[0-9]+\\.[0-9]+\\.([0-9]{8}|[0-9]{12})-[0-9]+$') + type: object + x-kubernetes-validations: + - message: at least one of ocpVersion or rhcosVersion is required + rule: has(self.ocpVersion) || has(self.rhcosVersion) + manual: + description: |- + manual describes the current boot image of the cluster. + This will be populated by the MCO using the values provided in the spec.bootImageSkewEnforcement.manual field. + This value will be compared against the cluster's skew limit to determine skew compliance. + Required when mode is set to "Manual" and forbidden otherwise. + properties: + mode: + description: |- + mode is used to configure which boot image field is defined in Manual mode. + Valid values are OCPVersion and RHCOSVersion. + OCPVersion means that the cluster admin is expected to set the OCP version associated with the last boot image update + in the OCPVersion field. + RHCOSVersion means that the cluster admin is expected to set the RHCOS version associated with the last boot image update + in the RHCOSVersion field. + This field is required. + enum: + - OCPVersion + - RHCOSVersion + type: string + ocpVersion: + description: |- + ocpVersion provides a string which represents the OCP version of the boot image. + This field must match the OCP semver compatible format of x.y.z. This field must be between + 5 and 10 characters long. + Required when mode is set to "OCPVersion" and forbidden otherwise. + maxLength: 10 + minLength: 5 + type: string + x-kubernetes-validations: + - message: ocpVersion must match the OCP semver compatible + format of x.y.z + rule: self.matches('^[0-9]+\\.[0-9]+\\.[0-9]+$') + rhcosVersion: + description: |- + rhcosVersion provides a string which represents the RHCOS version of the boot image + This field must match rhcosVersion formatting of [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] or the legacy + format of [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber]. This field must be between + 14 and 21 characters long. + Required when mode is set to "RHCOSVersion" and forbidden otherwise. + maxLength: 21 + minLength: 14 + type: string + x-kubernetes-validations: + - message: rhcosVersion must match format [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] + or must match legacy format [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber] + rule: self.matches('^[0-9]+\\.[0-9]+\\.([0-9]{8}|[0-9]{12})-[0-9]+$') + required: + - mode + type: object + x-kubernetes-validations: + - message: ocpVersion is required when mode is OCPVersion, and + forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''OCPVersion'') ? has(self.ocpVersion) + : !has(self.ocpVersion)' + - message: rhcosVersion is required when mode is RHCOSVersion, + and forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''RHCOSVersion'') ? has(self.rhcosVersion) + : !has(self.rhcosVersion)' + mode: + description: |- + mode determines the underlying behavior of skew enforcement mechanism. + Valid values are Automatic, Manual and None. + Automatic means that the MCO will perform boot image updates and store the + OCP & RHCOS version associated with the last boot image update in the automatic field. + Manual means that the cluster admin is expected to perform manual boot image updates and store the OCP + & RHCOS version associated with the last boot image update in the manual field. + In Automatic and Manual mode, the MCO will prevent upgrades when the boot image skew exceeds the + skew limit described by the release image. + None means that the MCO will no longer monitor the boot image skew. This may affect + the cluster's ability to scale. + This field is required. + enum: + - Automatic + - Manual + - None + type: string + required: + - mode + type: object + x-kubernetes-validations: + - message: automatic is required when mode is Automatic, and forbidden + otherwise + rule: 'has(self.mode) && (self.mode == ''Automatic'') ? has(self.automatic) + : !has(self.automatic)' + - message: manual is required when mode is Manual, and forbidden otherwise + rule: 'has(self.mode) && (self.mode == ''Manual'') ? has(self.manual) + : !has(self.manual)' conditions: description: conditions is a list of conditions and their status items: @@ -1259,6 +1485,32 @@ spec: required: - spec type: object + x-kubernetes-validations: + - message: when skew enforcement is in Automatic mode, a boot image configuration + is required + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? self.?spec.managedBootImages.hasValue() || self.?status.managedBootImagesStatus.hasValue() + : true' + - message: when skew enforcement is in Automatic mode, managedBootImages.machineManagers + must not be an empty list + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? !(self.?spec.managedBootImages.machineManagers.hasValue()) || size(self.spec.managedBootImages.machineManagers) + > 0 : true' + - message: when skew enforcement is in Automatic mode, any MachineAPI MachineSet + MachineManager must use selection mode 'All' + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? !(self.?spec.managedBootImages.machineManagers.hasValue()) || !self.spec.managedBootImages.machineManagers.exists(m, + m.resource == ''machinesets'' && m.apiGroup == ''machine.openshift.io'') + || self.spec.managedBootImages.machineManagers.exists(m, m.resource == + ''machinesets'' && m.apiGroup == ''machine.openshift.io'' && m.selection.mode + == ''All'') : true' + - message: when skew enforcement is in Automatic mode, managedBootImagesStatus + must contain a MachineManager opting in all MachineAPI MachineSets + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? !(self.?status.managedBootImagesStatus.machineManagers.hasValue()) || + self.status.managedBootImagesStatus.machineManagers.exists(m, m.selection.mode + == ''All'' && m.resource == ''machinesets'' && m.apiGroup == ''machine.openshift.io''): + true' served: true storage: true subresources: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-OKD.crd.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-OKD.crd.yaml index 1d16002284..eaffd23a32 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-OKD.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.crd-manifests/0000_80_machine-config_01_machineconfigurations-OKD.crd.yaml @@ -46,6 +46,98 @@ spec: description: spec is the specification of the desired behavior of the Machine Config Operator properties: + bootImageSkewEnforcement: + description: |- + bootImageSkewEnforcement allows an admin to configure how boot image version skew is + enforced on the cluster. + When omitted, this will default to Automatic for clusters that support automatic boot image updates. + For clusters that do not support automatic boot image updates, cluster upgrades will be disabled until + a skew enforcement mode has been specified. + When version skew is being enforced, cluster upgrades will be disabled until the version skew is deemed + acceptable for the current release payload. + properties: + manual: + description: |- + manual describes the current boot image of the cluster. + This should be set to the oldest boot image used amongst all machine resources in the cluster. + This must include either the RHCOS version of the boot image or the OCP release version which shipped with that + RHCOS boot image. + Required when mode is set to "Manual" and forbidden otherwise. + properties: + mode: + description: |- + mode is used to configure which boot image field is defined in Manual mode. + Valid values are OCPVersion and RHCOSVersion. + OCPVersion means that the cluster admin is expected to set the OCP version associated with the last boot image update + in the OCPVersion field. + RHCOSVersion means that the cluster admin is expected to set the RHCOS version associated with the last boot image update + in the RHCOSVersion field. + This field is required. + enum: + - OCPVersion + - RHCOSVersion + type: string + ocpVersion: + description: |- + ocpVersion provides a string which represents the OCP version of the boot image. + This field must match the OCP semver compatible format of x.y.z. This field must be between + 5 and 10 characters long. + Required when mode is set to "OCPVersion" and forbidden otherwise. + maxLength: 10 + minLength: 5 + type: string + x-kubernetes-validations: + - message: ocpVersion must match the OCP semver compatible + format of x.y.z + rule: self.matches('^[0-9]+\\.[0-9]+\\.[0-9]+$') + rhcosVersion: + description: |- + rhcosVersion provides a string which represents the RHCOS version of the boot image + This field must match rhcosVersion formatting of [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] or the legacy + format of [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber]. This field must be between + 14 and 21 characters long. + Required when mode is set to "RHCOSVersion" and forbidden otherwise. + maxLength: 21 + minLength: 14 + type: string + x-kubernetes-validations: + - message: rhcosVersion must match format [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] + or must match legacy format [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber] + rule: self.matches('^[0-9]+\\.[0-9]+\\.([0-9]{8}|[0-9]{12})-[0-9]+$') + required: + - mode + type: object + x-kubernetes-validations: + - message: ocpVersion is required when mode is OCPVersion, and + forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''OCPVersion'') ? has(self.ocpVersion) + : !has(self.ocpVersion)' + - message: rhcosVersion is required when mode is RHCOSVersion, + and forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''RHCOSVersion'') ? has(self.rhcosVersion) + : !has(self.rhcosVersion)' + mode: + description: |- + mode determines the underlying behavior of skew enforcement mechanism. + Valid values are Manual and None. + Manual means that the cluster admin is expected to perform manual boot image updates and store the OCP + & RHCOS version associated with the last boot image update in the manual field. + In Manual mode, the MCO will prevent upgrades when the boot image skew exceeds the + skew limit described by the release image. + None means that the MCO will no longer monitor the boot image skew. This may affect + the cluster's ability to scale. + This field is required. + enum: + - Manual + - None + type: string + required: + - mode + type: object + x-kubernetes-validations: + - message: manual is required when mode is Manual, and forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''Manual'') ? has(self.manual) + : !has(self.manual)' failedRevisionLimit: description: |- failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api @@ -657,6 +749,140 @@ spec: description: status is the most recently observed status of the Machine Config Operator properties: + bootImageSkewEnforcementStatus: + description: |- + bootImageSkewEnforcementStatus reflects what the latest cluster-validated boot image skew enforcement + configuration is and will be used by Machine Config Controller while performing boot image skew enforcement. + When omitted, the MCO has no knowledge of how to enforce boot image skew. When the MCO does not know how + boot image skew should be enforced, cluster upgrades will be blocked until it can either automatically + determine skew enforcement or there is an explicit skew enforcement configuration provided in the + spec.bootImageSkewEnforcement field. + properties: + automatic: + description: |- + automatic describes the current boot image of the cluster. + This will be populated by the MCO when performing boot image updates. This value will be compared against + the cluster's skew limit to determine skew compliance. + Required when mode is set to "Automatic" and forbidden otherwise. + minProperties: 1 + properties: + ocpVersion: + description: |- + ocpVersion provides a string which represents the OCP version of the boot image. + This field must match the OCP semver compatible format of x.y.z. This field must be between + 5 and 10 characters long. + maxLength: 10 + minLength: 5 + type: string + x-kubernetes-validations: + - message: ocpVersion must match the OCP semver compatible + format of x.y.z + rule: self.matches('^[0-9]+\\.[0-9]+\\.[0-9]+$') + rhcosVersion: + description: |- + rhcosVersion provides a string which represents the RHCOS version of the boot image + This field must match rhcosVersion formatting of [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] or the legacy + format of [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber]. This field must be between + 14 and 21 characters long. + maxLength: 21 + minLength: 14 + type: string + x-kubernetes-validations: + - message: rhcosVersion must match format [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] + or must match legacy format [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber] + rule: self.matches('^[0-9]+\\.[0-9]+\\.([0-9]{8}|[0-9]{12})-[0-9]+$') + type: object + x-kubernetes-validations: + - message: at least one of ocpVersion or rhcosVersion is required + rule: has(self.ocpVersion) || has(self.rhcosVersion) + manual: + description: |- + manual describes the current boot image of the cluster. + This will be populated by the MCO using the values provided in the spec.bootImageSkewEnforcement.manual field. + This value will be compared against the cluster's skew limit to determine skew compliance. + Required when mode is set to "Manual" and forbidden otherwise. + properties: + mode: + description: |- + mode is used to configure which boot image field is defined in Manual mode. + Valid values are OCPVersion and RHCOSVersion. + OCPVersion means that the cluster admin is expected to set the OCP version associated with the last boot image update + in the OCPVersion field. + RHCOSVersion means that the cluster admin is expected to set the RHCOS version associated with the last boot image update + in the RHCOSVersion field. + This field is required. + enum: + - OCPVersion + - RHCOSVersion + type: string + ocpVersion: + description: |- + ocpVersion provides a string which represents the OCP version of the boot image. + This field must match the OCP semver compatible format of x.y.z. This field must be between + 5 and 10 characters long. + Required when mode is set to "OCPVersion" and forbidden otherwise. + maxLength: 10 + minLength: 5 + type: string + x-kubernetes-validations: + - message: ocpVersion must match the OCP semver compatible + format of x.y.z + rule: self.matches('^[0-9]+\\.[0-9]+\\.[0-9]+$') + rhcosVersion: + description: |- + rhcosVersion provides a string which represents the RHCOS version of the boot image + This field must match rhcosVersion formatting of [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] or the legacy + format of [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber]. This field must be between + 14 and 21 characters long. + Required when mode is set to "RHCOSVersion" and forbidden otherwise. + maxLength: 21 + minLength: 14 + type: string + x-kubernetes-validations: + - message: rhcosVersion must match format [major].[minor].[datestamp(YYYYMMDD)]-[buildnumber] + or must match legacy format [major].[minor].[timestamp(YYYYMMDDHHmm)]-[buildnumber] + rule: self.matches('^[0-9]+\\.[0-9]+\\.([0-9]{8}|[0-9]{12})-[0-9]+$') + required: + - mode + type: object + x-kubernetes-validations: + - message: ocpVersion is required when mode is OCPVersion, and + forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''OCPVersion'') ? has(self.ocpVersion) + : !has(self.ocpVersion)' + - message: rhcosVersion is required when mode is RHCOSVersion, + and forbidden otherwise + rule: 'has(self.mode) && (self.mode ==''RHCOSVersion'') ? has(self.rhcosVersion) + : !has(self.rhcosVersion)' + mode: + description: |- + mode determines the underlying behavior of skew enforcement mechanism. + Valid values are Automatic, Manual and None. + Automatic means that the MCO will perform boot image updates and store the + OCP & RHCOS version associated with the last boot image update in the automatic field. + Manual means that the cluster admin is expected to perform manual boot image updates and store the OCP + & RHCOS version associated with the last boot image update in the manual field. + In Automatic and Manual mode, the MCO will prevent upgrades when the boot image skew exceeds the + skew limit described by the release image. + None means that the MCO will no longer monitor the boot image skew. This may affect + the cluster's ability to scale. + This field is required. + enum: + - Automatic + - Manual + - None + type: string + required: + - mode + type: object + x-kubernetes-validations: + - message: automatic is required when mode is Automatic, and forbidden + otherwise + rule: 'has(self.mode) && (self.mode == ''Automatic'') ? has(self.automatic) + : !has(self.automatic)' + - message: manual is required when mode is Manual, and forbidden otherwise + rule: 'has(self.mode) && (self.mode == ''Manual'') ? has(self.manual) + : !has(self.manual)' conditions: description: conditions is a list of conditions and their status items: @@ -1259,6 +1485,32 @@ spec: required: - spec type: object + x-kubernetes-validations: + - message: when skew enforcement is in Automatic mode, a boot image configuration + is required + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? self.?spec.managedBootImages.hasValue() || self.?status.managedBootImagesStatus.hasValue() + : true' + - message: when skew enforcement is in Automatic mode, managedBootImages.machineManagers + must not be an empty list + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? !(self.?spec.managedBootImages.machineManagers.hasValue()) || size(self.spec.managedBootImages.machineManagers) + > 0 : true' + - message: when skew enforcement is in Automatic mode, any MachineAPI MachineSet + MachineManager must use selection mode 'All' + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? !(self.?spec.managedBootImages.machineManagers.hasValue()) || !self.spec.managedBootImages.machineManagers.exists(m, + m.resource == ''machinesets'' && m.apiGroup == ''machine.openshift.io'') + || self.spec.managedBootImages.machineManagers.exists(m, m.resource == + ''machinesets'' && m.apiGroup == ''machine.openshift.io'' && m.selection.mode + == ''All'') : true' + - message: when skew enforcement is in Automatic mode, managedBootImagesStatus + must contain a MachineManager opting in all MachineAPI MachineSets + rule: 'self.?status.bootImageSkewEnforcementStatus.mode.orValue("") == ''Automatic'' + ? !(self.?status.managedBootImagesStatus.machineManagers.hasValue()) || + self.status.managedBootImagesStatus.machineManagers.exists(m, m.selection.mode + == ''All'' && m.resource == ''machinesets'' && m.apiGroup == ''machine.openshift.io''): + true' served: true storage: true subresources: diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 3bc6b81de4..3d3c8f4f82 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -390,6 +390,22 @@ func (in *AzureDiskEncryptionSet) DeepCopy() *AzureDiskEncryptionSet { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPManagedConfig) DeepCopyInto(out *BGPManagedConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPManagedConfig. +func (in *BGPManagedConfig) DeepCopy() *BGPManagedConfig { + if in == nil { + return nil + } + out := new(BGPManagedConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BootImageSkewEnforcementConfig) DeepCopyInto(out *BootImageSkewEnforcementConfig) { *out = *in @@ -3665,6 +3681,22 @@ func (in *NetworkStatus) DeepCopy() *NetworkStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NoOverlayConfig) DeepCopyInto(out *NoOverlayConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NoOverlayConfig. +func (in *NoOverlayConfig) DeepCopy() *NoOverlayConfig { + if in == nil { + return nil + } + out := new(NoOverlayConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodeDisruptionPolicyClusterStatus) DeepCopyInto(out *NodeDisruptionPolicyClusterStatus) { *out = *in @@ -4158,6 +4190,8 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { *out = new(IPv6OVNKubernetesConfig) **out = **in } + out.NoOverlayConfig = in.NoOverlayConfig + out.BGPManagedConfig = in.BGPManagedConfig return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index 51a758804d..53cf23ade1 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -305,8 +305,7 @@ machineconfigurations.operator.openshift.io: FeatureGates: - BootImageSkewEnforcement - IrreconcilableMachineConfig - - ManagedBootImages - - ManagedBootImages+ManagedBootImagesCPMS + - ManagedBootImagesCPMS FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -327,7 +326,8 @@ networks.operator.openshift.io: CRDName: networks.operator.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - NoOverlayMode FilenameOperatorName: network FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_70" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 64aac26eb3..e35d997a76 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -1669,6 +1669,16 @@ func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string { return map_AdditionalRoutingCapabilities } +var map_BGPManagedConfig = map[string]string{ + "": "BGPManagedConfig contains configuration options for BGP when routing is \"Managed\".", + "asNumber": "asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) to be used in the generated FRR configuration. Valid values are 1 to 4294967295. When omitted, this defaults to 64512.", + "bgpTopology": "bgpTopology defines the BGP topology to be used. Allowed values are \"FullMesh\". When set to \"FullMesh\", every node peers directly with every other node via BGP. This field is required when BGPManagedConfig is specified.", +} + +func (BGPManagedConfig) SwaggerDoc() map[string]string { + return map_BGPManagedConfig +} + var map_ClusterNetworkEntry = map[string]string{ "": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks", } @@ -1896,6 +1906,16 @@ func (NetworkStatus) SwaggerDoc() map[string]string { return map_NetworkStatus } +var map_NoOverlayConfig = map[string]string{ + "": "NoOverlayConfig contains configuration options for networks operating in no-overlay mode.", + "outboundSNAT": "outboundSNAT defines the SNAT behavior for outbound traffic from pods. Allowed values are \"Enabled\" and \"Disabled\". When set to \"Enabled\", SNAT is performed on outbound traffic from pods. When set to \"Disabled\", SNAT is not performed and pod IPs are preserved in outbound traffic. This field is required when the network operates in no-overlay mode. This field can be set to any value at installation time and can be changed afterwards.", + "routing": "routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. Allowed values are \"Managed\" and \"Unmanaged\". When set to \"Managed\", OVN-Kubernetes manages the pod network routing configuration through BGP. When set to \"Unmanaged\", users are responsible for configuring the pod network routing. This field is required when the network operates in no-overlay mode. This field is immutable once set.", +} + +func (NoOverlayConfig) SwaggerDoc() map[string]string { + return map_NoOverlayConfig +} + var map_OVNKubernetesConfig = map[string]string{ "": "ovnKubernetesConfig contains the configuration parameters for networks using the ovn-kubernetes network project", "mtu": "mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400", @@ -1910,6 +1930,9 @@ var map_OVNKubernetesConfig = map[string]string{ "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".", + "transport": "transport sets the transport mode for pods on the default network. Allowed values are \"NoOverlay\" and \"Geneve\". \"NoOverlay\" avoids tunnel encapsulation, routing pod traffic directly between nodes. \"Geneve\" encapsulates pod traffic using Geneve tunnels between nodes. When omitted, this means the user has no opinion and the platform chooses a reasonable default which is subject to change over time. The current default is \"Geneve\". \"NoOverlay\" can only be set at installation time and cannot be changed afterwards. \"Geneve\" may be set explicitly at any time to lock in the current default.", + "noOverlayConfig": "noOverlayConfig contains configuration for no-overlay mode. This configuration applies to the default network only. It is required when transport is \"NoOverlay\". When omitted, this means the user does not configure no-overlay mode options.", + "bgpManagedConfig": "bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) in no-overlay mode that specify routing=\"Managed\" in their noOverlayConfig. It is required when noOverlayConfig.routing is set to \"Managed\". When omitted, this means the user does not configure BGP for managed routing. This field can be set at installation time or on day 2, and can be modified at any time.", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/payload-command/render/legacyfeaturegates.go b/vendor/github.com/openshift/api/payload-command/render/legacyfeaturegates.go index f54d17936e..a663eb1fb6 100644 --- a/vendor/github.com/openshift/api/payload-command/render/legacyfeaturegates.go +++ b/vendor/github.com/openshift/api/payload-command/render/legacyfeaturegates.go @@ -35,8 +35,6 @@ var legacyFeatureGates = sets.New( // never add to this list, if you think you have an exception ask @deads2k "GCPClusterHostedDNS", // never add to this list, if you think you have an exception ask @deads2k - "GatewayAPI", - // never add to this list, if you think you have an exception ask @deads2k "HardwareSpeed", // never add to this list, if you think you have an exception ask @deads2k "ImageStreamImportMode", diff --git a/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go index d360fcba5e..075939f658 100644 --- a/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/apps/applyconfigurations/internal/internal.go @@ -23,567 +23,503 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.apps.v1.CustomDeploymentStrategyParams +- name: AWSElasticBlockStoreVolumeSource.v1.core.api.k8s.io map: fields: - - name: command - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: environment - type: - list: - elementType: - namedType: io.k8s.api.core.v1.EnvVar - elementRelationship: atomic - - name: image + - name: fsType type: scalar: string -- name: com.github.openshift.api.apps.v1.DeploymentCause - map: - fields: - - name: imageTrigger + - name: partition type: - namedType: com.github.openshift.api.apps.v1.DeploymentCauseImageTrigger - - name: type + scalar: numeric + - name: readOnly + type: + scalar: boolean + - name: volumeID type: scalar: string default: "" -- name: com.github.openshift.api.apps.v1.DeploymentCauseImageTrigger +- name: Affinity.v1.core.api.k8s.io map: fields: - - name: from + - name: nodeAffinity type: - namedType: io.k8s.api.core.v1.ObjectReference - default: {} -- name: com.github.openshift.api.apps.v1.DeploymentCondition + namedType: NodeAffinity.v1.core.api.k8s.io + - name: podAffinity + type: + namedType: PodAffinity.v1.core.api.k8s.io + - name: podAntiAffinity + type: + namedType: PodAntiAffinity.v1.core.api.k8s.io +- name: AppArmorProfile.v1.core.api.k8s.io map: fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastUpdateTime + - name: localhostProfile type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + scalar: string + - name: type type: scalar: string - - name: reason + default: "" + unions: + - discriminator: type + fields: + - fieldName: localhostProfile + discriminatorValue: LocalhostProfile +- name: AzureDiskVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: cachingMode type: scalar: string - - name: status + default: ReadWrite + - name: diskName type: scalar: string default: "" - - name: type + - name: diskURI type: scalar: string default: "" -- name: com.github.openshift.api.apps.v1.DeploymentConfig - map: - fields: - - name: apiVersion + - name: fsType type: scalar: string + default: ext4 - name: kind type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.apps.v1.DeploymentConfigSpec - default: {} - - name: status + default: Shared + - name: readOnly type: - namedType: com.github.openshift.api.apps.v1.DeploymentConfigStatus - default: {} -- name: com.github.openshift.api.apps.v1.DeploymentConfigSpec + scalar: boolean + default: false +- name: AzureFileVolumeSource.v1.core.api.k8s.io map: fields: - - name: minReadySeconds - type: - scalar: numeric - - name: paused + - name: readOnly type: scalar: boolean - - name: replicas + - name: secretName type: - scalar: numeric - default: 0 - - name: revisionHistoryLimit + scalar: string + default: "" + - name: shareName type: - scalar: numeric - - name: selector + scalar: string + default: "" +- name: CSIVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: driver type: - map: - elementType: - scalar: string - - name: strategy + scalar: string + default: "" + - name: fsType type: - namedType: com.github.openshift.api.apps.v1.DeploymentStrategy - default: {} - - name: template + scalar: string + - name: nodePublishSecretRef type: - namedType: io.k8s.api.core.v1.PodTemplateSpec - - name: test + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: readOnly type: scalar: boolean - default: false - - name: triggers + - name: volumeAttributes type: - list: + map: elementType: - namedType: com.github.openshift.api.apps.v1.DeploymentTriggerPolicy - elementRelationship: atomic -- name: com.github.openshift.api.apps.v1.DeploymentConfigStatus + scalar: string +- name: Capabilities.v1.core.api.k8s.io map: fields: - - name: availableReplicas - type: - scalar: numeric - default: 0 - - name: conditions + - name: add type: list: elementType: - namedType: com.github.openshift.api.apps.v1.DeploymentCondition - elementRelationship: associative - keys: - - type - - name: details - type: - namedType: com.github.openshift.api.apps.v1.DeploymentDetails - - name: latestVersion - type: - scalar: numeric - default: 0 - - name: observedGeneration - type: - scalar: numeric - default: 0 - - name: readyReplicas - type: - scalar: numeric - - name: replicas - type: - scalar: numeric - default: 0 - - name: unavailableReplicas - type: - scalar: numeric - default: 0 - - name: updatedReplicas + scalar: string + elementRelationship: atomic + - name: drop type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.apps.v1.DeploymentDetails + list: + elementType: + scalar: string + elementRelationship: atomic +- name: CephFSVolumeSource.v1.core.api.k8s.io map: fields: - - name: causes + - name: monitors type: list: elementType: - namedType: com.github.openshift.api.apps.v1.DeploymentCause + scalar: string elementRelationship: atomic - - name: message + - name: path type: scalar: string -- name: com.github.openshift.api.apps.v1.DeploymentStrategy - map: - fields: - - name: activeDeadlineSeconds + - name: readOnly type: - scalar: numeric - - name: annotations + scalar: boolean + - name: secretFile type: - map: - elementType: - scalar: string - - name: customParams + scalar: string + - name: secretRef type: - namedType: com.github.openshift.api.apps.v1.CustomDeploymentStrategyParams - - name: labels + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: user type: - map: - elementType: - scalar: string - - name: recreateParams + scalar: string +- name: CinderVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: fsType type: - namedType: com.github.openshift.api.apps.v1.RecreateDeploymentStrategyParams - - name: resources + scalar: string + - name: readOnly type: - namedType: io.k8s.api.core.v1.ResourceRequirements - default: {} - - name: rollingParams + scalar: boolean + - name: secretRef type: - namedType: com.github.openshift.api.apps.v1.RollingDeploymentStrategyParams - - name: type + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: volumeID type: scalar: string -- name: com.github.openshift.api.apps.v1.DeploymentTriggerImageChangeParams + default: "" +- name: ClusterTrustBundleProjection.v1.core.api.k8s.io map: fields: - - name: automatic + - name: labelSelector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: name + type: + scalar: string + - name: optional type: scalar: boolean - - name: containerNames + - name: path type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: from + scalar: string + default: "" + - name: signerName type: - namedType: io.k8s.api.core.v1.ObjectReference - default: {} - - name: lastTriggeredImage + scalar: string +- name: ConfigMapEnvSource.v1.core.api.k8s.io + map: + fields: + - name: name type: scalar: string -- name: com.github.openshift.api.apps.v1.DeploymentTriggerPolicy + default: "" + - name: optional + type: + scalar: boolean +- name: ConfigMapKeySelector.v1.core.api.k8s.io map: fields: - - name: imageChangeParams + - name: key type: - namedType: com.github.openshift.api.apps.v1.DeploymentTriggerImageChangeParams - - name: type + scalar: string + default: "" + - name: name type: scalar: string -- name: com.github.openshift.api.apps.v1.ExecNewPodHook + default: "" + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: ConfigMapProjection.v1.core.api.k8s.io map: fields: - - name: command + - name: items type: list: elementType: - scalar: string + namedType: KeyToPath.v1.core.api.k8s.io elementRelationship: atomic - - name: containerName + - name: name type: scalar: string default: "" - - name: env + - name: optional + type: + scalar: boolean +- name: ConfigMapVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: defaultMode + type: + scalar: numeric + - name: items type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: KeyToPath.v1.core.api.k8s.io elementRelationship: atomic - - name: volumes + - name: name + type: + scalar: string + default: "" + - name: optional + type: + scalar: boolean +- name: Container.v1.core.api.k8s.io + map: + fields: + - name: args type: list: elementType: scalar: string elementRelationship: atomic -- name: com.github.openshift.api.apps.v1.LifecycleHook - map: - fields: - - name: execNewPod - type: - namedType: com.github.openshift.api.apps.v1.ExecNewPodHook - - name: failurePolicy - type: - scalar: string - default: "" - - name: tagImages + - name: command type: list: elementType: - namedType: com.github.openshift.api.apps.v1.TagImageHook + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.apps.v1.RecreateDeploymentStrategyParams - map: - fields: - - name: mid + - name: env type: - namedType: com.github.openshift.api.apps.v1.LifecycleHook - - name: post + list: + elementType: + namedType: EnvVar.v1.core.api.k8s.io + elementRelationship: associative + keys: + - name + - name: envFrom type: - namedType: com.github.openshift.api.apps.v1.LifecycleHook - - name: pre + list: + elementType: + namedType: EnvFromSource.v1.core.api.k8s.io + elementRelationship: atomic + - name: image type: - namedType: com.github.openshift.api.apps.v1.LifecycleHook - - name: timeoutSeconds + scalar: string + - name: imagePullPolicy type: - scalar: numeric -- name: com.github.openshift.api.apps.v1.RollingDeploymentStrategyParams - map: - fields: - - name: intervalSeconds + scalar: string + - name: lifecycle type: - scalar: numeric - - name: maxSurge + namedType: Lifecycle.v1.core.api.k8s.io + - name: livenessProbe type: - namedType: io.k8s.apimachinery.pkg.util.intstr.IntOrString - - name: maxUnavailable + namedType: Probe.v1.core.api.k8s.io + - name: name type: - namedType: io.k8s.apimachinery.pkg.util.intstr.IntOrString - - name: post + scalar: string + default: "" + - name: ports type: - namedType: com.github.openshift.api.apps.v1.LifecycleHook - - name: pre + list: + elementType: + namedType: ContainerPort.v1.core.api.k8s.io + elementRelationship: associative + keys: + - containerPort + - protocol + - name: readinessProbe type: - namedType: com.github.openshift.api.apps.v1.LifecycleHook - - name: timeoutSeconds + namedType: Probe.v1.core.api.k8s.io + - name: resizePolicy type: - scalar: numeric - - name: updatePeriodSeconds + list: + elementType: + namedType: ContainerResizePolicy.v1.core.api.k8s.io + elementRelationship: atomic + - name: resources type: - scalar: numeric -- name: com.github.openshift.api.apps.v1.TagImageHook - map: - fields: - - name: containerName + namedType: ResourceRequirements.v1.core.api.k8s.io + default: {} + - name: restartPolicy type: scalar: string - default: "" - - name: to + - name: restartPolicyRules type: - namedType: io.k8s.api.core.v1.ObjectReference - default: {} -- name: io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource - map: - fields: - - name: fsType + list: + elementType: + namedType: ContainerRestartRule.v1.core.api.k8s.io + elementRelationship: atomic + - name: securityContext type: - scalar: string - - name: partition + namedType: SecurityContext.v1.core.api.k8s.io + - name: startupProbe type: - scalar: numeric - - name: readOnly + namedType: Probe.v1.core.api.k8s.io + - name: stdin type: scalar: boolean - - name: volumeID + - name: stdinOnce + type: + scalar: boolean + - name: terminationMessagePath type: scalar: string - default: "" -- name: io.k8s.api.core.v1.Affinity - map: - fields: - - name: nodeAffinity + - name: terminationMessagePolicy type: - namedType: io.k8s.api.core.v1.NodeAffinity - - name: podAffinity + scalar: string + - name: tty type: - namedType: io.k8s.api.core.v1.PodAffinity - - name: podAntiAffinity + scalar: boolean + - name: volumeDevices type: - namedType: io.k8s.api.core.v1.PodAntiAffinity -- name: io.k8s.api.core.v1.AppArmorProfile - map: - fields: - - name: localhostProfile + list: + elementType: + namedType: VolumeDevice.v1.core.api.k8s.io + elementRelationship: associative + keys: + - devicePath + - name: volumeMounts type: - scalar: string - - name: type + list: + elementType: + namedType: VolumeMount.v1.core.api.k8s.io + elementRelationship: associative + keys: + - mountPath + - name: workingDir type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: localhostProfile - discriminatorValue: LocalhostProfile -- name: io.k8s.api.core.v1.AzureDiskVolumeSource +- name: ContainerPort.v1.core.api.k8s.io map: fields: - - name: cachingMode + - name: containerPort type: - scalar: string - default: ReadWrite - - name: diskName + scalar: numeric + default: 0 + - name: hostIP type: scalar: string - default: "" - - name: diskURI + - name: hostPort type: - scalar: string - default: "" - - name: fsType + scalar: numeric + - name: name type: scalar: string - default: ext4 - - name: kind + - name: protocol type: scalar: string - default: Shared - - name: readOnly - type: - scalar: boolean - default: false -- name: io.k8s.api.core.v1.AzureFileVolumeSource + default: TCP +- name: ContainerResizePolicy.v1.core.api.k8s.io map: fields: - - name: readOnly - type: - scalar: boolean - - name: secretName + - name: resourceName type: scalar: string default: "" - - name: shareName + - name: restartPolicy type: scalar: string default: "" -- name: io.k8s.api.core.v1.CSIVolumeSource +- name: ContainerRestartRule.v1.core.api.k8s.io map: fields: - - name: driver - type: - scalar: string - default: "" - - name: fsType + - name: action type: scalar: string - - name: nodePublishSecretRef + - name: exitCodes type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: readOnly + namedType: ContainerRestartRuleOnExitCodes.v1.core.api.k8s.io +- name: ContainerRestartRuleOnExitCodes.v1.core.api.k8s.io + map: + fields: + - name: operator type: - scalar: boolean - - name: volumeAttributes + scalar: string + - name: values type: - map: + list: elementType: - scalar: string -- name: io.k8s.api.core.v1.Capabilities + scalar: numeric + elementRelationship: associative +- name: DownwardAPIProjection.v1.core.api.k8s.io map: fields: - - name: add + - name: items type: list: elementType: - scalar: string + namedType: DownwardAPIVolumeFile.v1.core.api.k8s.io elementRelationship: atomic - - name: drop +- name: DownwardAPIVolumeFile.v1.core.api.k8s.io + map: + fields: + - name: fieldRef type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.CephFSVolumeSource + namedType: ObjectFieldSelector.v1.core.api.k8s.io + - name: mode + type: + scalar: numeric + - name: path + type: + scalar: string + default: "" + - name: resourceFieldRef + type: + namedType: ResourceFieldSelector.v1.core.api.k8s.io +- name: DownwardAPIVolumeSource.v1.core.api.k8s.io map: fields: - - name: monitors + - name: defaultMode + type: + scalar: numeric + - name: items type: list: elementType: - scalar: string + namedType: DownwardAPIVolumeFile.v1.core.api.k8s.io elementRelationship: atomic - - name: path +- name: EmptyDirVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: medium type: scalar: string - - name: readOnly + - name: sizeLimit type: - scalar: boolean - - name: secretFile + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: EnvFromSource.v1.core.api.k8s.io + map: + fields: + - name: configMapRef + type: + namedType: ConfigMapEnvSource.v1.core.api.k8s.io + - name: prefix type: scalar: string - name: secretRef type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: user - type: - scalar: string -- name: io.k8s.api.core.v1.CinderVolumeSource + namedType: SecretEnvSource.v1.core.api.k8s.io +- name: EnvVar.v1.core.api.k8s.io map: fields: - - name: fsType + - name: name type: scalar: string - - name: readOnly - type: - scalar: boolean - - name: secretRef - type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: volumeID - type: - scalar: string - default: "" -- name: io.k8s.api.core.v1.ClusterTrustBundleProjection - map: - fields: - - name: labelSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: name - type: - scalar: string - - name: optional - type: - scalar: boolean - - name: path - type: - scalar: string - default: "" - - name: signerName - type: - scalar: string -- name: io.k8s.api.core.v1.ConfigMapEnvSource - map: - fields: - - name: name - type: - scalar: string - default: "" - - name: optional - type: - scalar: boolean -- name: io.k8s.api.core.v1.ConfigMapKeySelector - map: - fields: - - name: key - type: - scalar: string - default: "" - - name: name + default: "" + - name: value type: scalar: string - default: "" - - name: optional + - name: valueFrom type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.ConfigMapProjection + namedType: EnvVarSource.v1.core.api.k8s.io +- name: EnvVarSource.v1.core.api.k8s.io map: fields: - - name: items - type: - list: - elementType: - namedType: io.k8s.api.core.v1.KeyToPath - elementRelationship: atomic - - name: name - type: - scalar: string - default: "" - - name: optional + - name: configMapKeyRef type: - scalar: boolean -- name: io.k8s.api.core.v1.ConfigMapVolumeSource - map: - fields: - - name: defaultMode + namedType: ConfigMapKeySelector.v1.core.api.k8s.io + - name: fieldRef type: - scalar: numeric - - name: items + namedType: ObjectFieldSelector.v1.core.api.k8s.io + - name: fileKeyRef type: - list: - elementType: - namedType: io.k8s.api.core.v1.KeyToPath - elementRelationship: atomic - - name: name + namedType: FileKeySelector.v1.core.api.k8s.io + - name: resourceFieldRef type: - scalar: string - default: "" - - name: optional + namedType: ResourceFieldSelector.v1.core.api.k8s.io + - name: secretKeyRef type: - scalar: boolean -- name: io.k8s.api.core.v1.Container + namedType: SecretKeySelector.v1.core.api.k8s.io +- name: EphemeralContainer.v1.core.api.k8s.io map: fields: - name: args @@ -602,7 +538,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: EnvVar.v1.core.api.k8s.io elementRelationship: associative keys: - name @@ -610,7 +546,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.EnvFromSource + namedType: EnvFromSource.v1.core.api.k8s.io elementRelationship: atomic - name: image type: @@ -620,10 +556,10 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: lifecycle type: - namedType: io.k8s.api.core.v1.Lifecycle + namedType: Lifecycle.v1.core.api.k8s.io - name: livenessProbe type: - namedType: io.k8s.api.core.v1.Probe + namedType: Probe.v1.core.api.k8s.io - name: name type: scalar: string @@ -632,23 +568,23 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.ContainerPort + namedType: ContainerPort.v1.core.api.k8s.io elementRelationship: associative keys: - containerPort - protocol - name: readinessProbe type: - namedType: io.k8s.api.core.v1.Probe + namedType: Probe.v1.core.api.k8s.io - name: resizePolicy type: list: elementType: - namedType: io.k8s.api.core.v1.ContainerResizePolicy + namedType: ContainerResizePolicy.v1.core.api.k8s.io elementRelationship: atomic - name: resources type: - namedType: io.k8s.api.core.v1.ResourceRequirements + namedType: ResourceRequirements.v1.core.api.k8s.io default: {} - name: restartPolicy type: @@ -657,20 +593,23 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.ContainerRestartRule + namedType: ContainerRestartRule.v1.core.api.k8s.io elementRelationship: atomic - name: securityContext type: - namedType: io.k8s.api.core.v1.SecurityContext + namedType: SecurityContext.v1.core.api.k8s.io - name: startupProbe type: - namedType: io.k8s.api.core.v1.Probe + namedType: Probe.v1.core.api.k8s.io - name: stdin type: scalar: boolean - name: stdinOnce type: scalar: boolean + - name: targetContainerName + type: + scalar: string - name: terminationMessagePath type: scalar: string @@ -684,7 +623,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.VolumeDevice + namedType: VolumeDevice.v1.core.api.k8s.io elementRelationship: associative keys: - devicePath @@ -692,409 +631,385 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.VolumeMount + namedType: VolumeMount.v1.core.api.k8s.io elementRelationship: associative keys: - mountPath - name: workingDir type: scalar: string -- name: io.k8s.api.core.v1.ContainerPort +- name: EphemeralVolumeSource.v1.core.api.k8s.io map: fields: - - name: containerPort + - name: volumeClaimTemplate type: - scalar: numeric - default: 0 - - name: hostIP + namedType: PersistentVolumeClaimTemplate.v1.core.api.k8s.io +- name: ExecAction.v1.core.api.k8s.io + map: + fields: + - name: command + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: FCVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: fsType type: scalar: string - - name: hostPort + - name: lun type: scalar: numeric - - name: name + - name: readOnly type: - scalar: string - - name: protocol + scalar: boolean + - name: targetWWNs type: - scalar: string - default: TCP -- name: io.k8s.api.core.v1.ContainerResizePolicy + list: + elementType: + scalar: string + elementRelationship: atomic + - name: wwids + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: FileKeySelector.v1.core.api.k8s.io map: fields: - - name: resourceName + - name: key type: scalar: string default: "" - - name: restartPolicy + - name: optional + type: + scalar: boolean + default: false + - name: path type: scalar: string default: "" -- name: io.k8s.api.core.v1.ContainerRestartRule - map: - fields: - - name: action + - name: volumeName type: scalar: string - - name: exitCodes - type: - namedType: io.k8s.api.core.v1.ContainerRestartRuleOnExitCodes -- name: io.k8s.api.core.v1.ContainerRestartRuleOnExitCodes + default: "" + elementRelationship: atomic +- name: FlexVolumeSource.v1.core.api.k8s.io map: fields: - - name: operator + - name: driver type: scalar: string - - name: values + default: "" + - name: fsType type: - list: + scalar: string + - name: options + type: + map: elementType: - scalar: numeric - elementRelationship: associative -- name: io.k8s.api.core.v1.DownwardAPIProjection + scalar: string + - name: readOnly + type: + scalar: boolean + - name: secretRef + type: + namedType: LocalObjectReference.v1.core.api.k8s.io +- name: FlockerVolumeSource.v1.core.api.k8s.io map: fields: - - name: items + - name: datasetName type: - list: - elementType: - namedType: io.k8s.api.core.v1.DownwardAPIVolumeFile - elementRelationship: atomic -- name: io.k8s.api.core.v1.DownwardAPIVolumeFile + scalar: string + - name: datasetUUID + type: + scalar: string +- name: GCEPersistentDiskVolumeSource.v1.core.api.k8s.io map: fields: - - name: fieldRef + - name: fsType type: - namedType: io.k8s.api.core.v1.ObjectFieldSelector - - name: mode + scalar: string + - name: partition type: scalar: numeric - - name: path + - name: pdName type: scalar: string default: "" - - name: resourceFieldRef + - name: readOnly type: - namedType: io.k8s.api.core.v1.ResourceFieldSelector -- name: io.k8s.api.core.v1.DownwardAPIVolumeSource + scalar: boolean +- name: GRPCAction.v1.core.api.k8s.io map: fields: - - name: defaultMode + - name: port type: scalar: numeric - - name: items - type: - list: - elementType: - namedType: io.k8s.api.core.v1.DownwardAPIVolumeFile - elementRelationship: atomic -- name: io.k8s.api.core.v1.EmptyDirVolumeSource - map: - fields: - - name: medium + default: 0 + - name: service type: scalar: string - - name: sizeLimit - type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.EnvFromSource + default: "" +- name: GitRepoVolumeSource.v1.core.api.k8s.io map: fields: - - name: configMapRef + - name: directory type: - namedType: io.k8s.api.core.v1.ConfigMapEnvSource - - name: prefix + scalar: string + - name: repository type: scalar: string - - name: secretRef + default: "" + - name: revision type: - namedType: io.k8s.api.core.v1.SecretEnvSource -- name: io.k8s.api.core.v1.EnvVar + scalar: string +- name: GlusterfsVolumeSource.v1.core.api.k8s.io map: fields: - - name: name + - name: endpoints type: scalar: string default: "" - - name: value + - name: path type: scalar: string - - name: valueFrom + default: "" + - name: readOnly type: - namedType: io.k8s.api.core.v1.EnvVarSource -- name: io.k8s.api.core.v1.EnvVarSource + scalar: boolean +- name: HTTPGetAction.v1.core.api.k8s.io map: fields: - - name: configMapKeyRef + - name: host type: - namedType: io.k8s.api.core.v1.ConfigMapKeySelector - - name: fieldRef + scalar: string + - name: httpHeaders type: - namedType: io.k8s.api.core.v1.ObjectFieldSelector - - name: fileKeyRef + list: + elementType: + namedType: HTTPHeader.v1.core.api.k8s.io + elementRelationship: atomic + - name: path type: - namedType: io.k8s.api.core.v1.FileKeySelector - - name: resourceFieldRef + scalar: string + - name: port type: - namedType: io.k8s.api.core.v1.ResourceFieldSelector - - name: secretKeyRef + namedType: IntOrString.intstr.util.pkg.apimachinery.k8s.io + - name: scheme type: - namedType: io.k8s.api.core.v1.SecretKeySelector -- name: io.k8s.api.core.v1.EphemeralContainer + scalar: string +- name: HTTPHeader.v1.core.api.k8s.io map: fields: - - name: args - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: command + - name: name type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: env + scalar: string + default: "" + - name: value type: - list: - elementType: - namedType: io.k8s.api.core.v1.EnvVar - elementRelationship: associative - keys: - - name - - name: envFrom + scalar: string + default: "" +- name: HostAlias.v1.core.api.k8s.io + map: + fields: + - name: hostnames type: list: elementType: - namedType: io.k8s.api.core.v1.EnvFromSource + scalar: string elementRelationship: atomic - - name: image + - name: ip type: scalar: string - - name: imagePullPolicy - type: - scalar: string - - name: lifecycle - type: - namedType: io.k8s.api.core.v1.Lifecycle - - name: livenessProbe - type: - namedType: io.k8s.api.core.v1.Probe - - name: name + default: "" +- name: HostPathVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: path type: scalar: string default: "" - - name: ports - type: - list: - elementType: - namedType: io.k8s.api.core.v1.ContainerPort - elementRelationship: associative - keys: - - containerPort - - protocol - - name: readinessProbe - type: - namedType: io.k8s.api.core.v1.Probe - - name: resizePolicy - type: - list: - elementType: - namedType: io.k8s.api.core.v1.ContainerResizePolicy - elementRelationship: atomic - - name: resources - type: - namedType: io.k8s.api.core.v1.ResourceRequirements - default: {} - - name: restartPolicy + - name: type type: scalar: string - - name: restartPolicyRules - type: - list: - elementType: - namedType: io.k8s.api.core.v1.ContainerRestartRule - elementRelationship: atomic - - name: securityContext - type: - namedType: io.k8s.api.core.v1.SecurityContext - - name: startupProbe - type: - namedType: io.k8s.api.core.v1.Probe - - name: stdin +- name: ISCSIVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: chapAuthDiscovery type: scalar: boolean - - name: stdinOnce + - name: chapAuthSession type: scalar: boolean - - name: targetContainerName + - name: fsType type: scalar: string - - name: terminationMessagePath + - name: initiatorName type: scalar: string - - name: terminationMessagePolicy + - name: iqn type: scalar: string - - name: tty + default: "" + - name: iscsiInterface type: - scalar: boolean - - name: volumeDevices + scalar: string + default: default + - name: lun type: - list: - elementType: - namedType: io.k8s.api.core.v1.VolumeDevice - elementRelationship: associative - keys: - - devicePath - - name: volumeMounts + scalar: numeric + default: 0 + - name: portals type: list: elementType: - namedType: io.k8s.api.core.v1.VolumeMount - elementRelationship: associative - keys: - - mountPath - - name: workingDir + scalar: string + elementRelationship: atomic + - name: readOnly + type: + scalar: boolean + - name: secretRef + type: + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: targetPortal type: scalar: string -- name: io.k8s.api.core.v1.EphemeralVolumeSource + default: "" +- name: ImageVolumeSource.v1.core.api.k8s.io map: fields: - - name: volumeClaimTemplate + - name: pullPolicy type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimTemplate -- name: io.k8s.api.core.v1.ExecAction - map: - fields: - - name: command + scalar: string + - name: reference type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.FCVolumeSource + scalar: string +- name: IntOrString.intstr.util.pkg.apimachinery.k8s.io + scalar: untyped +- name: KeyToPath.v1.core.api.k8s.io map: fields: - - name: fsType + - name: key type: scalar: string - - name: lun + default: "" + - name: mode type: scalar: numeric - - name: readOnly + - name: path type: - scalar: boolean - - name: targetWWNs + scalar: string + default: "" +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: matchExpressions type: list: elementType: - scalar: string + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: wwids + - name: matchLabels type: - list: + map: elementType: scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.FileKeySelector + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: key type: scalar: string default: "" - - name: optional - type: - scalar: boolean - default: false - - name: path - type: - scalar: string - default: "" - - name: volumeName - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.FlexVolumeSource - map: - fields: - - name: driver + - name: operator type: scalar: string default: "" - - name: fsType - type: - scalar: string - - name: options + - name: values type: - map: + list: elementType: scalar: string - - name: readOnly - type: - scalar: boolean - - name: secretRef - type: - namedType: io.k8s.api.core.v1.LocalObjectReference -- name: io.k8s.api.core.v1.FlockerVolumeSource + elementRelationship: atomic +- name: Lifecycle.v1.core.api.k8s.io map: fields: - - name: datasetName + - name: postStart type: - scalar: string - - name: datasetUUID + namedType: LifecycleHandler.v1.core.api.k8s.io + - name: preStop + type: + namedType: LifecycleHandler.v1.core.api.k8s.io + - name: stopSignal type: scalar: string -- name: io.k8s.api.core.v1.GCEPersistentDiskVolumeSource +- name: LifecycleHandler.v1.core.api.k8s.io map: fields: - - name: fsType + - name: exec type: - scalar: string - - name: partition + namedType: ExecAction.v1.core.api.k8s.io + - name: httpGet type: - scalar: numeric - - name: pdName + namedType: HTTPGetAction.v1.core.api.k8s.io + - name: sleep type: - scalar: string - default: "" - - name: readOnly + namedType: SleepAction.v1.core.api.k8s.io + - name: tcpSocket type: - scalar: boolean -- name: io.k8s.api.core.v1.GRPCAction + namedType: TCPSocketAction.v1.core.api.k8s.io +- name: LocalObjectReference.v1.core.api.k8s.io map: fields: - - name: port - type: - scalar: numeric - default: 0 - - name: service + - name: name type: scalar: string default: "" -- name: io.k8s.api.core.v1.GitRepoVolumeSource + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: directory + - name: apiVersion type: scalar: string - - name: repository + - name: fieldsType type: scalar: string - default: "" - - name: revision + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: scalar: string -- name: io.k8s.api.core.v1.GlusterfsVolumeSource - map: - fields: - - name: endpoints + - name: operation type: scalar: string - default: "" + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: NFSVolumeSource.v1.core.api.k8s.io + map: + fields: - name: path type: scalar: string @@ -1102,268 +1017,191 @@ var schemaYAML = typed.YAMLObject(`types: - name: readOnly type: scalar: boolean -- name: io.k8s.api.core.v1.HTTPGetAction - map: - fields: - - name: host + - name: server type: scalar: string - - name: httpHeaders + default: "" +- name: NodeAffinity.v1.core.api.k8s.io + map: + fields: + - name: preferredDuringSchedulingIgnoredDuringExecution type: list: elementType: - namedType: io.k8s.api.core.v1.HTTPHeader + namedType: PreferredSchedulingTerm.v1.core.api.k8s.io elementRelationship: atomic - - name: path - type: - scalar: string - - name: port + - name: requiredDuringSchedulingIgnoredDuringExecution type: - namedType: io.k8s.apimachinery.pkg.util.intstr.IntOrString - - name: scheme + namedType: NodeSelector.v1.core.api.k8s.io +- name: NodeSelector.v1.core.api.k8s.io + map: + fields: + - name: nodeSelectorTerms type: - scalar: string -- name: io.k8s.api.core.v1.HTTPHeader + list: + elementType: + namedType: NodeSelectorTerm.v1.core.api.k8s.io + elementRelationship: atomic + elementRelationship: atomic +- name: NodeSelectorRequirement.v1.core.api.k8s.io map: fields: - - name: name + - name: key type: scalar: string default: "" - - name: value + - name: operator type: scalar: string default: "" -- name: io.k8s.api.core.v1.HostAlias + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: NodeSelectorTerm.v1.core.api.k8s.io map: fields: - - name: hostnames + - name: matchExpressions type: list: elementType: - scalar: string + namedType: NodeSelectorRequirement.v1.core.api.k8s.io elementRelationship: atomic - - name: ip + - name: matchFields type: - scalar: string - default: "" -- name: io.k8s.api.core.v1.HostPathVolumeSource + list: + elementType: + namedType: NodeSelectorRequirement.v1.core.api.k8s.io + elementRelationship: atomic + elementRelationship: atomic +- name: ObjectFieldSelector.v1.core.api.k8s.io map: fields: - - name: path + - name: apiVersion type: scalar: string - default: "" - - name: type + - name: fieldPath type: scalar: string -- name: io.k8s.api.core.v1.ISCSIVolumeSource + default: "" + elementRelationship: atomic +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: chapAuthDiscovery + - name: annotations type: - scalar: boolean - - name: chapAuthSession + map: + elementType: + scalar: string + - name: creationTimestamp type: - scalar: boolean - - name: fsType + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds type: - scalar: string - - name: initiatorName + scalar: numeric + - name: deletionTimestamp type: - scalar: string - - name: iqn + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: - scalar: string - default: "" - - name: iscsiInterface + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName type: scalar: string - default: default - - name: lun + - name: generation type: scalar: numeric - default: 0 - - name: portals + - name: labels type: - list: + map: elementType: scalar: string - elementRelationship: atomic - - name: readOnly - type: - scalar: boolean - - name: secretRef + - name: managedFields type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: targetPortal + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name type: scalar: string - default: "" -- name: io.k8s.api.core.v1.ImageVolumeSource - map: - fields: - - name: pullPolicy + - name: namespace type: scalar: string - - name: reference + - name: ownerReferences type: - scalar: string -- name: io.k8s.api.core.v1.KeyToPath - map: - fields: - - name: key + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion type: scalar: string - default: "" - - name: mode - type: - scalar: numeric - - name: path + - name: selfLink type: scalar: string - default: "" -- name: io.k8s.api.core.v1.Lifecycle - map: - fields: - - name: postStart - type: - namedType: io.k8s.api.core.v1.LifecycleHandler - - name: preStop - type: - namedType: io.k8s.api.core.v1.LifecycleHandler - - name: stopSignal + - name: uid type: scalar: string -- name: io.k8s.api.core.v1.LifecycleHandler - map: - fields: - - name: exec - type: - namedType: io.k8s.api.core.v1.ExecAction - - name: httpGet - type: - namedType: io.k8s.api.core.v1.HTTPGetAction - - name: sleep - type: - namedType: io.k8s.api.core.v1.SleepAction - - name: tcpSocket - type: - namedType: io.k8s.api.core.v1.TCPSocketAction -- name: io.k8s.api.core.v1.LocalObjectReference +- name: ObjectReference.v1.core.api.k8s.io map: fields: - - name: name + - name: apiVersion type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.NFSVolumeSource - map: - fields: - - name: path + - name: fieldPath type: scalar: string - default: "" - - name: readOnly - type: - scalar: boolean - - name: server + - name: kind type: scalar: string - default: "" -- name: io.k8s.api.core.v1.NodeAffinity - map: - fields: - - name: preferredDuringSchedulingIgnoredDuringExecution - type: - list: - elementType: - namedType: io.k8s.api.core.v1.PreferredSchedulingTerm - elementRelationship: atomic - - name: requiredDuringSchedulingIgnoredDuringExecution - type: - namedType: io.k8s.api.core.v1.NodeSelector -- name: io.k8s.api.core.v1.NodeSelector - map: - fields: - - name: nodeSelectorTerms - type: - list: - elementType: - namedType: io.k8s.api.core.v1.NodeSelectorTerm - elementRelationship: atomic - elementRelationship: atomic -- name: io.k8s.api.core.v1.NodeSelectorRequirement - map: - fields: - - name: key + - name: name type: scalar: string - default: "" - - name: operator + - name: namespace type: scalar: string - default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.NodeSelectorTerm - map: - fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.api.core.v1.NodeSelectorRequirement - elementRelationship: atomic - - name: matchFields - type: - list: - elementType: - namedType: io.k8s.api.core.v1.NodeSelectorRequirement - elementRelationship: atomic - elementRelationship: atomic -- name: io.k8s.api.core.v1.ObjectFieldSelector - map: - fields: - - name: apiVersion + - name: resourceVersion type: scalar: string - - name: fieldPath + - name: uid type: scalar: string - default: "" elementRelationship: atomic -- name: io.k8s.api.core.v1.ObjectReference +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion type: scalar: string - - name: fieldPath + default: "" + - name: blockOwnerDeletion type: - scalar: string + scalar: boolean + - name: controller + type: + scalar: boolean - name: kind type: scalar: string + default: "" - name: name type: scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string + default: "" - name: uid type: scalar: string + default: "" elementRelationship: atomic -- name: io.k8s.api.core.v1.PersistentVolumeClaimSpec +- name: PersistentVolumeClaimSpec.v1.core.api.k8s.io map: fields: - name: accessModes @@ -1374,17 +1212,17 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: dataSource type: - namedType: io.k8s.api.core.v1.TypedLocalObjectReference + namedType: TypedLocalObjectReference.v1.core.api.k8s.io - name: dataSourceRef type: - namedType: io.k8s.api.core.v1.TypedObjectReference + namedType: TypedObjectReference.v1.core.api.k8s.io - name: resources type: - namedType: io.k8s.api.core.v1.VolumeResourceRequirements + namedType: VolumeResourceRequirements.v1.core.api.k8s.io default: {} - name: selector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: storageClassName type: scalar: string @@ -1397,18 +1235,18 @@ var schemaYAML = typed.YAMLObject(`types: - name: volumeName type: scalar: string -- name: io.k8s.api.core.v1.PersistentVolumeClaimTemplate +- name: PersistentVolumeClaimTemplate.v1.core.api.k8s.io map: fields: - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimSpec + namedType: PersistentVolumeClaimSpec.v1.core.api.k8s.io default: {} -- name: io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource +- name: PersistentVolumeClaimVolumeSource.v1.core.api.k8s.io map: fields: - name: claimName @@ -1418,7 +1256,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: readOnly type: scalar: boolean -- name: io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource +- name: PhotonPersistentDiskVolumeSource.v1.core.api.k8s.io map: fields: - name: fsType @@ -1428,27 +1266,27 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.PodAffinity +- name: PodAffinity.v1.core.api.k8s.io map: fields: - name: preferredDuringSchedulingIgnoredDuringExecution type: list: elementType: - namedType: io.k8s.api.core.v1.WeightedPodAffinityTerm + namedType: WeightedPodAffinityTerm.v1.core.api.k8s.io elementRelationship: atomic - name: requiredDuringSchedulingIgnoredDuringExecution type: list: elementType: - namedType: io.k8s.api.core.v1.PodAffinityTerm + namedType: PodAffinityTerm.v1.core.api.k8s.io elementRelationship: atomic -- name: io.k8s.api.core.v1.PodAffinityTerm +- name: PodAffinityTerm.v1.core.api.k8s.io map: fields: - name: labelSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: matchLabelKeys type: list: @@ -1463,7 +1301,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: namespaceSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: namespaces type: list: @@ -1474,22 +1312,22 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.PodAntiAffinity +- name: PodAntiAffinity.v1.core.api.k8s.io map: fields: - name: preferredDuringSchedulingIgnoredDuringExecution type: list: elementType: - namedType: io.k8s.api.core.v1.WeightedPodAffinityTerm + namedType: WeightedPodAffinityTerm.v1.core.api.k8s.io elementRelationship: atomic - name: requiredDuringSchedulingIgnoredDuringExecution type: list: elementType: - namedType: io.k8s.api.core.v1.PodAffinityTerm + namedType: PodAffinityTerm.v1.core.api.k8s.io elementRelationship: atomic -- name: io.k8s.api.core.v1.PodCertificateProjection +- name: PodCertificateProjection.v1.core.api.k8s.io map: fields: - name: certificateChainPath @@ -1510,7 +1348,12 @@ var schemaYAML = typed.YAMLObject(`types: - name: signerName type: scalar: string -- name: io.k8s.api.core.v1.PodDNSConfig + - name: userAnnotations + type: + map: + elementType: + scalar: string +- name: PodDNSConfig.v1.core.api.k8s.io map: fields: - name: nameservers @@ -1523,7 +1366,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.PodDNSConfigOption + namedType: PodDNSConfigOption.v1.core.api.k8s.io elementRelationship: atomic - name: searches type: @@ -1531,7 +1374,7 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic -- name: io.k8s.api.core.v1.PodDNSConfigOption +- name: PodDNSConfigOption.v1.core.api.k8s.io map: fields: - name: name @@ -1540,21 +1383,21 @@ var schemaYAML = typed.YAMLObject(`types: - name: value type: scalar: string -- name: io.k8s.api.core.v1.PodOS +- name: PodOS.v1.core.api.k8s.io map: fields: - name: name type: scalar: string default: "" -- name: io.k8s.api.core.v1.PodReadinessGate +- name: PodReadinessGate.v1.core.api.k8s.io map: fields: - name: conditionType type: scalar: string default: "" -- name: io.k8s.api.core.v1.PodResourceClaim +- name: PodResourceClaim.v1.core.api.k8s.io map: fields: - name: name @@ -1567,19 +1410,19 @@ var schemaYAML = typed.YAMLObject(`types: - name: resourceClaimTemplateName type: scalar: string -- name: io.k8s.api.core.v1.PodSchedulingGate +- name: PodSchedulingGate.v1.core.api.k8s.io map: fields: - name: name type: scalar: string default: "" -- name: io.k8s.api.core.v1.PodSecurityContext +- name: PodSecurityContext.v1.core.api.k8s.io map: fields: - name: appArmorProfile type: - namedType: io.k8s.api.core.v1.AppArmorProfile + namedType: AppArmorProfile.v1.core.api.k8s.io - name: fsGroup type: scalar: numeric @@ -1600,10 +1443,10 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: seLinuxOptions type: - namedType: io.k8s.api.core.v1.SELinuxOptions + namedType: SELinuxOptions.v1.core.api.k8s.io - name: seccompProfile type: - namedType: io.k8s.api.core.v1.SeccompProfile + namedType: SeccompProfile.v1.core.api.k8s.io - name: supplementalGroups type: list: @@ -1617,12 +1460,12 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Sysctl + namedType: Sysctl.v1.core.api.k8s.io elementRelationship: atomic - name: windowsOptions type: - namedType: io.k8s.api.core.v1.WindowsSecurityContextOptions -- name: io.k8s.api.core.v1.PodSpec + namedType: WindowsSecurityContextOptions.v1.core.api.k8s.io +- name: PodSpec.v1.core.api.k8s.io map: fields: - name: activeDeadlineSeconds @@ -1630,7 +1473,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: affinity type: - namedType: io.k8s.api.core.v1.Affinity + namedType: Affinity.v1.core.api.k8s.io - name: automountServiceAccountToken type: scalar: boolean @@ -1638,13 +1481,13 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Container + namedType: Container.v1.core.api.k8s.io elementRelationship: associative keys: - name - name: dnsConfig type: - namedType: io.k8s.api.core.v1.PodDNSConfig + namedType: PodDNSConfig.v1.core.api.k8s.io - name: dnsPolicy type: scalar: string @@ -1655,7 +1498,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.EphemeralContainer + namedType: EphemeralContainer.v1.core.api.k8s.io elementRelationship: associative keys: - name @@ -1663,7 +1506,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.HostAlias + namedType: HostAlias.v1.core.api.k8s.io elementRelationship: associative keys: - ip @@ -1689,7 +1532,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: LocalObjectReference.v1.core.api.k8s.io elementRelationship: associative keys: - name @@ -1697,7 +1540,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Container + namedType: Container.v1.core.api.k8s.io elementRelationship: associative keys: - name @@ -1712,12 +1555,12 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: os type: - namedType: io.k8s.api.core.v1.PodOS + namedType: PodOS.v1.core.api.k8s.io - name: overhead type: map: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: preemptionPolicy type: scalar: string @@ -1731,19 +1574,19 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.PodReadinessGate + namedType: PodReadinessGate.v1.core.api.k8s.io elementRelationship: atomic - name: resourceClaims type: list: elementType: - namedType: io.k8s.api.core.v1.PodResourceClaim + namedType: PodResourceClaim.v1.core.api.k8s.io elementRelationship: associative keys: - name - name: resources type: - namedType: io.k8s.api.core.v1.ResourceRequirements + namedType: ResourceRequirements.v1.core.api.k8s.io - name: restartPolicy type: scalar: string @@ -1757,13 +1600,13 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.PodSchedulingGate + namedType: PodSchedulingGate.v1.core.api.k8s.io elementRelationship: associative keys: - name - name: securityContext type: - namedType: io.k8s.api.core.v1.PodSecurityContext + namedType: PodSecurityContext.v1.core.api.k8s.io - name: serviceAccount type: scalar: string @@ -1786,13 +1629,13 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey @@ -1801,22 +1644,25 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Volume + namedType: Volume.v1.core.api.k8s.io elementRelationship: associative keys: - name -- name: io.k8s.api.core.v1.PodTemplateSpec + - name: workloadRef + type: + namedType: WorkloadReference.v1.core.api.k8s.io +- name: PodTemplateSpec.v1.core.api.k8s.io map: fields: - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: io.k8s.api.core.v1.PodSpec + namedType: PodSpec.v1.core.api.k8s.io default: {} -- name: io.k8s.api.core.v1.PortworxVolumeSource +- name: PortworxVolumeSource.v1.core.api.k8s.io map: fields: - name: fsType @@ -1829,32 +1675,32 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.PreferredSchedulingTerm +- name: PreferredSchedulingTerm.v1.core.api.k8s.io map: fields: - name: preference type: - namedType: io.k8s.api.core.v1.NodeSelectorTerm + namedType: NodeSelectorTerm.v1.core.api.k8s.io default: {} - name: weight type: scalar: numeric default: 0 -- name: io.k8s.api.core.v1.Probe +- name: Probe.v1.core.api.k8s.io map: fields: - name: exec type: - namedType: io.k8s.api.core.v1.ExecAction + namedType: ExecAction.v1.core.api.k8s.io - name: failureThreshold type: scalar: numeric - name: grpc type: - namedType: io.k8s.api.core.v1.GRPCAction + namedType: GRPCAction.v1.core.api.k8s.io - name: httpGet type: - namedType: io.k8s.api.core.v1.HTTPGetAction + namedType: HTTPGetAction.v1.core.api.k8s.io - name: initialDelaySeconds type: scalar: numeric @@ -1866,14 +1712,14 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: tcpSocket type: - namedType: io.k8s.api.core.v1.TCPSocketAction + namedType: TCPSocketAction.v1.core.api.k8s.io - name: terminationGracePeriodSeconds type: scalar: numeric - name: timeoutSeconds type: scalar: numeric -- name: io.k8s.api.core.v1.ProjectedVolumeSource +- name: ProjectedVolumeSource.v1.core.api.k8s.io map: fields: - name: defaultMode @@ -1883,9 +1729,11 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.VolumeProjection + namedType: VolumeProjection.v1.core.api.k8s.io elementRelationship: atomic -- name: io.k8s.api.core.v1.QuobyteVolumeSource +- name: Quantity.resource.api.pkg.apimachinery.k8s.io + scalar: string +- name: QuobyteVolumeSource.v1.core.api.k8s.io map: fields: - name: group @@ -1908,7 +1756,7 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.RBDVolumeSource +- name: RBDVolumeSource.v1.core.api.k8s.io map: fields: - name: fsType @@ -1937,12 +1785,12 @@ var schemaYAML = typed.YAMLObject(`types: scalar: boolean - name: secretRef type: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: LocalObjectReference.v1.core.api.k8s.io - name: user type: scalar: string default: admin -- name: io.k8s.api.core.v1.ResourceClaim +- name: ResourceClaim.v1.core.api.k8s.io map: fields: - name: name @@ -1952,7 +1800,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: request type: scalar: string -- name: io.k8s.api.core.v1.ResourceFieldSelector +- name: ResourceFieldSelector.v1.core.api.k8s.io map: fields: - name: containerName @@ -1960,20 +1808,20 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: divisor type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: resource type: scalar: string default: "" elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceRequirements +- name: ResourceRequirements.v1.core.api.k8s.io map: fields: - name: claims type: list: elementType: - namedType: io.k8s.api.core.v1.ResourceClaim + namedType: ResourceClaim.v1.core.api.k8s.io elementRelationship: associative keys: - name @@ -1981,13 +1829,13 @@ var schemaYAML = typed.YAMLObject(`types: type: map: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: requests type: map: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.SELinuxOptions + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: SELinuxOptions.v1.core.api.k8s.io map: fields: - name: level @@ -2002,7 +1850,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: user type: scalar: string -- name: io.k8s.api.core.v1.ScaleIOVolumeSource +- name: ScaleIOVolumeSource.v1.core.api.k8s.io map: fields: - name: fsType @@ -2021,7 +1869,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: boolean - name: secretRef type: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: LocalObjectReference.v1.core.api.k8s.io - name: sslEnabled type: scalar: boolean @@ -2039,7 +1887,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: volumeName type: scalar: string -- name: io.k8s.api.core.v1.SeccompProfile +- name: SeccompProfile.v1.core.api.k8s.io map: fields: - name: localhostProfile @@ -2054,7 +1902,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - fieldName: localhostProfile discriminatorValue: LocalhostProfile -- name: io.k8s.api.core.v1.SecretEnvSource +- name: SecretEnvSource.v1.core.api.k8s.io map: fields: - name: name @@ -2064,7 +1912,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: optional type: scalar: boolean -- name: io.k8s.api.core.v1.SecretKeySelector +- name: SecretKeySelector.v1.core.api.k8s.io map: fields: - name: key @@ -2079,14 +1927,14 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: boolean elementRelationship: atomic -- name: io.k8s.api.core.v1.SecretProjection +- name: SecretProjection.v1.core.api.k8s.io map: fields: - name: items type: list: elementType: - namedType: io.k8s.api.core.v1.KeyToPath + namedType: KeyToPath.v1.core.api.k8s.io elementRelationship: atomic - name: name type: @@ -2095,7 +1943,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: optional type: scalar: boolean -- name: io.k8s.api.core.v1.SecretVolumeSource +- name: SecretVolumeSource.v1.core.api.k8s.io map: fields: - name: defaultMode @@ -2105,7 +1953,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.KeyToPath + namedType: KeyToPath.v1.core.api.k8s.io elementRelationship: atomic - name: optional type: @@ -2113,7 +1961,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: secretName type: scalar: string -- name: io.k8s.api.core.v1.SecurityContext +- name: SecurityContext.v1.core.api.k8s.io map: fields: - name: allowPrivilegeEscalation @@ -2121,10 +1969,10 @@ var schemaYAML = typed.YAMLObject(`types: scalar: boolean - name: appArmorProfile type: - namedType: io.k8s.api.core.v1.AppArmorProfile + namedType: AppArmorProfile.v1.core.api.k8s.io - name: capabilities type: - namedType: io.k8s.api.core.v1.Capabilities + namedType: Capabilities.v1.core.api.k8s.io - name: privileged type: scalar: boolean @@ -2145,14 +1993,14 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: seLinuxOptions type: - namedType: io.k8s.api.core.v1.SELinuxOptions + namedType: SELinuxOptions.v1.core.api.k8s.io - name: seccompProfile type: - namedType: io.k8s.api.core.v1.SeccompProfile + namedType: SeccompProfile.v1.core.api.k8s.io - name: windowsOptions type: - namedType: io.k8s.api.core.v1.WindowsSecurityContextOptions -- name: io.k8s.api.core.v1.ServiceAccountTokenProjection + namedType: WindowsSecurityContextOptions.v1.core.api.k8s.io +- name: ServiceAccountTokenProjection.v1.core.api.k8s.io map: fields: - name: audience @@ -2165,14 +2013,14 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.SleepAction +- name: SleepAction.v1.core.api.k8s.io map: fields: - name: seconds type: scalar: numeric default: 0 -- name: io.k8s.api.core.v1.StorageOSVolumeSource +- name: StorageOSVolumeSource.v1.core.api.k8s.io map: fields: - name: fsType @@ -2183,14 +2031,14 @@ var schemaYAML = typed.YAMLObject(`types: scalar: boolean - name: secretRef type: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: LocalObjectReference.v1.core.api.k8s.io - name: volumeName type: scalar: string - name: volumeNamespace type: scalar: string -- name: io.k8s.api.core.v1.Sysctl +- name: Sysctl.v1.core.api.k8s.io map: fields: - name: name @@ -2201,7 +2049,7 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.TCPSocketAction +- name: TCPSocketAction.v1.core.api.k8s.io map: fields: - name: host @@ -2209,8 +2057,10 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: port type: - namedType: io.k8s.apimachinery.pkg.util.intstr.IntOrString -- name: io.k8s.api.core.v1.Toleration + namedType: IntOrString.intstr.util.pkg.apimachinery.k8s.io +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: Toleration.v1.core.api.k8s.io map: fields: - name: effect @@ -2228,12 +2078,12 @@ var schemaYAML = typed.YAMLObject(`types: - name: value type: scalar: string -- name: io.k8s.api.core.v1.TopologySpreadConstraint +- name: TopologySpreadConstraint.v1.core.api.k8s.io map: fields: - name: labelSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: matchLabelKeys type: list: @@ -2261,7 +2111,7 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.TypedLocalObjectReference +- name: TypedLocalObjectReference.v1.core.api.k8s.io map: fields: - name: apiGroup @@ -2276,7 +2126,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string default: "" elementRelationship: atomic -- name: io.k8s.api.core.v1.TypedObjectReference +- name: TypedObjectReference.v1.core.api.k8s.io map: fields: - name: apiGroup @@ -2293,104 +2143,104 @@ var schemaYAML = typed.YAMLObject(`types: - name: namespace type: scalar: string -- name: io.k8s.api.core.v1.Volume +- name: Volume.v1.core.api.k8s.io map: fields: - name: awsElasticBlockStore type: - namedType: io.k8s.api.core.v1.AWSElasticBlockStoreVolumeSource + namedType: AWSElasticBlockStoreVolumeSource.v1.core.api.k8s.io - name: azureDisk type: - namedType: io.k8s.api.core.v1.AzureDiskVolumeSource + namedType: AzureDiskVolumeSource.v1.core.api.k8s.io - name: azureFile type: - namedType: io.k8s.api.core.v1.AzureFileVolumeSource + namedType: AzureFileVolumeSource.v1.core.api.k8s.io - name: cephfs type: - namedType: io.k8s.api.core.v1.CephFSVolumeSource + namedType: CephFSVolumeSource.v1.core.api.k8s.io - name: cinder type: - namedType: io.k8s.api.core.v1.CinderVolumeSource + namedType: CinderVolumeSource.v1.core.api.k8s.io - name: configMap type: - namedType: io.k8s.api.core.v1.ConfigMapVolumeSource + namedType: ConfigMapVolumeSource.v1.core.api.k8s.io - name: csi type: - namedType: io.k8s.api.core.v1.CSIVolumeSource + namedType: CSIVolumeSource.v1.core.api.k8s.io - name: downwardAPI type: - namedType: io.k8s.api.core.v1.DownwardAPIVolumeSource + namedType: DownwardAPIVolumeSource.v1.core.api.k8s.io - name: emptyDir type: - namedType: io.k8s.api.core.v1.EmptyDirVolumeSource + namedType: EmptyDirVolumeSource.v1.core.api.k8s.io - name: ephemeral type: - namedType: io.k8s.api.core.v1.EphemeralVolumeSource + namedType: EphemeralVolumeSource.v1.core.api.k8s.io - name: fc type: - namedType: io.k8s.api.core.v1.FCVolumeSource + namedType: FCVolumeSource.v1.core.api.k8s.io - name: flexVolume type: - namedType: io.k8s.api.core.v1.FlexVolumeSource + namedType: FlexVolumeSource.v1.core.api.k8s.io - name: flocker type: - namedType: io.k8s.api.core.v1.FlockerVolumeSource + namedType: FlockerVolumeSource.v1.core.api.k8s.io - name: gcePersistentDisk type: - namedType: io.k8s.api.core.v1.GCEPersistentDiskVolumeSource + namedType: GCEPersistentDiskVolumeSource.v1.core.api.k8s.io - name: gitRepo type: - namedType: io.k8s.api.core.v1.GitRepoVolumeSource + namedType: GitRepoVolumeSource.v1.core.api.k8s.io - name: glusterfs type: - namedType: io.k8s.api.core.v1.GlusterfsVolumeSource + namedType: GlusterfsVolumeSource.v1.core.api.k8s.io - name: hostPath type: - namedType: io.k8s.api.core.v1.HostPathVolumeSource + namedType: HostPathVolumeSource.v1.core.api.k8s.io - name: image type: - namedType: io.k8s.api.core.v1.ImageVolumeSource + namedType: ImageVolumeSource.v1.core.api.k8s.io - name: iscsi type: - namedType: io.k8s.api.core.v1.ISCSIVolumeSource + namedType: ISCSIVolumeSource.v1.core.api.k8s.io - name: name type: scalar: string default: "" - name: nfs type: - namedType: io.k8s.api.core.v1.NFSVolumeSource + namedType: NFSVolumeSource.v1.core.api.k8s.io - name: persistentVolumeClaim type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimVolumeSource + namedType: PersistentVolumeClaimVolumeSource.v1.core.api.k8s.io - name: photonPersistentDisk type: - namedType: io.k8s.api.core.v1.PhotonPersistentDiskVolumeSource + namedType: PhotonPersistentDiskVolumeSource.v1.core.api.k8s.io - name: portworxVolume type: - namedType: io.k8s.api.core.v1.PortworxVolumeSource + namedType: PortworxVolumeSource.v1.core.api.k8s.io - name: projected type: - namedType: io.k8s.api.core.v1.ProjectedVolumeSource + namedType: ProjectedVolumeSource.v1.core.api.k8s.io - name: quobyte type: - namedType: io.k8s.api.core.v1.QuobyteVolumeSource + namedType: QuobyteVolumeSource.v1.core.api.k8s.io - name: rbd type: - namedType: io.k8s.api.core.v1.RBDVolumeSource + namedType: RBDVolumeSource.v1.core.api.k8s.io - name: scaleIO type: - namedType: io.k8s.api.core.v1.ScaleIOVolumeSource + namedType: ScaleIOVolumeSource.v1.core.api.k8s.io - name: secret type: - namedType: io.k8s.api.core.v1.SecretVolumeSource + namedType: SecretVolumeSource.v1.core.api.k8s.io - name: storageos type: - namedType: io.k8s.api.core.v1.StorageOSVolumeSource + namedType: StorageOSVolumeSource.v1.core.api.k8s.io - name: vsphereVolume type: - namedType: io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource -- name: io.k8s.api.core.v1.VolumeDevice + namedType: VsphereVirtualDiskVolumeSource.v1.core.api.k8s.io +- name: VolumeDevice.v1.core.api.k8s.io map: fields: - name: devicePath @@ -2401,7 +2251,7 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.VolumeMount +- name: VolumeMount.v1.core.api.k8s.io map: fields: - name: mountPath @@ -2427,41 +2277,41 @@ var schemaYAML = typed.YAMLObject(`types: - name: subPathExpr type: scalar: string -- name: io.k8s.api.core.v1.VolumeProjection +- name: VolumeProjection.v1.core.api.k8s.io map: fields: - name: clusterTrustBundle type: - namedType: io.k8s.api.core.v1.ClusterTrustBundleProjection + namedType: ClusterTrustBundleProjection.v1.core.api.k8s.io - name: configMap type: - namedType: io.k8s.api.core.v1.ConfigMapProjection + namedType: ConfigMapProjection.v1.core.api.k8s.io - name: downwardAPI type: - namedType: io.k8s.api.core.v1.DownwardAPIProjection + namedType: DownwardAPIProjection.v1.core.api.k8s.io - name: podCertificate type: - namedType: io.k8s.api.core.v1.PodCertificateProjection + namedType: PodCertificateProjection.v1.core.api.k8s.io - name: secret type: - namedType: io.k8s.api.core.v1.SecretProjection + namedType: SecretProjection.v1.core.api.k8s.io - name: serviceAccountToken type: - namedType: io.k8s.api.core.v1.ServiceAccountTokenProjection -- name: io.k8s.api.core.v1.VolumeResourceRequirements + namedType: ServiceAccountTokenProjection.v1.core.api.k8s.io +- name: VolumeResourceRequirements.v1.core.api.k8s.io map: fields: - name: limits type: map: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: requests type: map: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.VsphereVirtualDiskVolumeSource + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: VsphereVirtualDiskVolumeSource.v1.core.api.k8s.io map: fields: - name: fsType @@ -2477,18 +2327,18 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.WeightedPodAffinityTerm +- name: WeightedPodAffinityTerm.v1.core.api.k8s.io map: fields: - name: podAffinityTerm type: - namedType: io.k8s.api.core.v1.PodAffinityTerm + namedType: PodAffinityTerm.v1.core.api.k8s.io default: {} - name: weight type: scalar: numeric default: 0 -- name: io.k8s.api.core.v1.WindowsSecurityContextOptions +- name: WindowsSecurityContextOptions.v1.core.api.k8s.io map: fields: - name: gmsaCredentialSpec @@ -2503,169 +2353,341 @@ var schemaYAML = typed.YAMLObject(`types: - name: runAsUserName type: scalar: string -- name: io.k8s.apimachinery.pkg.api.resource.Quantity - scalar: untyped -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 +- name: WorkloadReference.v1.core.api.k8s.io map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + fields: + - name: name + type: + scalar: string + default: "" + - name: podGroup + type: + scalar: string + default: "" + - name: podGroupReplicaKey + type: + scalar: string +- name: com.github.openshift.api.apps.v1.CustomDeploymentStrategyParams map: fields: - - name: matchExpressions + - name: command type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + scalar: string elementRelationship: atomic - - name: matchLabels + - name: environment type: - map: + list: elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + namedType: EnvVar.v1.core.api.k8s.io + elementRelationship: atomic + - name: image + type: + scalar: string +- name: com.github.openshift.api.apps.v1.DeploymentCause map: fields: - - name: key + - name: imageTrigger type: - scalar: string - default: "" - - name: operator + namedType: com.github.openshift.api.apps.v1.DeploymentCauseImageTrigger + - name: type type: scalar: string default: "" - - name: values +- name: com.github.openshift.api.apps.v1.DeploymentCauseImageTrigger + map: + fields: + - name: from type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + namedType: ObjectReference.v1.core.api.k8s.io + default: {} +- name: com.github.openshift.api.apps.v1.DeploymentCondition map: fields: - - name: apiVersion + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastUpdateTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - - name: fieldsType + - name: reason type: scalar: string - - name: fieldsV1 + - name: status type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager + scalar: string + default: "" + - name: type type: scalar: string - - name: operation + default: "" +- name: com.github.openshift.api.apps.v1.DeploymentConfig + map: + fields: + - name: apiVersion type: scalar: string - - name: subresource + - name: kind type: scalar: string - - name: time + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.apps.v1.DeploymentConfigSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.apps.v1.DeploymentConfigStatus + default: {} +- name: com.github.openshift.api.apps.v1.DeploymentConfigSpec map: fields: - - name: annotations + - name: minReadySeconds + type: + scalar: numeric + - name: paused + type: + scalar: boolean + - name: replicas + type: + scalar: numeric + default: 0 + - name: revisionHistoryLimit + type: + scalar: numeric + - name: selector type: map: elementType: scalar: string - - name: creationTimestamp + - name: strategy type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds + namedType: com.github.openshift.api.apps.v1.DeploymentStrategy + default: {} + - name: template type: - scalar: numeric - - name: deletionTimestamp + namedType: PodTemplateSpec.v1.core.api.k8s.io + - name: test type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + scalar: boolean + default: false + - name: triggers type: list: elementType: - scalar: string + namedType: com.github.openshift.api.apps.v1.DeploymentTriggerPolicy + elementRelationship: atomic +- name: com.github.openshift.api.apps.v1.DeploymentConfigStatus + map: + fields: + - name: availableReplicas + type: + scalar: numeric + default: 0 + - name: conditions + type: + list: + elementType: + namedType: com.github.openshift.api.apps.v1.DeploymentCondition elementRelationship: associative - - name: generateName + keys: + - type + - name: details + type: + namedType: com.github.openshift.api.apps.v1.DeploymentDetails + - name: latestVersion + type: + scalar: numeric + default: 0 + - name: observedGeneration + type: + scalar: numeric + default: 0 + - name: readyReplicas + type: + scalar: numeric + - name: replicas + type: + scalar: numeric + default: 0 + - name: unavailableReplicas + type: + scalar: numeric + default: 0 + - name: updatedReplicas + type: + scalar: numeric + default: 0 +- name: com.github.openshift.api.apps.v1.DeploymentDetails + map: + fields: + - name: causes + type: + list: + elementType: + namedType: com.github.openshift.api.apps.v1.DeploymentCause + elementRelationship: atomic + - name: message type: scalar: string - - name: generation +- name: com.github.openshift.api.apps.v1.DeploymentStrategy + map: + fields: + - name: activeDeadlineSeconds type: scalar: numeric + - name: annotations + type: + map: + elementType: + scalar: string + - name: customParams + type: + namedType: com.github.openshift.api.apps.v1.CustomDeploymentStrategyParams - name: labels type: map: elementType: scalar: string - - name: managedFields + - name: recreateParams + type: + namedType: com.github.openshift.api.apps.v1.RecreateDeploymentStrategyParams + - name: resources + type: + namedType: ResourceRequirements.v1.core.api.k8s.io + default: {} + - name: rollingParams + type: + namedType: com.github.openshift.api.apps.v1.RollingDeploymentStrategyParams + - name: type + type: + scalar: string +- name: com.github.openshift.api.apps.v1.DeploymentTriggerImageChangeParams + map: + fields: + - name: automatic + type: + scalar: boolean + - name: containerNames type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + scalar: string elementRelationship: atomic - - name: name + - name: from + type: + namedType: ObjectReference.v1.core.api.k8s.io + default: {} + - name: lastTriggeredImage type: scalar: string - - name: namespace +- name: com.github.openshift.api.apps.v1.DeploymentTriggerPolicy + map: + fields: + - name: imageChangeParams + type: + namedType: com.github.openshift.api.apps.v1.DeploymentTriggerImageChangeParams + - name: type type: scalar: string - - name: ownerReferences +- name: com.github.openshift.api.apps.v1.ExecNewPodHook + map: + fields: + - name: command type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion + scalar: string + elementRelationship: atomic + - name: containerName type: scalar: string - - name: selfLink + default: "" + - name: env type: - scalar: string - - name: uid + list: + elementType: + namedType: EnvVar.v1.core.api.k8s.io + elementRelationship: atomic + - name: volumes type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.apps.v1.LifecycleHook map: fields: - - name: apiVersion + - name: execNewPod + type: + namedType: com.github.openshift.api.apps.v1.ExecNewPodHook + - name: failurePolicy type: scalar: string default: "" - - name: blockOwnerDeletion + - name: tagImages type: - scalar: boolean - - name: controller + list: + elementType: + namedType: com.github.openshift.api.apps.v1.TagImageHook + elementRelationship: atomic +- name: com.github.openshift.api.apps.v1.RecreateDeploymentStrategyParams + map: + fields: + - name: mid type: - scalar: boolean - - name: kind + namedType: com.github.openshift.api.apps.v1.LifecycleHook + - name: post type: - scalar: string - default: "" - - name: name + namedType: com.github.openshift.api.apps.v1.LifecycleHook + - name: pre type: - scalar: string - default: "" - - name: uid + namedType: com.github.openshift.api.apps.v1.LifecycleHook + - name: timeoutSeconds + type: + scalar: numeric +- name: com.github.openshift.api.apps.v1.RollingDeploymentStrategyParams + map: + fields: + - name: intervalSeconds + type: + scalar: numeric + - name: maxSurge + type: + namedType: IntOrString.intstr.util.pkg.apimachinery.k8s.io + - name: maxUnavailable + type: + namedType: IntOrString.intstr.util.pkg.apimachinery.k8s.io + - name: post + type: + namedType: com.github.openshift.api.apps.v1.LifecycleHook + - name: pre + type: + namedType: com.github.openshift.api.apps.v1.LifecycleHook + - name: timeoutSeconds + type: + scalar: numeric + - name: updatePeriodSeconds + type: + scalar: numeric +- name: com.github.openshift.api.apps.v1.TagImageHook + map: + fields: + - name: containerName type: scalar: string default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.util.intstr.IntOrString - scalar: untyped + - name: to + type: + namedType: ObjectReference.v1.core.api.k8s.io + default: {} - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go index c698b02be3..815e400361 100644 --- a/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go @@ -23,12 +23,217 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: AggregationRule.v1.rbac.api.k8s.io + map: + fields: + - name: clusterRoleSelectors + type: + list: + elementType: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: matchExpressions + type: + list: + elementType: + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: matchLabels + type: + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: operator + type: + scalar: string + default: "" + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: ObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldPath + type: + scalar: string + - name: kind + type: + scalar: string + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resourceVersion + type: + scalar: string + - name: uid + type: + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.authorization.v1.ClusterRole map: fields: - name: aggregationRule type: - namedType: io.k8s.api.rbac.v1.AggregationRule + namedType: AggregationRule.v1.rbac.api.k8s.io - name: apiVersion type: scalar: string @@ -37,7 +242,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: rules type: @@ -62,17 +267,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: roleRef type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io default: {} - name: subjects type: list: elementType: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io elementRelationship: atomic - name: userNames type: @@ -93,7 +298,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: com.github.openshift.api.authorization.v1.PolicyRule map: @@ -106,7 +311,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: attributeRestrictions type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: nonResourceURLs type: list: @@ -142,7 +347,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: rules type: @@ -167,17 +372,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: roleRef type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io default: {} - name: subjects type: list: elementType: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io elementRelationship: atomic - name: userNames type: @@ -196,7 +401,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -253,7 +458,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: users type: @@ -261,211 +466,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic -- name: io.k8s.api.core.v1.ObjectReference - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath - type: - scalar: string - - name: kind - type: - scalar: string - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string - - name: uid - type: - scalar: string - elementRelationship: atomic -- name: io.k8s.api.rbac.v1.AggregationRule - map: - fields: - - name: clusterRoleSelectors - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - map: - fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels - type: - map: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - map: - fields: - - name: key - type: - scalar: string - default: "" - - name: operator - type: - scalar: string - default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/build/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/build/applyconfigurations/internal/internal.go index ab10439bf0..748fab91a1 100644 --- a/vendor/github.com/openshift/client-go/build/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/build/applyconfigurations/internal/internal.go @@ -23,1178 +23,1178 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.build.v1.BinaryBuildSource +- name: CSIVolumeSource.v1.core.api.k8s.io map: fields: - - name: asFile + - name: driver type: scalar: string -- name: com.github.openshift.api.build.v1.BitbucketWebHookCause - map: - fields: - - name: revision - type: - namedType: com.github.openshift.api.build.v1.SourceRevision - - name: secret + default: "" + - name: fsType type: scalar: string -- name: com.github.openshift.api.build.v1.Build + - name: nodePublishSecretRef + type: + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: readOnly + type: + scalar: boolean + - name: volumeAttributes + type: + map: + elementType: + scalar: string +- name: ConfigMapKeySelector.v1.core.api.k8s.io map: fields: - - name: apiVersion + - name: key type: scalar: string - - name: kind + default: "" + - name: name type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.build.v1.BuildSpec - default: {} - - name: status + default: "" + - name: optional type: - namedType: com.github.openshift.api.build.v1.BuildStatus - default: {} -- name: com.github.openshift.api.build.v1.BuildCondition + scalar: boolean + elementRelationship: atomic +- name: ConfigMapVolumeSource.v1.core.api.k8s.io map: fields: - - name: lastTransitionTime + - name: defaultMode type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastUpdateTime + scalar: numeric + - name: items type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + list: + elementType: + namedType: KeyToPath.v1.core.api.k8s.io + elementRelationship: atomic + - name: name type: scalar: string - - name: reason + default: "" + - name: optional type: - scalar: string - - name: status + scalar: boolean +- name: EnvVar.v1.core.api.k8s.io + map: + fields: + - name: name type: scalar: string default: "" - - name: type + - name: value type: scalar: string - default: "" -- name: com.github.openshift.api.build.v1.BuildConfig + - name: valueFrom + type: + namedType: EnvVarSource.v1.core.api.k8s.io +- name: EnvVarSource.v1.core.api.k8s.io map: fields: - - name: apiVersion + - name: configMapKeyRef type: - scalar: string - - name: kind + namedType: ConfigMapKeySelector.v1.core.api.k8s.io + - name: fieldRef type: - scalar: string - - name: metadata + namedType: ObjectFieldSelector.v1.core.api.k8s.io + - name: fileKeyRef type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + namedType: FileKeySelector.v1.core.api.k8s.io + - name: resourceFieldRef type: - namedType: com.github.openshift.api.build.v1.BuildConfigSpec - default: {} - - name: status + namedType: ResourceFieldSelector.v1.core.api.k8s.io + - name: secretKeyRef type: - namedType: com.github.openshift.api.build.v1.BuildConfigStatus - default: {} -- name: com.github.openshift.api.build.v1.BuildConfigSpec + namedType: SecretKeySelector.v1.core.api.k8s.io +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: FileKeySelector.v1.core.api.k8s.io map: fields: - - name: completionDeadlineSeconds - type: - scalar: numeric - - name: failedBuildsHistoryLimit + - name: key type: - scalar: numeric - - name: mountTrustedCA + scalar: string + default: "" + - name: optional type: scalar: boolean - - name: nodeSelector + default: false + - name: path type: - map: - elementType: - scalar: string - - name: output + scalar: string + default: "" + - name: volumeName type: - namedType: com.github.openshift.api.build.v1.BuildOutput - default: {} - - name: postCommit + scalar: string + default: "" + elementRelationship: atomic +- name: KeyToPath.v1.core.api.k8s.io + map: + fields: + - name: key type: - namedType: com.github.openshift.api.build.v1.BuildPostCommitSpec - default: {} - - name: resources + scalar: string + default: "" + - name: mode type: - namedType: io.k8s.api.core.v1.ResourceRequirements - default: {} - - name: revision + scalar: numeric + - name: path type: - namedType: com.github.openshift.api.build.v1.SourceRevision - - name: runPolicy + scalar: string + default: "" +- name: LocalObjectReference.v1.core.api.k8s.io + map: + fields: + - name: name type: scalar: string - - name: serviceAccount + default: "" + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion type: scalar: string - - name: source + - name: fieldsType type: - namedType: com.github.openshift.api.build.v1.BuildSource - default: {} - - name: strategy + scalar: string + - name: fieldsV1 type: - namedType: com.github.openshift.api.build.v1.BuildStrategy - default: {} - - name: successfulBuildsHistoryLimit + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: - scalar: numeric - - name: triggers + scalar: string + - name: operation type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.BuildTriggerPolicy - elementRelationship: atomic -- name: com.github.openshift.api.build.v1.BuildConfigStatus - map: - fields: - - name: imageChangeTriggers + scalar: string + - name: subresource type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.ImageChangeTriggerStatus - elementRelationship: atomic - - name: lastVersion + scalar: string + - name: time type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.build.v1.BuildOutput + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectFieldSelector.v1.core.api.k8s.io map: fields: - - name: imageLabels - type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.ImageLabel - elementRelationship: atomic - - name: pushSecret + - name: apiVersion type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: to + scalar: string + - name: fieldPath type: - namedType: io.k8s.api.core.v1.ObjectReference -- name: com.github.openshift.api.build.v1.BuildPostCommitSpec + scalar: string + default: "" + elementRelationship: atomic +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: args + - name: annotations type: - list: + map: elementType: scalar: string - elementRelationship: atomic - - name: command + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: list: elementType: scalar: string - elementRelationship: atomic - - name: script + elementRelationship: associative + - name: generateName type: scalar: string -- name: com.github.openshift.api.build.v1.BuildSource - map: - fields: - - name: binary + - name: generation type: - namedType: com.github.openshift.api.build.v1.BinaryBuildSource - - name: configMaps + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields type: list: elementType: - namedType: com.github.openshift.api.build.v1.ConfigMapBuildSource + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: contextDir + - name: name type: scalar: string - - name: dockerfile + - name: namespace type: scalar: string - - name: git - type: - namedType: com.github.openshift.api.build.v1.GitBuildSource - - name: images - type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.ImageSource - elementRelationship: atomic - - name: secrets + - name: ownerReferences type: list: elementType: - namedType: com.github.openshift.api.build.v1.SecretBuildSource - elementRelationship: atomic - - name: sourceSecret - type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: type + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion type: scalar: string -- name: com.github.openshift.api.build.v1.BuildSpec + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: ObjectReference.v1.core.api.k8s.io map: fields: - - name: completionDeadlineSeconds + - name: apiVersion type: - scalar: numeric - - name: mountTrustedCA + scalar: string + - name: fieldPath type: - scalar: boolean - - name: nodeSelector + scalar: string + - name: kind type: - map: - elementType: - scalar: string - - name: output + scalar: string + - name: name type: - namedType: com.github.openshift.api.build.v1.BuildOutput - default: {} - - name: postCommit + scalar: string + - name: namespace type: - namedType: com.github.openshift.api.build.v1.BuildPostCommitSpec - default: {} - - name: resources + scalar: string + - name: resourceVersion type: - namedType: io.k8s.api.core.v1.ResourceRequirements - default: {} - - name: revision + scalar: string + - name: uid type: - namedType: com.github.openshift.api.build.v1.SourceRevision - - name: serviceAccount + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion type: scalar: string - - name: source + default: "" + - name: blockOwnerDeletion type: - namedType: com.github.openshift.api.build.v1.BuildSource - default: {} - - name: strategy + scalar: boolean + - name: controller type: - namedType: com.github.openshift.api.build.v1.BuildStrategy - default: {} - - name: triggeredBy + scalar: boolean + - name: kind type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.BuildTriggerCause - elementRelationship: atomic -- name: com.github.openshift.api.build.v1.BuildStatus + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: Quantity.resource.api.pkg.apimachinery.k8s.io + scalar: string +- name: ResourceClaim.v1.core.api.k8s.io map: fields: - - name: cancelled + - name: name type: - scalar: boolean - - name: completionTimestamp + scalar: string + default: "" + - name: request type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: conditions + scalar: string +- name: ResourceFieldSelector.v1.core.api.k8s.io + map: + fields: + - name: containerName + type: + scalar: string + - name: divisor + type: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: resource + type: + scalar: string + default: "" + elementRelationship: atomic +- name: ResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: claims type: list: elementType: - namedType: com.github.openshift.api.build.v1.BuildCondition + namedType: ResourceClaim.v1.core.api.k8s.io elementRelationship: associative keys: - - type - - name: config - type: - namedType: io.k8s.api.core.v1.ObjectReference - - name: duration - type: - scalar: numeric - - name: logSnippet - type: - scalar: string - - name: message + - name + - name: limits type: - scalar: string - - name: output + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests type: - namedType: com.github.openshift.api.build.v1.BuildStatusOutput - default: {} - - name: outputDockerImageReference + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: SecretKeySelector.v1.core.api.k8s.io + map: + fields: + - name: key type: scalar: string - - name: phase + default: "" + - name: name type: scalar: string default: "" - - name: reason + - name: optional type: - scalar: string - - name: stages + scalar: boolean + elementRelationship: atomic +- name: SecretVolumeSource.v1.core.api.k8s.io + map: + fields: + - name: defaultMode + type: + scalar: numeric + - name: items type: list: elementType: - namedType: com.github.openshift.api.build.v1.StageInfo + namedType: KeyToPath.v1.core.api.k8s.io elementRelationship: atomic - - name: startTimestamp + - name: optional type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: com.github.openshift.api.build.v1.BuildStatusOutput - map: - fields: - - name: to + scalar: boolean + - name: secretName type: - namedType: com.github.openshift.api.build.v1.BuildStatusOutputTo -- name: com.github.openshift.api.build.v1.BuildStatusOutputTo + scalar: string +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: com.github.openshift.api.build.v1.BinaryBuildSource map: fields: - - name: imageDigest + - name: asFile type: scalar: string -- name: com.github.openshift.api.build.v1.BuildStrategy +- name: com.github.openshift.api.build.v1.BitbucketWebHookCause map: fields: - - name: customStrategy - type: - namedType: com.github.openshift.api.build.v1.CustomBuildStrategy - - name: dockerStrategy - type: - namedType: com.github.openshift.api.build.v1.DockerBuildStrategy - - name: jenkinsPipelineStrategy - type: - namedType: com.github.openshift.api.build.v1.JenkinsPipelineBuildStrategy - - name: sourceStrategy + - name: revision type: - namedType: com.github.openshift.api.build.v1.SourceBuildStrategy - - name: type + namedType: com.github.openshift.api.build.v1.SourceRevision + - name: secret type: scalar: string -- name: com.github.openshift.api.build.v1.BuildTriggerCause +- name: com.github.openshift.api.build.v1.Build map: fields: - - name: bitbucketWebHook - type: - namedType: com.github.openshift.api.build.v1.BitbucketWebHookCause - - name: genericWebHook + - name: apiVersion type: - namedType: com.github.openshift.api.build.v1.GenericWebHookCause - - name: githubWebHook + scalar: string + - name: kind type: - namedType: com.github.openshift.api.build.v1.GitHubWebHookCause - - name: gitlabWebHook + scalar: string + - name: metadata type: - namedType: com.github.openshift.api.build.v1.GitLabWebHookCause - - name: imageChangeBuild + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - namedType: com.github.openshift.api.build.v1.ImageChangeCause - - name: message + namedType: com.github.openshift.api.build.v1.BuildSpec + default: {} + - name: status type: - scalar: string -- name: com.github.openshift.api.build.v1.BuildTriggerPolicy + namedType: com.github.openshift.api.build.v1.BuildStatus + default: {} +- name: com.github.openshift.api.build.v1.BuildCondition map: fields: - - name: bitbucket + - name: lastTransitionTime type: - namedType: com.github.openshift.api.build.v1.WebHookTrigger - - name: generic + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastUpdateTime type: - namedType: com.github.openshift.api.build.v1.WebHookTrigger - - name: github + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: - namedType: com.github.openshift.api.build.v1.WebHookTrigger - - name: gitlab + scalar: string + - name: reason type: - namedType: com.github.openshift.api.build.v1.WebHookTrigger - - name: imageChange + scalar: string + - name: status type: - namedType: com.github.openshift.api.build.v1.ImageChangeTrigger + scalar: string + default: "" - name: type type: scalar: string default: "" -- name: com.github.openshift.api.build.v1.BuildVolume +- name: com.github.openshift.api.build.v1.BuildConfig map: fields: - - name: mounts + - name: apiVersion type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.BuildVolumeMount - elementRelationship: associative - keys: - - destinationPath - - name: name + scalar: string + - name: kind type: scalar: string - default: "" - - name: source + - name: metadata type: - namedType: com.github.openshift.api.build.v1.BuildVolumeSource + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} -- name: com.github.openshift.api.build.v1.BuildVolumeMount - map: - fields: - - name: destinationPath + - name: spec type: - scalar: string - default: "" -- name: com.github.openshift.api.build.v1.BuildVolumeSource + namedType: com.github.openshift.api.build.v1.BuildConfigSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.build.v1.BuildConfigStatus + default: {} +- name: com.github.openshift.api.build.v1.BuildConfigSpec map: fields: - - name: configMap + - name: completionDeadlineSeconds type: - namedType: io.k8s.api.core.v1.ConfigMapVolumeSource - - name: csi + scalar: numeric + - name: failedBuildsHistoryLimit type: - namedType: io.k8s.api.core.v1.CSIVolumeSource - - name: secret + scalar: numeric + - name: mountTrustedCA type: - namedType: io.k8s.api.core.v1.SecretVolumeSource - - name: type + scalar: boolean + - name: nodeSelector type: - scalar: string - default: "" -- name: com.github.openshift.api.build.v1.ConfigMapBuildSource - map: - fields: - - name: configMap + map: + elementType: + scalar: string + - name: output type: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: com.github.openshift.api.build.v1.BuildOutput default: {} - - name: destinationDir + - name: postCommit type: - scalar: string -- name: com.github.openshift.api.build.v1.CustomBuildStrategy - map: - fields: - - name: buildAPIVersion + namedType: com.github.openshift.api.build.v1.BuildPostCommitSpec + default: {} + - name: resources type: - scalar: string - - name: env + namedType: ResourceRequirements.v1.core.api.k8s.io + default: {} + - name: revision type: - list: - elementType: - namedType: io.k8s.api.core.v1.EnvVar - elementRelationship: atomic - - name: exposeDockerSocket + namedType: com.github.openshift.api.build.v1.SourceRevision + - name: runPolicy type: - scalar: boolean - - name: forcePull + scalar: string + - name: serviceAccount type: - scalar: boolean - - name: from + scalar: string + - name: source type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: com.github.openshift.api.build.v1.BuildSource default: {} - - name: pullSecret + - name: strategy type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: secrets + namedType: com.github.openshift.api.build.v1.BuildStrategy + default: {} + - name: successfulBuildsHistoryLimit + type: + scalar: numeric + - name: triggers type: list: elementType: - namedType: com.github.openshift.api.build.v1.SecretSpec + namedType: com.github.openshift.api.build.v1.BuildTriggerPolicy elementRelationship: atomic -- name: com.github.openshift.api.build.v1.DockerBuildStrategy +- name: com.github.openshift.api.build.v1.BuildConfigStatus map: fields: - - name: buildArgs + - name: imageChangeTriggers type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: com.github.openshift.api.build.v1.ImageChangeTriggerStatus elementRelationship: atomic - - name: dockerfilePath + - name: lastVersion type: - scalar: string - - name: env + scalar: numeric + default: 0 +- name: com.github.openshift.api.build.v1.BuildOutput + map: + fields: + - name: imageLabels type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: com.github.openshift.api.build.v1.ImageLabel elementRelationship: atomic - - name: forcePull - type: - scalar: boolean - - name: from - type: - namedType: io.k8s.api.core.v1.ObjectReference - - name: imageOptimizationPolicy - type: - scalar: string - - name: noCache + - name: pushSecret type: - scalar: boolean - - name: pullSecret + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: to type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: volumes + namedType: ObjectReference.v1.core.api.k8s.io +- name: com.github.openshift.api.build.v1.BuildPostCommitSpec + map: + fields: + - name: args type: list: elementType: - namedType: com.github.openshift.api.build.v1.BuildVolume - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.build.v1.GenericWebHookCause - map: - fields: - - name: revision + scalar: string + elementRelationship: atomic + - name: command type: - namedType: com.github.openshift.api.build.v1.SourceRevision - - name: secret + list: + elementType: + scalar: string + elementRelationship: atomic + - name: script type: scalar: string -- name: com.github.openshift.api.build.v1.GitBuildSource +- name: com.github.openshift.api.build.v1.BuildSource map: fields: - - name: httpProxy + - name: binary type: - scalar: string - - name: httpsProxy + namedType: com.github.openshift.api.build.v1.BinaryBuildSource + - name: configMaps type: - scalar: string - - name: noProxy + list: + elementType: + namedType: com.github.openshift.api.build.v1.ConfigMapBuildSource + elementRelationship: atomic + - name: contextDir type: scalar: string - - name: ref + - name: dockerfile type: scalar: string - - name: uri + - name: git type: - scalar: string - default: "" -- name: com.github.openshift.api.build.v1.GitHubWebHookCause - map: - fields: - - name: revision + namedType: com.github.openshift.api.build.v1.GitBuildSource + - name: images type: - namedType: com.github.openshift.api.build.v1.SourceRevision - - name: secret + list: + elementType: + namedType: com.github.openshift.api.build.v1.ImageSource + elementRelationship: atomic + - name: secrets type: - scalar: string -- name: com.github.openshift.api.build.v1.GitLabWebHookCause - map: - fields: - - name: revision + list: + elementType: + namedType: com.github.openshift.api.build.v1.SecretBuildSource + elementRelationship: atomic + - name: sourceSecret type: - namedType: com.github.openshift.api.build.v1.SourceRevision - - name: secret + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: type type: scalar: string -- name: com.github.openshift.api.build.v1.GitSourceRevision +- name: com.github.openshift.api.build.v1.BuildSpec map: fields: - - name: author + - name: completionDeadlineSeconds type: - namedType: com.github.openshift.api.build.v1.SourceControlUser - default: {} - - name: commit + scalar: numeric + - name: mountTrustedCA type: - scalar: string - - name: committer + scalar: boolean + - name: nodeSelector type: - namedType: com.github.openshift.api.build.v1.SourceControlUser - default: {} - - name: message + map: + elementType: + scalar: string + - name: output type: - scalar: string -- name: com.github.openshift.api.build.v1.ImageChangeCause - map: - fields: - - name: fromRef + namedType: com.github.openshift.api.build.v1.BuildOutput + default: {} + - name: postCommit type: - namedType: io.k8s.api.core.v1.ObjectReference - - name: imageID + namedType: com.github.openshift.api.build.v1.BuildPostCommitSpec + default: {} + - name: resources type: - scalar: string -- name: com.github.openshift.api.build.v1.ImageChangeTrigger - map: - fields: - - name: from + namedType: ResourceRequirements.v1.core.api.k8s.io + default: {} + - name: revision type: - namedType: io.k8s.api.core.v1.ObjectReference - - name: lastTriggeredImageID + namedType: com.github.openshift.api.build.v1.SourceRevision + - name: serviceAccount type: scalar: string - - name: paused - type: - scalar: boolean -- name: com.github.openshift.api.build.v1.ImageChangeTriggerStatus - map: - fields: - - name: from + - name: source type: - namedType: com.github.openshift.api.build.v1.ImageStreamTagReference + namedType: com.github.openshift.api.build.v1.BuildSource default: {} - - name: lastTriggerTime + - name: strategy type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastTriggeredImageID + namedType: com.github.openshift.api.build.v1.BuildStrategy + default: {} + - name: triggeredBy type: - scalar: string -- name: com.github.openshift.api.build.v1.ImageLabel + list: + elementType: + namedType: com.github.openshift.api.build.v1.BuildTriggerCause + elementRelationship: atomic +- name: com.github.openshift.api.build.v1.BuildStatus map: fields: - - name: name + - name: cancelled type: - scalar: string - default: "" - - name: value + scalar: boolean + - name: completionTimestamp type: - scalar: string -- name: com.github.openshift.api.build.v1.ImageSource - map: - fields: - - name: as + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: conditions type: list: elementType: - scalar: string - elementRelationship: atomic - - name: from + namedType: com.github.openshift.api.build.v1.BuildCondition + elementRelationship: associative + keys: + - type + - name: config type: - namedType: io.k8s.api.core.v1.ObjectReference - default: {} - - name: paths + namedType: ObjectReference.v1.core.api.k8s.io + - name: duration type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.ImageSourcePath - elementRelationship: atomic - - name: pullSecret + scalar: numeric + - name: logSnippet type: - namedType: io.k8s.api.core.v1.LocalObjectReference -- name: com.github.openshift.api.build.v1.ImageSourcePath - map: - fields: - - name: destinationDir + scalar: string + - name: message type: scalar: string - default: "" - - name: sourcePath + - name: output + type: + namedType: com.github.openshift.api.build.v1.BuildStatusOutput + default: {} + - name: outputDockerImageReference type: scalar: string - default: "" -- name: com.github.openshift.api.build.v1.ImageStreamTagReference - map: - fields: - - name: name + - name: phase type: scalar: string - - name: namespace + default: "" + - name: reason type: scalar: string -- name: com.github.openshift.api.build.v1.JenkinsPipelineBuildStrategy - map: - fields: - - name: env + - name: stages type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: com.github.openshift.api.build.v1.StageInfo elementRelationship: atomic - - name: jenkinsfile - type: - scalar: string - - name: jenkinsfilePath - type: - scalar: string -- name: com.github.openshift.api.build.v1.SecretBuildSource - map: - fields: - - name: destinationDir - type: - scalar: string - - name: secret + - name: startTimestamp type: - namedType: io.k8s.api.core.v1.LocalObjectReference - default: {} -- name: com.github.openshift.api.build.v1.SecretLocalReference + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.build.v1.BuildStatusOutput map: fields: - - name: name + - name: to type: - scalar: string - default: "" -- name: com.github.openshift.api.build.v1.SecretSpec + namedType: com.github.openshift.api.build.v1.BuildStatusOutputTo +- name: com.github.openshift.api.build.v1.BuildStatusOutputTo map: fields: - - name: mountPath + - name: imageDigest type: scalar: string - default: "" - - name: secretSource - type: - namedType: io.k8s.api.core.v1.LocalObjectReference - default: {} -- name: com.github.openshift.api.build.v1.SourceBuildStrategy +- name: com.github.openshift.api.build.v1.BuildStrategy map: fields: - - name: env - type: - list: - elementType: - namedType: io.k8s.api.core.v1.EnvVar - elementRelationship: atomic - - name: forcePull + - name: customStrategy type: - scalar: boolean - - name: from + namedType: com.github.openshift.api.build.v1.CustomBuildStrategy + - name: dockerStrategy type: - namedType: io.k8s.api.core.v1.ObjectReference - default: {} - - name: incremental + namedType: com.github.openshift.api.build.v1.DockerBuildStrategy + - name: jenkinsPipelineStrategy type: - scalar: boolean - - name: pullSecret + namedType: com.github.openshift.api.build.v1.JenkinsPipelineBuildStrategy + - name: sourceStrategy type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: scripts + namedType: com.github.openshift.api.build.v1.SourceBuildStrategy + - name: type type: scalar: string - - name: volumes - type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.BuildVolume - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.build.v1.SourceControlUser +- name: com.github.openshift.api.build.v1.BuildTriggerCause map: fields: - - name: email + - name: bitbucketWebHook type: - scalar: string - - name: name + namedType: com.github.openshift.api.build.v1.BitbucketWebHookCause + - name: genericWebHook + type: + namedType: com.github.openshift.api.build.v1.GenericWebHookCause + - name: githubWebHook + type: + namedType: com.github.openshift.api.build.v1.GitHubWebHookCause + - name: gitlabWebHook + type: + namedType: com.github.openshift.api.build.v1.GitLabWebHookCause + - name: imageChangeBuild + type: + namedType: com.github.openshift.api.build.v1.ImageChangeCause + - name: message type: scalar: string -- name: com.github.openshift.api.build.v1.SourceRevision +- name: com.github.openshift.api.build.v1.BuildTriggerPolicy map: fields: - - name: git + - name: bitbucket type: - namedType: com.github.openshift.api.build.v1.GitSourceRevision + namedType: com.github.openshift.api.build.v1.WebHookTrigger + - name: generic + type: + namedType: com.github.openshift.api.build.v1.WebHookTrigger + - name: github + type: + namedType: com.github.openshift.api.build.v1.WebHookTrigger + - name: gitlab + type: + namedType: com.github.openshift.api.build.v1.WebHookTrigger + - name: imageChange + type: + namedType: com.github.openshift.api.build.v1.ImageChangeTrigger - name: type type: scalar: string default: "" -- name: com.github.openshift.api.build.v1.StageInfo +- name: com.github.openshift.api.build.v1.BuildVolume map: fields: - - name: durationMilliseconds + - name: mounts type: - scalar: numeric + list: + elementType: + namedType: com.github.openshift.api.build.v1.BuildVolumeMount + elementRelationship: associative + keys: + - destinationPath - name: name type: scalar: string - - name: startTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: steps + default: "" + - name: source type: - list: - elementType: - namedType: com.github.openshift.api.build.v1.StepInfo - elementRelationship: atomic -- name: com.github.openshift.api.build.v1.StepInfo + namedType: com.github.openshift.api.build.v1.BuildVolumeSource + default: {} +- name: com.github.openshift.api.build.v1.BuildVolumeMount map: fields: - - name: durationMilliseconds - type: - scalar: numeric - - name: name + - name: destinationPath type: scalar: string - - name: startTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: com.github.openshift.api.build.v1.WebHookTrigger + default: "" +- name: com.github.openshift.api.build.v1.BuildVolumeSource map: fields: - - name: allowEnv + - name: configMap type: - scalar: boolean + namedType: ConfigMapVolumeSource.v1.core.api.k8s.io + - name: csi + type: + namedType: CSIVolumeSource.v1.core.api.k8s.io - name: secret type: - scalar: string - - name: secretReference + namedType: SecretVolumeSource.v1.core.api.k8s.io + - name: type type: - namedType: com.github.openshift.api.build.v1.SecretLocalReference -- name: io.k8s.api.core.v1.CSIVolumeSource + scalar: string + default: "" +- name: com.github.openshift.api.build.v1.ConfigMapBuildSource map: fields: - - name: driver + - name: configMap + type: + namedType: LocalObjectReference.v1.core.api.k8s.io + default: {} + - name: destinationDir type: scalar: string - default: "" - - name: fsType +- name: com.github.openshift.api.build.v1.CustomBuildStrategy + map: + fields: + - name: buildAPIVersion type: scalar: string - - name: nodePublishSecretRef + - name: env type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: readOnly + list: + elementType: + namedType: EnvVar.v1.core.api.k8s.io + elementRelationship: atomic + - name: exposeDockerSocket type: scalar: boolean - - name: volumeAttributes + - name: forcePull type: - map: - elementType: - scalar: string -- name: io.k8s.api.core.v1.ConfigMapKeySelector - map: - fields: - - name: key + scalar: boolean + - name: from type: - scalar: string - default: "" - - name: name + namedType: ObjectReference.v1.core.api.k8s.io + default: {} + - name: pullSecret type: - scalar: string - default: "" - - name: optional + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: secrets type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.ConfigMapVolumeSource + list: + elementType: + namedType: com.github.openshift.api.build.v1.SecretSpec + elementRelationship: atomic +- name: com.github.openshift.api.build.v1.DockerBuildStrategy map: fields: - - name: defaultMode - type: - scalar: numeric - - name: items + - name: buildArgs type: list: elementType: - namedType: io.k8s.api.core.v1.KeyToPath + namedType: EnvVar.v1.core.api.k8s.io elementRelationship: atomic - - name: name + - name: dockerfilePath type: scalar: string - default: "" - - name: optional + - name: env + type: + list: + elementType: + namedType: EnvVar.v1.core.api.k8s.io + elementRelationship: atomic + - name: forcePull type: scalar: boolean -- name: io.k8s.api.core.v1.EnvVar - map: - fields: - - name: name + - name: from type: - scalar: string - default: "" - - name: value + namedType: ObjectReference.v1.core.api.k8s.io + - name: imageOptimizationPolicy type: scalar: string - - name: valueFrom - type: - namedType: io.k8s.api.core.v1.EnvVarSource -- name: io.k8s.api.core.v1.EnvVarSource - map: - fields: - - name: configMapKeyRef + - name: noCache type: - namedType: io.k8s.api.core.v1.ConfigMapKeySelector - - name: fieldRef + scalar: boolean + - name: pullSecret type: - namedType: io.k8s.api.core.v1.ObjectFieldSelector - - name: fileKeyRef + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: volumes type: - namedType: io.k8s.api.core.v1.FileKeySelector - - name: resourceFieldRef + list: + elementType: + namedType: com.github.openshift.api.build.v1.BuildVolume + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.build.v1.GenericWebHookCause + map: + fields: + - name: revision type: - namedType: io.k8s.api.core.v1.ResourceFieldSelector - - name: secretKeyRef + namedType: com.github.openshift.api.build.v1.SourceRevision + - name: secret type: - namedType: io.k8s.api.core.v1.SecretKeySelector -- name: io.k8s.api.core.v1.FileKeySelector + scalar: string +- name: com.github.openshift.api.build.v1.GitBuildSource map: fields: - - name: key + - name: httpProxy type: scalar: string - default: "" - - name: optional - type: - scalar: boolean - default: false - - name: path + - name: httpsProxy type: scalar: string - default: "" - - name: volumeName + - name: noProxy type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.KeyToPath - map: - fields: - - name: key + - name: ref type: scalar: string - default: "" - - name: mode - type: - scalar: numeric - - name: path + - name: uri type: scalar: string default: "" -- name: io.k8s.api.core.v1.LocalObjectReference +- name: com.github.openshift.api.build.v1.GitHubWebHookCause map: fields: - - name: name + - name: revision + type: + namedType: com.github.openshift.api.build.v1.SourceRevision + - name: secret type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ObjectFieldSelector +- name: com.github.openshift.api.build.v1.GitLabWebHookCause map: fields: - - name: apiVersion + - name: revision type: - scalar: string - - name: fieldPath + namedType: com.github.openshift.api.build.v1.SourceRevision + - name: secret type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ObjectReference +- name: com.github.openshift.api.build.v1.GitSourceRevision map: fields: - - name: apiVersion + - name: author type: - scalar: string - - name: fieldPath + namedType: com.github.openshift.api.build.v1.SourceControlUser + default: {} + - name: commit type: scalar: string - - name: kind + - name: committer type: - scalar: string - - name: name + namedType: com.github.openshift.api.build.v1.SourceControlUser + default: {} + - name: message type: scalar: string - - name: namespace +- name: com.github.openshift.api.build.v1.ImageChangeCause + map: + fields: + - name: fromRef type: - scalar: string - - name: resourceVersion + namedType: ObjectReference.v1.core.api.k8s.io + - name: imageID type: scalar: string - - name: uid +- name: com.github.openshift.api.build.v1.ImageChangeTrigger + map: + fields: + - name: from + type: + namedType: ObjectReference.v1.core.api.k8s.io + - name: lastTriggeredImageID type: scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceClaim + - name: paused + type: + scalar: boolean +- name: com.github.openshift.api.build.v1.ImageChangeTriggerStatus map: fields: - - name: name + - name: from type: - scalar: string - default: "" - - name: request + namedType: com.github.openshift.api.build.v1.ImageStreamTagReference + default: {} + - name: lastTriggerTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastTriggeredImageID type: scalar: string -- name: io.k8s.api.core.v1.ResourceFieldSelector +- name: com.github.openshift.api.build.v1.ImageLabel map: fields: - - name: containerName + - name: name type: scalar: string - - name: divisor - type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: resource + default: "" + - name: value type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceRequirements +- name: com.github.openshift.api.build.v1.ImageSource map: fields: - - name: claims + - name: as type: list: elementType: - namedType: io.k8s.api.core.v1.ResourceClaim - elementRelationship: associative - keys: - - name - - name: limits + scalar: string + elementRelationship: atomic + - name: from type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests + namedType: ObjectReference.v1.core.api.k8s.io + default: {} + - name: paths type: - map: + list: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.SecretKeySelector + namedType: com.github.openshift.api.build.v1.ImageSourcePath + elementRelationship: atomic + - name: pullSecret + type: + namedType: LocalObjectReference.v1.core.api.k8s.io +- name: com.github.openshift.api.build.v1.ImageSourcePath map: fields: - - name: key + - name: destinationDir type: scalar: string default: "" - - name: name + - name: sourcePath type: scalar: string default: "" - - name: optional - type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.SecretVolumeSource +- name: com.github.openshift.api.build.v1.ImageStreamTagReference map: fields: - - name: defaultMode + - name: name type: - scalar: numeric - - name: items + scalar: string + - name: namespace + type: + scalar: string +- name: com.github.openshift.api.build.v1.JenkinsPipelineBuildStrategy + map: + fields: + - name: env type: list: elementType: - namedType: io.k8s.api.core.v1.KeyToPath + namedType: EnvVar.v1.core.api.k8s.io elementRelationship: atomic - - name: optional + - name: jenkinsfile type: - scalar: boolean - - name: secretName + scalar: string + - name: jenkinsfilePath type: scalar: string -- name: io.k8s.apimachinery.pkg.api.resource.Quantity - scalar: untyped -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry +- name: com.github.openshift.api.build.v1.SecretBuildSource map: fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType + - name: destinationDir type: scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager + - name: secret type: - scalar: string - - name: operation + namedType: LocalObjectReference.v1.core.api.k8s.io + default: {} +- name: com.github.openshift.api.build.v1.SecretLocalReference + map: + fields: + - name: name type: scalar: string - - name: subresource + default: "" +- name: com.github.openshift.api.build.v1.SecretSpec + map: + fields: + - name: mountPath type: scalar: string - - name: time + default: "" + - name: secretSource type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: LocalObjectReference.v1.core.api.k8s.io + default: {} +- name: com.github.openshift.api.build.v1.SourceBuildStrategy map: fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + - name: env type: list: elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation + namedType: EnvVar.v1.core.api.k8s.io + elementRelationship: atomic + - name: forcePull type: - scalar: numeric - - name: labels + scalar: boolean + - name: from type: - map: - elementType: - scalar: string - - name: managedFields + namedType: ObjectReference.v1.core.api.k8s.io + default: {} + - name: incremental type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name + scalar: boolean + - name: pullSecret type: - scalar: string - - name: namespace + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: scripts type: scalar: string - - name: ownerReferences + - name: volumes type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.build.v1.BuildVolume elementRelationship: associative keys: - - uid - - name: resourceVersion + - name +- name: com.github.openshift.api.build.v1.SourceControlUser + map: + fields: + - name: email type: scalar: string - - name: selfLink + - name: name type: scalar: string - - name: uid +- name: com.github.openshift.api.build.v1.SourceRevision + map: + fields: + - name: git + type: + namedType: com.github.openshift.api.build.v1.GitSourceRevision + - name: type type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + default: "" +- name: com.github.openshift.api.build.v1.StageInfo map: fields: - - name: apiVersion + - name: durationMilliseconds + type: + scalar: numeric + - name: name type: scalar: string - default: "" - - name: blockOwnerDeletion + - name: startTime type: - scalar: boolean - - name: controller + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: steps type: - scalar: boolean - - name: kind + list: + elementType: + namedType: com.github.openshift.api.build.v1.StepInfo + elementRelationship: atomic +- name: com.github.openshift.api.build.v1.StepInfo + map: + fields: + - name: durationMilliseconds type: - scalar: string - default: "" + scalar: numeric - name: name type: scalar: string - default: "" - - name: uid + - name: startTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.build.v1.WebHookTrigger + map: + fields: + - name: allowEnv + type: + scalar: boolean + - name: secret type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped + - name: secretReference + type: + namedType: com.github.openshift.api.build.v1.SecretLocalReference - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go index 5b674ae05d..42392a353e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go @@ -2,6 +2,10 @@ package v1 +import ( + configv1 "github.com/openshift/api/config/v1" +) + // APIServerSpecApplyConfiguration represents a declarative configuration of the APIServerSpec type for use // with apply. type APIServerSpecApplyConfiguration struct { @@ -26,6 +30,37 @@ type APIServerSpecApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // The current default is the Intermediate profile. TLSSecurityProfile *TLSSecurityProfileApplyConfiguration `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + TLSAdherence *configv1.TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. Audit *AuditApplyConfiguration `json:"audit,omitempty"` @@ -79,6 +114,14 @@ func (b *APIServerSpecApplyConfiguration) WithTLSSecurityProfile(value *TLSSecur return b } +// WithTLSAdherence sets the TLSAdherence field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSAdherence field is set to the value of the last call. +func (b *APIServerSpecApplyConfiguration) WithTLSAdherence(value configv1.TLSAdherencePolicy) *APIServerSpecApplyConfiguration { + b.TLSAdherence = &value + return b +} + // WithAudit sets the Audit field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Audit field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go index f5c63c6ae9..c01827c113 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go @@ -42,6 +42,8 @@ type InfrastructureStatusApplyConfiguration struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. ControlPlaneTopology *configv1.TopologyMode `json:"controlPlaneTopology,omitempty"` // infrastructureTopology expresses the expectations for infrastructure services that do not run on control // plane nodes, usually indicated by a node selector for a `role` value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go index 24d8261c9c..08ebf26a86 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go @@ -11,7 +11,8 @@ type PrefixedClaimMappingApplyConfiguration struct { TokenClaimMappingApplyConfiguration `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". Prefix *string `json:"prefix,omitempty"` @@ -31,6 +32,14 @@ func (b *PrefixedClaimMappingApplyConfiguration) WithClaim(value string) *Prefix return b } +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *PrefixedClaimMappingApplyConfiguration) WithExpression(value string) *PrefixedClaimMappingApplyConfiguration { + b.TokenClaimMappingApplyConfiguration.Expression = &value + return b +} + // WithPrefix sets the Prefix field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Prefix field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go index 7b1f0da780..bedd170ae4 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/tokenclaimmapping.go @@ -7,8 +7,21 @@ package v1 // // TokenClaimMapping allows specifying a JWT token claim to be used when mapping claims from an authentication token to cluster identities. type TokenClaimMappingApplyConfiguration struct { - // claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is an optional field for specifying the JWT token claim that is used in the mapping. + // The value of this claim will be assigned to the field in which this mapping is associated. + // claim must not exceed 256 characters in length. + // When set to the empty string `""`, this means that no named claim should be used for the group mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. Claim *string `json:"claim,omitempty"` + // expression is an optional CEL expression used to derive + // group values from JWT claims. + // + // CEL expressions have access to the token claims through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length . + // + // When specified, claim must not be set or be explicitly set to the empty string (`""`). + Expression *string `json:"expression,omitempty"` } // TokenClaimMappingApplyConfiguration constructs a declarative configuration of the TokenClaimMapping type for use with @@ -24,3 +37,11 @@ func (b *TokenClaimMappingApplyConfiguration) WithClaim(value string) *TokenClai b.Claim = &value return b } + +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *TokenClaimMappingApplyConfiguration) WithExpression(value string) *TokenClaimMappingApplyConfiguration { + b.Expression = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go index 6151b6b13a..db1128deb5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go @@ -47,6 +47,19 @@ type UpdateApplyConfiguration struct { // acceptRisks must not contain more than 1000 entries. // Entries in this list must be unique. AcceptRisks []AcceptRiskApplyConfiguration `json:"acceptRisks,omitempty"` + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + Mode *configv1.UpdateMode `json:"mode,omitempty"` } // UpdateApplyConfiguration constructs a declarative configuration of the Update type for use with @@ -99,3 +112,11 @@ func (b *UpdateApplyConfiguration) WithAcceptRisks(values ...*AcceptRiskApplyCon } return b } + +// WithMode sets the Mode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Mode field is set to the value of the last call. +func (b *UpdateApplyConfiguration) WithMode(value configv1.UpdateMode) *UpdateApplyConfiguration { + b.Mode = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go index dd359d69a6..8676ae891f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go @@ -9,20 +9,29 @@ import ( // UsernameClaimMappingApplyConfiguration represents a declarative configuration of the UsernameClaimMapping type for use // with apply. type UsernameClaimMappingApplyConfiguration struct { - // claim is a required field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. + // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. + // When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set. // // claim must not be an empty string ("") and must not exceed 256 characters. Claim *string `json:"claim,omitempty"` + // expression is an optional CEL expression used to derive + // the username from JWT claims. + // + // CEL expressions have access to the token claims + // through a CEL variable, 'claims'. + // + // expression must be at least 1 character and must not exceed 1024 characters in length. + // expression must not be set when claim is set. + Expression *string `json:"expression,omitempty"` // prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field. // // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // @@ -54,6 +63,14 @@ func (b *UsernameClaimMappingApplyConfiguration) WithClaim(value string) *Userna return b } +// WithExpression sets the Expression field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Expression field is set to the value of the last call. +func (b *UsernameClaimMappingApplyConfiguration) WithExpression(value string) *UsernameClaimMappingApplyConfiguration { + b.Expression = &value + return b +} + // WithPrefixPolicy sets the PrefixPolicy field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the PrefixPolicy field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go new file mode 100644 index 0000000000..6a699cd82a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go @@ -0,0 +1,119 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// AdditionalAlertmanagerConfigApplyConfiguration represents a declarative configuration of the AdditionalAlertmanagerConfig type for use +// with apply. +// +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfigApplyConfiguration struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + Name *string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + Authorization *AuthorizationConfigApplyConfiguration `json:"authorization,omitempty"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + PathPrefix *string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + Scheme *configv1alpha1.AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` +} + +// AdditionalAlertmanagerConfigApplyConfiguration constructs a declarative configuration of the AdditionalAlertmanagerConfig type for use with +// apply. +func AdditionalAlertmanagerConfig() *AdditionalAlertmanagerConfigApplyConfiguration { + return &AdditionalAlertmanagerConfigApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithName(value string) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Name = &value + return b +} + +// WithAuthorization sets the Authorization field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authorization field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithAuthorization(value *AuthorizationConfigApplyConfiguration) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Authorization = value + return b +} + +// WithPathPrefix sets the PathPrefix field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PathPrefix field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithPathPrefix(value string) *AdditionalAlertmanagerConfigApplyConfiguration { + b.PathPrefix = &value + return b +} + +// WithScheme sets the Scheme field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Scheme field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithScheme(value configv1alpha1.AlertmanagerScheme) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Scheme = &value + return b +} + +// WithStaticConfigs adds the given value to the StaticConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the StaticConfigs field. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithStaticConfigs(values ...string) *AdditionalAlertmanagerConfigApplyConfiguration { + for i := range values { + b.StaticConfigs = append(b.StaticConfigs, values[i]) + } + return b +} + +// WithTimeoutSeconds sets the TimeoutSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TimeoutSeconds field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithTimeoutSeconds(value int32) *AdditionalAlertmanagerConfigApplyConfiguration { + b.TimeoutSeconds = &value + return b +} + +// WithTLSConfig sets the TLSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSConfig field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithTLSConfig(value *TLSConfigApplyConfiguration) *AdditionalAlertmanagerConfigApplyConfiguration { + b.TLSConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go index ebc4e4a6be..4e90578a18 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go @@ -90,12 +90,10 @@ type AlertmanagerCustomConfigApplyConfiguration struct { // Minimum length for this list is 1. // Entries must have unique topologyKey and whenUnsatisfiable pairs. TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. // If omitted, the Pod uses ephemeral storage and alert data will not persist // across restarts. - // This field is optional. VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go new file mode 100644 index 0000000000..87d7c7eefe --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go @@ -0,0 +1,44 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// AuthorizationConfigApplyConfiguration represents a declarative configuration of the AuthorizationConfig type for use +// with apply. +// +// AuthorizationConfig defines the authentication method for Alertmanager connections. +type AuthorizationConfigApplyConfiguration struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + Type *configv1alpha1.AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + BearerToken *SecretKeySelectorApplyConfiguration `json:"bearerToken,omitempty"` +} + +// AuthorizationConfigApplyConfiguration constructs a declarative configuration of the AuthorizationConfig type for use with +// apply. +func AuthorizationConfig() *AuthorizationConfigApplyConfiguration { + return &AuthorizationConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *AuthorizationConfigApplyConfiguration) WithType(value configv1alpha1.AuthorizationType) *AuthorizationConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithBearerToken sets the BearerToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BearerToken field is set to the value of the last call. +func (b *AuthorizationConfigApplyConfiguration) WithBearerToken(value *SecretKeySelectorApplyConfiguration) *AuthorizationConfigApplyConfiguration { + b.BearerToken = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go new file mode 100644 index 0000000000..efad66668a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// BasicAuthApplyConfiguration represents a declarative configuration of the BasicAuth type for use +// with apply. +// +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuthApplyConfiguration struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + Username *SecretKeySelectorApplyConfiguration `json:"username,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + Password *SecretKeySelectorApplyConfiguration `json:"password,omitempty"` +} + +// BasicAuthApplyConfiguration constructs a declarative configuration of the BasicAuth type for use with +// apply. +func BasicAuth() *BasicAuthApplyConfiguration { + return &BasicAuthApplyConfiguration{} +} + +// WithUsername sets the Username field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Username field is set to the value of the last call. +func (b *BasicAuthApplyConfiguration) WithUsername(value *SecretKeySelectorApplyConfiguration) *BasicAuthApplyConfiguration { + b.Username = value + return b +} + +// WithPassword sets the Password field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Password field is set to the value of the last call. +func (b *BasicAuthApplyConfiguration) WithPassword(value *SecretKeySelectorApplyConfiguration) *BasicAuthApplyConfiguration { + b.Password = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/certificateconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/certificateconfig.go new file mode 100644 index 0000000000..a4191ccb27 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/certificateconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// CertificateConfigApplyConfiguration represents a declarative configuration of the CertificateConfig type for use +// with apply. +// +// CertificateConfig specifies configuration parameters for certificates. +// At least one property must be specified. +type CertificateConfigApplyConfiguration struct { + // key specifies the cryptographic parameters for the certificate's key pair. + // Currently this is the only configurable parameter. When omitted in an + // overrides entry, the key configuration from defaults is used. + Key *KeyConfigApplyConfiguration `json:"key,omitempty"` +} + +// CertificateConfigApplyConfiguration constructs a declarative configuration of the CertificateConfig type for use with +// apply. +func CertificateConfig() *CertificateConfigApplyConfiguration { + return &CertificateConfigApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *CertificateConfigApplyConfiguration) WithKey(value *KeyConfigApplyConfiguration) *CertificateConfigApplyConfiguration { + b.Key = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 19a6917f99..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,277 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - internal "github.com/openshift/client-go/config/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ClusterImagePolicyApplyConfiguration represents a declarative configuration of the ClusterImagePolicy type for use -// with apply. -// -// # ClusterImagePolicy holds cluster-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type ClusterImagePolicyApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec contains the configuration for the cluster image policy. - Spec *ClusterImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - // status contains the observed state of the resource. - Status *ClusterImagePolicyStatusApplyConfiguration `json:"status,omitempty"` -} - -// ClusterImagePolicy constructs a declarative configuration of the ClusterImagePolicy type for use with -// apply. -func ClusterImagePolicy(name string) *ClusterImagePolicyApplyConfiguration { - b := &ClusterImagePolicyApplyConfiguration{} - b.WithName(name) - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") - return b -} - -// ExtractClusterImagePolicyFrom extracts the applied configuration owned by fieldManager from -// clusterImagePolicy for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractClusterImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractClusterImagePolicyFrom(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string, subresource string) (*ClusterImagePolicyApplyConfiguration, error) { - b := &ClusterImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(clusterImagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ClusterImagePolicy"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(clusterImagePolicy.Name) - - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") - return b, nil -} - -// ExtractClusterImagePolicy extracts the applied configuration owned by fieldManager from -// clusterImagePolicy. If no managedFields are found in clusterImagePolicy for fieldManager, a -// ClusterImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractClusterImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractClusterImagePolicy(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "") -} - -// ExtractClusterImagePolicyStatus extracts the applied configuration owned by fieldManager from -// clusterImagePolicy for the status subresource. -func ExtractClusterImagePolicyStatus(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "status") -} - -func (b ClusterImagePolicyApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithKind(value string) *ClusterImagePolicyApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithAPIVersion(value string) *ClusterImagePolicyApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithName(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithGenerateName(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithNamespace(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithUID(value types.UID) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithResourceVersion(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithGeneration(value int64) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *ClusterImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *ClusterImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *ClusterImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *ClusterImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *ClusterImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithSpec(value *ClusterImagePolicySpecApplyConfiguration) *ClusterImagePolicyApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithStatus(value *ClusterImagePolicyStatusApplyConfiguration) *ClusterImagePolicyApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go deleted file mode 100644 index 135aa592aa..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go +++ /dev/null @@ -1,53 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// ClusterImagePolicySpecApplyConfiguration represents a declarative configuration of the ClusterImagePolicySpec type for use -// with apply. -// -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpecApplyConfiguration struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - Scopes []configv1alpha1.ImageScope `json:"scopes,omitempty"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` -} - -// ClusterImagePolicySpecApplyConfiguration constructs a declarative configuration of the ClusterImagePolicySpec type for use with -// apply. -func ClusterImagePolicySpec() *ClusterImagePolicySpecApplyConfiguration { - return &ClusterImagePolicySpecApplyConfiguration{} -} - -// WithScopes adds the given value to the Scopes field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Scopes field. -func (b *ClusterImagePolicySpecApplyConfiguration) WithScopes(values ...configv1alpha1.ImageScope) *ClusterImagePolicySpecApplyConfiguration { - for i := range values { - b.Scopes = append(b.Scopes, values[i]) - } - return b -} - -// WithPolicy sets the Policy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Policy field is set to the value of the last call. -func (b *ClusterImagePolicySpecApplyConfiguration) WithPolicy(value *ImageSigstoreVerificationPolicyApplyConfiguration) *ClusterImagePolicySpecApplyConfiguration { - b.Policy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go deleted file mode 100644 index e01b2cac34..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ClusterImagePolicyStatusApplyConfiguration represents a declarative configuration of the ClusterImagePolicyStatus type for use -// with apply. -type ClusterImagePolicyStatusApplyConfiguration struct { - // conditions provide details on the status of this API Resource. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// ClusterImagePolicyStatusApplyConfiguration constructs a declarative configuration of the ClusterImagePolicyStatus type for use with -// apply. -func ClusterImagePolicyStatus() *ClusterImagePolicyStatusApplyConfiguration { - return &ClusterImagePolicyStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *ClusterImagePolicyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *ClusterImagePolicyStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go index 53f29c3fdc..31943fe050 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go @@ -18,6 +18,18 @@ type ClusterMonitoringSpecApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. // The current default value is `DefaultConfig`. AlertmanagerConfig *AlertmanagerConfigApplyConfiguration `json:"alertmanagerConfig,omitempty"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + PrometheusConfig *PrometheusConfigApplyConfiguration `json:"prometheusConfig,omitempty"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -33,6 +45,11 @@ type ClusterMonitoringSpecApplyConfiguration struct { // between API versions. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. PrometheusOperatorAdmissionWebhookConfig *PrometheusOperatorAdmissionWebhookConfigApplyConfiguration `json:"prometheusOperatorAdmissionWebhookConfig,omitempty"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + OpenShiftStateMetricsConfig *OpenShiftStateMetricsConfigApplyConfiguration `json:"openShiftStateMetricsConfig,omitempty"` } // ClusterMonitoringSpecApplyConfiguration constructs a declarative configuration of the ClusterMonitoringSpec type for use with @@ -57,6 +74,14 @@ func (b *ClusterMonitoringSpecApplyConfiguration) WithAlertmanagerConfig(value * return b } +// WithPrometheusConfig sets the PrometheusConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PrometheusConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithPrometheusConfig(value *PrometheusConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.PrometheusConfig = value + return b +} + // WithMetricsServerConfig sets the MetricsServerConfig field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MetricsServerConfig field is set to the value of the last call. @@ -80,3 +105,11 @@ func (b *ClusterMonitoringSpecApplyConfiguration) WithPrometheusOperatorAdmissio b.PrometheusOperatorAdmissionWebhookConfig = value return b } + +// WithOpenShiftStateMetricsConfig sets the OpenShiftStateMetricsConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OpenShiftStateMetricsConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithOpenShiftStateMetricsConfig(value *OpenShiftStateMetricsConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.OpenShiftStateMetricsConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/custompkipolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/custompkipolicy.go new file mode 100644 index 0000000000..5f689804ef --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/custompkipolicy.go @@ -0,0 +1,51 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// CustomPKIPolicyApplyConfiguration represents a declarative configuration of the CustomPKIPolicy type for use +// with apply. +// +// CustomPKIPolicy contains administrator-specified cryptographic configuration. +// Administrators must specify defaults for all certificates and may optionally +// override specific categories of certificates. +type CustomPKIPolicyApplyConfiguration struct { + PKIProfileApplyConfiguration `json:",inline"` +} + +// CustomPKIPolicyApplyConfiguration constructs a declarative configuration of the CustomPKIPolicy type for use with +// apply. +func CustomPKIPolicy() *CustomPKIPolicyApplyConfiguration { + return &CustomPKIPolicyApplyConfiguration{} +} + +// WithDefaults sets the Defaults field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Defaults field is set to the value of the last call. +func (b *CustomPKIPolicyApplyConfiguration) WithDefaults(value *DefaultCertificateConfigApplyConfiguration) *CustomPKIPolicyApplyConfiguration { + b.PKIProfileApplyConfiguration.Defaults = value + return b +} + +// WithSignerCertificates sets the SignerCertificates field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SignerCertificates field is set to the value of the last call. +func (b *CustomPKIPolicyApplyConfiguration) WithSignerCertificates(value *CertificateConfigApplyConfiguration) *CustomPKIPolicyApplyConfiguration { + b.PKIProfileApplyConfiguration.SignerCertificates = value + return b +} + +// WithServingCertificates sets the ServingCertificates field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServingCertificates field is set to the value of the last call. +func (b *CustomPKIPolicyApplyConfiguration) WithServingCertificates(value *CertificateConfigApplyConfiguration) *CustomPKIPolicyApplyConfiguration { + b.PKIProfileApplyConfiguration.ServingCertificates = value + return b +} + +// WithClientCertificates sets the ClientCertificates field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientCertificates field is set to the value of the last call. +func (b *CustomPKIPolicyApplyConfiguration) WithClientCertificates(value *CertificateConfigApplyConfiguration) *CustomPKIPolicyApplyConfiguration { + b.PKIProfileApplyConfiguration.ClientCertificates = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/defaultcertificateconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/defaultcertificateconfig.go new file mode 100644 index 0000000000..3ddd6fb6a7 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/defaultcertificateconfig.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// DefaultCertificateConfigApplyConfiguration represents a declarative configuration of the DefaultCertificateConfig type for use +// with apply. +// +// DefaultCertificateConfig specifies the default certificate configuration +// parameters. All fields are required to ensure that defaults are fully +// specified for all certificates. +type DefaultCertificateConfigApplyConfiguration struct { + // key specifies the cryptographic parameters for the certificate's key pair. + // This field is required in defaults to ensure all certificates have a + // well-defined key configuration. + Key *KeyConfigApplyConfiguration `json:"key,omitempty"` +} + +// DefaultCertificateConfigApplyConfiguration constructs a declarative configuration of the DefaultCertificateConfig type for use with +// apply. +func DefaultCertificateConfig() *DefaultCertificateConfigApplyConfiguration { + return &DefaultCertificateConfigApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *DefaultCertificateConfigApplyConfiguration) WithKey(value *KeyConfigApplyConfiguration) *DefaultCertificateConfigApplyConfiguration { + b.Key = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go new file mode 100644 index 0000000000..1e0a8e0014 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// DropEqualActionConfigApplyConfiguration represents a declarative configuration of the DropEqualActionConfig type for use +// with apply. +// +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfigApplyConfiguration struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfigApplyConfiguration constructs a declarative configuration of the DropEqualActionConfig type for use with +// apply. +func DropEqualActionConfig() *DropEqualActionConfigApplyConfiguration { + return &DropEqualActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *DropEqualActionConfigApplyConfiguration) WithTargetLabel(value string) *DropEqualActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/ecdsakeyconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/ecdsakeyconfig.go new file mode 100644 index 0000000000..96c579a3af --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/ecdsakeyconfig.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// ECDSAKeyConfigApplyConfiguration represents a declarative configuration of the ECDSAKeyConfig type for use +// with apply. +// +// ECDSAKeyConfig specifies parameters for ECDSA key generation. +type ECDSAKeyConfigApplyConfiguration struct { + // curve specifies the NIST elliptic curve for ECDSA keys. + // Valid values are "P256", "P384", and "P521". + // + // When set to P256, the NIST P-256 curve (also known as secp256r1) is used, + // providing 128-bit security. + // + // When set to P384, the NIST P-384 curve (also known as secp384r1) is used, + // providing 192-bit security. + // + // When set to P521, the NIST P-521 curve (also known as secp521r1) is used, + // providing 256-bit security. + Curve *configv1alpha1.ECDSACurve `json:"curve,omitempty"` +} + +// ECDSAKeyConfigApplyConfiguration constructs a declarative configuration of the ECDSAKeyConfig type for use with +// apply. +func ECDSAKeyConfig() *ECDSAKeyConfigApplyConfiguration { + return &ECDSAKeyConfigApplyConfiguration{} +} + +// WithCurve sets the Curve field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Curve field is set to the value of the last call. +func (b *ECDSAKeyConfigApplyConfiguration) WithCurve(value configv1alpha1.ECDSACurve) *ECDSAKeyConfigApplyConfiguration { + b.Curve = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go new file mode 100644 index 0000000000..453795b42b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// HashModActionConfigApplyConfiguration represents a declarative configuration of the HashModActionConfig type for use +// with apply. +// +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfigApplyConfiguration struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + Modulus *int64 `json:"modulus,omitempty"` +} + +// HashModActionConfigApplyConfiguration constructs a declarative configuration of the HashModActionConfig type for use with +// apply. +func HashModActionConfig() *HashModActionConfigApplyConfiguration { + return &HashModActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *HashModActionConfigApplyConfiguration) WithTargetLabel(value string) *HashModActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} + +// WithModulus sets the Modulus field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Modulus field is set to the value of the last call. +func (b *HashModActionConfigApplyConfiguration) WithModulus(value int64) *HashModActionConfigApplyConfiguration { + b.Modulus = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go deleted file mode 100644 index c9299e5000..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go +++ /dev/null @@ -1,52 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use -// with apply. -// -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - FulcioCAData []byte `json:"fulcioCAData,omitempty"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - RekorKeyData []byte `json:"rekorKeyData,omitempty"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - FulcioSubject *PolicyFulcioSubjectApplyConfiguration `json:"fulcioSubject,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use with -// apply. -func ImagePolicyFulcioCAWithRekorRootOfTrust() *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - return &ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration{} -} - -// WithFulcioCAData adds the given value to the FulcioCAData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the FulcioCAData field. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithFulcioCAData(values ...byte) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - for i := range values { - b.FulcioCAData = append(b.FulcioCAData, values[i]) - } - return b -} - -// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the RekorKeyData field. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithRekorKeyData(values ...byte) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - for i := range values { - b.RekorKeyData = append(b.RekorKeyData, values[i]) - } - return b -} - -// WithFulcioSubject sets the FulcioSubject field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the FulcioSubject field is set to the value of the last call. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithFulcioSubject(value *PolicyFulcioSubjectApplyConfiguration) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - b.FulcioSubject = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go deleted file mode 100644 index 42c3c0aa7c..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go +++ /dev/null @@ -1,51 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyPKIRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPKIRootOfTrust type for use -// with apply. -// -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrustApplyConfiguration struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - CertificateAuthorityRootsData []byte `json:"caRootsData,omitempty"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - PKICertificateSubject *PKICertificateSubjectApplyConfiguration `json:"pkiCertificateSubject,omitempty"` -} - -// ImagePolicyPKIRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPKIRootOfTrust type for use with -// apply. -func ImagePolicyPKIRootOfTrust() *ImagePolicyPKIRootOfTrustApplyConfiguration { - return &ImagePolicyPKIRootOfTrustApplyConfiguration{} -} - -// WithCertificateAuthorityRootsData adds the given value to the CertificateAuthorityRootsData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the CertificateAuthorityRootsData field. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithCertificateAuthorityRootsData(values ...byte) *ImagePolicyPKIRootOfTrustApplyConfiguration { - for i := range values { - b.CertificateAuthorityRootsData = append(b.CertificateAuthorityRootsData, values[i]) - } - return b -} - -// WithCertificateAuthorityIntermediatesData adds the given value to the CertificateAuthorityIntermediatesData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the CertificateAuthorityIntermediatesData field. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithCertificateAuthorityIntermediatesData(values ...byte) *ImagePolicyPKIRootOfTrustApplyConfiguration { - for i := range values { - b.CertificateAuthorityIntermediatesData = append(b.CertificateAuthorityIntermediatesData, values[i]) - } - return b -} - -// WithPKICertificateSubject sets the PKICertificateSubject field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PKICertificateSubject field is set to the value of the last call. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithPKICertificateSubject(value *PKICertificateSubjectApplyConfiguration) *ImagePolicyPKIRootOfTrustApplyConfiguration { - b.PKICertificateSubject = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go deleted file mode 100644 index 317b1be6ad..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go +++ /dev/null @@ -1,42 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyPublicKeyRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use -// with apply. -// -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrustApplyConfiguration struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - KeyData []byte `json:"keyData,omitempty"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyPublicKeyRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use with -// apply. -func ImagePolicyPublicKeyRootOfTrust() *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - return &ImagePolicyPublicKeyRootOfTrustApplyConfiguration{} -} - -// WithKeyData adds the given value to the KeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the KeyData field. -func (b *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) WithKeyData(values ...byte) *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - for i := range values { - b.KeyData = append(b.KeyData, values[i]) - } - return b -} - -// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the RekorKeyData field. -func (b *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) WithRekorKeyData(values ...byte) *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - for i := range values { - b.RekorKeyData = append(b.RekorKeyData, values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go deleted file mode 100644 index 0d8cbf64b7..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go +++ /dev/null @@ -1,53 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// ImagePolicySpecApplyConfiguration represents a declarative configuration of the ImagePolicySpec type for use -// with apply. -// -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpecApplyConfiguration struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - Scopes []configv1alpha1.ImageScope `json:"scopes,omitempty"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` -} - -// ImagePolicySpecApplyConfiguration constructs a declarative configuration of the ImagePolicySpec type for use with -// apply. -func ImagePolicySpec() *ImagePolicySpecApplyConfiguration { - return &ImagePolicySpecApplyConfiguration{} -} - -// WithScopes adds the given value to the Scopes field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Scopes field. -func (b *ImagePolicySpecApplyConfiguration) WithScopes(values ...configv1alpha1.ImageScope) *ImagePolicySpecApplyConfiguration { - for i := range values { - b.Scopes = append(b.Scopes, values[i]) - } - return b -} - -// WithPolicy sets the Policy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Policy field is set to the value of the last call. -func (b *ImagePolicySpecApplyConfiguration) WithPolicy(value *ImageSigstoreVerificationPolicyApplyConfiguration) *ImagePolicySpecApplyConfiguration { - b.Policy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go deleted file mode 100644 index 59fc118561..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ImagePolicyStatusApplyConfiguration represents a declarative configuration of the ImagePolicyStatus type for use -// with apply. -type ImagePolicyStatusApplyConfiguration struct { - // conditions provide details on the status of this API Resource. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// ImagePolicyStatusApplyConfiguration constructs a declarative configuration of the ImagePolicyStatus type for use with -// apply. -func ImagePolicyStatus() *ImagePolicyStatusApplyConfiguration { - return &ImagePolicyStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *ImagePolicyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *ImagePolicyStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go deleted file mode 100644 index 3fa4e27478..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go +++ /dev/null @@ -1,36 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImageSigstoreVerificationPolicyApplyConfiguration represents a declarative configuration of the ImageSigstoreVerificationPolicy type for use -// with apply. -// -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicyApplyConfiguration struct { - // rootOfTrust specifies the root of trust for the policy. - RootOfTrust *PolicyRootOfTrustApplyConfiguration `json:"rootOfTrust,omitempty"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - SignedIdentity *PolicyIdentityApplyConfiguration `json:"signedIdentity,omitempty"` -} - -// ImageSigstoreVerificationPolicyApplyConfiguration constructs a declarative configuration of the ImageSigstoreVerificationPolicy type for use with -// apply. -func ImageSigstoreVerificationPolicy() *ImageSigstoreVerificationPolicyApplyConfiguration { - return &ImageSigstoreVerificationPolicyApplyConfiguration{} -} - -// WithRootOfTrust sets the RootOfTrust field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the RootOfTrust field is set to the value of the last call. -func (b *ImageSigstoreVerificationPolicyApplyConfiguration) WithRootOfTrust(value *PolicyRootOfTrustApplyConfiguration) *ImageSigstoreVerificationPolicyApplyConfiguration { - b.RootOfTrust = value - return b -} - -// WithSignedIdentity sets the SignedIdentity field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedIdentity field is set to the value of the last call. -func (b *ImageSigstoreVerificationPolicyApplyConfiguration) WithSignedIdentity(value *PolicyIdentityApplyConfiguration) *ImageSigstoreVerificationPolicyApplyConfiguration { - b.SignedIdentity = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go new file mode 100644 index 0000000000..a560a662a8 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// KeepEqualActionConfigApplyConfiguration represents a declarative configuration of the KeepEqualActionConfig type for use +// with apply. +// +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfigApplyConfiguration struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfigApplyConfiguration constructs a declarative configuration of the KeepEqualActionConfig type for use with +// apply. +func KeepEqualActionConfig() *KeepEqualActionConfigApplyConfiguration { + return &KeepEqualActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *KeepEqualActionConfigApplyConfiguration) WithTargetLabel(value string) *KeepEqualActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keyconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keyconfig.go new file mode 100644 index 0000000000..340d395cec --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keyconfig.go @@ -0,0 +1,59 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// KeyConfigApplyConfiguration represents a declarative configuration of the KeyConfig type for use +// with apply. +// +// KeyConfig specifies cryptographic parameters for key generation. +type KeyConfigApplyConfiguration struct { + // algorithm specifies the key generation algorithm. + // Valid values are "RSA" and "ECDSA". + // + // When set to RSA, the rsa field must be specified and the generated key + // will be an RSA key with the configured key size. + // + // When set to ECDSA, the ecdsa field must be specified and the generated key + // will be an ECDSA key using the configured elliptic curve. + Algorithm *configv1alpha1.KeyAlgorithm `json:"algorithm,omitempty"` + // rsa specifies RSA key parameters. + // Required when algorithm is RSA, and forbidden otherwise. + RSA *RSAKeyConfigApplyConfiguration `json:"rsa,omitempty"` + // ecdsa specifies ECDSA key parameters. + // Required when algorithm is ECDSA, and forbidden otherwise. + ECDSA *ECDSAKeyConfigApplyConfiguration `json:"ecdsa,omitempty"` +} + +// KeyConfigApplyConfiguration constructs a declarative configuration of the KeyConfig type for use with +// apply. +func KeyConfig() *KeyConfigApplyConfiguration { + return &KeyConfigApplyConfiguration{} +} + +// WithAlgorithm sets the Algorithm field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Algorithm field is set to the value of the last call. +func (b *KeyConfigApplyConfiguration) WithAlgorithm(value configv1alpha1.KeyAlgorithm) *KeyConfigApplyConfiguration { + b.Algorithm = &value + return b +} + +// WithRSA sets the RSA field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RSA field is set to the value of the last call. +func (b *KeyConfigApplyConfiguration) WithRSA(value *RSAKeyConfigApplyConfiguration) *KeyConfigApplyConfiguration { + b.RSA = value + return b +} + +// WithECDSA sets the ECDSA field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ECDSA field is set to the value of the last call. +func (b *KeyConfigApplyConfiguration) WithECDSA(value *ECDSAKeyConfigApplyConfiguration) *KeyConfigApplyConfiguration { + b.ECDSA = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go new file mode 100644 index 0000000000..d1710cc9ab --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go @@ -0,0 +1,39 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LabelApplyConfiguration represents a declarative configuration of the Label type for use +// with apply. +// +// Label represents a key/value pair for external labels. +type LabelApplyConfiguration struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + Key *string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + Value *string `json:"value,omitempty"` +} + +// LabelApplyConfiguration constructs a declarative configuration of the Label type for use with +// apply. +func Label() *LabelApplyConfiguration { + return &LabelApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *LabelApplyConfiguration) WithKey(value string) *LabelApplyConfiguration { + b.Key = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *LabelApplyConfiguration) WithValue(value string) *LabelApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go new file mode 100644 index 0000000000..a16bd78779 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LabelMapActionConfigApplyConfiguration represents a declarative configuration of the LabelMapActionConfig type for use +// with apply. +// +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfigApplyConfiguration struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + Replacement *string `json:"replacement,omitempty"` +} + +// LabelMapActionConfigApplyConfiguration constructs a declarative configuration of the LabelMapActionConfig type for use with +// apply. +func LabelMapActionConfig() *LabelMapActionConfigApplyConfiguration { + return &LabelMapActionConfigApplyConfiguration{} +} + +// WithReplacement sets the Replacement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replacement field is set to the value of the last call. +func (b *LabelMapActionConfigApplyConfiguration) WithReplacement(value string) *LabelMapActionConfigApplyConfiguration { + b.Replacement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go new file mode 100644 index 0000000000..17fa48139a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LowercaseActionConfigApplyConfiguration represents a declarative configuration of the LowercaseActionConfig type for use +// with apply. +// +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfigApplyConfiguration struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// LowercaseActionConfigApplyConfiguration constructs a declarative configuration of the LowercaseActionConfig type for use with +// apply. +func LowercaseActionConfig() *LowercaseActionConfigApplyConfiguration { + return &LowercaseActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *LowercaseActionConfigApplyConfiguration) WithTargetLabel(value string) *LowercaseActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go new file mode 100644 index 0000000000..f8e1627816 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go @@ -0,0 +1,42 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// MetadataConfigApplyConfiguration represents a declarative configuration of the MetadataConfig type for use +// with apply. +// +// MetadataConfig defines whether and how to send series metadata to remote write storage. +type MetadataConfigApplyConfiguration struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + SendPolicy *configv1alpha1.MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + Custom *MetadataConfigCustomApplyConfiguration `json:"custom,omitempty"` +} + +// MetadataConfigApplyConfiguration constructs a declarative configuration of the MetadataConfig type for use with +// apply. +func MetadataConfig() *MetadataConfigApplyConfiguration { + return &MetadataConfigApplyConfiguration{} +} + +// WithSendPolicy sets the SendPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SendPolicy field is set to the value of the last call. +func (b *MetadataConfigApplyConfiguration) WithSendPolicy(value configv1alpha1.MetadataConfigSendPolicy) *MetadataConfigApplyConfiguration { + b.SendPolicy = &value + return b +} + +// WithCustom sets the Custom field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Custom field is set to the value of the last call. +func (b *MetadataConfigApplyConfiguration) WithCustom(value *MetadataConfigCustomApplyConfiguration) *MetadataConfigApplyConfiguration { + b.Custom = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go new file mode 100644 index 0000000000..3f5e050697 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// MetadataConfigCustomApplyConfiguration represents a declarative configuration of the MetadataConfigCustom type for use +// with apply. +// +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +type MetadataConfigCustomApplyConfiguration struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + SendIntervalSeconds *int32 `json:"sendIntervalSeconds,omitempty"` +} + +// MetadataConfigCustomApplyConfiguration constructs a declarative configuration of the MetadataConfigCustom type for use with +// apply. +func MetadataConfigCustom() *MetadataConfigCustomApplyConfiguration { + return &MetadataConfigCustomApplyConfiguration{} +} + +// WithSendIntervalSeconds sets the SendIntervalSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SendIntervalSeconds field is set to the value of the last call. +func (b *MetadataConfigCustomApplyConfiguration) WithSendIntervalSeconds(value int32) *MetadataConfigCustomApplyConfiguration { + b.SendIntervalSeconds = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go new file mode 100644 index 0000000000..d58cc3e513 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go @@ -0,0 +1,82 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// OAuth2ApplyConfiguration represents a declarative configuration of the OAuth2 type for use +// with apply. +// +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2ApplyConfiguration struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + ClientID *SecretKeySelectorApplyConfiguration `json:"clientId,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + ClientSecret *SecretKeySelectorApplyConfiguration `json:"clientSecret,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + TokenURL *string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + EndpointParams []OAuth2EndpointParamApplyConfiguration `json:"endpointParams,omitempty"` +} + +// OAuth2ApplyConfiguration constructs a declarative configuration of the OAuth2 type for use with +// apply. +func OAuth2() *OAuth2ApplyConfiguration { + return &OAuth2ApplyConfiguration{} +} + +// WithClientID sets the ClientID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientID field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithClientID(value *SecretKeySelectorApplyConfiguration) *OAuth2ApplyConfiguration { + b.ClientID = value + return b +} + +// WithClientSecret sets the ClientSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientSecret field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithClientSecret(value *SecretKeySelectorApplyConfiguration) *OAuth2ApplyConfiguration { + b.ClientSecret = value + return b +} + +// WithTokenURL sets the TokenURL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TokenURL field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithTokenURL(value string) *OAuth2ApplyConfiguration { + b.TokenURL = &value + return b +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *OAuth2ApplyConfiguration) WithScopes(values ...string) *OAuth2ApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithEndpointParams adds the given value to the EndpointParams field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the EndpointParams field. +func (b *OAuth2ApplyConfiguration) WithEndpointParams(values ...*OAuth2EndpointParamApplyConfiguration) *OAuth2ApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithEndpointParams") + } + b.EndpointParams = append(b.EndpointParams, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go new file mode 100644 index 0000000000..8372d30f8c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go @@ -0,0 +1,39 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// OAuth2EndpointParamApplyConfiguration represents a declarative configuration of the OAuth2EndpointParam type for use +// with apply. +// +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParamApplyConfiguration struct { + // name is the parameter name. Must be between 1 and 256 characters. + Name *string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + Value *string `json:"value,omitempty"` +} + +// OAuth2EndpointParamApplyConfiguration constructs a declarative configuration of the OAuth2EndpointParam type for use with +// apply. +func OAuth2EndpointParam() *OAuth2EndpointParamApplyConfiguration { + return &OAuth2EndpointParamApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *OAuth2EndpointParamApplyConfiguration) WithName(value string) *OAuth2EndpointParamApplyConfiguration { + b.Name = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *OAuth2EndpointParamApplyConfiguration) WithValue(value string) *OAuth2EndpointParamApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go new file mode 100644 index 0000000000..045ef78730 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go @@ -0,0 +1,117 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// OpenShiftStateMetricsConfigApplyConfiguration represents a declarative configuration of the OpenShiftStateMetricsConfig type for use +// with apply. +// +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. +type OpenShiftStateMetricsConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the openshift-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// OpenShiftStateMetricsConfigApplyConfiguration constructs a declarative configuration of the OpenShiftStateMetricsConfig type for use with +// apply. +func OpenShiftStateMetricsConfig() *OpenShiftStateMetricsConfigApplyConfiguration { + return &OpenShiftStateMetricsConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *OpenShiftStateMetricsConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pki.go similarity index 65% rename from vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go rename to vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pki.go index 68a813c1af..01a5b33266 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pki.go @@ -11,81 +11,72 @@ import ( v1 "k8s.io/client-go/applyconfigurations/meta/v1" ) -// ImagePolicyApplyConfiguration represents a declarative configuration of the ImagePolicy type for use +// PKIApplyConfiguration represents a declarative configuration of the PKI type for use // with apply. // -// # ImagePolicy holds namespace-wide configuration for image signature verification +// PKI configures cryptographic parameters for certificates generated +// internally by OpenShift components. // // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type ImagePolicyApplyConfiguration struct { +type PKIApplyConfiguration struct { v1.TypeMetaApplyConfiguration `json:",inline"` // metadata is the standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` // spec holds user settable values for configuration - Spec *ImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - // status contains the observed state of the resource. - Status *ImagePolicyStatusApplyConfiguration `json:"status,omitempty"` + Spec *PKISpecApplyConfiguration `json:"spec,omitempty"` } -// ImagePolicy constructs a declarative configuration of the ImagePolicy type for use with +// PKI constructs a declarative configuration of the PKI type for use with // apply. -func ImagePolicy(name, namespace string) *ImagePolicyApplyConfiguration { - b := &ImagePolicyApplyConfiguration{} +func PKI(name string) *PKIApplyConfiguration { + b := &PKIApplyConfiguration{} b.WithName(name) - b.WithNamespace(namespace) - b.WithKind("ImagePolicy") + b.WithKind("PKI") b.WithAPIVersion("config.openshift.io/v1alpha1") return b } -// ExtractImagePolicyFrom extracts the applied configuration owned by fieldManager from -// imagePolicy for the specified subresource. Pass an empty string for subresource to extract +// ExtractPKIFrom extracts the applied configuration owned by fieldManager from +// pKI for the specified subresource. Pass an empty string for subresource to extract // the main resource. Common subresources include "status", "scale", etc. -// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. +// pKI must be a unmodified PKI API object that was retrieved from the Kubernetes API. +// ExtractPKIFrom provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractImagePolicyFrom(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string, subresource string) (*ImagePolicyApplyConfiguration, error) { - b := &ImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(imagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ImagePolicy"), fieldManager, b, subresource) +func ExtractPKIFrom(pKI *configv1alpha1.PKI, fieldManager string, subresource string) (*PKIApplyConfiguration, error) { + b := &PKIApplyConfiguration{} + err := managedfields.ExtractInto(pKI, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.PKI"), fieldManager, b, subresource) if err != nil { return nil, err } - b.WithName(imagePolicy.Name) - b.WithNamespace(imagePolicy.Namespace) + b.WithName(pKI.Name) - b.WithKind("ImagePolicy") + b.WithKind("PKI") b.WithAPIVersion("config.openshift.io/v1alpha1") return b, nil } -// ExtractImagePolicy extracts the applied configuration owned by fieldManager from -// imagePolicy. If no managedFields are found in imagePolicy for fieldManager, a -// ImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// ExtractPKI extracts the applied configuration owned by fieldManager from +// pKI. If no managedFields are found in pKI for fieldManager, a +// PKIApplyConfiguration is returned with only the Name, Namespace (if applicable), // APIVersion and Kind populated. It is possible that no managed fields were found for because other // field managers have taken ownership of all the fields previously owned by fieldManager, or because // the fieldManager never owned fields any fields. -// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. +// pKI must be a unmodified PKI API object that was retrieved from the Kubernetes API. +// ExtractPKI provides a way to perform a extract/modify-in-place/apply workflow. // Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously // applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractImagePolicy(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return ExtractImagePolicyFrom(imagePolicy, fieldManager, "") +func ExtractPKI(pKI *configv1alpha1.PKI, fieldManager string) (*PKIApplyConfiguration, error) { + return ExtractPKIFrom(pKI, fieldManager, "") } -// ExtractImagePolicyStatus extracts the applied configuration owned by fieldManager from -// imagePolicy for the status subresource. -func ExtractImagePolicyStatus(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return ExtractImagePolicyFrom(imagePolicy, fieldManager, "status") -} - -func (b ImagePolicyApplyConfiguration) IsApplyConfiguration() {} +func (b PKIApplyConfiguration) IsApplyConfiguration() {} // WithKind sets the Kind field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Kind field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithKind(value string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithKind(value string) *PKIApplyConfiguration { b.TypeMetaApplyConfiguration.Kind = &value return b } @@ -93,7 +84,7 @@ func (b *ImagePolicyApplyConfiguration) WithKind(value string) *ImagePolicyApply // WithAPIVersion sets the APIVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the APIVersion field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithAPIVersion(value string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithAPIVersion(value string) *PKIApplyConfiguration { b.TypeMetaApplyConfiguration.APIVersion = &value return b } @@ -101,7 +92,7 @@ func (b *ImagePolicyApplyConfiguration) WithAPIVersion(value string) *ImagePolic // WithName sets the Name field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Name field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithName(value string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithName(value string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Name = &value return b @@ -110,7 +101,7 @@ func (b *ImagePolicyApplyConfiguration) WithName(value string) *ImagePolicyApply // WithGenerateName sets the GenerateName field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the GenerateName field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithGenerateName(value string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithGenerateName(value string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.GenerateName = &value return b @@ -119,7 +110,7 @@ func (b *ImagePolicyApplyConfiguration) WithGenerateName(value string) *ImagePol // WithNamespace sets the Namespace field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Namespace field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithNamespace(value string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithNamespace(value string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Namespace = &value return b @@ -128,7 +119,7 @@ func (b *ImagePolicyApplyConfiguration) WithNamespace(value string) *ImagePolicy // WithUID sets the UID field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the UID field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithUID(value types.UID) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithUID(value types.UID) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.UID = &value return b @@ -137,7 +128,7 @@ func (b *ImagePolicyApplyConfiguration) WithUID(value types.UID) *ImagePolicyApp // WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithResourceVersion(value string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithResourceVersion(value string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.ResourceVersion = &value return b @@ -146,7 +137,7 @@ func (b *ImagePolicyApplyConfiguration) WithResourceVersion(value string) *Image // WithGeneration sets the Generation field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Generation field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithGeneration(value int64) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithGeneration(value int64) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.Generation = &value return b @@ -155,7 +146,7 @@ func (b *ImagePolicyApplyConfiguration) WithGeneration(value int64) *ImagePolicy // WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithCreationTimestamp(value metav1.Time) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.CreationTimestamp = &value return b @@ -164,7 +155,7 @@ func (b *ImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) // WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value return b @@ -173,7 +164,7 @@ func (b *ImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) // WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value return b @@ -183,7 +174,7 @@ func (b *ImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the Labels field, // overwriting an existing map entries in Labels field with the same key. -func (b *ImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithLabels(entries map[string]string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) @@ -198,7 +189,7 @@ func (b *ImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *I // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, the entries provided by each call will be put on the Annotations field, // overwriting an existing map entries in Annotations field with the same key. -func (b *ImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithAnnotations(entries map[string]string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) @@ -212,7 +203,7 @@ func (b *ImagePolicyApplyConfiguration) WithAnnotations(entries map[string]strin // WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *ImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() for i := range values { if values[i] == nil { @@ -226,7 +217,7 @@ func (b *ImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerR // WithFinalizers adds the given value to the Finalizers field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *ImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithFinalizers(values ...string) *PKIApplyConfiguration { b.ensureObjectMetaApplyConfigurationExists() for i := range values { b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) @@ -234,7 +225,7 @@ func (b *ImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ImageP return b } -func (b *ImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { +func (b *PKIApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { if b.ObjectMetaApplyConfiguration == nil { b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} } @@ -243,37 +234,29 @@ func (b *ImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists // WithSpec sets the Spec field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Spec field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithSpec(value *ImagePolicySpecApplyConfiguration) *ImagePolicyApplyConfiguration { +func (b *PKIApplyConfiguration) WithSpec(value *PKISpecApplyConfiguration) *PKIApplyConfiguration { b.Spec = value return b } -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithStatus(value *ImagePolicyStatusApplyConfiguration) *ImagePolicyApplyConfiguration { - b.Status = value - return b -} - // GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetKind() *string { +func (b *PKIApplyConfiguration) GetKind() *string { return b.TypeMetaApplyConfiguration.Kind } // GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetAPIVersion() *string { +func (b *PKIApplyConfiguration) GetAPIVersion() *string { return b.TypeMetaApplyConfiguration.APIVersion } // GetName retrieves the value of the Name field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetName() *string { +func (b *PKIApplyConfiguration) GetName() *string { b.ensureObjectMetaApplyConfigurationExists() return b.ObjectMetaApplyConfiguration.Name } // GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetNamespace() *string { +func (b *PKIApplyConfiguration) GetNamespace() *string { b.ensureObjectMetaApplyConfigurationExists() return b.ObjectMetaApplyConfiguration.Namespace } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatemanagement.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatemanagement.go new file mode 100644 index 0000000000..203b73bb6a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatemanagement.go @@ -0,0 +1,65 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// PKICertificateManagementApplyConfiguration represents a declarative configuration of the PKICertificateManagement type for use +// with apply. +// +// PKICertificateManagement determines whether components use hardcoded defaults (Unmanaged), follow +// OpenShift best practices (Default), or use administrator-specified cryptographic parameters (Custom). +// This provides flexibility for organizations with specific compliance requirements or security policies +// while maintaining backwards compatibility for existing clusters. +type PKICertificateManagementApplyConfiguration struct { + // mode determines how PKI configuration is managed. + // Valid values are "Unmanaged", "Default", and "Custom". + // + // When set to Unmanaged, components use their existing hardcoded certificate + // generation behavior, exactly as if this feature did not exist. Each component + // generates certificates using whatever parameters it was using before this + // feature. While most components use RSA 2048, some may use different + // parameters. Use of this mode might prevent upgrading to the next major + // OpenShift release. + // + // When set to Default, OpenShift-recommended best practices for certificate + // generation are applied. The specific parameters may evolve across OpenShift + // releases to adopt improved cryptographic standards. In the initial release, + // this matches Unmanaged behavior for each component. In future releases, this + // may adopt ECDSA or larger RSA keys based on industry best practices. + // Recommended for most customers who want to benefit from security improvements + // automatically. + // + // When set to Custom, the certificate management parameters can be set + // explicitly. Use the custom field to specify certificate generation parameters. + Mode *configv1alpha1.PKICertificateManagementMode `json:"mode,omitempty"` + // custom contains administrator-specified cryptographic configuration. + // Use the defaults and category override fields + // to specify certificate generation parameters. + // Required when mode is Custom, and forbidden otherwise. + Custom *CustomPKIPolicyApplyConfiguration `json:"custom,omitempty"` +} + +// PKICertificateManagementApplyConfiguration constructs a declarative configuration of the PKICertificateManagement type for use with +// apply. +func PKICertificateManagement() *PKICertificateManagementApplyConfiguration { + return &PKICertificateManagementApplyConfiguration{} +} + +// WithMode sets the Mode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Mode field is set to the value of the last call. +func (b *PKICertificateManagementApplyConfiguration) WithMode(value configv1alpha1.PKICertificateManagementMode) *PKICertificateManagementApplyConfiguration { + b.Mode = &value + return b +} + +// WithCustom sets the Custom field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Custom field is set to the value of the last call. +func (b *PKICertificateManagementApplyConfiguration) WithCustom(value *CustomPKIPolicyApplyConfiguration) *PKICertificateManagementApplyConfiguration { + b.Custom = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go deleted file mode 100644 index c9c93a2806..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go +++ /dev/null @@ -1,39 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PKICertificateSubjectApplyConfiguration represents a declarative configuration of the PKICertificateSubject type for use -// with apply. -// -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -type PKICertificateSubjectApplyConfiguration struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - Email *string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - Hostname *string `json:"hostname,omitempty"` -} - -// PKICertificateSubjectApplyConfiguration constructs a declarative configuration of the PKICertificateSubject type for use with -// apply. -func PKICertificateSubject() *PKICertificateSubjectApplyConfiguration { - return &PKICertificateSubjectApplyConfiguration{} -} - -// WithEmail sets the Email field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Email field is set to the value of the last call. -func (b *PKICertificateSubjectApplyConfiguration) WithEmail(value string) *PKICertificateSubjectApplyConfiguration { - b.Email = &value - return b -} - -// WithHostname sets the Hostname field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Hostname field is set to the value of the last call. -func (b *PKICertificateSubjectApplyConfiguration) WithHostname(value string) *PKICertificateSubjectApplyConfiguration { - b.Hostname = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkiprofile.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkiprofile.go new file mode 100644 index 0000000000..735b7ca1d2 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkiprofile.go @@ -0,0 +1,68 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PKIProfileApplyConfiguration represents a declarative configuration of the PKIProfile type for use +// with apply. +// +// PKIProfile defines the certificate generation parameters that OpenShift +// components use to create certificates. Category overrides take precedence +// over defaults. +type PKIProfileApplyConfiguration struct { + // defaults specifies the default certificate configuration that applies + // to all certificates unless overridden by a category override. + Defaults *DefaultCertificateConfigApplyConfiguration `json:"defaults,omitempty"` + // signerCertificates optionally overrides certificate parameters for + // certificate authority (CA) certificates that sign other certificates. + // When set, these parameters take precedence over defaults for all signer certificates. + // When omitted, the defaults are used for signer certificates. + SignerCertificates *CertificateConfigApplyConfiguration `json:"signerCertificates,omitempty"` + // servingCertificates optionally overrides certificate parameters for + // TLS server certificates used to serve HTTPS endpoints. + // When set, these parameters take precedence over defaults for all serving certificates. + // When omitted, the defaults are used for serving certificates. + ServingCertificates *CertificateConfigApplyConfiguration `json:"servingCertificates,omitempty"` + // clientCertificates optionally overrides certificate parameters for + // client authentication certificates used to authenticate to servers. + // When set, these parameters take precedence over defaults for all client certificates. + // When omitted, the defaults are used for client certificates. + ClientCertificates *CertificateConfigApplyConfiguration `json:"clientCertificates,omitempty"` +} + +// PKIProfileApplyConfiguration constructs a declarative configuration of the PKIProfile type for use with +// apply. +func PKIProfile() *PKIProfileApplyConfiguration { + return &PKIProfileApplyConfiguration{} +} + +// WithDefaults sets the Defaults field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Defaults field is set to the value of the last call. +func (b *PKIProfileApplyConfiguration) WithDefaults(value *DefaultCertificateConfigApplyConfiguration) *PKIProfileApplyConfiguration { + b.Defaults = value + return b +} + +// WithSignerCertificates sets the SignerCertificates field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SignerCertificates field is set to the value of the last call. +func (b *PKIProfileApplyConfiguration) WithSignerCertificates(value *CertificateConfigApplyConfiguration) *PKIProfileApplyConfiguration { + b.SignerCertificates = value + return b +} + +// WithServingCertificates sets the ServingCertificates field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServingCertificates field is set to the value of the last call. +func (b *PKIProfileApplyConfiguration) WithServingCertificates(value *CertificateConfigApplyConfiguration) *PKIProfileApplyConfiguration { + b.ServingCertificates = value + return b +} + +// WithClientCertificates sets the ClientCertificates field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientCertificates field is set to the value of the last call. +func (b *PKIProfileApplyConfiguration) WithClientCertificates(value *CertificateConfigApplyConfiguration) *PKIProfileApplyConfiguration { + b.ClientCertificates = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkispec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkispec.go new file mode 100644 index 0000000000..3158b96c7d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkispec.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PKISpecApplyConfiguration represents a declarative configuration of the PKISpec type for use +// with apply. +// +// PKISpec holds the specification for PKI configuration. +type PKISpecApplyConfiguration struct { + // certificateManagement specifies how PKI configuration is managed for internally-generated certificates. + // This controls the certificate generation approach for all OpenShift components that create + // certificates internally, including certificate authorities, serving certificates, and client certificates. + CertificateManagement *PKICertificateManagementApplyConfiguration `json:"certificateManagement,omitempty"` +} + +// PKISpecApplyConfiguration constructs a declarative configuration of the PKISpec type for use with +// apply. +func PKISpec() *PKISpecApplyConfiguration { + return &PKISpecApplyConfiguration{} +} + +// WithCertificateManagement sets the CertificateManagement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CertificateManagement field is set to the value of the last call. +func (b *PKISpecApplyConfiguration) WithCertificateManagement(value *PKICertificateManagementApplyConfiguration) *PKISpecApplyConfiguration { + b.CertificateManagement = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go deleted file mode 100644 index 5c7bd5ed9e..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go +++ /dev/null @@ -1,38 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PolicyFulcioSubjectApplyConfiguration represents a declarative configuration of the PolicyFulcioSubject type for use -// with apply. -// -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubjectApplyConfiguration struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - OIDCIssuer *string `json:"oidcIssuer,omitempty"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - SignedEmail *string `json:"signedEmail,omitempty"` -} - -// PolicyFulcioSubjectApplyConfiguration constructs a declarative configuration of the PolicyFulcioSubject type for use with -// apply. -func PolicyFulcioSubject() *PolicyFulcioSubjectApplyConfiguration { - return &PolicyFulcioSubjectApplyConfiguration{} -} - -// WithOIDCIssuer sets the OIDCIssuer field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the OIDCIssuer field is set to the value of the last call. -func (b *PolicyFulcioSubjectApplyConfiguration) WithOIDCIssuer(value string) *PolicyFulcioSubjectApplyConfiguration { - b.OIDCIssuer = &value - return b -} - -// WithSignedEmail sets the SignedEmail field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedEmail field is set to the value of the last call. -func (b *PolicyFulcioSubjectApplyConfiguration) WithSignedEmail(value string) *PolicyFulcioSubjectApplyConfiguration { - b.SignedEmail = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go deleted file mode 100644 index 822e756774..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go +++ /dev/null @@ -1,57 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyIdentityApplyConfiguration represents a declarative configuration of the PolicyIdentity type for use -// with apply. -// -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -type PolicyIdentityApplyConfiguration struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - MatchPolicy *configv1alpha1.IdentityMatchPolicy `json:"matchPolicy,omitempty"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - PolicyMatchExactRepository *PolicyMatchExactRepositoryApplyConfiguration `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - PolicyMatchRemapIdentity *PolicyMatchRemapIdentityApplyConfiguration `json:"remapIdentity,omitempty"` -} - -// PolicyIdentityApplyConfiguration constructs a declarative configuration of the PolicyIdentity type for use with -// apply. -func PolicyIdentity() *PolicyIdentityApplyConfiguration { - return &PolicyIdentityApplyConfiguration{} -} - -// WithMatchPolicy sets the MatchPolicy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the MatchPolicy field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithMatchPolicy(value configv1alpha1.IdentityMatchPolicy) *PolicyIdentityApplyConfiguration { - b.MatchPolicy = &value - return b -} - -// WithPolicyMatchExactRepository sets the PolicyMatchExactRepository field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyMatchExactRepository field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchExactRepository(value *PolicyMatchExactRepositoryApplyConfiguration) *PolicyIdentityApplyConfiguration { - b.PolicyMatchExactRepository = value - return b -} - -// WithPolicyMatchRemapIdentity sets the PolicyMatchRemapIdentity field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyMatchRemapIdentity field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchRemapIdentity(value *PolicyMatchRemapIdentityApplyConfiguration) *PolicyIdentityApplyConfiguration { - b.PolicyMatchRemapIdentity = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go deleted file mode 100644 index 6420b8ed9e..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go +++ /dev/null @@ -1,29 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyMatchExactRepositoryApplyConfiguration represents a declarative configuration of the PolicyMatchExactRepository type for use -// with apply. -type PolicyMatchExactRepositoryApplyConfiguration struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - Repository *configv1alpha1.IdentityRepositoryPrefix `json:"repository,omitempty"` -} - -// PolicyMatchExactRepositoryApplyConfiguration constructs a declarative configuration of the PolicyMatchExactRepository type for use with -// apply. -func PolicyMatchExactRepository() *PolicyMatchExactRepositoryApplyConfiguration { - return &PolicyMatchExactRepositoryApplyConfiguration{} -} - -// WithRepository sets the Repository field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Repository field is set to the value of the last call. -func (b *PolicyMatchExactRepositoryApplyConfiguration) WithRepository(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchExactRepositoryApplyConfiguration { - b.Repository = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go deleted file mode 100644 index 0b1a5098fa..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyMatchRemapIdentityApplyConfiguration represents a declarative configuration of the PolicyMatchRemapIdentity type for use -// with apply. -type PolicyMatchRemapIdentityApplyConfiguration struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - Prefix *configv1alpha1.IdentityRepositoryPrefix `json:"prefix,omitempty"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - SignedPrefix *configv1alpha1.IdentityRepositoryPrefix `json:"signedPrefix,omitempty"` -} - -// PolicyMatchRemapIdentityApplyConfiguration constructs a declarative configuration of the PolicyMatchRemapIdentity type for use with -// apply. -func PolicyMatchRemapIdentity() *PolicyMatchRemapIdentityApplyConfiguration { - return &PolicyMatchRemapIdentityApplyConfiguration{} -} - -// WithPrefix sets the Prefix field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Prefix field is set to the value of the last call. -func (b *PolicyMatchRemapIdentityApplyConfiguration) WithPrefix(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { - b.Prefix = &value - return b -} - -// WithSignedPrefix sets the SignedPrefix field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedPrefix field is set to the value of the last call. -func (b *PolicyMatchRemapIdentityApplyConfiguration) WithSignedPrefix(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { - b.SignedPrefix = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go deleted file mode 100644 index b7a1877fc4..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go +++ /dev/null @@ -1,65 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyRootOfTrustApplyConfiguration represents a declarative configuration of the PolicyRootOfTrust type for use -// with apply. -// -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -type PolicyRootOfTrustApplyConfiguration struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - PolicyType *configv1alpha1.PolicyType `json:"policyType,omitempty"` - // publicKey defines the root of trust based on a sigstore public key. - PublicKey *ImagePolicyPublicKeyRootOfTrustApplyConfiguration `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - PKI *ImagePolicyPKIRootOfTrustApplyConfiguration `json:"pki,omitempty"` -} - -// PolicyRootOfTrustApplyConfiguration constructs a declarative configuration of the PolicyRootOfTrust type for use with -// apply. -func PolicyRootOfTrust() *PolicyRootOfTrustApplyConfiguration { - return &PolicyRootOfTrustApplyConfiguration{} -} - -// WithPolicyType sets the PolicyType field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyType field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPolicyType(value configv1alpha1.PolicyType) *PolicyRootOfTrustApplyConfiguration { - b.PolicyType = &value - return b -} - -// WithPublicKey sets the PublicKey field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PublicKey field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPublicKey(value *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.PublicKey = value - return b -} - -// WithFulcioCAWithRekor sets the FulcioCAWithRekor field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the FulcioCAWithRekor field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithFulcioCAWithRekor(value *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.FulcioCAWithRekor = value - return b -} - -// WithPKI sets the PKI field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PKI field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPKI(value *ImagePolicyPKIRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.PKI = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go new file mode 100644 index 0000000000..cd8fcb780b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go @@ -0,0 +1,276 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// PrometheusConfigApplyConfiguration represents a declarative configuration of the PrometheusConfig type for use +// with apply. +// +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +type PrometheusConfigApplyConfiguration struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfigApplyConfiguration `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + EnforcedBodySizeLimitBytes *int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + ExternalLabels []LabelApplyConfiguration `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + LogLevel *configv1alpha1.LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + QueryLogFile *string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + RemoteWrite []RemoteWriteSpecApplyConfiguration `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // Each entry must have a unique resource name. + // Minimum of 1 and maximum of 10 resource entries can be specified. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // - name: memory + // request: 40Mi + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit). + Retention *RetentionApplyConfiguration `json:"retention,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + CollectionProfile *configv1alpha1.CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` +} + +// PrometheusConfigApplyConfiguration constructs a declarative configuration of the PrometheusConfig type for use with +// apply. +func PrometheusConfig() *PrometheusConfigApplyConfiguration { + return &PrometheusConfigApplyConfiguration{} +} + +// WithAdditionalAlertmanagerConfigs adds the given value to the AdditionalAlertmanagerConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalAlertmanagerConfigs field. +func (b *PrometheusConfigApplyConfiguration) WithAdditionalAlertmanagerConfigs(values ...*AdditionalAlertmanagerConfigApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalAlertmanagerConfigs") + } + b.AdditionalAlertmanagerConfigs = append(b.AdditionalAlertmanagerConfigs, *values[i]) + } + return b +} + +// WithEnforcedBodySizeLimitBytes sets the EnforcedBodySizeLimitBytes field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EnforcedBodySizeLimitBytes field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithEnforcedBodySizeLimitBytes(value int64) *PrometheusConfigApplyConfiguration { + b.EnforcedBodySizeLimitBytes = &value + return b +} + +// WithExternalLabels adds the given value to the ExternalLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ExternalLabels field. +func (b *PrometheusConfigApplyConfiguration) WithExternalLabels(values ...*LabelApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithExternalLabels") + } + b.ExternalLabels = append(b.ExternalLabels, *values[i]) + } + return b +} + +// WithLogLevel sets the LogLevel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LogLevel field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithLogLevel(value configv1alpha1.LogLevel) *PrometheusConfigApplyConfiguration { + b.LogLevel = &value + return b +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *PrometheusConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *PrometheusConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithQueryLogFile sets the QueryLogFile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the QueryLogFile field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithQueryLogFile(value string) *PrometheusConfigApplyConfiguration { + b.QueryLogFile = &value + return b +} + +// WithRemoteWrite adds the given value to the RemoteWrite field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the RemoteWrite field. +func (b *PrometheusConfigApplyConfiguration) WithRemoteWrite(values ...*RemoteWriteSpecApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithRemoteWrite") + } + b.RemoteWrite = append(b.RemoteWrite, *values[i]) + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *PrometheusConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithRetention sets the Retention field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Retention field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithRetention(value *RetentionApplyConfiguration) *PrometheusConfigApplyConfiguration { + b.Retention = value + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *PrometheusConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *PrometheusConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *PrometheusConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *PrometheusConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} + +// WithCollectionProfile sets the CollectionProfile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionProfile field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithCollectionProfile(value configv1alpha1.CollectionProfile) *PrometheusConfigApplyConfiguration { + b.CollectionProfile = &value + return b +} + +// WithVolumeClaimTemplate sets the VolumeClaimTemplate field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VolumeClaimTemplate field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithVolumeClaimTemplate(value v1.PersistentVolumeClaim) *PrometheusConfigApplyConfiguration { + b.VolumeClaimTemplate = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go new file mode 100644 index 0000000000..53e21d1f9d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PrometheusRemoteWriteHeaderApplyConfiguration represents a declarative configuration of the PrometheusRemoteWriteHeader type for use +// with apply. +// +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeaderApplyConfiguration struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + Name *string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + Value *string `json:"value,omitempty"` +} + +// PrometheusRemoteWriteHeaderApplyConfiguration constructs a declarative configuration of the PrometheusRemoteWriteHeader type for use with +// apply. +func PrometheusRemoteWriteHeader() *PrometheusRemoteWriteHeaderApplyConfiguration { + return &PrometheusRemoteWriteHeaderApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *PrometheusRemoteWriteHeaderApplyConfiguration) WithName(value string) *PrometheusRemoteWriteHeaderApplyConfiguration { + b.Name = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *PrometheusRemoteWriteHeaderApplyConfiguration) WithValue(value string) *PrometheusRemoteWriteHeaderApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go new file mode 100644 index 0000000000..a24ff44ace --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go @@ -0,0 +1,129 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// QueueConfigApplyConfiguration represents a declarative configuration of the QueueConfig type for use +// with apply. +// +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +type QueueConfigApplyConfiguration struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + Capacity *int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + MaxShards *int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + MinShards *int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + MaxSamplesPerSend *int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + BatchSendDeadlineSeconds *int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + MinBackoffMilliseconds *int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + MaxBackoffMilliseconds *int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + RateLimitedAction *configv1alpha1.RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// QueueConfigApplyConfiguration constructs a declarative configuration of the QueueConfig type for use with +// apply. +func QueueConfig() *QueueConfigApplyConfiguration { + return &QueueConfigApplyConfiguration{} +} + +// WithCapacity sets the Capacity field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Capacity field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithCapacity(value int32) *QueueConfigApplyConfiguration { + b.Capacity = &value + return b +} + +// WithMaxShards sets the MaxShards field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxShards field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxShards(value int32) *QueueConfigApplyConfiguration { + b.MaxShards = &value + return b +} + +// WithMinShards sets the MinShards field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MinShards field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMinShards(value int32) *QueueConfigApplyConfiguration { + b.MinShards = &value + return b +} + +// WithMaxSamplesPerSend sets the MaxSamplesPerSend field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxSamplesPerSend field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxSamplesPerSend(value int32) *QueueConfigApplyConfiguration { + b.MaxSamplesPerSend = &value + return b +} + +// WithBatchSendDeadlineSeconds sets the BatchSendDeadlineSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BatchSendDeadlineSeconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithBatchSendDeadlineSeconds(value int32) *QueueConfigApplyConfiguration { + b.BatchSendDeadlineSeconds = &value + return b +} + +// WithMinBackoffMilliseconds sets the MinBackoffMilliseconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MinBackoffMilliseconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMinBackoffMilliseconds(value int32) *QueueConfigApplyConfiguration { + b.MinBackoffMilliseconds = &value + return b +} + +// WithMaxBackoffMilliseconds sets the MaxBackoffMilliseconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxBackoffMilliseconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxBackoffMilliseconds(value int32) *QueueConfigApplyConfiguration { + b.MaxBackoffMilliseconds = &value + return b +} + +// WithRateLimitedAction sets the RateLimitedAction field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RateLimitedAction field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithRateLimitedAction(value configv1alpha1.RateLimitedAction) *QueueConfigApplyConfiguration { + b.RateLimitedAction = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go new file mode 100644 index 0000000000..cfcfc7b5cc --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go @@ -0,0 +1,135 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RelabelActionConfigApplyConfiguration represents a declarative configuration of the RelabelActionConfig type for use +// with apply. +// +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +type RelabelActionConfigApplyConfiguration struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + Type *configv1alpha1.RelabelAction `json:"type,omitempty"` + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + Replace *ReplaceActionConfigApplyConfiguration `json:"replace,omitempty"` + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + HashMod *HashModActionConfigApplyConfiguration `json:"hashMod,omitempty"` + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + LabelMap *LabelMapActionConfigApplyConfiguration `json:"labelMap,omitempty"` + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + Lowercase *LowercaseActionConfigApplyConfiguration `json:"lowercase,omitempty"` + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + Uppercase *UppercaseActionConfigApplyConfiguration `json:"uppercase,omitempty"` + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + KeepEqual *KeepEqualActionConfigApplyConfiguration `json:"keepEqual,omitempty"` + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + DropEqual *DropEqualActionConfigApplyConfiguration `json:"dropEqual,omitempty"` +} + +// RelabelActionConfigApplyConfiguration constructs a declarative configuration of the RelabelActionConfig type for use with +// apply. +func RelabelActionConfig() *RelabelActionConfigApplyConfiguration { + return &RelabelActionConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithType(value configv1alpha1.RelabelAction) *RelabelActionConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithReplace sets the Replace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replace field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithReplace(value *ReplaceActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Replace = value + return b +} + +// WithHashMod sets the HashMod field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the HashMod field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithHashMod(value *HashModActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.HashMod = value + return b +} + +// WithLabelMap sets the LabelMap field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LabelMap field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithLabelMap(value *LabelMapActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.LabelMap = value + return b +} + +// WithLowercase sets the Lowercase field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Lowercase field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithLowercase(value *LowercaseActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Lowercase = value + return b +} + +// WithUppercase sets the Uppercase field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Uppercase field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithUppercase(value *UppercaseActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Uppercase = value + return b +} + +// WithKeepEqual sets the KeepEqual field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KeepEqual field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithKeepEqual(value *KeepEqualActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.KeepEqual = value + return b +} + +// WithDropEqual sets the DropEqual field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DropEqual field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithDropEqual(value *DropEqualActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.DropEqual = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go new file mode 100644 index 0000000000..efe191727e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go @@ -0,0 +1,89 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RelabelConfigApplyConfiguration represents a declarative configuration of the RelabelConfig type for use +// with apply. +// +// RelabelConfig represents a relabeling rule. +type RelabelConfigApplyConfiguration struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + Name *string `json:"name,omitempty"` + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + SourceLabels []string `json:"sourceLabels,omitempty"` + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + Separator *string `json:"separator,omitempty"` + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + Regex *string `json:"regex,omitempty"` + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + Action *RelabelActionConfigApplyConfiguration `json:"action,omitempty"` +} + +// RelabelConfigApplyConfiguration constructs a declarative configuration of the RelabelConfig type for use with +// apply. +func RelabelConfig() *RelabelConfigApplyConfiguration { + return &RelabelConfigApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithName(value string) *RelabelConfigApplyConfiguration { + b.Name = &value + return b +} + +// WithSourceLabels adds the given value to the SourceLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the SourceLabels field. +func (b *RelabelConfigApplyConfiguration) WithSourceLabels(values ...string) *RelabelConfigApplyConfiguration { + for i := range values { + b.SourceLabels = append(b.SourceLabels, values[i]) + } + return b +} + +// WithSeparator sets the Separator field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Separator field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithSeparator(value string) *RelabelConfigApplyConfiguration { + b.Separator = &value + return b +} + +// WithRegex sets the Regex field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Regex field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithRegex(value string) *RelabelConfigApplyConfiguration { + b.Regex = &value + return b +} + +// WithAction sets the Action field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Action field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithAction(value *RelabelActionConfigApplyConfiguration) *RelabelConfigApplyConfiguration { + b.Action = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go new file mode 100644 index 0000000000..c32870d760 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go @@ -0,0 +1,100 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// RemoteWriteAuthorizationApplyConfiguration represents a declarative configuration of the RemoteWriteAuthorization type for use +// with apply. +// +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +type RemoteWriteAuthorizationApplyConfiguration struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + Type *configv1alpha1.RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + BearerToken *SecretKeySelectorApplyConfiguration `json:"bearerToken,omitempty"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + Sigv4 *Sigv4ApplyConfiguration `json:"sigv4,omitempty"` +} + +// RemoteWriteAuthorizationApplyConfiguration constructs a declarative configuration of the RemoteWriteAuthorization type for use with +// apply. +func RemoteWriteAuthorization() *RemoteWriteAuthorizationApplyConfiguration { + return &RemoteWriteAuthorizationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithType(value configv1alpha1.RemoteWriteAuthorizationType) *RemoteWriteAuthorizationApplyConfiguration { + b.Type = &value + return b +} + +// WithSafeAuthorization sets the SafeAuthorization field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SafeAuthorization field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithSafeAuthorization(value v1.SecretKeySelector) *RemoteWriteAuthorizationApplyConfiguration { + b.SafeAuthorization = &value + return b +} + +// WithBearerToken sets the BearerToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BearerToken field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithBearerToken(value *SecretKeySelectorApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.BearerToken = value + return b +} + +// WithBasicAuth sets the BasicAuth field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BasicAuth field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithBasicAuth(value *BasicAuthApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.BasicAuth = value + return b +} + +// WithOAuth2 sets the OAuth2 field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OAuth2 field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithOAuth2(value *OAuth2ApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.OAuth2 = value + return b +} + +// WithSigv4 sets the Sigv4 field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Sigv4 field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithSigv4(value *Sigv4ApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.Sigv4 = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go new file mode 100644 index 0000000000..cbb3c0dbcf --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go @@ -0,0 +1,175 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RemoteWriteSpecApplyConfiguration represents a declarative configuration of the RemoteWriteSpec type for use +// with apply. +// +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpecApplyConfiguration struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + URL *string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + Name *string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + AuthorizationConfig *RemoteWriteAuthorizationApplyConfiguration `json:"authorization,omitempty"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + Headers []PrometheusRemoteWriteHeaderApplyConfiguration `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + MetadataConfig *MetadataConfigApplyConfiguration `json:"metadataConfig,omitempty"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + ProxyURL *string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + QueueConfig *QueueConfigApplyConfiguration `json:"queueConfig,omitempty"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + RemoteTimeoutSeconds *int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + ExemplarsMode *configv1alpha1.ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + WriteRelabelConfigs []RelabelConfigApplyConfiguration `json:"writeRelabelConfigs,omitempty"` +} + +// RemoteWriteSpecApplyConfiguration constructs a declarative configuration of the RemoteWriteSpec type for use with +// apply. +func RemoteWriteSpec() *RemoteWriteSpecApplyConfiguration { + return &RemoteWriteSpecApplyConfiguration{} +} + +// WithURL sets the URL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the URL field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithURL(value string) *RemoteWriteSpecApplyConfiguration { + b.URL = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithName(value string) *RemoteWriteSpecApplyConfiguration { + b.Name = &value + return b +} + +// WithAuthorizationConfig sets the AuthorizationConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AuthorizationConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithAuthorizationConfig(value *RemoteWriteAuthorizationApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.AuthorizationConfig = value + return b +} + +// WithHeaders adds the given value to the Headers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Headers field. +func (b *RemoteWriteSpecApplyConfiguration) WithHeaders(values ...*PrometheusRemoteWriteHeaderApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithHeaders") + } + b.Headers = append(b.Headers, *values[i]) + } + return b +} + +// WithMetadataConfig sets the MetadataConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MetadataConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithMetadataConfig(value *MetadataConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.MetadataConfig = value + return b +} + +// WithProxyURL sets the ProxyURL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ProxyURL field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithProxyURL(value string) *RemoteWriteSpecApplyConfiguration { + b.ProxyURL = &value + return b +} + +// WithQueueConfig sets the QueueConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the QueueConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithQueueConfig(value *QueueConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.QueueConfig = value + return b +} + +// WithRemoteTimeoutSeconds sets the RemoteTimeoutSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RemoteTimeoutSeconds field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithRemoteTimeoutSeconds(value int32) *RemoteWriteSpecApplyConfiguration { + b.RemoteTimeoutSeconds = &value + return b +} + +// WithExemplarsMode sets the ExemplarsMode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ExemplarsMode field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithExemplarsMode(value configv1alpha1.ExemplarsMode) *RemoteWriteSpecApplyConfiguration { + b.ExemplarsMode = &value + return b +} + +// WithTLSConfig sets the TLSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithTLSConfig(value *TLSConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.TLSConfig = value + return b +} + +// WithWriteRelabelConfigs adds the given value to the WriteRelabelConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the WriteRelabelConfigs field. +func (b *RemoteWriteSpecApplyConfiguration) WithWriteRelabelConfigs(values ...*RelabelConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithWriteRelabelConfigs") + } + b.WriteRelabelConfigs = append(b.WriteRelabelConfigs, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go new file mode 100644 index 0000000000..7b9766c11b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go @@ -0,0 +1,41 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// ReplaceActionConfigApplyConfiguration represents a declarative configuration of the ReplaceActionConfig type for use +// with apply. +// +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfigApplyConfiguration struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + Replacement *string `json:"replacement,omitempty"` +} + +// ReplaceActionConfigApplyConfiguration constructs a declarative configuration of the ReplaceActionConfig type for use with +// apply. +func ReplaceActionConfig() *ReplaceActionConfigApplyConfiguration { + return &ReplaceActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *ReplaceActionConfigApplyConfiguration) WithTargetLabel(value string) *ReplaceActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} + +// WithReplacement sets the Replacement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replacement field is set to the value of the last call. +func (b *ReplaceActionConfigApplyConfiguration) WithReplacement(value string) *ReplaceActionConfigApplyConfiguration { + b.Replacement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go new file mode 100644 index 0000000000..2ca903f21f --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RetentionApplyConfiguration represents a declarative configuration of the Retention type for use +// with apply. +// +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +type RetentionApplyConfiguration struct { + // durationInDays specifies how many days Prometheus will retain metrics data. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 15. + // Minimum value is 1 day. + // Maximum value is 365 days (1 year). + DurationInDays *int32 `json:"durationInDays,omitempty"` + // sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // When the limit is reached, Prometheus will delete oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + // Minimum value is 1 GiB. + // Maximum value is 16384 GiB (16 TiB). + SizeInGiB *int32 `json:"sizeInGiB,omitempty"` +} + +// RetentionApplyConfiguration constructs a declarative configuration of the Retention type for use with +// apply. +func Retention() *RetentionApplyConfiguration { + return &RetentionApplyConfiguration{} +} + +// WithDurationInDays sets the DurationInDays field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DurationInDays field is set to the value of the last call. +func (b *RetentionApplyConfiguration) WithDurationInDays(value int32) *RetentionApplyConfiguration { + b.DurationInDays = &value + return b +} + +// WithSizeInGiB sets the SizeInGiB field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SizeInGiB field is set to the value of the last call. +func (b *RetentionApplyConfiguration) WithSizeInGiB(value int32) *RetentionApplyConfiguration { + b.SizeInGiB = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/rsakeyconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/rsakeyconfig.go new file mode 100644 index 0000000000..89bccbf4fd --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/rsakeyconfig.go @@ -0,0 +1,27 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RSAKeyConfigApplyConfiguration represents a declarative configuration of the RSAKeyConfig type for use +// with apply. +// +// RSAKeyConfig specifies parameters for RSA key generation. +type RSAKeyConfigApplyConfiguration struct { + // keySize specifies the size of RSA keys in bits. + // Valid values are multiples of 1024 from 2048 to 8192. + KeySize *int32 `json:"keySize,omitempty"` +} + +// RSAKeyConfigApplyConfiguration constructs a declarative configuration of the RSAKeyConfig type for use with +// apply. +func RSAKeyConfig() *RSAKeyConfigApplyConfiguration { + return &RSAKeyConfigApplyConfiguration{} +} + +// WithKeySize sets the KeySize field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KeySize field is set to the value of the last call. +func (b *RSAKeyConfigApplyConfiguration) WithKeySize(value int32) *RSAKeyConfigApplyConfiguration { + b.KeySize = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go new file mode 100644 index 0000000000..a824180eda --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// SecretKeySelectorApplyConfiguration represents a declarative configuration of the SecretKeySelector type for use +// with apply. +// +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +type SecretKeySelectorApplyConfiguration struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. + Name *string `json:"name,omitempty"` + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + Key *string `json:"key,omitempty"` +} + +// SecretKeySelectorApplyConfiguration constructs a declarative configuration of the SecretKeySelector type for use with +// apply. +func SecretKeySelector() *SecretKeySelectorApplyConfiguration { + return &SecretKeySelectorApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *SecretKeySelectorApplyConfiguration) WithName(value string) *SecretKeySelectorApplyConfiguration { + b.Name = &value + return b +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *SecretKeySelectorApplyConfiguration) WithKey(value string) *SecretKeySelectorApplyConfiguration { + b.Key = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go new file mode 100644 index 0000000000..e0e37c4fdb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go @@ -0,0 +1,78 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// Sigv4ApplyConfiguration represents a declarative configuration of the Sigv4 type for use +// with apply. +// +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +type Sigv4ApplyConfiguration struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + Region *string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + AccessKey *SecretKeySelectorApplyConfiguration `json:"accessKey,omitempty"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + SecretKey *SecretKeySelectorApplyConfiguration `json:"secretKey,omitempty"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + Profile *string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + RoleArn *string `json:"roleArn,omitempty"` +} + +// Sigv4ApplyConfiguration constructs a declarative configuration of the Sigv4 type for use with +// apply. +func Sigv4() *Sigv4ApplyConfiguration { + return &Sigv4ApplyConfiguration{} +} + +// WithRegion sets the Region field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Region field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithRegion(value string) *Sigv4ApplyConfiguration { + b.Region = &value + return b +} + +// WithAccessKey sets the AccessKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AccessKey field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithAccessKey(value *SecretKeySelectorApplyConfiguration) *Sigv4ApplyConfiguration { + b.AccessKey = value + return b +} + +// WithSecretKey sets the SecretKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SecretKey field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithSecretKey(value *SecretKeySelectorApplyConfiguration) *Sigv4ApplyConfiguration { + b.SecretKey = value + return b +} + +// WithProfile sets the Profile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Profile field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithProfile(value string) *Sigv4ApplyConfiguration { + b.Profile = &value + return b +} + +// WithRoleArn sets the RoleArn field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RoleArn field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithRoleArn(value string) *Sigv4ApplyConfiguration { + b.RoleArn = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go new file mode 100644 index 0000000000..dc74026618 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go @@ -0,0 +1,81 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// TLSConfigApplyConfiguration represents a declarative configuration of the TLSConfig type for use +// with apply. +// +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +type TLSConfigApplyConfiguration struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + CA *SecretKeySelectorApplyConfiguration `json:"ca,omitempty"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. + Cert *SecretKeySelectorApplyConfiguration `json:"cert,omitempty"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. + Key *SecretKeySelectorApplyConfiguration `json:"key,omitempty"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + ServerName *string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". + CertificateVerification *configv1alpha1.CertificateVerificationType `json:"certificateVerification,omitempty"` +} + +// TLSConfigApplyConfiguration constructs a declarative configuration of the TLSConfig type for use with +// apply. +func TLSConfig() *TLSConfigApplyConfiguration { + return &TLSConfigApplyConfiguration{} +} + +// WithCA sets the CA field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CA field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCA(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.CA = value + return b +} + +// WithCert sets the Cert field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Cert field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCert(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.Cert = value + return b +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithKey(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.Key = value + return b +} + +// WithServerName sets the ServerName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServerName field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithServerName(value string) *TLSConfigApplyConfiguration { + b.ServerName = &value + return b +} + +// WithCertificateVerification sets the CertificateVerification field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CertificateVerification field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCertificateVerification(value configv1alpha1.CertificateVerificationType) *TLSConfigApplyConfiguration { + b.CertificateVerification = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go new file mode 100644 index 0000000000..6d3a6a804a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// UppercaseActionConfigApplyConfiguration represents a declarative configuration of the UppercaseActionConfig type for use +// with apply. +// +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfigApplyConfiguration struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfigApplyConfiguration constructs a declarative configuration of the UppercaseActionConfig type for use with +// apply. +func UppercaseActionConfig() *UppercaseActionConfigApplyConfiguration { + return &UppercaseActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *UppercaseActionConfigApplyConfiguration) WithTargetLabel(value string) *UppercaseActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go index 65906b80c5..9bfc7d280b 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go @@ -23,92 +23,80 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.config.v1.APIServer +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: apiVersion + - name: lastTransitionTime type: - scalar: string - - name: kind + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - - name: metadata + default: "" + - name: observedGeneration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: numeric + - name: reason type: - namedType: com.github.openshift.api.config.v1.APIServerSpec - default: {} + scalar: string + default: "" - name: status type: - namedType: com.github.openshift.api.config.v1.APIServerStatus - default: {} -- name: com.github.openshift.api.config.v1.APIServerEncryption - map: - fields: - - name: kms - type: - namedType: com.github.openshift.api.config.v1.KMSConfig + scalar: string + default: "" - name: type type: scalar: string - unions: - - discriminator: type - fields: - - fieldName: kms - discriminatorValue: KMS -- name: com.github.openshift.api.config.v1.APIServerNamedServingCert + default: "" +- name: ConfigMapKeySelector.v1.core.api.k8s.io map: fields: - - name: names + - name: key type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: servingCertificate + scalar: string + default: "" + - name: name type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} -- name: com.github.openshift.api.config.v1.APIServerServingCerts + scalar: string + default: "" + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: string +- name: EnvVar.v1.core.api.k8s.io map: fields: - - name: namedCertificates + - name: name type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.APIServerNamedServingCert - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.APIServerSpec + scalar: string + default: "" + - name: value + type: + scalar: string + - name: valueFrom + type: + namedType: EnvVarSource.v1.core.api.k8s.io +- name: EnvVarSource.v1.core.api.k8s.io map: fields: - - name: additionalCORSAllowedOrigins - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: audit + - name: configMapKeyRef type: - namedType: com.github.openshift.api.config.v1.Audit - default: {} - - name: clientCA + namedType: ConfigMapKeySelector.v1.core.api.k8s.io + - name: fieldRef type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: encryption + namedType: ObjectFieldSelector.v1.core.api.k8s.io + - name: fileKeyRef type: - namedType: com.github.openshift.api.config.v1.APIServerEncryption - default: {} - - name: servingCerts + namedType: FileKeySelector.v1.core.api.k8s.io + - name: resourceFieldRef type: - namedType: com.github.openshift.api.config.v1.APIServerServingCerts - default: {} - - name: tlsSecurityProfile + namedType: ResourceFieldSelector.v1.core.api.k8s.io + - name: secretKeyRef type: - namedType: com.github.openshift.api.config.v1.TLSSecurityProfile -- name: com.github.openshift.api.config.v1.APIServerStatus + namedType: SecretKeySelector.v1.core.api.k8s.io +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -120,201 +108,229 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.AWSDNSSpec +- name: FileKeySelector.v1.core.api.k8s.io map: fields: - - name: privateZoneIAMRole + - name: key type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.AWSIngressSpec - map: - fields: - - name: type + - name: optional type: - scalar: string - default: "" - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.AWSKMSConfig - map: - fields: - - name: keyARN + scalar: boolean + default: false + - name: path type: scalar: string default: "" - - name: region + - name: volumeName type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.AWSPlatformSpec + elementRelationship: atomic +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: serviceEndpoints + - name: matchExpressions type: list: elementType: - namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AWSPlatformStatus + - name: matchLabels + type: + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: cloudLoadBalancerConfig - type: - namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig - default: - dnsType: PlatformDefault - - name: ipFamily + - name: key type: scalar: string - default: IPv4 - - name: region + default: "" + - name: operator type: scalar: string default: "" - - name: resourceTags - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AWSResourceTag - elementRelationship: atomic - - name: serviceEndpoints + - name: values type: list: elementType: - namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AWSResourceTag +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: value + - name: fieldsType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.AWSServiceEndpoint - map: - fields: - - name: name + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: scalar: string - default: "" - - name: url + - name: operation type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.AcceptRisk - map: - fields: - - name: name + - name: subresource type: scalar: string -- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ModifyVolumeStatus.v1.core.api.k8s.io map: fields: - - name: region + - name: status type: scalar: string default: "" - - name: resourceGroupID + - name: targetVolumeAttributesClassName type: scalar: string - - name: resourceTags - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AlibabaCloudResourceTag - elementRelationship: associative - keys: - - key -- name: com.github.openshift.api.config.v1.AlibabaCloudResourceTag +- name: ObjectFieldSelector.v1.core.api.k8s.io map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: value + - name: fieldPath type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Audit + elementRelationship: atomic +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: customRules + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: list: elementType: - namedType: com.github.openshift.api.config.v1.AuditCustomRule + scalar: string elementRelationship: associative - keys: - - group - - name: profile + - name: generateName type: scalar: string -- name: com.github.openshift.api.config.v1.AuditCustomRule - map: - fields: - - name: group + - name: generation type: - scalar: string - default: "" - - name: profile + scalar: numeric + - name: labels type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Authentication - map: - fields: - - name: apiVersion + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name type: scalar: string - - name: kind + - name: namespace type: scalar: string - - name: metadata + - name: ownerReferences type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: PersistentVolumeClaim.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.AuthenticationSpec + namedType: PersistentVolumeClaimSpec.v1.core.api.k8s.io default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.AuthenticationStatus + namedType: PersistentVolumeClaimStatus.v1.core.api.k8s.io default: {} -- name: com.github.openshift.api.config.v1.AuthenticationSpec +- name: PersistentVolumeClaimCondition.v1.core.api.k8s.io map: fields: - - name: oauthMetadata + - name: lastProbeTime type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: oidcProviders + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastTransitionTime type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.OIDCProvider - elementRelationship: associative - keys: - - name - - name: serviceAccountIssuer + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message + type: + scalar: string + - name: reason + type: + scalar: string + - name: status type: scalar: string default: "" @@ -322,32 +338,85 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" - - name: webhookTokenAuthenticator - type: - namedType: com.github.openshift.api.config.v1.WebhookTokenAuthenticator - - name: webhookTokenAuthenticators +- name: PersistentVolumeClaimSpec.v1.core.api.k8s.io + map: + fields: + - name: accessModes type: list: elementType: - namedType: com.github.openshift.api.config.v1.DeprecatedWebhookTokenAuthenticator + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AuthenticationStatus + - name: dataSource + type: + namedType: TypedLocalObjectReference.v1.core.api.k8s.io + - name: dataSourceRef + type: + namedType: TypedObjectReference.v1.core.api.k8s.io + - name: resources + type: + namedType: VolumeResourceRequirements.v1.core.api.k8s.io + default: {} + - name: selector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: storageClassName + type: + scalar: string + - name: volumeAttributesClassName + type: + scalar: string + - name: volumeMode + type: + scalar: string + - name: volumeName + type: + scalar: string +- name: PersistentVolumeClaimStatus.v1.core.api.k8s.io map: fields: - - name: integratedOAuthMetadata + - name: accessModes type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: oidcClients + list: + elementType: + scalar: string + elementRelationship: atomic + - name: allocatedResourceStatuses + type: + map: + elementType: + scalar: string + elementRelationship: separable + - name: allocatedResources + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: capacity + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: conditions type: list: elementType: - namedType: com.github.openshift.api.config.v1.OIDCClientStatus + namedType: PersistentVolumeClaimCondition.v1.core.api.k8s.io elementRelationship: associative keys: - - componentNamespace - - componentName -- name: com.github.openshift.api.config.v1.AzurePlatformSpec + - type + - name: currentVolumeAttributesClassName + type: + scalar: string + - name: modifyVolumeStatus + type: + namedType: ModifyVolumeStatus.v1.core.api.k8s.io + - name: phase + type: + scalar: string +- name: Quantity.resource.api.pkg.apimachinery.k8s.io + scalar: string +- name: RawExtension.runtime.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -359,136 +428,165 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.AzurePlatformStatus +- name: ResourceClaim.v1.core.api.k8s.io map: fields: - - name: armEndpoint + - name: name type: scalar: string - - name: cloudLoadBalancerConfig - type: - namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig - default: - dnsType: PlatformDefault - - name: cloudName + default: "" + - name: request type: scalar: string - - name: ipFamily +- name: ResourceFieldSelector.v1.core.api.k8s.io + map: + fields: + - name: containerName type: scalar: string - default: IPv4 - - name: networkResourceGroupName + - name: divisor type: - scalar: string - - name: resourceGroupName + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: resource type: scalar: string default: "" - - name: resourceTags + elementRelationship: atomic +- name: ResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: claims type: list: elementType: - namedType: com.github.openshift.api.config.v1.AzureResourceTag - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AzureResourceTag + namedType: ResourceClaim.v1.core.api.k8s.io + elementRelationship: associative + keys: + - name + - name: limits + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: SecretKeySelector.v1.core.api.k8s.io map: fields: - name: key type: scalar: string default: "" - - name: value + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.BareMetalPlatformLoadBalancer + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: Toleration.v1.core.api.k8s.io map: fields: - - name: type + - name: effect type: scalar: string - default: OpenShiftManagedDefault - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.BareMetalPlatformSpec + - name: key + type: + scalar: string + - name: operator + type: + scalar: string + - name: tolerationSeconds + type: + scalar: numeric + - name: value + type: + scalar: string +- name: TopologySpreadConstraint.v1.core.api.k8s.io map: fields: - - name: apiServerInternalIPs + - name: labelSelector type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: ingressIPs + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: matchLabelKeys type: list: elementType: scalar: string elementRelationship: atomic - - name: machineNetworks + - name: maxSkew type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.BareMetalPlatformStatus - map: - fields: - - name: apiServerInternalIP + scalar: numeric + default: 0 + - name: minDomains + type: + scalar: numeric + - name: nodeAffinityPolicy type: scalar: string - - name: apiServerInternalIPs + - name: nodeTaintsPolicy type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: dnsRecordsType + scalar: string + - name: topologyKey type: scalar: string - - name: ingressIP + default: "" + - name: whenUnsatisfiable type: scalar: string - - name: ingressIPs + default: "" +- name: TypedLocalObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiGroup type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: loadBalancer + scalar: string + - name: kind type: - namedType: com.github.openshift.api.config.v1.BareMetalPlatformLoadBalancer - default: - type: OpenShiftManagedDefault - - name: machineNetworks - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: nodeDNSIP + scalar: string + default: "" + - name: name type: scalar: string -- name: com.github.openshift.api.config.v1.BasicAuthIdentityProvider + default: "" + elementRelationship: atomic +- name: TypedObjectReference.v1.core.api.k8s.io map: fields: - - name: ca - type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: tlsClientCert + - name: apiGroup type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} - - name: tlsClientKey + scalar: string + - name: kind type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} - - name: url + scalar: string + default: "" + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Build + - name: namespace + type: + scalar: string +- name: VolumeResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: limits + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.config.v1.APIServer map: fields: - name: apiVersion @@ -499,205 +597,188 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.BuildSpec + namedType: com.github.openshift.api.config.v1.APIServerSpec default: {} -- name: com.github.openshift.api.config.v1.BuildDefaults + - name: status + type: + namedType: com.github.openshift.api.config.v1.APIServerStatus + default: {} +- name: com.github.openshift.api.config.v1.APIServerEncryption map: fields: - - name: defaultProxy - type: - namedType: com.github.openshift.api.config.v1.ProxySpec - - name: env + - name: kms type: - list: - elementType: - namedType: io.k8s.api.core.v1.EnvVar - elementRelationship: atomic - - name: gitProxy + namedType: com.github.openshift.api.config.v1.KMSConfig + - name: type type: - namedType: com.github.openshift.api.config.v1.ProxySpec - - name: imageLabels + scalar: string + unions: + - discriminator: type + fields: + - fieldName: kms + discriminatorValue: KMS +- name: com.github.openshift.api.config.v1.APIServerNamedServingCert + map: + fields: + - name: names type: list: elementType: - namedType: com.github.openshift.api.config.v1.ImageLabel + scalar: string elementRelationship: atomic - - name: resources + - name: servingCertificate type: - namedType: io.k8s.api.core.v1.ResourceRequirements + namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} -- name: com.github.openshift.api.config.v1.BuildOverrides +- name: com.github.openshift.api.config.v1.APIServerServingCerts map: fields: - - name: forcePull - type: - scalar: boolean - - name: imageLabels + - name: namedCertificates type: list: elementType: - namedType: com.github.openshift.api.config.v1.ImageLabel + namedType: com.github.openshift.api.config.v1.APIServerNamedServingCert elementRelationship: atomic - - name: nodeSelector - type: - map: - elementType: - scalar: string - - name: tolerations +- name: com.github.openshift.api.config.v1.APIServerSpec + map: + fields: + - name: additionalCORSAllowedOrigins type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.BuildSpec - map: - fields: - - name: additionalTrustedCA + - name: audit + type: + namedType: com.github.openshift.api.config.v1.Audit + default: {} + - name: clientCA type: namedType: com.github.openshift.api.config.v1.ConfigMapNameReference default: {} - - name: buildDefaults + - name: encryption type: - namedType: com.github.openshift.api.config.v1.BuildDefaults + namedType: com.github.openshift.api.config.v1.APIServerEncryption default: {} - - name: buildOverrides + - name: servingCerts type: - namedType: com.github.openshift.api.config.v1.BuildOverrides + namedType: com.github.openshift.api.config.v1.APIServerServingCerts default: {} -- name: com.github.openshift.api.config.v1.CloudControllerManagerStatus + - name: tlsAdherence + type: + scalar: string + - name: tlsSecurityProfile + type: + namedType: com.github.openshift.api.config.v1.TLSSecurityProfile +- name: com.github.openshift.api.config.v1.APIServerStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.AWSDNSSpec map: fields: - - name: state + - name: privateZoneIAMRole type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.CloudLoadBalancerConfig +- name: com.github.openshift.api.config.v1.AWSIngressSpec map: fields: - - name: clusterHosted - type: - namedType: com.github.openshift.api.config.v1.CloudLoadBalancerIPs - - name: dnsType + - name: type type: scalar: string - default: PlatformDefault + default: "" unions: - - discriminator: dnsType - fields: - - fieldName: clusterHosted - discriminatorValue: ClusterHosted -- name: com.github.openshift.api.config.v1.CloudLoadBalancerIPs + - discriminator: type +- name: com.github.openshift.api.config.v1.AWSKMSConfig map: fields: - - name: apiIntLoadBalancerIPs + - name: keyARN type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: apiLoadBalancerIPs + scalar: string + default: "" + - name: region type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: ingressLoadBalancerIPs + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AWSPlatformSpec + map: + fields: + - name: serviceEndpoints type: list: elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1.ClusterCondition + namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AWSPlatformStatus map: fields: - - name: promql - type: - namedType: com.github.openshift.api.config.v1.PromQLClusterCondition - - name: type + - name: cloudLoadBalancerConfig type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.ClusterImagePolicy - map: - fields: - - name: apiVersion + namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig + default: + dnsType: PlatformDefault + - name: ipFamily type: scalar: string - - name: kind + default: IPv4 + - name: region type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1.ClusterImagePolicySpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1.ClusterImagePolicyStatus - default: {} -- name: com.github.openshift.api.config.v1.ClusterImagePolicySpec - map: - fields: - - name: policy - type: - namedType: com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes + default: "" + - name: resourceTags type: list: elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1.ClusterImagePolicyStatus - map: - fields: - - name: conditions + namedType: com.github.openshift.api.config.v1.AWSResourceTag + elementRelationship: atomic + - name: serviceEndpoints type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1.ClusterNetworkEntry + namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AWSResourceTag map: fields: - - name: cidr + - name: key type: scalar: string default: "" - - name: hostPrefix + - name: value type: - scalar: numeric -- name: com.github.openshift.api.config.v1.ClusterOperator + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AWSServiceEndpoint map: fields: - - name: apiVersion + - name: name type: scalar: string - - name: kind + default: "" + - name: url type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1.ClusterOperatorSpec - default: {} - - name: status + default: "" +- name: com.github.openshift.api.config.v1.AcceptRisk + map: + fields: + - name: name type: - namedType: com.github.openshift.api.config.v1.ClusterOperatorStatus - default: {} -- name: com.github.openshift.api.config.v1.ClusterOperatorSpec + scalar: string +- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec map: elementType: scalar: untyped @@ -709,53 +790,61 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.ClusterOperatorStatus +- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus map: fields: - - name: conditions - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.ClusterOperatorStatusCondition - elementRelationship: associative - keys: - - type - - name: extension + - name: region type: - namedType: __untyped_atomic_ - - name: relatedObjects + scalar: string + default: "" + - name: resourceGroupID type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.ObjectReference - elementRelationship: atomic - - name: versions + scalar: string + - name: resourceTags type: list: elementType: - namedType: com.github.openshift.api.config.v1.OperandVersion - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.ClusterOperatorStatusCondition + namedType: com.github.openshift.api.config.v1.AlibabaCloudResourceTag + elementRelationship: associative + keys: + - key +- name: com.github.openshift.api.config.v1.AlibabaCloudResourceTag map: fields: - - name: lastTransitionTime + - name: key type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + scalar: string + default: "" + - name: value type: scalar: string - - name: reason + default: "" +- name: com.github.openshift.api.config.v1.Audit + map: + fields: + - name: customRules + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AuditCustomRule + elementRelationship: associative + keys: + - group + - name: profile type: scalar: string - - name: status +- name: com.github.openshift.api.config.v1.AuditCustomRule + map: + fields: + - name: group type: scalar: string default: "" - - name: type + - name: profile type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.ClusterVersion +- name: com.github.openshift.api.config.v1.Authentication map: fields: - name: apiVersion @@ -766,373 +855,339 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.ClusterVersionSpec + namedType: com.github.openshift.api.config.v1.AuthenticationSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.ClusterVersionStatus + namedType: com.github.openshift.api.config.v1.AuthenticationStatus default: {} -- name: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesSpec +- name: com.github.openshift.api.config.v1.AuthenticationSpec map: fields: - - name: additionalEnabledCapabilities + - name: oauthMetadata + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: oidcProviders type: list: elementType: - scalar: string - elementRelationship: atomic - - name: baselineCapabilitySet + namedType: com.github.openshift.api.config.v1.OIDCProvider + elementRelationship: associative + keys: + - name + - name: serviceAccountIssuer type: scalar: string -- name: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesStatus - map: - fields: - - name: enabledCapabilities + default: "" + - name: type + type: + scalar: string + default: "" + - name: webhookTokenAuthenticator + type: + namedType: com.github.openshift.api.config.v1.WebhookTokenAuthenticator + - name: webhookTokenAuthenticators type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.DeprecatedWebhookTokenAuthenticator elementRelationship: atomic - - name: knownCapabilities +- name: com.github.openshift.api.config.v1.AuthenticationStatus + map: + fields: + - name: integratedOAuthMetadata + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: oidcClients type: list: elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.ClusterVersionSpec + namedType: com.github.openshift.api.config.v1.OIDCClientStatus + elementRelationship: associative + keys: + - componentNamespace + - componentName +- name: com.github.openshift.api.config.v1.AzurePlatformSpec + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.AzurePlatformStatus map: fields: - - name: capabilities + - name: armEndpoint type: - namedType: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesSpec - - name: channel + scalar: string + - name: cloudLoadBalancerConfig + type: + namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig + default: + dnsType: PlatformDefault + - name: cloudName type: scalar: string - - name: clusterID + - name: ipFamily type: scalar: string - default: "" - - name: desiredUpdate + default: IPv4 + - name: networkResourceGroupName type: - namedType: com.github.openshift.api.config.v1.Update - - name: overrides + scalar: string + - name: resourceGroupName type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.ComponentOverride - elementRelationship: associative - keys: - - kind - - group - - namespace - - name - - name: signatureStores + scalar: string + default: "" + - name: resourceTags type: list: elementType: - namedType: com.github.openshift.api.config.v1.SignatureStore - elementRelationship: associative - keys: - - url - - name: upstream + namedType: com.github.openshift.api.config.v1.AzureResourceTag + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AzureResourceTag + map: + fields: + - name: key type: scalar: string -- name: com.github.openshift.api.config.v1.ClusterVersionStatus + default: "" + - name: value + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.BareMetalPlatformLoadBalancer map: fields: - - name: availableUpdates - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.Release - elementRelationship: atomic - - name: capabilities + - name: type type: - namedType: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesStatus - default: {} - - name: conditionalUpdateRisks + scalar: string + default: OpenShiftManagedDefault + unions: + - discriminator: type +- name: com.github.openshift.api.config.v1.BareMetalPlatformSpec + map: + fields: + - name: apiServerInternalIPs type: list: elementType: - namedType: com.github.openshift.api.config.v1.ConditionalUpdateRisk - elementRelationship: associative - keys: - - name - - name: conditionalUpdates + scalar: string + elementRelationship: atomic + - name: ingressIPs type: list: elementType: - namedType: com.github.openshift.api.config.v1.ConditionalUpdate + scalar: string elementRelationship: atomic - - name: conditions + - name: machineNetworks type: list: elementType: - namedType: com.github.openshift.api.config.v1.ClusterOperatorStatusCondition - elementRelationship: associative - keys: - - type - - name: desired + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.BareMetalPlatformStatus + map: + fields: + - name: apiServerInternalIP type: - namedType: com.github.openshift.api.config.v1.Release - default: {} - - name: history + scalar: string + - name: apiServerInternalIPs type: list: elementType: - namedType: com.github.openshift.api.config.v1.UpdateHistory + scalar: string elementRelationship: atomic - - name: observedGeneration - type: - scalar: numeric - default: 0 - - name: versionHash + - name: dnsRecordsType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.ComponentOverride - map: - fields: - - name: group + - name: ingressIP type: scalar: string - default: "" - - name: kind + - name: ingressIPs type: - scalar: string - default: "" - - name: name + list: + elementType: + scalar: string + elementRelationship: atomic + - name: loadBalancer type: - scalar: string - default: "" - - name: namespace + namedType: com.github.openshift.api.config.v1.BareMetalPlatformLoadBalancer + default: + type: OpenShiftManagedDefault + - name: machineNetworks type: - scalar: string - default: "" - - name: unmanaged + list: + elementType: + scalar: string + elementRelationship: atomic + - name: nodeDNSIP type: - scalar: boolean - default: false -- name: com.github.openshift.api.config.v1.ComponentRouteSpec + scalar: string +- name: com.github.openshift.api.config.v1.BasicAuthIdentityProvider map: fields: - - name: hostname + - name: ca + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: tlsClientCert + type: + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: tlsClientKey + type: + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: url type: scalar: string default: "" - - name: name +- name: com.github.openshift.api.config.v1.Build + map: + fields: + - name: apiVersion type: scalar: string - default: "" - - name: namespace + - name: kind type: scalar: string - default: "" - - name: servingCertKeyPairSecret + - name: metadata type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} -- name: com.github.openshift.api.config.v1.ComponentRouteStatus + - name: spec + type: + namedType: com.github.openshift.api.config.v1.BuildSpec + default: {} +- name: com.github.openshift.api.config.v1.BuildDefaults map: fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - - name: consumingUsers + - name: defaultProxy type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: currentHostnames + namedType: com.github.openshift.api.config.v1.ProxySpec + - name: env type: list: elementType: - scalar: string + namedType: EnvVar.v1.core.api.k8s.io elementRelationship: atomic - - name: defaultHostname - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: namespace + - name: gitProxy type: - scalar: string - default: "" - - name: relatedObjects + namedType: com.github.openshift.api.config.v1.ProxySpec + - name: imageLabels type: list: elementType: - namedType: com.github.openshift.api.config.v1.ObjectReference + namedType: com.github.openshift.api.config.v1.ImageLabel elementRelationship: atomic -- name: com.github.openshift.api.config.v1.ConditionalUpdate - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - - name: release + - name: resources type: - namedType: com.github.openshift.api.config.v1.Release + namedType: ResourceRequirements.v1.core.api.k8s.io default: {} - - name: riskNames +- name: com.github.openshift.api.config.v1.BuildOverrides + map: + fields: + - name: forcePull type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: risks + scalar: boolean + - name: imageLabels type: list: elementType: - namedType: com.github.openshift.api.config.v1.ConditionalUpdateRisk - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.config.v1.ConditionalUpdateRisk - map: - fields: - - name: conditions + namedType: com.github.openshift.api.config.v1.ImageLabel + elementRelationship: atomic + - name: nodeSelector type: - list: + map: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - - name: matchingRules + scalar: string + - name: tolerations type: list: elementType: - namedType: com.github.openshift.api.config.v1.ClusterCondition + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - - name: message - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: url - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.ConfigMapFileReference - map: - fields: - - name: key - type: - scalar: string - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.ConfigMapNameReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Console +- name: com.github.openshift.api.config.v1.BuildSpec map: fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata + - name: additionalTrustedCA type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference default: {} - - name: spec + - name: buildDefaults type: - namedType: com.github.openshift.api.config.v1.ConsoleSpec + namedType: com.github.openshift.api.config.v1.BuildDefaults default: {} - - name: status + - name: buildOverrides type: - namedType: com.github.openshift.api.config.v1.ConsoleStatus + namedType: com.github.openshift.api.config.v1.BuildOverrides default: {} -- name: com.github.openshift.api.config.v1.ConsoleAuthentication +- name: com.github.openshift.api.config.v1.CloudControllerManagerStatus map: fields: - - name: logoutRedirect + - name: state type: scalar: string -- name: com.github.openshift.api.config.v1.ConsoleSpec + default: "" +- name: com.github.openshift.api.config.v1.CloudLoadBalancerConfig map: fields: - - name: authentication + - name: clusterHosted type: - namedType: com.github.openshift.api.config.v1.ConsoleAuthentication - default: {} -- name: com.github.openshift.api.config.v1.ConsoleStatus - map: - fields: - - name: consoleURL + namedType: com.github.openshift.api.config.v1.CloudLoadBalancerIPs + - name: dnsType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Custom + default: PlatformDefault + unions: + - discriminator: dnsType + fields: + - fieldName: clusterHosted + discriminatorValue: ClusterHosted +- name: com.github.openshift.api.config.v1.CloudLoadBalancerIPs map: fields: - - name: configs + - name: apiIntLoadBalancerIPs type: list: elementType: - namedType: com.github.openshift.api.config.v1.GathererConfig + scalar: string elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.config.v1.CustomFeatureGates - map: - fields: - - name: disabled + - name: apiLoadBalancerIPs type: list: elementType: scalar: string - elementRelationship: atomic - - name: enabled + elementRelationship: associative + - name: ingressLoadBalancerIPs type: list: elementType: scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.CustomTLSProfile + elementRelationship: associative +- name: com.github.openshift.api.config.v1.ClusterCondition map: fields: - - name: ciphers + - name: promql type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: minTLSVersion + namedType: com.github.openshift.api.config.v1.PromQLClusterCondition + - name: type type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.DNS +- name: com.github.openshift.api.config.v1.ClusterImagePolicy map: fields: - name: apiVersion @@ -1143,79 +1198,72 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.DNSSpec + namedType: com.github.openshift.api.config.v1.ClusterImagePolicySpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.DNSStatus + namedType: com.github.openshift.api.config.v1.ClusterImagePolicyStatus default: {} -- name: com.github.openshift.api.config.v1.DNSPlatformSpec +- name: com.github.openshift.api.config.v1.ClusterImagePolicySpec map: fields: - - name: aws - type: - namedType: com.github.openshift.api.config.v1.AWSDNSSpec - - name: type + - name: policy type: - scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: aws - discriminatorValue: AWS -- name: com.github.openshift.api.config.v1.DNSSpec + namedType: com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy + default: {} + - name: scopes + type: + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1.ClusterImagePolicyStatus map: fields: - - name: baseDomain + - name: conditions + type: + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type +- name: com.github.openshift.api.config.v1.ClusterNetworkEntry + map: + fields: + - name: cidr type: scalar: string default: "" - - name: platform - type: - namedType: com.github.openshift.api.config.v1.DNSPlatformSpec - default: {} - - name: privateZone - type: - namedType: com.github.openshift.api.config.v1.DNSZone - - name: publicZone + - name: hostPrefix type: - namedType: com.github.openshift.api.config.v1.DNSZone -- name: com.github.openshift.api.config.v1.DNSStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.DNSZone + scalar: numeric +- name: com.github.openshift.api.config.v1.ClusterOperator map: fields: - - name: id + - name: apiVersion type: scalar: string - - name: tags + - name: kind type: - map: - elementType: - scalar: string -- name: com.github.openshift.api.config.v1.DeprecatedWebhookTokenAuthenticator - map: - fields: - - name: kubeConfig + scalar: string + - name: metadata type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} -- name: com.github.openshift.api.config.v1.EquinixMetalPlatformSpec + - name: spec + type: + namedType: com.github.openshift.api.config.v1.ClusterOperatorSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1.ClusterOperatorStatus + default: {} +- name: com.github.openshift.api.config.v1.ClusterOperatorSpec map: elementType: scalar: untyped @@ -1227,68 +1275,53 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.EquinixMetalPlatformStatus - map: - fields: - - name: apiServerInternalIP - type: - scalar: string - - name: ingressIP - type: - scalar: string -- name: com.github.openshift.api.config.v1.ExternalIPConfig +- name: com.github.openshift.api.config.v1.ClusterOperatorStatus map: fields: - - name: autoAssignCIDRs + - name: conditions type: list: elementType: - scalar: string - elementRelationship: atomic - - name: policy + namedType: com.github.openshift.api.config.v1.ClusterOperatorStatusCondition + elementRelationship: associative + keys: + - type + - name: extension type: - namedType: com.github.openshift.api.config.v1.ExternalIPPolicy -- name: com.github.openshift.api.config.v1.ExternalIPPolicy - map: - fields: - - name: allowedCIDRs + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: relatedObjects type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.ObjectReference elementRelationship: atomic - - name: rejectedCIDRs + - name: versions type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.OperandVersion elementRelationship: atomic -- name: com.github.openshift.api.config.v1.ExternalPlatformSpec +- name: com.github.openshift.api.config.v1.ClusterOperatorStatusCondition map: fields: - - name: platformName + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - default: Unknown -- name: com.github.openshift.api.config.v1.ExternalPlatformStatus - map: - fields: - - name: cloudControllerManager + - name: reason type: - namedType: com.github.openshift.api.config.v1.CloudControllerManagerStatus - default: {} -- name: com.github.openshift.api.config.v1.ExtraMapping - map: - fields: - - name: key + scalar: string + - name: status type: scalar: string default: "" - - name: valueExpression + - name: type type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.FeatureGate +- name: com.github.openshift.api.config.v1.ClusterVersion map: fields: - name: apiVersion @@ -1299,318 +1332,267 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.FeatureGateSpec + namedType: com.github.openshift.api.config.v1.ClusterVersionSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.FeatureGateStatus + namedType: com.github.openshift.api.config.v1.ClusterVersionStatus default: {} -- name: com.github.openshift.api.config.v1.FeatureGateAttributes +- name: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesSpec map: fields: - - name: name + - name: additionalEnabledCapabilities + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: baselineCapabilitySet type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.FeatureGateDetails +- name: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesStatus map: fields: - - name: disabled + - name: enabledCapabilities type: list: elementType: - namedType: com.github.openshift.api.config.v1.FeatureGateAttributes + scalar: string elementRelationship: atomic - - name: enabled + - name: knownCapabilities type: list: elementType: - namedType: com.github.openshift.api.config.v1.FeatureGateAttributes + scalar: string elementRelationship: atomic - - name: version - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.FeatureGateSpec +- name: com.github.openshift.api.config.v1.ClusterVersionSpec map: fields: - - name: customNoUpgrade + - name: capabilities type: - namedType: com.github.openshift.api.config.v1.CustomFeatureGates - - name: featureSet + namedType: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesSpec + - name: channel type: scalar: string - unions: - - discriminator: featureSet - fields: - - fieldName: customNoUpgrade - discriminatorValue: CustomNoUpgrade -- name: com.github.openshift.api.config.v1.FeatureGateStatus - map: - fields: - - name: conditions + - name: clusterID + type: + scalar: string + default: "" + - name: desiredUpdate + type: + namedType: com.github.openshift.api.config.v1.Update + - name: overrides type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: com.github.openshift.api.config.v1.ComponentOverride elementRelationship: associative keys: - - type - - name: featureGates + - kind + - group + - namespace + - name + - name: signatureStores type: list: elementType: - namedType: com.github.openshift.api.config.v1.FeatureGateDetails + namedType: com.github.openshift.api.config.v1.SignatureStore elementRelationship: associative keys: - - version -- name: com.github.openshift.api.config.v1.GCPPlatformSpec - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.GCPPlatformStatus + - url + - name: upstream + type: + scalar: string +- name: com.github.openshift.api.config.v1.ClusterVersionStatus map: fields: - - name: cloudLoadBalancerConfig - type: - namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig - default: - dnsType: PlatformDefault - - name: projectID + - name: availableUpdates type: - scalar: string - default: "" - - name: region + list: + elementType: + namedType: com.github.openshift.api.config.v1.Release + elementRelationship: atomic + - name: capabilities type: - scalar: string - default: "" - - name: resourceLabels + namedType: com.github.openshift.api.config.v1.ClusterVersionCapabilitiesStatus + default: {} + - name: conditionalUpdateRisks type: list: elementType: - namedType: com.github.openshift.api.config.v1.GCPResourceLabel + namedType: com.github.openshift.api.config.v1.ConditionalUpdateRisk elementRelationship: associative keys: - - key - - name: resourceTags + - name + - name: conditionalUpdates type: list: elementType: - namedType: com.github.openshift.api.config.v1.GCPResourceTag + namedType: com.github.openshift.api.config.v1.ConditionalUpdate + elementRelationship: atomic + - name: conditions + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ClusterOperatorStatusCondition elementRelationship: associative keys: - - key -- name: com.github.openshift.api.config.v1.GCPResourceLabel - map: - fields: - - name: key + - type + - name: desired type: - scalar: string - default: "" - - name: value + namedType: com.github.openshift.api.config.v1.Release + default: {} + - name: history + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.UpdateHistory + elementRelationship: atomic + - name: observedGeneration + type: + scalar: numeric + default: 0 + - name: versionHash type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.GCPResourceTag +- name: com.github.openshift.api.config.v1.ComponentOverride map: fields: - - name: key + - name: group type: scalar: string default: "" - - name: parentID + - name: kind type: scalar: string default: "" - - name: value + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.GatherConfig - map: - fields: - - name: dataPolicy - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: gatherers - type: - namedType: com.github.openshift.api.config.v1.Gatherers - default: {} - - name: storage - type: - namedType: com.github.openshift.api.config.v1.Storage - default: {} -- name: com.github.openshift.api.config.v1.GathererConfig - map: - fields: - - name: name + - name: namespace type: scalar: string - - name: state + default: "" + - name: unmanaged type: - scalar: string -- name: com.github.openshift.api.config.v1.Gatherers + scalar: boolean + default: false +- name: com.github.openshift.api.config.v1.ComponentRouteSpec map: fields: - - name: custom - type: - namedType: com.github.openshift.api.config.v1.Custom - default: {} - - name: mode + - name: hostname type: scalar: string - unions: - - discriminator: mode - fields: - - fieldName: custom - discriminatorValue: Custom -- name: com.github.openshift.api.config.v1.GitHubIdentityProvider - map: - fields: - - name: ca + default: "" + - name: name type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: clientID + scalar: string + default: "" + - name: namespace type: scalar: string default: "" - - name: clientSecret + - name: servingCertKeyPairSecret type: namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} - - name: hostname +- name: com.github.openshift.api.config.v1.ComponentRouteStatus + map: + fields: + - name: conditions type: - scalar: string - default: "" - - name: organizations + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type + - name: consumingUsers type: list: elementType: scalar: string elementRelationship: atomic - - name: teams + - name: currentHostnames type: list: elementType: scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.GitLabIdentityProvider - map: - fields: - - name: ca - type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: clientID - type: - scalar: string - default: "" - - name: clientSecret - type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} - - name: url + - name: defaultHostname type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.GoogleIdentityProvider - map: - fields: - - name: clientID + - name: name type: scalar: string default: "" - - name: clientSecret - type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} - - name: hostedDomain + - name: namespace type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.HTPasswdIdentityProvider - map: - fields: - - name: fileData + - name: relatedObjects type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} -- name: com.github.openshift.api.config.v1.HubSource + list: + elementType: + namedType: com.github.openshift.api.config.v1.ObjectReference + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.ConditionalUpdate map: fields: - - name: disabled - type: - scalar: boolean - default: false - - name: name + - name: conditions type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.HubSourceStatus - map: - fields: - - name: message + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type + - name: release type: - scalar: string - - name: status + namedType: com.github.openshift.api.config.v1.Release + default: {} + - name: riskNames type: - scalar: string -- name: com.github.openshift.api.config.v1.IBMCloudPlatformSpec - map: - fields: - - name: serviceEndpoints + list: + elementType: + scalar: string + elementRelationship: associative + - name: risks type: list: elementType: - namedType: com.github.openshift.api.config.v1.IBMCloudServiceEndpoint + namedType: com.github.openshift.api.config.v1.ConditionalUpdateRisk elementRelationship: associative keys: - name -- name: com.github.openshift.api.config.v1.IBMCloudPlatformStatus +- name: com.github.openshift.api.config.v1.ConditionalUpdateRisk map: fields: - - name: cisInstanceCRN - type: - scalar: string - - name: dnsInstanceCRN - type: - scalar: string - - name: location - type: - scalar: string - - name: providerType - type: - scalar: string - - name: resourceGroupName - type: - scalar: string - - name: serviceEndpoints + - name: conditions type: list: elementType: - namedType: com.github.openshift.api.config.v1.IBMCloudServiceEndpoint + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - - name -- name: com.github.openshift.api.config.v1.IBMCloudServiceEndpoint - map: - fields: + - type + - name: matchingRules + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ClusterCondition + elementRelationship: atomic + - name: message + type: + scalar: string + default: "" - name: name type: scalar: string @@ -1619,48 +1601,24 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.IdentityProvider +- name: com.github.openshift.api.config.v1.ConfigMapFileReference map: fields: - - name: basicAuth - type: - namedType: com.github.openshift.api.config.v1.BasicAuthIdentityProvider - - name: github - type: - namedType: com.github.openshift.api.config.v1.GitHubIdentityProvider - - name: gitlab - type: - namedType: com.github.openshift.api.config.v1.GitLabIdentityProvider - - name: google - type: - namedType: com.github.openshift.api.config.v1.GoogleIdentityProvider - - name: htpasswd - type: - namedType: com.github.openshift.api.config.v1.HTPasswdIdentityProvider - - name: keystone - type: - namedType: com.github.openshift.api.config.v1.KeystoneIdentityProvider - - name: ldap - type: - namedType: com.github.openshift.api.config.v1.LDAPIdentityProvider - - name: mappingMethod + - name: key type: scalar: string - name: name type: scalar: string default: "" - - name: openID - type: - namedType: com.github.openshift.api.config.v1.OpenIDIdentityProvider - - name: requestHeader - type: - namedType: com.github.openshift.api.config.v1.RequestHeaderIdentityProvider - - name: type +- name: com.github.openshift.api.config.v1.ConfigMapNameReference + map: + fields: + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Image +- name: com.github.openshift.api.config.v1.Console map: fields: - name: apiVersion @@ -1671,113 +1629,76 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.ImageSpec + namedType: com.github.openshift.api.config.v1.ConsoleSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.ImageStatus + namedType: com.github.openshift.api.config.v1.ConsoleStatus default: {} -- name: com.github.openshift.api.config.v1.ImageContentPolicy +- name: com.github.openshift.api.config.v1.ConsoleAuthentication map: fields: - - name: apiVersion + - name: logoutRedirect type: scalar: string - - name: kind - type: - scalar: string - - name: metadata +- name: com.github.openshift.api.config.v1.ConsoleSpec + map: + fields: + - name: authentication type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1.ConsoleAuthentication default: {} - - name: spec +- name: com.github.openshift.api.config.v1.ConsoleStatus + map: + fields: + - name: consoleURL type: - namedType: com.github.openshift.api.config.v1.ImageContentPolicySpec - default: {} -- name: com.github.openshift.api.config.v1.ImageContentPolicySpec + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Custom map: fields: - - name: repositoryDigestMirrors + - name: configs type: list: elementType: - namedType: com.github.openshift.api.config.v1.RepositoryDigestMirrors + namedType: com.github.openshift.api.config.v1.GathererConfig elementRelationship: associative keys: - - source -- name: com.github.openshift.api.config.v1.ImageDigestMirrorSet + - name +- name: com.github.openshift.api.config.v1.CustomFeatureGates map: fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1.ImageDigestMirrorSetSpec - default: {} - - name: status + - name: disabled type: - namedType: com.github.openshift.api.config.v1.ImageDigestMirrorSetStatus - default: {} -- name: com.github.openshift.api.config.v1.ImageDigestMirrorSetSpec - map: - fields: - - name: imageDigestMirrors + list: + elementType: + scalar: string + elementRelationship: atomic + - name: enabled type: list: elementType: - namedType: com.github.openshift.api.config.v1.ImageDigestMirrors + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.ImageDigestMirrorSetStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.ImageDigestMirrors +- name: com.github.openshift.api.config.v1.CustomTLSProfile map: fields: - - name: mirrorSourcePolicy - type: - scalar: string - - name: mirrors + - name: ciphers type: list: elementType: scalar: string - elementRelationship: associative - - name: source - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.ImageLabel - map: - fields: - - name: name + elementRelationship: atomic + - name: minTLSVersion type: scalar: string default: "" - - name: value - type: - scalar: string -- name: com.github.openshift.api.config.v1.ImagePolicy +- name: com.github.openshift.api.config.v1.DNS map: fields: - name: apiVersion @@ -1788,128 +1709,152 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.ImagePolicySpec + namedType: com.github.openshift.api.config.v1.DNSSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.ImagePolicyStatus + namedType: com.github.openshift.api.config.v1.DNSStatus default: {} -- name: com.github.openshift.api.config.v1.ImagePolicyFulcioCAWithRekorRootOfTrust +- name: com.github.openshift.api.config.v1.DNSPlatformSpec map: fields: - - name: fulcioCAData - type: - scalar: string - - name: fulcioSubject + - name: aws type: - namedType: com.github.openshift.api.config.v1.PolicyFulcioSubject - default: {} - - name: rekorKeyData + namedType: com.github.openshift.api.config.v1.AWSDNSSpec + - name: type type: scalar: string -- name: com.github.openshift.api.config.v1.ImagePolicyPKIRootOfTrust + default: "" + unions: + - discriminator: type + fields: + - fieldName: aws + discriminatorValue: AWS +- name: com.github.openshift.api.config.v1.DNSSpec map: fields: - - name: caIntermediatesData - type: - scalar: string - - name: caRootsData + - name: baseDomain type: scalar: string - - name: pkiCertificateSubject + default: "" + - name: platform type: - namedType: com.github.openshift.api.config.v1.PKICertificateSubject + namedType: com.github.openshift.api.config.v1.DNSPlatformSpec default: {} -- name: com.github.openshift.api.config.v1.ImagePolicyPublicKeyRootOfTrust - map: - fields: - - name: keyData + - name: privateZone type: - scalar: string - - name: rekorKeyData + namedType: com.github.openshift.api.config.v1.DNSZone + - name: publicZone type: - scalar: string -- name: com.github.openshift.api.config.v1.ImagePolicySpec + namedType: com.github.openshift.api.config.v1.DNSZone +- name: com.github.openshift.api.config.v1.DNSStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.DNSZone map: fields: - - name: policy + - name: id type: - namedType: com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes + scalar: string + - name: tags type: - list: + map: elementType: scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1.ImagePolicyStatus +- name: com.github.openshift.api.config.v1.DeprecatedWebhookTokenAuthenticator map: fields: - - name: conditions + - name: kubeConfig type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} +- name: com.github.openshift.api.config.v1.EquinixMetalPlatformSpec + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.EquinixMetalPlatformStatus map: fields: - - name: rootOfTrust + - name: apiServerInternalIP type: - namedType: com.github.openshift.api.config.v1.PolicyRootOfTrust - default: {} - - name: signedIdentity + scalar: string + - name: ingressIP type: - namedType: com.github.openshift.api.config.v1.PolicyIdentity -- name: com.github.openshift.api.config.v1.ImageSpec + scalar: string +- name: com.github.openshift.api.config.v1.ExternalIPConfig map: fields: - - name: additionalTrustedCA + - name: autoAssignCIDRs type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: allowedRegistriesForImport + list: + elementType: + scalar: string + elementRelationship: atomic + - name: policy + type: + namedType: com.github.openshift.api.config.v1.ExternalIPPolicy +- name: com.github.openshift.api.config.v1.ExternalIPPolicy + map: + fields: + - name: allowedCIDRs type: list: elementType: - namedType: com.github.openshift.api.config.v1.RegistryLocation + scalar: string elementRelationship: atomic - - name: externalRegistryHostnames + - name: rejectedCIDRs type: list: elementType: scalar: string elementRelationship: atomic - - name: imageStreamImportMode +- name: com.github.openshift.api.config.v1.ExternalPlatformSpec + map: + fields: + - name: platformName type: scalar: string - default: "" - - name: registrySources + default: Unknown +- name: com.github.openshift.api.config.v1.ExternalPlatformStatus + map: + fields: + - name: cloudControllerManager type: - namedType: com.github.openshift.api.config.v1.RegistrySources + namedType: com.github.openshift.api.config.v1.CloudControllerManagerStatus default: {} -- name: com.github.openshift.api.config.v1.ImageStatus +- name: com.github.openshift.api.config.v1.ExtraMapping map: fields: - - name: externalRegistryHostnames - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: imageStreamImportMode + - name: key type: scalar: string - - name: internalRegistryHostname + default: "" + - name: valueExpression type: scalar: string -- name: com.github.openshift.api.config.v1.ImageTagMirrorSet + default: "" +- name: com.github.openshift.api.config.v1.FeatureGate map: fields: - name: apiVersion @@ -1920,26 +1865,76 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.ImageTagMirrorSetSpec + namedType: com.github.openshift.api.config.v1.FeatureGateSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.ImageTagMirrorSetStatus + namedType: com.github.openshift.api.config.v1.FeatureGateStatus default: {} -- name: com.github.openshift.api.config.v1.ImageTagMirrorSetSpec +- name: com.github.openshift.api.config.v1.FeatureGateAttributes map: fields: - - name: imageTagMirrors + - name: name type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.ImageTagMirrors + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.FeatureGateDetails + map: + fields: + - name: disabled + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.FeatureGateAttributes elementRelationship: atomic -- name: com.github.openshift.api.config.v1.ImageTagMirrorSetStatus + - name: enabled + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.FeatureGateAttributes + elementRelationship: atomic + - name: version + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.FeatureGateSpec + map: + fields: + - name: customNoUpgrade + type: + namedType: com.github.openshift.api.config.v1.CustomFeatureGates + - name: featureSet + type: + scalar: string + unions: + - discriminator: featureSet + fields: + - fieldName: customNoUpgrade + discriminatorValue: CustomNoUpgrade +- name: com.github.openshift.api.config.v1.FeatureGateStatus + map: + fields: + - name: conditions + type: + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type + - name: featureGates + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.FeatureGateDetails + elementRelationship: associative + keys: + - version +- name: com.github.openshift.api.config.v1.GCPPlatformSpec map: elementType: scalar: untyped @@ -1951,172 +1946,287 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.ImageTagMirrors +- name: com.github.openshift.api.config.v1.GCPPlatformStatus map: fields: - - name: mirrorSourcePolicy + - name: cloudLoadBalancerConfig + type: + namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig + default: + dnsType: PlatformDefault + - name: projectID type: scalar: string - - name: mirrors + default: "" + - name: region + type: + scalar: string + default: "" + - name: resourceLabels type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.GCPResourceLabel elementRelationship: associative - - name: source + keys: + - key + - name: resourceTags + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.GCPResourceTag + elementRelationship: associative + keys: + - key +- name: com.github.openshift.api.config.v1.GCPResourceLabel + map: + fields: + - name: key type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Infrastructure + - name: value + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.GCPResourceTag map: fields: - - name: apiVersion + - name: key type: scalar: string - - name: kind + default: "" + - name: parentID type: scalar: string - - name: metadata + default: "" + - name: value type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.GatherConfig + map: + fields: + - name: dataPolicy type: - namedType: com.github.openshift.api.config.v1.InfrastructureSpec + list: + elementType: + scalar: string + elementRelationship: atomic + - name: gatherers + type: + namedType: com.github.openshift.api.config.v1.Gatherers default: {} - - name: status + - name: storage type: - namedType: com.github.openshift.api.config.v1.InfrastructureStatus + namedType: com.github.openshift.api.config.v1.Storage default: {} -- name: com.github.openshift.api.config.v1.InfrastructureSpec +- name: com.github.openshift.api.config.v1.GathererConfig map: fields: - - name: cloudConfig + - name: name type: - namedType: com.github.openshift.api.config.v1.ConfigMapFileReference - default: {} - - name: platformSpec + scalar: string + - name: state type: - namedType: com.github.openshift.api.config.v1.PlatformSpec - default: {} -- name: com.github.openshift.api.config.v1.InfrastructureStatus + scalar: string +- name: com.github.openshift.api.config.v1.Gatherers map: fields: - - name: apiServerInternalURI + - name: custom type: - scalar: string - default: "" - - name: apiServerURL + namedType: com.github.openshift.api.config.v1.Custom + default: {} + - name: mode type: scalar: string - default: "" - - name: controlPlaneTopology + unions: + - discriminator: mode + fields: + - fieldName: custom + discriminatorValue: Custom +- name: com.github.openshift.api.config.v1.GitHubIdentityProvider + map: + fields: + - name: ca + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: clientID type: scalar: string default: "" - - name: cpuPartitioning + - name: clientSecret type: - scalar: string - default: None - - name: etcdDiscoveryDomain + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: hostname type: scalar: string default: "" - - name: infrastructureName + - name: organizations + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: teams + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.GitLabIdentityProvider + map: + fields: + - name: ca + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: clientID type: scalar: string default: "" - - name: infrastructureTopology + - name: clientSecret type: - scalar: string - - name: platform + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: url type: scalar: string - - name: platformStatus - type: - namedType: com.github.openshift.api.config.v1.PlatformStatus -- name: com.github.openshift.api.config.v1.Ingress + default: "" +- name: com.github.openshift.api.config.v1.GoogleIdentityProvider map: fields: - - name: apiVersion - type: - scalar: string - - name: kind + - name: clientID type: scalar: string - - name: metadata + default: "" + - name: clientSecret type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} - - name: spec + - name: hostedDomain type: - namedType: com.github.openshift.api.config.v1.IngressSpec - default: {} - - name: status + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.HTPasswdIdentityProvider + map: + fields: + - name: fileData type: - namedType: com.github.openshift.api.config.v1.IngressStatus + namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} -- name: com.github.openshift.api.config.v1.IngressPlatformSpec +- name: com.github.openshift.api.config.v1.HubSource map: fields: - - name: aws + - name: disabled type: - namedType: com.github.openshift.api.config.v1.AWSIngressSpec - - name: type + scalar: boolean + default: false + - name: name type: scalar: string default: "" - unions: - - discriminator: type - fields: - - fieldName: aws - discriminatorValue: AWS -- name: com.github.openshift.api.config.v1.IngressSpec +- name: com.github.openshift.api.config.v1.HubSourceStatus map: fields: - - name: appsDomain + - name: message type: scalar: string - - name: componentRoutes + - name: status + type: + scalar: string +- name: com.github.openshift.api.config.v1.IBMCloudPlatformSpec + map: + fields: + - name: serviceEndpoints type: list: elementType: - namedType: com.github.openshift.api.config.v1.ComponentRouteSpec + namedType: com.github.openshift.api.config.v1.IBMCloudServiceEndpoint elementRelationship: associative keys: - - namespace - name - - name: domain +- name: com.github.openshift.api.config.v1.IBMCloudPlatformStatus + map: + fields: + - name: cisInstanceCRN type: scalar: string - default: "" - - name: loadBalancer + - name: dnsInstanceCRN type: - namedType: com.github.openshift.api.config.v1.LoadBalancer - default: {} - - name: requiredHSTSPolicies + scalar: string + - name: location type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.RequiredHSTSPolicy - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.IngressStatus - map: - fields: - - name: componentRoutes + scalar: string + - name: providerType + type: + scalar: string + - name: resourceGroupName + type: + scalar: string + - name: serviceEndpoints type: list: elementType: - namedType: com.github.openshift.api.config.v1.ComponentRouteStatus + namedType: com.github.openshift.api.config.v1.IBMCloudServiceEndpoint elementRelationship: associative keys: - - namespace - name - - name: defaultPlacement +- name: com.github.openshift.api.config.v1.IBMCloudServiceEndpoint + map: + fields: + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.InsightsDataGather + - name: url + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.IdentityProvider + map: + fields: + - name: basicAuth + type: + namedType: com.github.openshift.api.config.v1.BasicAuthIdentityProvider + - name: github + type: + namedType: com.github.openshift.api.config.v1.GitHubIdentityProvider + - name: gitlab + type: + namedType: com.github.openshift.api.config.v1.GitLabIdentityProvider + - name: google + type: + namedType: com.github.openshift.api.config.v1.GoogleIdentityProvider + - name: htpasswd + type: + namedType: com.github.openshift.api.config.v1.HTPasswdIdentityProvider + - name: keystone + type: + namedType: com.github.openshift.api.config.v1.KeystoneIdentityProvider + - name: ldap + type: + namedType: com.github.openshift.api.config.v1.LDAPIdentityProvider + - name: mappingMethod + type: + scalar: string + - name: name + type: + scalar: string + default: "" + - name: openID + type: + namedType: com.github.openshift.api.config.v1.OpenIDIdentityProvider + - name: requestHeader + type: + namedType: com.github.openshift.api.config.v1.RequestHeaderIdentityProvider + - name: type + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Image map: fields: - name: apiVersion @@ -2127,70 +2237,75 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.InsightsDataGatherSpec + namedType: com.github.openshift.api.config.v1.ImageSpec default: {} -- name: com.github.openshift.api.config.v1.InsightsDataGatherSpec - map: - fields: - - name: gatherConfig + - name: status type: - namedType: com.github.openshift.api.config.v1.GatherConfig + namedType: com.github.openshift.api.config.v1.ImageStatus default: {} -- name: com.github.openshift.api.config.v1.IntermediateTLSProfile - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.KMSConfig +- name: com.github.openshift.api.config.v1.ImageContentPolicy map: fields: - - name: aws + - name: apiVersion type: - namedType: com.github.openshift.api.config.v1.AWSKMSConfig - - name: type + scalar: string + - name: kind type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: aws - discriminatorValue: AWS -- name: com.github.openshift.api.config.v1.KeystoneIdentityProvider + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1.ImageContentPolicySpec + default: {} +- name: com.github.openshift.api.config.v1.ImageContentPolicySpec map: fields: - - name: ca + - name: repositoryDigestMirrors type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: domainName + list: + elementType: + namedType: com.github.openshift.api.config.v1.RepositoryDigestMirrors + elementRelationship: associative + keys: + - source +- name: com.github.openshift.api.config.v1.ImageDigestMirrorSet + map: + fields: + - name: apiVersion type: scalar: string - default: "" - - name: tlsClientCert + - name: kind type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - - name: tlsClientKey + - name: spec type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + namedType: com.github.openshift.api.config.v1.ImageDigestMirrorSetSpec default: {} - - name: url + - name: status type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.KubevirtPlatformSpec + namedType: com.github.openshift.api.config.v1.ImageDigestMirrorSetStatus + default: {} +- name: com.github.openshift.api.config.v1.ImageDigestMirrorSetSpec + map: + fields: + - name: imageDigestMirrors + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ImageDigestMirrors + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.ImageDigestMirrorSetStatus map: elementType: scalar: untyped @@ -2202,250 +2317,223 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.KubevirtPlatformStatus +- name: com.github.openshift.api.config.v1.ImageDigestMirrors map: fields: - - name: apiServerInternalIP - type: - scalar: string - - name: ingressIP + - name: mirrorSourcePolicy type: scalar: string -- name: com.github.openshift.api.config.v1.LDAPAttributeMapping - map: - fields: - - name: email + - name: mirrors type: list: elementType: scalar: string - elementRelationship: atomic - - name: id + elementRelationship: associative + - name: source type: - list: - elementType: - scalar: string - elementRelationship: atomic + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.ImageLabel + map: + fields: - name: name type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: preferredUsername + scalar: string + default: "" + - name: value type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.LDAPIdentityProvider + scalar: string +- name: com.github.openshift.api.config.v1.ImagePolicy map: fields: - - name: attributes + - name: apiVersion type: - namedType: com.github.openshift.api.config.v1.LDAPAttributeMapping - default: {} - - name: bindDN + scalar: string + - name: kind type: scalar: string - default: "" - - name: bindPassword + - name: metadata type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - - name: ca + - name: spec type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + namedType: com.github.openshift.api.config.v1.ImagePolicySpec default: {} - - name: insecure + - name: status type: - scalar: boolean - default: false - - name: url + namedType: com.github.openshift.api.config.v1.ImagePolicyStatus + default: {} +- name: com.github.openshift.api.config.v1.ImagePolicyFulcioCAWithRekorRootOfTrust + map: + fields: + - name: fulcioCAData type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.LoadBalancer + - name: fulcioSubject + type: + namedType: com.github.openshift.api.config.v1.PolicyFulcioSubject + default: {} + - name: rekorKeyData + type: + scalar: string +- name: com.github.openshift.api.config.v1.ImagePolicyPKIRootOfTrust map: fields: - - name: platform + - name: caIntermediatesData type: - namedType: com.github.openshift.api.config.v1.IngressPlatformSpec + scalar: string + - name: caRootsData + type: + scalar: string + - name: pkiCertificateSubject + type: + namedType: com.github.openshift.api.config.v1.PKICertificateSubject default: {} -- name: com.github.openshift.api.config.v1.MTUMigration +- name: com.github.openshift.api.config.v1.ImagePolicyPublicKeyRootOfTrust map: fields: - - name: machine + - name: keyData type: - namedType: com.github.openshift.api.config.v1.MTUMigrationValues - - name: network + scalar: string + - name: rekorKeyData type: - namedType: com.github.openshift.api.config.v1.MTUMigrationValues -- name: com.github.openshift.api.config.v1.MTUMigrationValues + scalar: string +- name: com.github.openshift.api.config.v1.ImagePolicySpec map: fields: - - name: from + - name: policy type: - scalar: numeric - - name: to + namedType: com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy + default: {} + - name: scopes type: - scalar: numeric -- name: com.github.openshift.api.config.v1.MaxAgePolicy + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1.ImagePolicyStatus map: fields: - - name: largestMaxAge - type: - scalar: numeric - - name: smallestMaxAge + - name: conditions type: - scalar: numeric -- name: com.github.openshift.api.config.v1.ModernTLSProfile - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.Network + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type +- name: com.github.openshift.api.config.v1.ImageSigstoreVerificationPolicy map: fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + - name: rootOfTrust type: - namedType: com.github.openshift.api.config.v1.NetworkSpec + namedType: com.github.openshift.api.config.v1.PolicyRootOfTrust default: {} - - name: status + - name: signedIdentity type: - namedType: com.github.openshift.api.config.v1.NetworkStatus - default: {} -- name: com.github.openshift.api.config.v1.NetworkDiagnostics + namedType: com.github.openshift.api.config.v1.PolicyIdentity +- name: com.github.openshift.api.config.v1.ImageSpec map: fields: - - name: mode - type: - scalar: string - default: "" - - name: sourcePlacement - type: - namedType: com.github.openshift.api.config.v1.NetworkDiagnosticsSourcePlacement - default: {} - - name: targetPlacement + - name: additionalTrustedCA type: - namedType: com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference default: {} -- name: com.github.openshift.api.config.v1.NetworkDiagnosticsSourcePlacement - map: - fields: - - name: nodeSelector + - name: allowedRegistriesForImport type: - map: + list: elementType: - scalar: string - - name: tolerations + namedType: com.github.openshift.api.config.v1.RegistryLocation + elementRelationship: atomic + - name: externalRegistryHostnames type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement + - name: imageStreamImportMode + type: + scalar: string + default: "" + - name: registrySources + type: + namedType: com.github.openshift.api.config.v1.RegistrySources + default: {} +- name: com.github.openshift.api.config.v1.ImageStatus map: fields: - - name: nodeSelector - type: - map: - elementType: - scalar: string - - name: tolerations + - name: externalRegistryHostnames type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.NetworkMigration - map: - fields: - - name: mtu + - name: imageStreamImportMode type: - namedType: com.github.openshift.api.config.v1.MTUMigration - - name: networkType + scalar: string + - name: internalRegistryHostname type: scalar: string -- name: com.github.openshift.api.config.v1.NetworkSpec +- name: com.github.openshift.api.config.v1.ImageTagMirrorSet map: fields: - - name: clusterNetwork + - name: apiVersion type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.ClusterNetworkEntry - elementRelationship: atomic - - name: externalIP + scalar: string + - name: kind type: - namedType: com.github.openshift.api.config.v1.ExternalIPConfig - - name: networkDiagnostics + scalar: string + - name: metadata type: - namedType: com.github.openshift.api.config.v1.NetworkDiagnostics + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - - name: networkType - type: - scalar: string - default: "" - - name: serviceNetwork + - name: spec type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: serviceNodePortRange + namedType: com.github.openshift.api.config.v1.ImageTagMirrorSetSpec + default: {} + - name: status type: - scalar: string -- name: com.github.openshift.api.config.v1.NetworkStatus + namedType: com.github.openshift.api.config.v1.ImageTagMirrorSetStatus + default: {} +- name: com.github.openshift.api.config.v1.ImageTagMirrorSetSpec map: fields: - - name: clusterNetwork + - name: imageTagMirrors type: list: elementType: - namedType: com.github.openshift.api.config.v1.ClusterNetworkEntry + namedType: com.github.openshift.api.config.v1.ImageTagMirrors elementRelationship: atomic - - name: clusterNetworkMTU +- name: com.github.openshift.api.config.v1.ImageTagMirrorSetStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.ImageTagMirrors + map: + fields: + - name: mirrorSourcePolicy type: - scalar: numeric - - name: conditions + scalar: string + - name: mirrors type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + scalar: string elementRelationship: associative - keys: - - type - - name: migration - type: - namedType: com.github.openshift.api.config.v1.NetworkMigration - - name: networkType + - name: source type: scalar: string - - name: serviceNetwork - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.Node + default: "" +- name: com.github.openshift.api.config.v1.Infrastructure map: fields: - name: apiVersion @@ -2456,161 +2544,145 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.NodeSpec + namedType: com.github.openshift.api.config.v1.InfrastructureSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.NodeStatus + namedType: com.github.openshift.api.config.v1.InfrastructureStatus default: {} -- name: com.github.openshift.api.config.v1.NodeSpec +- name: com.github.openshift.api.config.v1.InfrastructureSpec map: fields: - - name: cgroupMode + - name: cloudConfig + type: + namedType: com.github.openshift.api.config.v1.ConfigMapFileReference + default: {} + - name: platformSpec + type: + namedType: com.github.openshift.api.config.v1.PlatformSpec + default: {} +- name: com.github.openshift.api.config.v1.InfrastructureStatus + map: + fields: + - name: apiServerInternalURI type: scalar: string - - name: minimumKubeletVersion + default: "" + - name: apiServerURL type: scalar: string default: "" - - name: workerLatencyProfile + - name: controlPlaneTopology type: scalar: string -- name: com.github.openshift.api.config.v1.NodeStatus - map: - fields: - - name: conditions + default: "" + - name: cpuPartitioning type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1.NutanixFailureDomain - map: - fields: - - name: cluster + scalar: string + default: None + - name: etcdDiscoveryDomain type: - namedType: com.github.openshift.api.config.v1.NutanixResourceIdentifier - default: {} - - name: name + scalar: string + default: "" + - name: infrastructureName type: scalar: string default: "" - - name: subnets + - name: infrastructureTopology type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.NutanixResourceIdentifier - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.NutanixPlatformLoadBalancer - map: - fields: - - name: type + scalar: string + - name: platform type: scalar: string - default: OpenShiftManagedDefault - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.NutanixPlatformSpec - map: - fields: - - name: failureDomains - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.NutanixFailureDomain - elementRelationship: associative - keys: - - name - - name: prismCentral - type: - namedType: com.github.openshift.api.config.v1.NutanixPrismEndpoint - default: {} - - name: prismElements + - name: platformStatus type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.NutanixPrismElementEndpoint - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.config.v1.NutanixPlatformStatus + namedType: com.github.openshift.api.config.v1.PlatformStatus +- name: com.github.openshift.api.config.v1.Ingress map: fields: - - name: apiServerInternalIP + - name: apiVersion type: scalar: string - - name: apiServerInternalIPs - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: dnsRecordsType + - name: kind type: scalar: string - - name: ingressIP + - name: metadata type: - scalar: string - - name: ingressIPs + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: loadBalancer + namedType: com.github.openshift.api.config.v1.IngressSpec + default: {} + - name: status type: - namedType: com.github.openshift.api.config.v1.NutanixPlatformLoadBalancer - default: - type: OpenShiftManagedDefault -- name: com.github.openshift.api.config.v1.NutanixPrismElementEndpoint + namedType: com.github.openshift.api.config.v1.IngressStatus + default: {} +- name: com.github.openshift.api.config.v1.IngressPlatformSpec map: fields: - - name: endpoint + - name: aws type: - namedType: com.github.openshift.api.config.v1.NutanixPrismEndpoint - default: {} - - name: name + namedType: com.github.openshift.api.config.v1.AWSIngressSpec + - name: type type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.NutanixPrismEndpoint + unions: + - discriminator: type + fields: + - fieldName: aws + discriminatorValue: AWS +- name: com.github.openshift.api.config.v1.IngressSpec map: fields: - - name: address + - name: appsDomain + type: + scalar: string + - name: componentRoutes + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.ComponentRouteSpec + elementRelationship: associative + keys: + - namespace + - name + - name: domain type: scalar: string default: "" - - name: port + - name: loadBalancer type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1.NutanixResourceIdentifier + namedType: com.github.openshift.api.config.v1.LoadBalancer + default: {} + - name: requiredHSTSPolicies + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.RequiredHSTSPolicy + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.IngressStatus map: fields: - - name: name + - name: componentRoutes type: - scalar: string - - name: type + list: + elementType: + namedType: com.github.openshift.api.config.v1.ComponentRouteStatus + elementRelationship: associative + keys: + - namespace + - name + - name: defaultPlacement type: scalar: string default: "" - - name: uuid - type: - scalar: string - unions: - - discriminator: type - fields: - - fieldName: name - discriminatorValue: Name - - fieldName: uuid - discriminatorValue: UUID -- name: com.github.openshift.api.config.v1.OAuth +- name: com.github.openshift.api.config.v1.InsightsDataGather map: fields: - name: apiVersion @@ -2621,34 +2693,20 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.OAuthSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1.OAuthStatus + namedType: com.github.openshift.api.config.v1.InsightsDataGatherSpec default: {} -- name: com.github.openshift.api.config.v1.OAuthSpec +- name: com.github.openshift.api.config.v1.InsightsDataGatherSpec map: fields: - - name: identityProviders - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.IdentityProvider - elementRelationship: atomic - - name: templates - type: - namedType: com.github.openshift.api.config.v1.OAuthTemplates - default: {} - - name: tokenConfig + - name: gatherConfig type: - namedType: com.github.openshift.api.config.v1.TokenConfig + namedType: com.github.openshift.api.config.v1.GatherConfig default: {} -- name: com.github.openshift.api.config.v1.OAuthStatus +- name: com.github.openshift.api.config.v1.IntermediateTLSProfile map: elementType: scalar: untyped @@ -2660,152 +2718,154 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.OAuthTemplates +- name: com.github.openshift.api.config.v1.KMSConfig map: fields: - - name: error - type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} - - name: login + - name: aws type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} - - name: providerSelection + namedType: com.github.openshift.api.config.v1.AWSKMSConfig + - name: type type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} -- name: com.github.openshift.api.config.v1.OIDCClientConfig + scalar: string + default: "" + unions: + - discriminator: type + fields: + - fieldName: aws + discriminatorValue: AWS +- name: com.github.openshift.api.config.v1.KeystoneIdentityProvider map: fields: - - name: clientID + - name: ca + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: domainName type: scalar: string default: "" - - name: clientSecret + - name: tlsClientCert type: namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} - - name: componentName + - name: tlsClientKey type: - scalar: string - default: "" - - name: componentNamespace + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: url type: scalar: string default: "" - - name: extraScopes - type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1.OIDCClientReference +- name: com.github.openshift.api.config.v1.KubevirtPlatformSpec + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.KubevirtPlatformStatus map: fields: - - name: clientID - type: - scalar: string - default: "" - - name: issuerURL + - name: apiServerInternalIP type: scalar: string - default: "" - - name: oidcProviderName + - name: ingressIP type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.OIDCClientStatus +- name: com.github.openshift.api.config.v1.LDAPAttributeMapping map: fields: - - name: componentName - type: - scalar: string - default: "" - - name: componentNamespace + - name: email type: - scalar: string - default: "" - - name: conditions + list: + elementType: + scalar: string + elementRelationship: atomic + - name: id type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - - name: consumingUsers + scalar: string + elementRelationship: atomic + - name: name type: list: elementType: scalar: string - elementRelationship: associative - - name: currentOIDCClients + elementRelationship: atomic + - name: preferredUsername type: list: elementType: - namedType: com.github.openshift.api.config.v1.OIDCClientReference - elementRelationship: associative - keys: - - issuerURL - - clientID -- name: com.github.openshift.api.config.v1.OIDCProvider + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.LDAPIdentityProvider map: fields: - - name: claimMappings + - name: attributes type: - namedType: com.github.openshift.api.config.v1.TokenClaimMappings + namedType: com.github.openshift.api.config.v1.LDAPAttributeMapping default: {} - - name: claimValidationRules + - name: bindDN type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.TokenClaimValidationRule - elementRelationship: atomic - - name: issuer + scalar: string + default: "" + - name: bindPassword type: - namedType: com.github.openshift.api.config.v1.TokenIssuer + namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} - - name: name + - name: ca + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: insecure + type: + scalar: boolean + default: false + - name: url type: scalar: string default: "" - - name: oidcClients +- name: com.github.openshift.api.config.v1.LoadBalancer + map: + fields: + - name: platform type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.OIDCClientConfig - elementRelationship: associative - keys: - - componentNamespace - - componentName - - name: userValidationRules + namedType: com.github.openshift.api.config.v1.IngressPlatformSpec + default: {} +- name: com.github.openshift.api.config.v1.MTUMigration + map: + fields: + - name: machine type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.TokenUserValidationRule - elementRelationship: associative - keys: - - expression -- name: com.github.openshift.api.config.v1.ObjectReference + namedType: com.github.openshift.api.config.v1.MTUMigrationValues + - name: network + type: + namedType: com.github.openshift.api.config.v1.MTUMigrationValues +- name: com.github.openshift.api.config.v1.MTUMigrationValues map: fields: - - name: group + - name: from type: - scalar: string - default: "" - - name: name + scalar: numeric + - name: to type: - scalar: string - default: "" - - name: namespace + scalar: numeric +- name: com.github.openshift.api.config.v1.MaxAgePolicy + map: + fields: + - name: largestMaxAge type: - scalar: string - - name: resource + scalar: numeric + - name: smallestMaxAge type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.OldTLSProfile + scalar: numeric +- name: com.github.openshift.api.config.v1.ModernTLSProfile map: elementType: scalar: untyped @@ -2817,150 +2877,141 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.OpenIDClaims +- name: com.github.openshift.api.config.v1.Network map: fields: - - name: email - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: groups + - name: apiVersion type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: name + scalar: string + - name: kind type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: preferredUsername + scalar: string + - name: metadata type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.OpenIDIdentityProvider - map: - fields: - - name: ca + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + namedType: com.github.openshift.api.config.v1.NetworkSpec default: {} - - name: claims + - name: status type: - namedType: com.github.openshift.api.config.v1.OpenIDClaims + namedType: com.github.openshift.api.config.v1.NetworkStatus default: {} - - name: clientID +- name: com.github.openshift.api.config.v1.NetworkDiagnostics + map: + fields: + - name: mode type: scalar: string default: "" - - name: clientSecret + - name: sourcePlacement type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + namedType: com.github.openshift.api.config.v1.NetworkDiagnosticsSourcePlacement default: {} - - name: extraAuthorizeParameters + - name: targetPlacement + type: + namedType: com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement + default: {} +- name: com.github.openshift.api.config.v1.NetworkDiagnosticsSourcePlacement + map: + fields: + - name: nodeSelector type: map: elementType: scalar: string - - name: extraScopes + - name: tolerations type: list: elementType: - scalar: string + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - - name: issuer - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.OpenStackPlatformLoadBalancer - map: - fields: - - name: type - type: - scalar: string - default: OpenShiftManagedDefault - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.OpenStackPlatformSpec +- name: com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement map: fields: - - name: apiServerInternalIPs - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: ingressIPs + - name: nodeSelector type: - list: + map: elementType: scalar: string - elementRelationship: atomic - - name: machineNetworks + - name: tolerations type: list: elementType: - scalar: string + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic -- name: com.github.openshift.api.config.v1.OpenStackPlatformStatus +- name: com.github.openshift.api.config.v1.NetworkMigration map: fields: - - name: apiServerInternalIP + - name: mtu + type: + namedType: com.github.openshift.api.config.v1.MTUMigration + - name: networkType type: scalar: string - - name: apiServerInternalIPs +- name: com.github.openshift.api.config.v1.NetworkSpec + map: + fields: + - name: clusterNetwork type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.ClusterNetworkEntry elementRelationship: atomic - - name: cloudName + - name: externalIP type: - scalar: string - - name: dnsRecordsType + namedType: com.github.openshift.api.config.v1.ExternalIPConfig + - name: networkDiagnostics type: - scalar: string - - name: ingressIP + namedType: com.github.openshift.api.config.v1.NetworkDiagnostics + default: {} + - name: networkType type: scalar: string - - name: ingressIPs + default: "" + - name: serviceNetwork type: list: elementType: scalar: string elementRelationship: atomic - - name: loadBalancer + - name: serviceNodePortRange type: - namedType: com.github.openshift.api.config.v1.OpenStackPlatformLoadBalancer - default: - type: OpenShiftManagedDefault - - name: machineNetworks + scalar: string +- name: com.github.openshift.api.config.v1.NetworkStatus + map: + fields: + - name: clusterNetwork type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.ClusterNetworkEntry elementRelationship: atomic - - name: nodeDNSIP + - name: clusterNetworkMTU type: - scalar: string -- name: com.github.openshift.api.config.v1.OperandVersion - map: - fields: - - name: name + scalar: numeric + - name: conditions type: - scalar: string - default: "" - - name: version + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type + - name: migration + type: + namedType: com.github.openshift.api.config.v1.NetworkMigration + - name: networkType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.OperatorHub + - name: serviceNetwork + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.Node map: fields: - name: apiVersion @@ -2971,38 +3022,58 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.OperatorHubSpec + namedType: com.github.openshift.api.config.v1.NodeSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.OperatorHubStatus + namedType: com.github.openshift.api.config.v1.NodeStatus default: {} -- name: com.github.openshift.api.config.v1.OperatorHubSpec +- name: com.github.openshift.api.config.v1.NodeSpec map: fields: - - name: disableAllDefaultSources + - name: cgroupMode type: - scalar: boolean - - name: sources + scalar: string + - name: minimumKubeletVersion type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.HubSource - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.OperatorHubStatus + scalar: string + default: "" + - name: workerLatencyProfile + type: + scalar: string +- name: com.github.openshift.api.config.v1.NodeStatus map: fields: - - name: sources + - name: conditions type: list: elementType: - namedType: com.github.openshift.api.config.v1.HubSourceStatus + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type +- name: com.github.openshift.api.config.v1.NutanixFailureDomain + map: + fields: + - name: cluster + type: + namedType: com.github.openshift.api.config.v1.NutanixResourceIdentifier + default: {} + - name: name + type: + scalar: string + default: "" + - name: subnets + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.NutanixResourceIdentifier elementRelationship: atomic -- name: com.github.openshift.api.config.v1.OvirtPlatformLoadBalancer +- name: com.github.openshift.api.config.v1.NutanixPlatformLoadBalancer map: fields: - name: type @@ -3011,19 +3082,30 @@ var schemaYAML = typed.YAMLObject(`types: default: OpenShiftManagedDefault unions: - discriminator: type -- name: com.github.openshift.api.config.v1.OvirtPlatformSpec +- name: com.github.openshift.api.config.v1.NutanixPlatformSpec map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.OvirtPlatformStatus + fields: + - name: failureDomains + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.NutanixFailureDomain + elementRelationship: associative + keys: + - name + - name: prismCentral + type: + namedType: com.github.openshift.api.config.v1.NutanixPrismEndpoint + default: {} + - name: prismElements + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.NutanixPrismElementEndpoint + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.config.v1.NutanixPlatformStatus map: fields: - name: apiServerInternalIP @@ -3049,311 +3131,453 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative - name: loadBalancer type: - namedType: com.github.openshift.api.config.v1.OvirtPlatformLoadBalancer + namedType: com.github.openshift.api.config.v1.NutanixPlatformLoadBalancer default: type: OpenShiftManagedDefault - - name: nodeDNSIP +- name: com.github.openshift.api.config.v1.NutanixPrismElementEndpoint + map: + fields: + - name: endpoint + type: + namedType: com.github.openshift.api.config.v1.NutanixPrismEndpoint + default: {} + - name: name type: scalar: string -- name: com.github.openshift.api.config.v1.PKICertificateSubject + default: "" +- name: com.github.openshift.api.config.v1.NutanixPrismEndpoint map: fields: - - name: email + - name: address type: scalar: string - - name: hostname + default: "" + - name: port type: - scalar: string -- name: com.github.openshift.api.config.v1.PersistentVolumeClaimReference + scalar: numeric + default: 0 +- name: com.github.openshift.api.config.v1.NutanixResourceIdentifier map: fields: - name: name type: scalar: string -- name: com.github.openshift.api.config.v1.PersistentVolumeConfig - map: - fields: - - name: claim + - name: type type: - namedType: com.github.openshift.api.config.v1.PersistentVolumeClaimReference - default: {} - - name: mountPath + scalar: string + default: "" + - name: uuid type: scalar: string -- name: com.github.openshift.api.config.v1.PlatformSpec + unions: + - discriminator: type + fields: + - fieldName: name + discriminatorValue: Name + - fieldName: uuid + discriminatorValue: UUID +- name: com.github.openshift.api.config.v1.OAuth map: fields: - - name: alibabaCloud + - name: apiVersion type: - namedType: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec - - name: aws + scalar: string + - name: kind type: - namedType: com.github.openshift.api.config.v1.AWSPlatformSpec - - name: azure + scalar: string + - name: metadata type: - namedType: com.github.openshift.api.config.v1.AzurePlatformSpec - - name: baremetal + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - namedType: com.github.openshift.api.config.v1.BareMetalPlatformSpec - - name: equinixMetal + namedType: com.github.openshift.api.config.v1.OAuthSpec + default: {} + - name: status type: - namedType: com.github.openshift.api.config.v1.EquinixMetalPlatformSpec - - name: external + namedType: com.github.openshift.api.config.v1.OAuthStatus + default: {} +- name: com.github.openshift.api.config.v1.OAuthSpec + map: + fields: + - name: identityProviders type: - namedType: com.github.openshift.api.config.v1.ExternalPlatformSpec - - name: gcp + list: + elementType: + namedType: com.github.openshift.api.config.v1.IdentityProvider + elementRelationship: atomic + - name: templates type: - namedType: com.github.openshift.api.config.v1.GCPPlatformSpec - - name: ibmcloud + namedType: com.github.openshift.api.config.v1.OAuthTemplates + default: {} + - name: tokenConfig type: - namedType: com.github.openshift.api.config.v1.IBMCloudPlatformSpec - - name: kubevirt + namedType: com.github.openshift.api.config.v1.TokenConfig + default: {} +- name: com.github.openshift.api.config.v1.OAuthStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.OAuthTemplates + map: + fields: + - name: error type: - namedType: com.github.openshift.api.config.v1.KubevirtPlatformSpec - - name: nutanix + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: login type: - namedType: com.github.openshift.api.config.v1.NutanixPlatformSpec - - name: openstack + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: providerSelection type: - namedType: com.github.openshift.api.config.v1.OpenStackPlatformSpec - - name: ovirt + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} +- name: com.github.openshift.api.config.v1.OIDCClientConfig + map: + fields: + - name: clientID type: - namedType: com.github.openshift.api.config.v1.OvirtPlatformSpec - - name: powervs + scalar: string + default: "" + - name: clientSecret type: - namedType: com.github.openshift.api.config.v1.PowerVSPlatformSpec - - name: type + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: componentName type: scalar: string default: "" - - name: vsphere + - name: componentNamespace type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformSpec -- name: com.github.openshift.api.config.v1.PlatformStatus + scalar: string + default: "" + - name: extraScopes + type: + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1.OIDCClientReference map: fields: - - name: alibabaCloud - type: - namedType: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus - - name: aws - type: - namedType: com.github.openshift.api.config.v1.AWSPlatformStatus - - name: azure + - name: clientID type: - namedType: com.github.openshift.api.config.v1.AzurePlatformStatus - - name: baremetal + scalar: string + default: "" + - name: issuerURL type: - namedType: com.github.openshift.api.config.v1.BareMetalPlatformStatus - - name: equinixMetal + scalar: string + default: "" + - name: oidcProviderName type: - namedType: com.github.openshift.api.config.v1.EquinixMetalPlatformStatus - - name: external + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.OIDCClientStatus + map: + fields: + - name: componentName type: - namedType: com.github.openshift.api.config.v1.ExternalPlatformStatus - - name: gcp + scalar: string + default: "" + - name: componentNamespace type: - namedType: com.github.openshift.api.config.v1.GCPPlatformStatus - - name: ibmcloud + scalar: string + default: "" + - name: conditions type: - namedType: com.github.openshift.api.config.v1.IBMCloudPlatformStatus - - name: kubevirt + list: + elementType: + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type + - name: consumingUsers type: - namedType: com.github.openshift.api.config.v1.KubevirtPlatformStatus - - name: nutanix + list: + elementType: + scalar: string + elementRelationship: associative + - name: currentOIDCClients type: - namedType: com.github.openshift.api.config.v1.NutanixPlatformStatus - - name: openstack + list: + elementType: + namedType: com.github.openshift.api.config.v1.OIDCClientReference + elementRelationship: associative + keys: + - issuerURL + - clientID +- name: com.github.openshift.api.config.v1.OIDCProvider + map: + fields: + - name: claimMappings type: - namedType: com.github.openshift.api.config.v1.OpenStackPlatformStatus - - name: ovirt + namedType: com.github.openshift.api.config.v1.TokenClaimMappings + default: {} + - name: claimValidationRules type: - namedType: com.github.openshift.api.config.v1.OvirtPlatformStatus - - name: powervs + list: + elementType: + namedType: com.github.openshift.api.config.v1.TokenClaimValidationRule + elementRelationship: atomic + - name: issuer type: - namedType: com.github.openshift.api.config.v1.PowerVSPlatformStatus - - name: type + namedType: com.github.openshift.api.config.v1.TokenIssuer + default: {} + - name: name type: scalar: string default: "" - - name: vsphere + - name: oidcClients type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformStatus -- name: com.github.openshift.api.config.v1.PolicyFulcioSubject + list: + elementType: + namedType: com.github.openshift.api.config.v1.OIDCClientConfig + elementRelationship: associative + keys: + - componentNamespace + - componentName + - name: userValidationRules + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.TokenUserValidationRule + elementRelationship: associative + keys: + - expression +- name: com.github.openshift.api.config.v1.ObjectReference map: fields: - - name: oidcIssuer + - name: group type: scalar: string default: "" - - name: signedEmail + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.PolicyIdentity - map: - fields: - - name: exactRepository + - name: namespace type: - namedType: com.github.openshift.api.config.v1.PolicyMatchExactRepository - - name: matchPolicy + scalar: string + - name: resource type: scalar: string default: "" - - name: remapIdentity - type: - namedType: com.github.openshift.api.config.v1.PolicyMatchRemapIdentity - unions: - - discriminator: matchPolicy - fields: - - fieldName: exactRepository - discriminatorValue: PolicyMatchExactRepository - - fieldName: remapIdentity - discriminatorValue: PolicyMatchRemapIdentity -- name: com.github.openshift.api.config.v1.PolicyMatchExactRepository +- name: com.github.openshift.api.config.v1.OldTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.OpenIDClaims map: fields: - - name: repository + - name: email type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.PolicyMatchRemapIdentity + list: + elementType: + scalar: string + elementRelationship: atomic + - name: groups + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: name + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: preferredUsername + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.OpenIDIdentityProvider map: fields: - - name: prefix + - name: ca type: - scalar: string - default: "" - - name: signedPrefix + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: claims + type: + namedType: com.github.openshift.api.config.v1.OpenIDClaims + default: {} + - name: clientID type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.PolicyRootOfTrust - map: - fields: - - name: fulcioCAWithRekor + - name: clientSecret type: - namedType: com.github.openshift.api.config.v1.ImagePolicyFulcioCAWithRekorRootOfTrust - - name: pki + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} + - name: extraAuthorizeParameters type: - namedType: com.github.openshift.api.config.v1.ImagePolicyPKIRootOfTrust - - name: policyType + map: + elementType: + scalar: string + - name: extraScopes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: issuer type: scalar: string default: "" - - name: publicKey +- name: com.github.openshift.api.config.v1.OpenStackPlatformLoadBalancer + map: + fields: + - name: type type: - namedType: com.github.openshift.api.config.v1.ImagePolicyPublicKeyRootOfTrust + scalar: string + default: OpenShiftManagedDefault unions: - - discriminator: policyType - fields: - - fieldName: fulcioCAWithRekor - discriminatorValue: FulcioCAWithRekor - - fieldName: pki - discriminatorValue: PKI - - fieldName: publicKey - discriminatorValue: PublicKey -- name: com.github.openshift.api.config.v1.PowerVSPlatformSpec + - discriminator: type +- name: com.github.openshift.api.config.v1.OpenStackPlatformSpec map: fields: - - name: serviceEndpoints + - name: apiServerInternalIPs type: list: elementType: - namedType: com.github.openshift.api.config.v1.PowerVSServiceEndpoint - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.config.v1.PowerVSPlatformStatus + scalar: string + elementRelationship: atomic + - name: ingressIPs + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: machineNetworks + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.OpenStackPlatformStatus map: fields: - - name: cisInstanceCRN + - name: apiServerInternalIP type: scalar: string - - name: dnsInstanceCRN + - name: apiServerInternalIPs + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: cloudName type: scalar: string - - name: region + - name: dnsRecordsType type: scalar: string - default: "" - - name: resourceGroup + - name: ingressIP type: scalar: string - default: "" - - name: serviceEndpoints + - name: ingressIPs type: list: elementType: - namedType: com.github.openshift.api.config.v1.PowerVSServiceEndpoint - elementRelationship: associative - keys: - - name - - name: zone + scalar: string + elementRelationship: atomic + - name: loadBalancer + type: + namedType: com.github.openshift.api.config.v1.OpenStackPlatformLoadBalancer + default: + type: OpenShiftManagedDefault + - name: machineNetworks + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: nodeDNSIP type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.PowerVSServiceEndpoint +- name: com.github.openshift.api.config.v1.OperandVersion map: fields: - name: name type: scalar: string default: "" - - name: url + - name: version type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.PrefixedClaimMapping +- name: com.github.openshift.api.config.v1.OperatorHub map: fields: - - name: claim + - name: apiVersion type: scalar: string - default: "" - - name: prefix + - name: kind type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.ProfileCustomizations - map: - fields: - - name: dynamicResourceAllocation + - name: metadata type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Project - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1.ProjectSpec + namedType: com.github.openshift.api.config.v1.OperatorHubSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1.ProjectStatus + namedType: com.github.openshift.api.config.v1.OperatorHubStatus default: {} -- name: com.github.openshift.api.config.v1.ProjectSpec +- name: com.github.openshift.api.config.v1.OperatorHubSpec map: fields: - - name: projectRequestMessage + - name: disableAllDefaultSources type: - scalar: string - default: "" - - name: projectRequestTemplate + scalar: boolean + - name: sources type: - namedType: com.github.openshift.api.config.v1.TemplateReference - default: {} -- name: com.github.openshift.api.config.v1.ProjectStatus + list: + elementType: + namedType: com.github.openshift.api.config.v1.HubSource + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.OperatorHubStatus + map: + fields: + - name: sources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.HubSourceStatus + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.OvirtPlatformLoadBalancer + map: + fields: + - name: type + type: + scalar: string + default: OpenShiftManagedDefault + unions: + - discriminator: type +- name: com.github.openshift.api.config.v1.OvirtPlatformSpec map: elementType: scalar: untyped @@ -3365,1180 +3589,1157 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.PromQLClusterCondition - map: - fields: - - name: promql - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Proxy +- name: com.github.openshift.api.config.v1.OvirtPlatformStatus map: fields: - - name: apiVersion - type: - scalar: string - - name: kind + - name: apiServerInternalIP type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1.ProxySpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1.ProxyStatus - default: {} -- name: com.github.openshift.api.config.v1.ProxySpec - map: - fields: - - name: httpProxy + - name: apiServerInternalIPs type: - scalar: string - - name: httpsProxy + list: + elementType: + scalar: string + elementRelationship: associative + - name: dnsRecordsType type: scalar: string - - name: noProxy + - name: ingressIP type: scalar: string - - name: readinessEndpoints + - name: ingressIPs type: list: elementType: scalar: string - elementRelationship: atomic - - name: trustedCA + elementRelationship: associative + - name: loadBalancer type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} -- name: com.github.openshift.api.config.v1.ProxyStatus + namedType: com.github.openshift.api.config.v1.OvirtPlatformLoadBalancer + default: + type: OpenShiftManagedDefault + - name: nodeDNSIP + type: + scalar: string +- name: com.github.openshift.api.config.v1.PKICertificateSubject map: fields: - - name: httpProxy + - name: email type: scalar: string - - name: httpsProxy + - name: hostname type: scalar: string - - name: noProxy +- name: com.github.openshift.api.config.v1.PersistentVolumeClaimReference + map: + fields: + - name: name type: scalar: string -- name: com.github.openshift.api.config.v1.RegistryLocation +- name: com.github.openshift.api.config.v1.PersistentVolumeConfig map: fields: - - name: domainName + - name: claim type: - scalar: string - default: "" - - name: insecure + namedType: com.github.openshift.api.config.v1.PersistentVolumeClaimReference + default: {} + - name: mountPath type: - scalar: boolean -- name: com.github.openshift.api.config.v1.RegistrySources + scalar: string +- name: com.github.openshift.api.config.v1.PlatformSpec map: fields: - - name: allowedRegistries + - name: alibabaCloud type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: blockedRegistries + namedType: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec + - name: aws type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: containerRuntimeSearchRegistries + namedType: com.github.openshift.api.config.v1.AWSPlatformSpec + - name: azure type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: insecureRegistries + namedType: com.github.openshift.api.config.v1.AzurePlatformSpec + - name: baremetal type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.Release - map: - fields: - - name: architecture + namedType: com.github.openshift.api.config.v1.BareMetalPlatformSpec + - name: equinixMetal type: - scalar: string - - name: channels + namedType: com.github.openshift.api.config.v1.EquinixMetalPlatformSpec + - name: external type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: image + namedType: com.github.openshift.api.config.v1.ExternalPlatformSpec + - name: gcp type: - scalar: string - default: "" - - name: url + namedType: com.github.openshift.api.config.v1.GCPPlatformSpec + - name: ibmcloud type: - scalar: string - - name: version + namedType: com.github.openshift.api.config.v1.IBMCloudPlatformSpec + - name: kubevirt type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.RepositoryDigestMirrors - map: - fields: - - name: allowMirrorByTags + namedType: com.github.openshift.api.config.v1.KubevirtPlatformSpec + - name: nutanix type: - scalar: boolean - - name: mirrors + namedType: com.github.openshift.api.config.v1.NutanixPlatformSpec + - name: openstack type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: source + namedType: com.github.openshift.api.config.v1.OpenStackPlatformSpec + - name: ovirt + type: + namedType: com.github.openshift.api.config.v1.OvirtPlatformSpec + - name: powervs + type: + namedType: com.github.openshift.api.config.v1.PowerVSPlatformSpec + - name: type type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.RequestHeaderIdentityProvider + - name: vsphere + type: + namedType: com.github.openshift.api.config.v1.VSpherePlatformSpec +- name: com.github.openshift.api.config.v1.PlatformStatus map: fields: - - name: ca + - name: alibabaCloud type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: challengeURL + namedType: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus + - name: aws type: - scalar: string - default: "" - - name: clientCommonNames + namedType: com.github.openshift.api.config.v1.AWSPlatformStatus + - name: azure type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: emailHeaders + namedType: com.github.openshift.api.config.v1.AzurePlatformStatus + - name: baremetal type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: headers + namedType: com.github.openshift.api.config.v1.BareMetalPlatformStatus + - name: equinixMetal type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: loginURL + namedType: com.github.openshift.api.config.v1.EquinixMetalPlatformStatus + - name: external type: - scalar: string - default: "" - - name: nameHeaders + namedType: com.github.openshift.api.config.v1.ExternalPlatformStatus + - name: gcp type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: preferredUsernameHeaders + namedType: com.github.openshift.api.config.v1.GCPPlatformStatus + - name: ibmcloud type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.RequiredHSTSPolicy - map: - fields: - - name: domainPatterns + namedType: com.github.openshift.api.config.v1.IBMCloudPlatformStatus + - name: kubevirt type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: includeSubDomainsPolicy + namedType: com.github.openshift.api.config.v1.KubevirtPlatformStatus + - name: nutanix type: - scalar: string - - name: maxAge + namedType: com.github.openshift.api.config.v1.NutanixPlatformStatus + - name: openstack type: - namedType: com.github.openshift.api.config.v1.MaxAgePolicy - default: {} - - name: namespaceSelector + namedType: com.github.openshift.api.config.v1.OpenStackPlatformStatus + - name: ovirt type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: preloadPolicy + namedType: com.github.openshift.api.config.v1.OvirtPlatformStatus + - name: powervs + type: + namedType: com.github.openshift.api.config.v1.PowerVSPlatformStatus + - name: type type: scalar: string -- name: com.github.openshift.api.config.v1.Scheduler + default: "" + - name: vsphere + type: + namedType: com.github.openshift.api.config.v1.VSpherePlatformStatus +- name: com.github.openshift.api.config.v1.PolicyFulcioSubject map: fields: - - name: apiVersion + - name: oidcIssuer type: scalar: string - - name: kind + default: "" + - name: signedEmail type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1.SchedulerSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1.SchedulerStatus - default: {} -- name: com.github.openshift.api.config.v1.SchedulerSpec + default: "" +- name: com.github.openshift.api.config.v1.PolicyIdentity map: fields: - - name: defaultNodeSelector - type: - scalar: string - - name: mastersSchedulable - type: - scalar: boolean - default: false - - name: policy + - name: exactRepository type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: profile + namedType: com.github.openshift.api.config.v1.PolicyMatchExactRepository + - name: matchPolicy type: scalar: string - - name: profileCustomizations + default: "" + - name: remapIdentity type: - namedType: com.github.openshift.api.config.v1.ProfileCustomizations - default: {} -- name: com.github.openshift.api.config.v1.SchedulerStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.SecretNameReference + namedType: com.github.openshift.api.config.v1.PolicyMatchRemapIdentity + unions: + - discriminator: matchPolicy + fields: + - fieldName: exactRepository + discriminatorValue: PolicyMatchExactRepository + - fieldName: remapIdentity + discriminatorValue: PolicyMatchRemapIdentity +- name: com.github.openshift.api.config.v1.PolicyMatchExactRepository map: fields: - - name: name + - name: repository type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.SignatureStore +- name: com.github.openshift.api.config.v1.PolicyMatchRemapIdentity map: fields: - - name: ca - type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: url + - name: prefix type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Storage - map: - fields: - - name: persistentVolume - type: - namedType: com.github.openshift.api.config.v1.PersistentVolumeConfig - default: {} - - name: type + - name: signedPrefix type: scalar: string - unions: - - discriminator: type - fields: - - fieldName: persistentVolume - discriminatorValue: PersistentVolume -- name: com.github.openshift.api.config.v1.TLSSecurityProfile + default: "" +- name: com.github.openshift.api.config.v1.PolicyRootOfTrust map: fields: - - name: custom - type: - namedType: com.github.openshift.api.config.v1.CustomTLSProfile - - name: intermediate - type: - namedType: com.github.openshift.api.config.v1.IntermediateTLSProfile - - name: modern + - name: fulcioCAWithRekor type: - namedType: com.github.openshift.api.config.v1.ModernTLSProfile - - name: old + namedType: com.github.openshift.api.config.v1.ImagePolicyFulcioCAWithRekorRootOfTrust + - name: pki type: - namedType: com.github.openshift.api.config.v1.OldTLSProfile - - name: type + namedType: com.github.openshift.api.config.v1.ImagePolicyPKIRootOfTrust + - name: policyType type: scalar: string default: "" + - name: publicKey + type: + namedType: com.github.openshift.api.config.v1.ImagePolicyPublicKeyRootOfTrust unions: - - discriminator: type + - discriminator: policyType fields: - - fieldName: custom - discriminatorValue: Custom - - fieldName: intermediate - discriminatorValue: Intermediate - - fieldName: modern - discriminatorValue: Modern - - fieldName: old - discriminatorValue: Old -- name: com.github.openshift.api.config.v1.TemplateReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.TokenClaimMappings + - fieldName: fulcioCAWithRekor + discriminatorValue: FulcioCAWithRekor + - fieldName: pki + discriminatorValue: PKI + - fieldName: publicKey + discriminatorValue: PublicKey +- name: com.github.openshift.api.config.v1.PowerVSPlatformSpec map: fields: - - name: extra + - name: serviceEndpoints type: list: elementType: - namedType: com.github.openshift.api.config.v1.ExtraMapping + namedType: com.github.openshift.api.config.v1.PowerVSServiceEndpoint elementRelationship: associative keys: - - key - - name: groups - type: - namedType: com.github.openshift.api.config.v1.PrefixedClaimMapping - default: {} - - name: uid - type: - namedType: com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping - - name: username - type: - namedType: com.github.openshift.api.config.v1.UsernameClaimMapping - default: {} -- name: com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping + - name +- name: com.github.openshift.api.config.v1.PowerVSPlatformStatus map: fields: - - name: claim - type: - scalar: string - - name: expression + - name: cisInstanceCRN type: scalar: string -- name: com.github.openshift.api.config.v1.TokenClaimValidationCELRule - map: - fields: - - name: expression + - name: dnsInstanceCRN type: scalar: string - - name: message + - name: region type: scalar: string -- name: com.github.openshift.api.config.v1.TokenClaimValidationRule - map: - fields: - - name: cel - type: - namedType: com.github.openshift.api.config.v1.TokenClaimValidationCELRule - default: {} - - name: requiredClaim - type: - namedType: com.github.openshift.api.config.v1.TokenRequiredClaim - - name: type + default: "" + - name: resourceGroup type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.TokenConfig - map: - fields: - - name: accessTokenInactivityTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: accessTokenInactivityTimeoutSeconds - type: - scalar: numeric - - name: accessTokenMaxAgeSeconds - type: - scalar: numeric -- name: com.github.openshift.api.config.v1.TokenIssuer - map: - fields: - - name: audiences + - name: serviceEndpoints type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1.PowerVSServiceEndpoint elementRelationship: associative - - name: discoveryURL + keys: + - name + - name: zone type: scalar: string - - name: issuerCertificateAuthority + default: "" +- name: com.github.openshift.api.config.v1.PowerVSServiceEndpoint + map: + fields: + - name: name type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: issuerURL + scalar: string + default: "" + - name: url type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.TokenRequiredClaim +- name: com.github.openshift.api.config.v1.PrefixedClaimMapping map: fields: - name: claim type: scalar: string default: "" - - name: requiredValue + - name: expression + type: + scalar: string + - name: prefix type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.TokenUserValidationRule +- name: com.github.openshift.api.config.v1.ProfileCustomizations map: fields: - - name: expression - type: - scalar: string - - name: message - type: - scalar: string -- name: com.github.openshift.api.config.v1.Update - map: - fields: - - name: acceptRisks - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AcceptRisk - elementRelationship: associative - keys: - - name - - name: architecture - type: - scalar: string - default: "" - - name: force - type: - scalar: boolean - default: false - - name: image - type: - scalar: string - default: "" - - name: version + - name: dynamicResourceAllocation type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.UpdateHistory +- name: com.github.openshift.api.config.v1.Project map: fields: - - name: acceptedRisks + - name: apiVersion type: scalar: string - - name: completionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: image + - name: kind type: scalar: string - default: "" - - name: startedTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: state + - name: metadata type: - scalar: string - default: "" - - name: verified + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - scalar: boolean - default: false - - name: version + namedType: com.github.openshift.api.config.v1.ProjectSpec + default: {} + - name: status type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.UsernameClaimMapping + namedType: com.github.openshift.api.config.v1.ProjectStatus + default: {} +- name: com.github.openshift.api.config.v1.ProjectSpec map: fields: - - name: claim + - name: projectRequestMessage type: scalar: string default: "" - - name: prefix - type: - namedType: com.github.openshift.api.config.v1.UsernamePrefix - - name: prefixPolicy + - name: projectRequestTemplate type: - scalar: string - default: "" - unions: - - discriminator: prefixPolicy - fields: - - fieldName: claim - discriminatorValue: Claim - - fieldName: prefix - discriminatorValue: Prefix -- name: com.github.openshift.api.config.v1.UsernamePrefix + namedType: com.github.openshift.api.config.v1.TemplateReference + default: {} +- name: com.github.openshift.api.config.v1.ProjectStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.PromQLClusterCondition map: fields: - - name: prefixString + - name: promql type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.VSphereFailureDomainHostGroup +- name: com.github.openshift.api.config.v1.Proxy map: fields: - - name: hostGroup - type: - scalar: string - default: "" - - name: vmGroup + - name: apiVersion type: scalar: string - default: "" - - name: vmHostRule + - name: kind type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.VSphereFailureDomainRegionAffinity - map: - fields: - - name: type + - name: metadata type: - scalar: string - default: "" - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.VSphereFailureDomainZoneAffinity - map: - fields: - - name: hostGroup + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - namedType: com.github.openshift.api.config.v1.VSphereFailureDomainHostGroup - - name: type + namedType: com.github.openshift.api.config.v1.ProxySpec + default: {} + - name: status type: - scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: hostGroup - discriminatorValue: HostGroup -- name: com.github.openshift.api.config.v1.VSpherePlatformFailureDomainSpec + namedType: com.github.openshift.api.config.v1.ProxyStatus + default: {} +- name: com.github.openshift.api.config.v1.ProxySpec map: fields: - - name: name + - name: httpProxy type: scalar: string - default: "" - - name: region + - name: httpsProxy type: scalar: string - default: "" - - name: regionAffinity - type: - namedType: com.github.openshift.api.config.v1.VSphereFailureDomainRegionAffinity - - name: server + - name: noProxy type: scalar: string - default: "" - - name: topology - type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformTopology - default: {} - - name: zone + - name: readinessEndpoints type: - scalar: string - default: "" - - name: zoneAffinity + list: + elementType: + scalar: string + elementRelationship: atomic + - name: trustedCA type: - namedType: com.github.openshift.api.config.v1.VSphereFailureDomainZoneAffinity -- name: com.github.openshift.api.config.v1.VSpherePlatformLoadBalancer + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} +- name: com.github.openshift.api.config.v1.ProxyStatus map: fields: - - name: type + - name: httpProxy type: scalar: string - default: OpenShiftManagedDefault - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworking - map: - fields: - - name: external + - name: httpsProxy type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec - default: {} - - name: internal + scalar: string + - name: noProxy type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec - default: {} -- name: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec + scalar: string +- name: com.github.openshift.api.config.v1.RegistryLocation map: fields: - - name: excludeNetworkSubnetCidr - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: network + - name: domainName type: scalar: string - - name: networkSubnetCidr + default: "" + - name: insecure type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1.VSpherePlatformSpec + scalar: boolean +- name: com.github.openshift.api.config.v1.RegistrySources map: fields: - - name: apiServerInternalIPs + - name: allowedRegistries type: list: elementType: scalar: string elementRelationship: atomic - - name: failureDomains - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.VSpherePlatformFailureDomainSpec - elementRelationship: associative - keys: - - name - - name: ingressIPs + - name: blockedRegistries type: list: elementType: scalar: string elementRelationship: atomic - - name: machineNetworks + - name: containerRuntimeSearchRegistries type: list: elementType: scalar: string - elementRelationship: atomic - - name: nodeNetworking - type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworking - default: {} - - name: vcenters + elementRelationship: associative + - name: insecureRegistries type: list: elementType: - namedType: com.github.openshift.api.config.v1.VSpherePlatformVCenterSpec + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.VSpherePlatformStatus +- name: com.github.openshift.api.config.v1.Release map: fields: - - name: apiServerInternalIP + - name: architecture type: scalar: string - - name: apiServerInternalIPs + - name: channels type: list: elementType: scalar: string - elementRelationship: atomic - - name: dnsRecordsType + elementRelationship: associative + - name: image type: scalar: string - - name: ingressIP + default: "" + - name: url type: scalar: string - - name: ingressIPs + - name: version + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.RepositoryDigestMirrors + map: + fields: + - name: allowMirrorByTags + type: + scalar: boolean + - name: mirrors type: list: elementType: scalar: string - elementRelationship: atomic - - name: loadBalancer + elementRelationship: associative + - name: source type: - namedType: com.github.openshift.api.config.v1.VSpherePlatformLoadBalancer - default: - type: OpenShiftManagedDefault - - name: machineNetworks + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.RequestHeaderIdentityProvider + map: + fields: + - name: ca + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: challengeURL + type: + scalar: string + default: "" + - name: clientCommonNames type: list: elementType: scalar: string elementRelationship: atomic - - name: nodeDNSIP + - name: emailHeaders type: - scalar: string -- name: com.github.openshift.api.config.v1.VSpherePlatformTopology - map: - fields: - - name: computeCluster + list: + elementType: + scalar: string + elementRelationship: atomic + - name: headers type: - scalar: string - default: "" - - name: datacenter + list: + elementType: + scalar: string + elementRelationship: atomic + - name: loginURL type: scalar: string default: "" - - name: datastore + - name: nameHeaders type: - scalar: string - default: "" - - name: folder + list: + elementType: + scalar: string + elementRelationship: atomic + - name: preferredUsernameHeaders type: - scalar: string - - name: networks + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.RequiredHSTSPolicy + map: + fields: + - name: domainPatterns type: list: elementType: scalar: string elementRelationship: atomic - - name: resourcePool + - name: includeSubDomainsPolicy type: scalar: string - - name: template + - name: maxAge + type: + namedType: com.github.openshift.api.config.v1.MaxAgePolicy + default: {} + - name: namespaceSelector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: preloadPolicy type: scalar: string -- name: com.github.openshift.api.config.v1.VSpherePlatformVCenterSpec +- name: com.github.openshift.api.config.v1.Scheduler map: fields: - - name: datacenters + - name: apiVersion type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: port + scalar: string + - name: kind type: - scalar: numeric - - name: server + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1.SchedulerSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1.SchedulerStatus + default: {} +- name: com.github.openshift.api.config.v1.SchedulerSpec + map: + fields: + - name: defaultNodeSelector + type: + scalar: string + - name: mastersSchedulable + type: + scalar: boolean + default: false + - name: policy + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: profile + type: + scalar: string + - name: profileCustomizations + type: + namedType: com.github.openshift.api.config.v1.ProfileCustomizations + default: {} +- name: com.github.openshift.api.config.v1.SchedulerStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.SecretNameReference + map: + fields: + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.WebhookTokenAuthenticator +- name: com.github.openshift.api.config.v1.SignatureStore map: fields: - - name: kubeConfig + - name: ca type: - namedType: com.github.openshift.api.config.v1.SecretNameReference + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference default: {} -- name: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig + - name: url + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Storage map: fields: - - name: customConfig + - name: persistentVolume type: - namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerCustomConfig + namedType: com.github.openshift.api.config.v1.PersistentVolumeConfig default: {} - - name: deploymentMode + - name: type type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.AlertmanagerCustomConfig + unions: + - discriminator: type + fields: + - fieldName: persistentVolume + discriminatorValue: PersistentVolume +- name: com.github.openshift.api.config.v1.TLSSecurityProfile map: fields: - - name: logLevel + - name: custom + type: + namedType: com.github.openshift.api.config.v1.CustomTLSProfile + - name: intermediate + type: + namedType: com.github.openshift.api.config.v1.IntermediateTLSProfile + - name: modern + type: + namedType: com.github.openshift.api.config.v1.ModernTLSProfile + - name: old + type: + namedType: com.github.openshift.api.config.v1.OldTLSProfile + - name: type type: scalar: string - - name: nodeSelector + default: "" + unions: + - discriminator: type + fields: + - fieldName: custom + discriminatorValue: Custom + - fieldName: intermediate + discriminatorValue: Intermediate + - fieldName: modern + discriminatorValue: Modern + - fieldName: old + discriminatorValue: Old +- name: com.github.openshift.api.config.v1.TemplateReference + map: + fields: + - name: name type: - map: - elementType: - scalar: string - - name: resources + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TokenClaimMappings + map: + fields: + - name: extra type: list: elementType: - namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + namedType: com.github.openshift.api.config.v1.ExtraMapping elementRelationship: associative keys: - - name - - name: secrets + - key + - name: groups + type: + namedType: com.github.openshift.api.config.v1.PrefixedClaimMapping + default: {} + - name: uid + type: + namedType: com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping + - name: username + type: + namedType: com.github.openshift.api.config.v1.UsernameClaimMapping + default: {} +- name: com.github.openshift.api.config.v1.TokenClaimOrExpressionMapping + map: + fields: + - name: claim + type: + scalar: string + - name: expression + type: + scalar: string +- name: com.github.openshift.api.config.v1.TokenClaimValidationCELRule + map: + fields: + - name: expression + type: + scalar: string + - name: message + type: + scalar: string +- name: com.github.openshift.api.config.v1.TokenClaimValidationRule + map: + fields: + - name: cel + type: + namedType: com.github.openshift.api.config.v1.TokenClaimValidationCELRule + default: {} + - name: requiredClaim + type: + namedType: com.github.openshift.api.config.v1.TokenRequiredClaim + - name: type + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TokenConfig + map: + fields: + - name: accessTokenInactivityTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: accessTokenInactivityTimeoutSeconds + type: + scalar: numeric + - name: accessTokenMaxAgeSeconds + type: + scalar: numeric +- name: com.github.openshift.api.config.v1.TokenIssuer + map: + fields: + - name: audiences type: list: elementType: scalar: string elementRelationship: associative - - name: tolerations + - name: discoveryURL type: - list: - elementType: - namedType: io.k8s.api.core.v1.Toleration - elementRelationship: atomic - - name: topologySpreadConstraints + scalar: string + - name: issuerCertificateAuthority + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: issuerURL + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TokenRequiredClaim + map: + fields: + - name: claim + type: + scalar: string + default: "" + - name: requiredValue + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TokenUserValidationRule + map: + fields: + - name: expression + type: + scalar: string + - name: message + type: + scalar: string +- name: com.github.openshift.api.config.v1.Update + map: + fields: + - name: acceptRisks type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: com.github.openshift.api.config.v1.AcceptRisk elementRelationship: associative keys: - - topologyKey - - whenUnsatisfiable - - name: volumeClaimTemplate + - name + - name: architecture type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaim -- name: com.github.openshift.api.config.v1alpha1.Audit + scalar: string + default: "" + - name: force + type: + scalar: boolean + default: false + - name: image + type: + scalar: string + default: "" + - name: mode + type: + scalar: string + - name: version + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.UpdateHistory map: fields: - - name: profile + - name: acceptedRisks type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.Backup + - name: completionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: image + type: + scalar: string + default: "" + - name: startedTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: state + type: + scalar: string + default: "" + - name: verified + type: + scalar: boolean + default: false + - name: version + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.UsernameClaimMapping map: fields: - - name: apiVersion + - name: claim type: scalar: string - - name: kind + - name: expression type: scalar: string - - name: metadata + - name: prefix type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + namedType: com.github.openshift.api.config.v1.UsernamePrefix + - name: prefixPolicy type: - namedType: com.github.openshift.api.config.v1alpha1.BackupSpec - default: {} - - name: status + scalar: string + default: "" + unions: + - discriminator: prefixPolicy + fields: + - fieldName: claim + discriminatorValue: Claim + - fieldName: expression + discriminatorValue: Expression + - fieldName: prefix + discriminatorValue: Prefix +- name: com.github.openshift.api.config.v1.UsernamePrefix + map: + fields: + - name: prefixString type: - namedType: com.github.openshift.api.config.v1alpha1.BackupStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.BackupSpec + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.VSphereFailureDomainHostGroup map: fields: - - name: etcd + - name: hostGroup type: - namedType: com.github.openshift.api.config.v1alpha1.EtcdBackupSpec - default: {} -- name: com.github.openshift.api.config.v1alpha1.BackupStatus + scalar: string + default: "" + - name: vmGroup + type: + scalar: string + default: "" + - name: vmHostRule + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.VSphereFailureDomainRegionAffinity map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfig + fields: + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type +- name: com.github.openshift.api.config.v1.VSphereFailureDomainZoneAffinity map: fields: - - name: apiVersion + - name: hostGroup + type: + namedType: com.github.openshift.api.config.v1.VSphereFailureDomainHostGroup + - name: type type: scalar: string - - name: kind + default: "" + unions: + - discriminator: type + fields: + - fieldName: hostGroup + discriminatorValue: HostGroup +- name: com.github.openshift.api.config.v1.VSpherePlatformFailureDomainSpec + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: region + type: + scalar: string + default: "" + - name: regionAffinity + type: + namedType: com.github.openshift.api.config.v1.VSphereFailureDomainRegionAffinity + - name: server type: scalar: string - - name: metadata + default: "" + - name: topology type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1.VSpherePlatformTopology default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigSpec - - name: status + - name: zone type: - namedType: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigSpec - map: - fields: - - name: matchImages + scalar: string + default: "" + - name: zoneAffinity type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigStatus + namedType: com.github.openshift.api.config.v1.VSphereFailureDomainZoneAffinity +- name: com.github.openshift.api.config.v1.VSpherePlatformLoadBalancer map: fields: - - name: conditions + - name: type type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicy + scalar: string + default: OpenShiftManagedDefault + unions: + - discriminator: type +- name: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworking map: fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + - name: external type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec + namedType: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec default: {} - - name: status + - name: internal type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus + namedType: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec +- name: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworkingSpec map: fields: - - name: policy + - name: excludeNetworkSubnetCidr type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes + list: + elementType: + scalar: string + elementRelationship: atomic + - name: network + type: + scalar: string + - name: networkSubnetCidr type: list: elementType: scalar: string elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus +- name: com.github.openshift.api.config.v1.VSpherePlatformSpec map: fields: - - name: conditions + - name: apiServerInternalIPs + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: failureDomains type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: com.github.openshift.api.config.v1.VSpherePlatformFailureDomainSpec elementRelationship: associative keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec - map: - fields: - - name: alertmanagerConfig - type: - namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig - default: {} - - name: metricsServerConfig + - name + - name: ingressIPs type: - namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig - default: {} - - name: prometheusOperatorConfig + list: + elementType: + scalar: string + elementRelationship: atomic + - name: machineNetworks type: - namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig - default: {} - - name: userDefined + list: + elementType: + scalar: string + elementRelationship: atomic + - name: nodeNetworking type: - namedType: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring + namedType: com.github.openshift.api.config.v1.VSpherePlatformNodeNetworking default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1alpha1.ContainerResource - map: - fields: - - name: limit - type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: name - type: - scalar: string - - name: request + - name: vcenters type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: com.github.openshift.api.config.v1alpha1.EtcdBackupSpec + list: + elementType: + namedType: com.github.openshift.api.config.v1.VSpherePlatformVCenterSpec + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.VSpherePlatformStatus map: fields: - - name: pvcName + - name: apiServerInternalIP type: scalar: string - default: "" - - name: retentionPolicy - type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionPolicy - default: {} - - name: schedule + - name: apiServerInternalIPs type: - scalar: string - default: "" - - name: timeZone + list: + elementType: + scalar: string + elementRelationship: atomic + - name: dnsRecordsType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.GatherConfig - map: - fields: - - name: dataPolicy + - name: ingressIP type: scalar: string - - name: disabledGatherers + - name: ingressIPs type: list: elementType: scalar: string elementRelationship: atomic - - name: storage + - name: loadBalancer type: - namedType: com.github.openshift.api.config.v1alpha1.Storage -- name: com.github.openshift.api.config.v1alpha1.ImagePolicy - map: - fields: - - name: apiVersion + namedType: com.github.openshift.api.config.v1.VSpherePlatformLoadBalancer + default: + type: OpenShiftManagedDefault + - name: machineNetworks type: - scalar: string - - name: kind + list: + elementType: + scalar: string + elementRelationship: atomic + - name: nodeDNSIP type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicySpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust +- name: com.github.openshift.api.config.v1.VSpherePlatformTopology map: fields: - - name: fulcioCAData + - name: computeCluster type: scalar: string - - name: fulcioSubject - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject - default: {} - - name: rekorKeyData + default: "" + - name: datacenter type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - map: - fields: - - name: caIntermediatesData + default: "" + - name: datastore type: scalar: string - - name: caRootsData + default: "" + - name: folder type: scalar: string - - name: pkiCertificateSubject + - name: networks type: - namedType: com.github.openshift.api.config.v1alpha1.PKICertificateSubject - default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust - map: - fields: - - name: keyData + list: + elementType: + scalar: string + elementRelationship: atomic + - name: resourcePool type: scalar: string - - name: rekorKeyData + - name: template type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicySpec +- name: com.github.openshift.api.config.v1.VSpherePlatformVCenterSpec map: fields: - - name: policy - type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes + - name: datacenters type: list: elementType: scalar: string elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus + - name: port + type: + scalar: numeric + - name: server + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.WebhookTokenAuthenticator map: fields: - - name: conditions + - name: kubeConfig type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} +- name: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig map: fields: - - name: rootOfTrust + - name: authorization type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust + namedType: com.github.openshift.api.config.v1alpha1.AuthorizationConfig default: {} - - name: signedIdentity + - name: name type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyIdentity - default: {} -- name: com.github.openshift.api.config.v1alpha1.InsightsDataGather - map: - fields: - - name: apiVersion + scalar: string + - name: pathPrefix type: scalar: string - - name: kind + - name: scheme type: scalar: string - - name: metadata + - name: staticConfigs type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + list: + elementType: + scalar: string + elementRelationship: associative + - name: timeoutSeconds type: - namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec - default: {} - - name: status + scalar: numeric + - name: tlsConfig type: - namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec +- name: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig map: fields: - - name: gatherConfig + - name: customConfig type: - namedType: com.github.openshift.api.config.v1alpha1.GatherConfig + namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerCustomConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + - name: deploymentMode + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.AlertmanagerCustomConfig map: fields: - - name: audit + - name: logLevel type: - namedType: com.github.openshift.api.config.v1alpha1.Audit - default: {} + scalar: string - name: nodeSelector type: map: @@ -4552,258 +4753,307 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - name + - name: secrets + type: + list: + elementType: + scalar: string + elementRelationship: associative - name: tolerations type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey - whenUnsatisfiable - - name: verbosity - type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.PKICertificateSubject - map: - fields: - - name: email - type: - scalar: string - - name: hostname + - name: volumeClaimTemplate type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + namedType: PersistentVolumeClaim.v1.core.api.k8s.io +- name: com.github.openshift.api.config.v1alpha1.Audit map: fields: - - name: name + - name: profile type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig +- name: com.github.openshift.api.config.v1alpha1.AuthorizationConfig map: fields: - - name: claim + - name: bearerToken type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector default: {} - - name: mountPath + - name: type type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject + unions: + - discriminator: type + fields: + - fieldName: bearerToken + discriminatorValue: BearerToken +- name: com.github.openshift.api.config.v1alpha1.Backup map: fields: - - name: oidcIssuer + - name: apiVersion type: scalar: string - default: "" - - name: signedEmail + - name: kind type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyIdentity - map: - fields: - - name: exactRepository + - name: metadata type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository - - name: matchPolicy + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - scalar: string - default: "" - - name: remapIdentity + namedType: com.github.openshift.api.config.v1alpha1.BackupSpec + default: {} + - name: status type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity - unions: - - discriminator: matchPolicy - fields: - - fieldName: exactRepository - discriminatorValue: PolicyMatchExactRepository - - fieldName: remapIdentity - discriminatorValue: PolicyMatchRemapIdentity -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository + namedType: com.github.openshift.api.config.v1alpha1.BackupStatus + default: {} +- name: com.github.openshift.api.config.v1alpha1.BackupSpec map: fields: - - name: repository + - name: etcd type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity + namedType: com.github.openshift.api.config.v1alpha1.EtcdBackupSpec + default: {} +- name: com.github.openshift.api.config.v1alpha1.BackupStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.BasicAuth map: fields: - - name: prefix + - name: password type: - scalar: string - default: "" - - name: signedPrefix + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: username type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} +- name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfig map: fields: - - name: fulcioCAWithRekor - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust - - name: pki + - name: apiVersion type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - - name: policyType + scalar: string + - name: kind type: scalar: string - default: "" - - name: publicKey + - name: metadata type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust - unions: - - discriminator: policyType - fields: - - fieldName: fulcioCAWithRekor - discriminatorValue: FulcioCAWithRekor - - fieldName: pki - discriminatorValue: PKI - - fieldName: publicKey - discriminatorValue: PublicKey -- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigSpec + - name: status + type: + namedType: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigStatus + default: {} +- name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigSpec map: fields: - - name: logLevel - type: - scalar: string - - name: nodeSelector + - name: matchImages type: - map: + list: elementType: scalar: string - - name: resources + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfigStatus + map: + fields: + - name: conditions type: list: elementType: - namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - - name - - name: tolerations + - type +- name: com.github.openshift.api.config.v1alpha1.CertificateConfig + map: + fields: + - name: key type: - list: - elementType: - namedType: io.k8s.api.core.v1.Toleration - elementRelationship: atomic - - name: topologySpreadConstraints + namedType: com.github.openshift.api.config.v1alpha1.KeyConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring + map: + fields: + - name: apiVersion type: - list: - elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint - elementRelationship: associative - keys: - - topologyKey - - whenUnsatisfiable -- name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus + default: {} +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec map: fields: - - name: maxNumberOfBackups + - name: alertmanagerConfig type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1alpha1.RetentionPolicy + namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig + default: {} + - name: metricsServerConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + default: {} + - name: openShiftStateMetricsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig + default: {} + - name: prometheusConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.PrometheusConfig + default: {} + - name: prometheusOperatorAdmissionWebhookConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig + default: {} + - name: prometheusOperatorConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + default: {} + - name: userDefined + type: + namedType: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring + default: {} +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.ContainerResource map: fields: - - name: retentionNumber - type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig - - name: retentionSize + - name: limit type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig - - name: retentionType + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: name type: scalar: string - default: "" - unions: - - discriminator: retentionType - fields: - - fieldName: retentionNumber - discriminatorValue: RetentionNumber - - fieldName: retentionSize - discriminatorValue: RetentionSize -- name: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig + - name: request + type: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy map: fields: - - name: maxSizeOfBackupsGb + - name: clientCertificates type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1alpha1.Storage + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} + - name: defaults + type: + namedType: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig + default: {} + - name: servingCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} + - name: signerCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig map: fields: - - name: persistentVolume + - name: key type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig - - name: type + namedType: com.github.openshift.api.config.v1alpha1.KeyConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + map: + fields: + - name: targetLabel type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring +- name: com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig map: fields: - - name: mode + - name: curve type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.Custom +- name: com.github.openshift.api.config.v1alpha1.EtcdBackupSpec map: fields: - - name: configs + - name: pvcName type: - list: - elementType: - namedType: com.github.openshift.api.config.v1alpha2.GathererConfig - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.config.v1alpha2.GatherConfig + scalar: string + default: "" + - name: retentionPolicy + type: + namedType: com.github.openshift.api.config.v1alpha1.RetentionPolicy + default: {} + - name: schedule + type: + scalar: string + default: "" + - name: timeZone + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha1.GatherConfig map: fields: - name: dataPolicy + type: + scalar: string + - name: disabledGatherers type: list: elementType: scalar: string elementRelationship: atomic - - name: gatherers - type: - namedType: com.github.openshift.api.config.v1alpha2.Gatherers - default: {} - name: storage type: - namedType: com.github.openshift.api.config.v1alpha2.Storage -- name: com.github.openshift.api.config.v1alpha2.GathererConfig - map: - fields: - - name: name - type: - scalar: string - default: "" - - name: state - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.Gatherers + namedType: com.github.openshift.api.config.v1alpha1.Storage +- name: com.github.openshift.api.config.v1alpha1.HashModActionConfig map: fields: - - name: custom + - name: modulus type: - namedType: com.github.openshift.api.config.v1alpha2.Custom - - name: mode + scalar: numeric + - name: targetLabel type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGather +- name: com.github.openshift.api.config.v1alpha1.InsightsDataGather map: fields: - name: apiVersion @@ -4814,24 +5064,24 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus + namedType: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus default: {} -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec +- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherSpec map: fields: - name: gatherConfig type: - namedType: com.github.openshift.api.config.v1alpha2.GatherConfig + namedType: com.github.openshift.api.config.v1alpha1.GatherConfig default: {} -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus +- name: com.github.openshift.api.config.v1alpha1.InsightsDataGatherStatus map: elementType: scalar: untyped @@ -4843,121 +5093,177 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference +- name: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig map: fields: - - name: name + - name: targetLabel type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig +- name: com.github.openshift.api.config.v1alpha1.KeyConfig map: fields: - - name: claim + - name: algorithm type: - namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + scalar: string + - name: ecdsa + type: + namedType: com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig default: {} - - name: mountPath + - name: rsa type: - scalar: string -- name: com.github.openshift.api.config.v1alpha2.Storage + namedType: com.github.openshift.api.config.v1alpha1.RSAKeyConfig + default: {} + unions: + - discriminator: algorithm + fields: + - fieldName: ecdsa + discriminatorValue: ECDSA + - fieldName: rsa + discriminatorValue: RSA +- name: com.github.openshift.api.config.v1alpha1.Label map: fields: - - name: persistentVolume + - name: key type: - namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig - - name: type + scalar: string + - name: value type: scalar: string - default: "" -- name: io.k8s.api.core.v1.ConfigMapKeySelector +- name: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig map: fields: - - name: key + - name: replacement type: scalar: string - default: "" - - name: name +- name: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig + map: + fields: + - name: targetLabel type: scalar: string - default: "" - - name: optional - type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.EnvVar +- name: com.github.openshift.api.config.v1alpha1.MetadataConfig map: fields: - - name: name + - name: custom type: - scalar: string - default: "" - - name: value + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom + default: {} + - name: sendPolicy type: scalar: string - - name: valueFrom +- name: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom + map: + fields: + - name: sendIntervalSeconds type: - namedType: io.k8s.api.core.v1.EnvVarSource -- name: io.k8s.api.core.v1.EnvVarSource + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.MetricsServerConfig map: fields: - - name: configMapKeyRef + - name: audit type: - namedType: io.k8s.api.core.v1.ConfigMapKeySelector - - name: fieldRef + namedType: com.github.openshift.api.config.v1alpha1.Audit + default: {} + - name: nodeSelector type: - namedType: io.k8s.api.core.v1.ObjectFieldSelector - - name: fileKeyRef + map: + elementType: + scalar: string + - name: resources type: - namedType: io.k8s.api.core.v1.FileKeySelector - - name: resourceFieldRef + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations type: - namedType: io.k8s.api.core.v1.ResourceFieldSelector - - name: secretKeyRef + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable + - name: verbosity type: - namedType: io.k8s.api.core.v1.SecretKeySelector -- name: io.k8s.api.core.v1.FileKeySelector + scalar: string +- name: com.github.openshift.api.config.v1alpha1.OAuth2 map: fields: - - name: key + - name: clientId type: - scalar: string - default: "" - - name: optional + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: clientSecret type: - scalar: boolean - default: false - - name: path + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: endpointParams type: - scalar: string - default: "" - - name: volumeName + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam + elementRelationship: associative + keys: + - name + - name: scopes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: tokenUrl type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ModifyVolumeStatus +- name: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam map: fields: - - name: status + - name: name type: scalar: string - default: "" - - name: targetVolumeAttributesClassName + - name: value type: scalar: string -- name: io.k8s.api.core.v1.ObjectFieldSelector +- name: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig map: fields: - - name: apiVersion + - name: nodeSelector type: - scalar: string - - name: fieldPath + map: + elementType: + scalar: string + - name: resources type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.PersistentVolumeClaim + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PKI map: fields: - name: apiVersion @@ -4968,460 +5274,585 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimSpec - default: {} - - name: status - type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimStatus + namedType: com.github.openshift.api.config.v1alpha1.PKISpec default: {} -- name: io.k8s.api.core.v1.PersistentVolumeClaimCondition +- name: com.github.openshift.api.config.v1alpha1.PKICertificateManagement map: fields: - - name: lastProbeTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastTransitionTime + - name: custom type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + namedType: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy + default: {} + - name: mode type: scalar: string - - name: reason + unions: + - discriminator: mode + fields: + - fieldName: custom + discriminatorValue: Custom +- name: com.github.openshift.api.config.v1alpha1.PKISpec + map: + fields: + - name: certificateManagement type: - scalar: string - - name: status + namedType: com.github.openshift.api.config.v1alpha1.PKICertificateManagement + default: {} +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + map: + fields: + - name: name type: scalar: string default: "" - - name: type +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig + map: + fields: + - name: claim + type: + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + default: {} + - name: mountPath type: scalar: string - default: "" -- name: io.k8s.api.core.v1.PersistentVolumeClaimSpec +- name: com.github.openshift.api.config.v1alpha1.PrometheusConfig map: fields: - - name: accessModes + - name: additionalAlertmanagerConfigs type: list: elementType: - scalar: string - elementRelationship: atomic - - name: dataSource - type: - namedType: io.k8s.api.core.v1.TypedLocalObjectReference - - name: dataSourceRef - type: - namedType: io.k8s.api.core.v1.TypedObjectReference - - name: resources + namedType: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig + elementRelationship: associative + keys: + - name + - name: collectionProfile type: - namedType: io.k8s.api.core.v1.VolumeResourceRequirements - default: {} - - name: selector + scalar: string + - name: enforcedBodySizeLimitBytes type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: storageClassName + scalar: numeric + - name: externalLabels type: - scalar: string - - name: volumeAttributesClassName + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.Label + elementRelationship: associative + keys: + - key + - name: logLevel type: scalar: string - - name: volumeMode + - name: nodeSelector type: - scalar: string - - name: volumeName + map: + elementType: + scalar: string + - name: queryLogFile type: scalar: string -- name: io.k8s.api.core.v1.PersistentVolumeClaimStatus - map: - fields: - - name: accessModes + - name: remoteWrite type: list: elementType: - scalar: string - elementRelationship: atomic - - name: allocatedResourceStatuses + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec + elementRelationship: associative + keys: + - name + - name: resources type: - map: + list: elementType: - scalar: string - elementRelationship: separable - - name: allocatedResources + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: retention type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: capacity + namedType: com.github.openshift.api.config.v1alpha1.Retention + default: {} + - name: tolerations type: - map: + list: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: conditions + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimCondition + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - - type - - name: currentVolumeAttributesClassName - type: - scalar: string - - name: modifyVolumeStatus - type: - namedType: io.k8s.api.core.v1.ModifyVolumeStatus - - name: phase + - topologyKey + - whenUnsatisfiable + - name: volumeClaimTemplate type: - scalar: string -- name: io.k8s.api.core.v1.ResourceClaim + namedType: PersistentVolumeClaim.v1.core.api.k8s.io +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig map: fields: - - name: name + - name: resources type: - scalar: string - default: "" - - name: request + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: topologySpreadConstraints type: - scalar: string -- name: io.k8s.api.core.v1.ResourceFieldSelector + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig map: fields: - - name: containerName + - name: logLevel type: scalar: string - - name: divisor - type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: resource + - name: nodeSelector type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceRequirements - map: - fields: - - name: claims + map: + elementType: + scalar: string + - name: resources type: list: elementType: - namedType: io.k8s.api.core.v1.ResourceClaim + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource elementRelationship: associative keys: - name - - name: limits + - name: tolerations type: - map: + list: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints type: - map: + list: elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.SecretKeySelector + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader map: fields: - - name: key - type: - scalar: string - default: "" - name: name type: scalar: string - default: "" - - name: optional + - name: value type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.Toleration + scalar: string +- name: com.github.openshift.api.config.v1alpha1.QueueConfig map: fields: - - name: effect + - name: batchSendDeadlineSeconds type: - scalar: string - - name: key + scalar: numeric + - name: capacity type: - scalar: string - - name: operator + scalar: numeric + - name: maxBackoffMilliseconds type: - scalar: string - - name: tolerationSeconds + scalar: numeric + - name: maxSamplesPerSend type: scalar: numeric - - name: value + - name: maxShards + type: + scalar: numeric + - name: minBackoffMilliseconds + type: + scalar: numeric + - name: minShards + type: + scalar: numeric + - name: rateLimitedAction type: scalar: string -- name: io.k8s.api.core.v1.TopologySpreadConstraint +- name: com.github.openshift.api.config.v1alpha1.RSAKeyConfig map: fields: - - name: labelSelector + - name: keySize type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: matchLabelKeys + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RelabelActionConfig + map: + fields: + - name: dropEqual type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: maxSkew + namedType: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + default: {} + - name: hashMod type: - scalar: numeric - default: 0 - - name: minDomains + namedType: com.github.openshift.api.config.v1alpha1.HashModActionConfig + default: {} + - name: keepEqual type: - scalar: numeric - - name: nodeAffinityPolicy + namedType: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig + default: {} + - name: labelMap + type: + namedType: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig + default: {} + - name: lowercase + type: + namedType: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig + default: {} + - name: replace + type: + namedType: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig + default: {} + - name: type type: scalar: string - - name: nodeTaintsPolicy + - name: uppercase + type: + namedType: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + default: {} + unions: + - discriminator: type + fields: + - fieldName: dropEqual + discriminatorValue: DropEqual + - fieldName: hashMod + discriminatorValue: HashMod + - fieldName: keepEqual + discriminatorValue: KeepEqual + - fieldName: labelMap + discriminatorValue: LabelMap + - fieldName: lowercase + discriminatorValue: Lowercase + - fieldName: replace + discriminatorValue: Replace + - fieldName: uppercase + discriminatorValue: Uppercase +- name: com.github.openshift.api.config.v1alpha1.RelabelConfig + map: + fields: + - name: action + type: + namedType: com.github.openshift.api.config.v1alpha1.RelabelActionConfig + default: {} + - name: name type: scalar: string - - name: topologyKey + - name: regex type: scalar: string - default: "" - - name: whenUnsatisfiable + - name: separator type: scalar: string - default: "" -- name: io.k8s.api.core.v1.TypedLocalObjectReference + - name: sourceLabels + type: + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization map: fields: - - name: apiGroup + - name: basicAuth + type: + namedType: com.github.openshift.api.config.v1alpha1.BasicAuth + default: {} + - name: bearerToken + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: oauth2 + type: + namedType: com.github.openshift.api.config.v1alpha1.OAuth2 + default: {} + - name: safeAuthorization + type: + namedType: SecretKeySelector.v1.core.api.k8s.io + - name: sigv4 + type: + namedType: com.github.openshift.api.config.v1alpha1.Sigv4 + default: {} + - name: type type: scalar: string - - name: kind + unions: + - discriminator: type + fields: + - fieldName: basicAuth + discriminatorValue: BasicAuth + - fieldName: bearerToken + discriminatorValue: BearerToken + - fieldName: oauth2 + discriminatorValue: OAuth2 + - fieldName: safeAuthorization + discriminatorValue: SafeAuthorization + - fieldName: sigv4 + discriminatorValue: Sigv4 +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec + map: + fields: + - name: authorization + type: + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + default: {} + - name: exemplarsMode type: scalar: string - default: "" + - name: headers + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader + elementRelationship: associative + keys: + - name + - name: metadataConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfig + default: {} - name: name type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.TypedObjectReference - map: - fields: - - name: apiGroup + - name: proxyUrl + type: + scalar: string + - name: queueConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.QueueConfig + default: {} + - name: remoteTimeoutSeconds + type: + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} + - name: url type: scalar: string - - name: kind + - name: writeRelabelConfigs type: - scalar: string - default: "" - - name: name + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.RelabelConfig + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig + map: + fields: + - name: replacement type: scalar: string - default: "" - - name: namespace + - name: targetLabel type: scalar: string -- name: io.k8s.api.core.v1.VolumeResourceRequirements +- name: com.github.openshift.api.config.v1alpha1.Retention map: fields: - - name: limits + - name: durationInDays type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests + scalar: numeric + - name: sizeInGiB type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.apimachinery.pkg.api.resource.Quantity - scalar: untyped -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig map: fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message - type: - scalar: string - default: "" - - name: observedGeneration + - name: maxNumberOfBackups type: scalar: numeric - - name: reason + default: 0 +- name: com.github.openshift.api.config.v1alpha1.RetentionPolicy + map: + fields: + - name: retentionNumber type: - scalar: string - default: "" - - name: status + namedType: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig + - name: retentionSize type: - scalar: string - default: "" - - name: type + namedType: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig + - name: retentionType type: scalar: string default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + unions: + - discriminator: retentionType + fields: + - fieldName: retentionNumber + discriminatorValue: RetentionNumber + - fieldName: retentionSize + discriminatorValue: RetentionSize +- name: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig map: fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels + - name: maxSizeOfBackupsGb type: - map: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + scalar: numeric + default: 0 +- name: com.github.openshift.api.config.v1alpha1.SecretKeySelector map: fields: - name: key type: scalar: string - default: "" - - name: operator + - name: name type: scalar: string - default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + elementRelationship: atomic +- name: com.github.openshift.api.config.v1alpha1.Sigv4 map: fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 + - name: accessKey type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: profile type: scalar: string - - name: operation + - name: region type: scalar: string - - name: subresource + - name: roleArn type: scalar: string - - name: time + - name: secretKey type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} +- name: com.github.openshift.api.config.v1alpha1.Storage map: fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp + - name: persistentVolume type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig + - name: type type: - scalar: numeric - - name: deletionTimestamp + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha1.TLSConfig + map: + fields: + - name: ca type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: cert type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: certificateVerification type: scalar: string - - name: generation - type: - scalar: numeric - - name: labels + - name: key type: - map: - elementType: - scalar: string - - name: managedFields + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: serverName type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name + scalar: string +- name: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + map: + fields: + - name: targetLabel type: scalar: string - - name: namespace +- name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring + map: + fields: + - name: mode type: scalar: string - - name: ownerReferences + default: "" +- name: com.github.openshift.api.config.v1alpha2.Custom + map: + fields: + - name: configs type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.config.v1alpha2.GathererConfig elementRelationship: associative keys: - - uid - - name: resourceVersion + - name +- name: com.github.openshift.api.config.v1alpha2.GatherConfig + map: + fields: + - name: dataPolicy type: - scalar: string - - name: selfLink + list: + elementType: + scalar: string + elementRelationship: atomic + - name: gatherers type: - scalar: string - - name: uid + namedType: com.github.openshift.api.config.v1alpha2.Gatherers + default: {} + - name: storage type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.config.v1alpha2.Storage +- name: com.github.openshift.api.config.v1alpha2.GathererConfig map: fields: - - name: apiVersion + - name: name type: scalar: string default: "" - - name: blockOwnerDeletion + - name: state type: - scalar: boolean - - name: controller + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.Gatherers + map: + fields: + - name: custom type: - scalar: boolean - - name: kind + namedType: com.github.openshift.api.config.v1alpha2.Custom + - name: mode type: scalar: string default: "" - - name: name +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGather + map: + fields: + - name: apiVersion type: scalar: string - default: "" - - name: uid + - name: kind type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus + default: {} +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + map: + fields: + - name: gatherConfig + type: + namedType: com.github.openshift.api.config.v1alpha2.GatherConfig + default: {} +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus map: elementType: scalar: untyped @@ -5433,6 +5864,33 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig + map: + fields: + - name: claim + type: + namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + default: {} + - name: mountPath + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha2.Storage + map: + fields: + - name: persistentVolume + type: + namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig + - name: type + type: + scalar: string + default: "" - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go index f47ef1d30e..c01072fe57 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go @@ -478,22 +478,24 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1.WebhookTokenAuthenticatorApplyConfiguration{} // Group=config.openshift.io, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithKind("AdditionalAlertmanagerConfig"): + return &configv1alpha1.AdditionalAlertmanagerConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("AlertmanagerConfig"): return &configv1alpha1.AlertmanagerConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("AlertmanagerCustomConfig"): return &configv1alpha1.AlertmanagerCustomConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("Audit"): return &configv1alpha1.AuditApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("AuthorizationConfig"): + return &configv1alpha1.AuthorizationConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("Backup"): return &configv1alpha1.BackupApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("BackupSpec"): return &configv1alpha1.BackupSpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicy"): - return &configv1alpha1.ClusterImagePolicyApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicySpec"): - return &configv1alpha1.ClusterImagePolicySpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicyStatus"): - return &configv1alpha1.ClusterImagePolicyStatusApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("BasicAuth"): + return &configv1alpha1.BasicAuthApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CertificateConfig"): + return &configv1alpha1.CertificateConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoring"): return &configv1alpha1.ClusterMonitoringApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoringSpec"): @@ -506,58 +508,98 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &configv1alpha1.CRIOCredentialProviderConfigSpecApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfigStatus"): return &configv1alpha1.CRIOCredentialProviderConfigStatusApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CustomPKIPolicy"): + return &configv1alpha1.CustomPKIPolicyApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("DefaultCertificateConfig"): + return &configv1alpha1.DefaultCertificateConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("DropEqualActionConfig"): + return &configv1alpha1.DropEqualActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ECDSAKeyConfig"): + return &configv1alpha1.ECDSAKeyConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("EtcdBackupSpec"): return &configv1alpha1.EtcdBackupSpecApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("GatherConfig"): return &configv1alpha1.GatherConfigApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicy"): - return &configv1alpha1.ImagePolicyApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyFulcioCAWithRekorRootOfTrust"): - return &configv1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyPKIRootOfTrust"): - return &configv1alpha1.ImagePolicyPKIRootOfTrustApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyPublicKeyRootOfTrust"): - return &configv1alpha1.ImagePolicyPublicKeyRootOfTrustApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicySpec"): - return &configv1alpha1.ImagePolicySpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImagePolicyStatus"): - return &configv1alpha1.ImagePolicyStatusApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("ImageSigstoreVerificationPolicy"): - return &configv1alpha1.ImageSigstoreVerificationPolicyApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("HashModActionConfig"): + return &configv1alpha1.HashModActionConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGather"): return &configv1alpha1.InsightsDataGatherApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGatherSpec"): return &configv1alpha1.InsightsDataGatherSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KeepEqualActionConfig"): + return &configv1alpha1.KeepEqualActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KeyConfig"): + return &configv1alpha1.KeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Label"): + return &configv1alpha1.LabelApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("LabelMapActionConfig"): + return &configv1alpha1.LabelMapActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("LowercaseActionConfig"): + return &configv1alpha1.LowercaseActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetadataConfig"): + return &configv1alpha1.MetadataConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetadataConfigCustom"): + return &configv1alpha1.MetadataConfigCustomApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("MetricsServerConfig"): return &configv1alpha1.MetricsServerConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OAuth2"): + return &configv1alpha1.OAuth2ApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OAuth2EndpointParam"): + return &configv1alpha1.OAuth2EndpointParamApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OpenShiftStateMetricsConfig"): + return &configv1alpha1.OpenShiftStateMetricsConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PersistentVolumeClaimReference"): return &configv1alpha1.PersistentVolumeClaimReferenceApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PersistentVolumeConfig"): return &configv1alpha1.PersistentVolumeConfigApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PKICertificateSubject"): - return &configv1alpha1.PKICertificateSubjectApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyFulcioSubject"): - return &configv1alpha1.PolicyFulcioSubjectApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyIdentity"): - return &configv1alpha1.PolicyIdentityApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyMatchExactRepository"): - return &configv1alpha1.PolicyMatchExactRepositoryApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyMatchRemapIdentity"): - return &configv1alpha1.PolicyMatchRemapIdentityApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PolicyRootOfTrust"): - return &configv1alpha1.PolicyRootOfTrustApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKI"): + return &configv1alpha1.PKIApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKICertificateManagement"): + return &configv1alpha1.PKICertificateManagementApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKIProfile"): + return &configv1alpha1.PKIProfileApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKISpec"): + return &configv1alpha1.PKISpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusConfig"): + return &configv1alpha1.PrometheusConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PrometheusOperatorAdmissionWebhookConfig"): return &configv1alpha1.PrometheusOperatorAdmissionWebhookConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("PrometheusOperatorConfig"): return &configv1alpha1.PrometheusOperatorConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusRemoteWriteHeader"): + return &configv1alpha1.PrometheusRemoteWriteHeaderApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("QueueConfig"): + return &configv1alpha1.QueueConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RelabelActionConfig"): + return &configv1alpha1.RelabelActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RelabelConfig"): + return &configv1alpha1.RelabelConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RemoteWriteAuthorization"): + return &configv1alpha1.RemoteWriteAuthorizationApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RemoteWriteSpec"): + return &configv1alpha1.RemoteWriteSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ReplaceActionConfig"): + return &configv1alpha1.ReplaceActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Retention"): + return &configv1alpha1.RetentionApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("RetentionNumberConfig"): return &configv1alpha1.RetentionNumberConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("RetentionPolicy"): return &configv1alpha1.RetentionPolicyApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("RetentionSizeConfig"): return &configv1alpha1.RetentionSizeConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RSAKeyConfig"): + return &configv1alpha1.RSAKeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("SecretKeySelector"): + return &configv1alpha1.SecretKeySelectorApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Sigv4"): + return &configv1alpha1.Sigv4ApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("Storage"): return &configv1alpha1.StorageApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("TLSConfig"): + return &configv1alpha1.TLSConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("UppercaseActionConfig"): + return &configv1alpha1.UppercaseActionConfigApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("UserDefinedMonitoring"): return &configv1alpha1.UserDefinedMonitoringApplyConfiguration{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 8391f7b40e..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,58 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// ClusterImagePoliciesGetter has a method to return a ClusterImagePolicyInterface. -// A group's client should implement this interface. -type ClusterImagePoliciesGetter interface { - ClusterImagePolicies() ClusterImagePolicyInterface -} - -// ClusterImagePolicyInterface has methods to work with ClusterImagePolicy resources. -type ClusterImagePolicyInterface interface { - Create(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.CreateOptions) (*configv1alpha1.ClusterImagePolicy, error) - Update(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ClusterImagePolicy, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ClusterImagePolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.ClusterImagePolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.ClusterImagePolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.ClusterImagePolicy, err error) - Apply(ctx context.Context, clusterImagePolicy *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ClusterImagePolicy, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, clusterImagePolicy *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ClusterImagePolicy, err error) - ClusterImagePolicyExpansion -} - -// clusterImagePolicies implements ClusterImagePolicyInterface -type clusterImagePolicies struct { - *gentype.ClientWithListAndApply[*configv1alpha1.ClusterImagePolicy, *configv1alpha1.ClusterImagePolicyList, *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration] -} - -// newClusterImagePolicies returns a ClusterImagePolicies -func newClusterImagePolicies(c *ConfigV1alpha1Client) *clusterImagePolicies { - return &clusterImagePolicies{ - gentype.NewClientWithListAndApply[*configv1alpha1.ClusterImagePolicy, *configv1alpha1.ClusterImagePolicyList, *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration]( - "clusterimagepolicies", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *configv1alpha1.ClusterImagePolicy { return &configv1alpha1.ClusterImagePolicy{} }, - func() *configv1alpha1.ClusterImagePolicyList { return &configv1alpha1.ClusterImagePolicyList{} }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go index 58cf671dc9..23ba9a19c0 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,10 +14,9 @@ type ConfigV1alpha1Interface interface { RESTClient() rest.Interface BackupsGetter CRIOCredentialProviderConfigsGetter - ClusterImagePoliciesGetter ClusterMonitoringsGetter - ImagePoliciesGetter InsightsDataGathersGetter + PKIsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.openshift.io group. @@ -33,22 +32,18 @@ func (c *ConfigV1alpha1Client) CRIOCredentialProviderConfigs() CRIOCredentialPro return newCRIOCredentialProviderConfigs(c) } -func (c *ConfigV1alpha1Client) ClusterImagePolicies() ClusterImagePolicyInterface { - return newClusterImagePolicies(c) -} - func (c *ConfigV1alpha1Client) ClusterMonitorings() ClusterMonitoringInterface { return newClusterMonitorings(c) } -func (c *ConfigV1alpha1Client) ImagePolicies(namespace string) ImagePolicyInterface { - return newImagePolicies(c, namespace) -} - func (c *ConfigV1alpha1Client) InsightsDataGathers() InsightsDataGatherInterface { return newInsightsDataGathers(c) } +func (c *ConfigV1alpha1Client) PKIs() PKIInterface { + return newPKIs(c) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go deleted file mode 100644 index 50d94e1a91..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clusterimagepolicy.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "github.com/openshift/api/config/v1alpha1" - configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" - gentype "k8s.io/client-go/gentype" -) - -// fakeClusterImagePolicies implements ClusterImagePolicyInterface -type fakeClusterImagePolicies struct { - *gentype.FakeClientWithListAndApply[*v1alpha1.ClusterImagePolicy, *v1alpha1.ClusterImagePolicyList, *configv1alpha1.ClusterImagePolicyApplyConfiguration] - Fake *FakeConfigV1alpha1 -} - -func newFakeClusterImagePolicies(fake *FakeConfigV1alpha1) typedconfigv1alpha1.ClusterImagePolicyInterface { - return &fakeClusterImagePolicies{ - gentype.NewFakeClientWithListAndApply[*v1alpha1.ClusterImagePolicy, *v1alpha1.ClusterImagePolicyList, *configv1alpha1.ClusterImagePolicyApplyConfiguration]( - fake.Fake, - "", - v1alpha1.SchemeGroupVersion.WithResource("clusterimagepolicies"), - v1alpha1.SchemeGroupVersion.WithKind("ClusterImagePolicy"), - func() *v1alpha1.ClusterImagePolicy { return &v1alpha1.ClusterImagePolicy{} }, - func() *v1alpha1.ClusterImagePolicyList { return &v1alpha1.ClusterImagePolicyList{} }, - func(dst, src *v1alpha1.ClusterImagePolicyList) { dst.ListMeta = src.ListMeta }, - func(list *v1alpha1.ClusterImagePolicyList) []*v1alpha1.ClusterImagePolicy { - return gentype.ToPointerSlice(list.Items) - }, - func(list *v1alpha1.ClusterImagePolicyList, items []*v1alpha1.ClusterImagePolicy) { - list.Items = gentype.FromPointerSlice(items) - }, - ), - fake, - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index e807c23147..381179df9c 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -20,22 +20,18 @@ func (c *FakeConfigV1alpha1) CRIOCredentialProviderConfigs() v1alpha1.CRIOCreden return newFakeCRIOCredentialProviderConfigs(c) } -func (c *FakeConfigV1alpha1) ClusterImagePolicies() v1alpha1.ClusterImagePolicyInterface { - return newFakeClusterImagePolicies(c) -} - func (c *FakeConfigV1alpha1) ClusterMonitorings() v1alpha1.ClusterMonitoringInterface { return newFakeClusterMonitorings(c) } -func (c *FakeConfigV1alpha1) ImagePolicies(namespace string) v1alpha1.ImagePolicyInterface { - return newFakeImagePolicies(c, namespace) -} - func (c *FakeConfigV1alpha1) InsightsDataGathers() v1alpha1.InsightsDataGatherInterface { return newFakeInsightsDataGathers(c) } +func (c *FakeConfigV1alpha1) PKIs() v1alpha1.PKIInterface { + return newFakePKIs(c) +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go deleted file mode 100644 index 9bf6cb9c04..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_imagepolicy.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "github.com/openshift/api/config/v1alpha1" - configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" - gentype "k8s.io/client-go/gentype" -) - -// fakeImagePolicies implements ImagePolicyInterface -type fakeImagePolicies struct { - *gentype.FakeClientWithListAndApply[*v1alpha1.ImagePolicy, *v1alpha1.ImagePolicyList, *configv1alpha1.ImagePolicyApplyConfiguration] - Fake *FakeConfigV1alpha1 -} - -func newFakeImagePolicies(fake *FakeConfigV1alpha1, namespace string) typedconfigv1alpha1.ImagePolicyInterface { - return &fakeImagePolicies{ - gentype.NewFakeClientWithListAndApply[*v1alpha1.ImagePolicy, *v1alpha1.ImagePolicyList, *configv1alpha1.ImagePolicyApplyConfiguration]( - fake.Fake, - namespace, - v1alpha1.SchemeGroupVersion.WithResource("imagepolicies"), - v1alpha1.SchemeGroupVersion.WithKind("ImagePolicy"), - func() *v1alpha1.ImagePolicy { return &v1alpha1.ImagePolicy{} }, - func() *v1alpha1.ImagePolicyList { return &v1alpha1.ImagePolicyList{} }, - func(dst, src *v1alpha1.ImagePolicyList) { dst.ListMeta = src.ListMeta }, - func(list *v1alpha1.ImagePolicyList) []*v1alpha1.ImagePolicy { - return gentype.ToPointerSlice(list.Items) - }, - func(list *v1alpha1.ImagePolicyList, items []*v1alpha1.ImagePolicy) { - list.Items = gentype.FromPointerSlice(items) - }, - ), - fake, - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go new file mode 100644 index 0000000000..7efcece94e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakePKIs implements PKIInterface +type fakePKIs struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.PKI, *v1alpha1.PKIList, *configv1alpha1.PKIApplyConfiguration] + Fake *FakeConfigV1alpha1 +} + +func newFakePKIs(fake *FakeConfigV1alpha1) typedconfigv1alpha1.PKIInterface { + return &fakePKIs{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.PKI, *v1alpha1.PKIList, *configv1alpha1.PKIApplyConfiguration]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("pkis"), + v1alpha1.SchemeGroupVersion.WithKind("PKI"), + func() *v1alpha1.PKI { return &v1alpha1.PKI{} }, + func() *v1alpha1.PKIList { return &v1alpha1.PKIList{} }, + func(dst, src *v1alpha1.PKIList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.PKIList) []*v1alpha1.PKI { return gentype.ToPointerSlice(list.Items) }, + func(list *v1alpha1.PKIList, items []*v1alpha1.PKI) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 9f530ae220..bc1f603194 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,10 +6,8 @@ type BackupExpansion interface{} type CRIOCredentialProviderConfigExpansion interface{} -type ClusterImagePolicyExpansion interface{} - type ClusterMonitoringExpansion interface{} -type ImagePolicyExpansion interface{} - type InsightsDataGatherExpansion interface{} + +type PKIExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go deleted file mode 100644 index a893efeea7..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,58 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// ImagePoliciesGetter has a method to return a ImagePolicyInterface. -// A group's client should implement this interface. -type ImagePoliciesGetter interface { - ImagePolicies(namespace string) ImagePolicyInterface -} - -// ImagePolicyInterface has methods to work with ImagePolicy resources. -type ImagePolicyInterface interface { - Create(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.CreateOptions) (*configv1alpha1.ImagePolicy, error) - Update(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ImagePolicy, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ImagePolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.ImagePolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.ImagePolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.ImagePolicy, err error) - Apply(ctx context.Context, imagePolicy *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ImagePolicy, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, imagePolicy *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ImagePolicy, err error) - ImagePolicyExpansion -} - -// imagePolicies implements ImagePolicyInterface -type imagePolicies struct { - *gentype.ClientWithListAndApply[*configv1alpha1.ImagePolicy, *configv1alpha1.ImagePolicyList, *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration] -} - -// newImagePolicies returns a ImagePolicies -func newImagePolicies(c *ConfigV1alpha1Client, namespace string) *imagePolicies { - return &imagePolicies{ - gentype.NewClientWithListAndApply[*configv1alpha1.ImagePolicy, *configv1alpha1.ImagePolicyList, *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration]( - "imagepolicies", - c.RESTClient(), - scheme.ParameterCodec, - namespace, - func() *configv1alpha1.ImagePolicy { return &configv1alpha1.ImagePolicy{} }, - func() *configv1alpha1.ImagePolicyList { return &configv1alpha1.ImagePolicyList{} }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/pki.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/pki.go new file mode 100644 index 0000000000..ba099fcf10 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/pki.go @@ -0,0 +1,54 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + context "context" + + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// PKIsGetter has a method to return a PKIInterface. +// A group's client should implement this interface. +type PKIsGetter interface { + PKIs() PKIInterface +} + +// PKIInterface has methods to work with PKI resources. +type PKIInterface interface { + Create(ctx context.Context, pKI *configv1alpha1.PKI, opts v1.CreateOptions) (*configv1alpha1.PKI, error) + Update(ctx context.Context, pKI *configv1alpha1.PKI, opts v1.UpdateOptions) (*configv1alpha1.PKI, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.PKI, error) + List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.PKIList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.PKI, err error) + Apply(ctx context.Context, pKI *applyconfigurationsconfigv1alpha1.PKIApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.PKI, err error) + PKIExpansion +} + +// pKIs implements PKIInterface +type pKIs struct { + *gentype.ClientWithListAndApply[*configv1alpha1.PKI, *configv1alpha1.PKIList, *applyconfigurationsconfigv1alpha1.PKIApplyConfiguration] +} + +// newPKIs returns a PKIs +func newPKIs(c *ConfigV1alpha1Client) *pKIs { + return &pKIs{ + gentype.NewClientWithListAndApply[*configv1alpha1.PKI, *configv1alpha1.PKIList, *applyconfigurationsconfigv1alpha1.PKIApplyConfiguration]( + "pkis", + c.RESTClient(), + scheme.ParameterCodec, + "", + func() *configv1alpha1.PKI { return &configv1alpha1.PKI{} }, + func() *configv1alpha1.PKIList { return &configv1alpha1.PKIList{} }, + ), + } +} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index af5c3e27f1..0000000000 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,85 +0,0 @@ -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - time "time" - - apiconfigv1alpha1 "github.com/openshift/api/config/v1alpha1" - versioned "github.com/openshift/client-go/config/clientset/versioned" - internalinterfaces "github.com/openshift/client-go/config/informers/externalversions/internalinterfaces" - configv1alpha1 "github.com/openshift/client-go/config/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ClusterImagePolicyInformer provides access to a shared informer and lister for -// ClusterImagePolicies. -type ClusterImagePolicyInformer interface { - Informer() cache.SharedIndexInformer - Lister() configv1alpha1.ClusterImagePolicyLister -} - -type clusterImagePolicyInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewClusterImagePolicyInformer constructs a new informer for ClusterImagePolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewClusterImagePolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredClusterImagePolicyInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredClusterImagePolicyInformer constructs a new informer for ClusterImagePolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredClusterImagePolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().List(context.Background(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().Watch(context.Background(), options) - }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().List(ctx, options) - }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().Watch(ctx, options) - }, - }, client), - &apiconfigv1alpha1.ClusterImagePolicy{}, - resyncPeriod, - indexers, - ) -} - -func (f *clusterImagePolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredClusterImagePolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *clusterImagePolicyInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&apiconfigv1alpha1.ClusterImagePolicy{}, f.defaultInformer) -} - -func (f *clusterImagePolicyInformer) Lister() configv1alpha1.ClusterImagePolicyLister { - return configv1alpha1.NewClusterImagePolicyLister(f.Informer().GetIndexer()) -} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go index 10cc930b8c..17b0ebcc0b 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go @@ -12,14 +12,12 @@ type Interface interface { Backups() BackupInformer // CRIOCredentialProviderConfigs returns a CRIOCredentialProviderConfigInformer. CRIOCredentialProviderConfigs() CRIOCredentialProviderConfigInformer - // ClusterImagePolicies returns a ClusterImagePolicyInformer. - ClusterImagePolicies() ClusterImagePolicyInformer // ClusterMonitorings returns a ClusterMonitoringInformer. ClusterMonitorings() ClusterMonitoringInformer - // ImagePolicies returns a ImagePolicyInformer. - ImagePolicies() ImagePolicyInformer // InsightsDataGathers returns a InsightsDataGatherInformer. InsightsDataGathers() InsightsDataGatherInformer + // PKIs returns a PKIInformer. + PKIs() PKIInformer } type version struct { @@ -43,22 +41,17 @@ func (v *version) CRIOCredentialProviderConfigs() CRIOCredentialProviderConfigIn return &cRIOCredentialProviderConfigInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } -// ClusterImagePolicies returns a ClusterImagePolicyInformer. -func (v *version) ClusterImagePolicies() ClusterImagePolicyInformer { - return &clusterImagePolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - // ClusterMonitorings returns a ClusterMonitoringInformer. func (v *version) ClusterMonitorings() ClusterMonitoringInformer { return &clusterMonitoringInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } -// ImagePolicies returns a ImagePolicyInformer. -func (v *version) ImagePolicies() ImagePolicyInformer { - return &imagePolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - // InsightsDataGathers returns a InsightsDataGatherInformer. func (v *version) InsightsDataGathers() InsightsDataGatherInformer { return &insightsDataGatherInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } + +// PKIs returns a PKIInformer. +func (v *version) PKIs() PKIInformer { + return &pKIInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/pki.go similarity index 51% rename from vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/imagepolicy.go rename to vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/pki.go index d56c1e834f..3613eec8c0 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/imagepolicy.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/pki.go @@ -16,71 +16,70 @@ import ( cache "k8s.io/client-go/tools/cache" ) -// ImagePolicyInformer provides access to a shared informer and lister for -// ImagePolicies. -type ImagePolicyInformer interface { +// PKIInformer provides access to a shared informer and lister for +// PKIs. +type PKIInformer interface { Informer() cache.SharedIndexInformer - Lister() configv1alpha1.ImagePolicyLister + Lister() configv1alpha1.PKILister } -type imagePolicyInformer struct { +type pKIInformer struct { factory internalinterfaces.SharedInformerFactory tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string } -// NewImagePolicyInformer constructs a new informer for ImagePolicy type. +// NewPKIInformer constructs a new informer for PKI type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. -func NewImagePolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredImagePolicyInformer(client, namespace, resyncPeriod, indexers, nil) +func NewPKIInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredPKIInformer(client, resyncPeriod, indexers, nil) } -// NewFilteredImagePolicyInformer constructs a new informer for ImagePolicy type. +// NewFilteredPKIInformer constructs a new informer for PKI type. // Always prefer using an informer factory to get a shared informer instead of getting an independent // one. This reduces memory footprint and number of connections to the server. -func NewFilteredImagePolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { +func NewFilteredPKIInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { return cache.NewSharedIndexInformer( cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ ListFunc: func(options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().ImagePolicies(namespace).List(context.Background(), options) + return client.ConfigV1alpha1().PKIs().List(context.Background(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().ImagePolicies(namespace).Watch(context.Background(), options) + return client.ConfigV1alpha1().PKIs().Watch(context.Background(), options) }, ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().ImagePolicies(namespace).List(ctx, options) + return client.ConfigV1alpha1().PKIs().List(ctx, options) }, WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.ConfigV1alpha1().ImagePolicies(namespace).Watch(ctx, options) + return client.ConfigV1alpha1().PKIs().Watch(ctx, options) }, }, client), - &apiconfigv1alpha1.ImagePolicy{}, + &apiconfigv1alpha1.PKI{}, resyncPeriod, indexers, ) } -func (f *imagePolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredImagePolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +func (f *pKIInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredPKIInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) } -func (f *imagePolicyInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&apiconfigv1alpha1.ImagePolicy{}, f.defaultInformer) +func (f *pKIInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&apiconfigv1alpha1.PKI{}, f.defaultInformer) } -func (f *imagePolicyInformer) Lister() configv1alpha1.ImagePolicyLister { - return configv1alpha1.NewImagePolicyLister(f.Informer().GetIndexer()) +func (f *pKIInformer) Lister() configv1alpha1.PKILister { + return configv1alpha1.NewPKILister(f.Informer().GetIndexer()) } diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go index ca697748ae..4c00a13f17 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go @@ -93,14 +93,12 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().Backups().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("criocredentialproviderconfigs"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CRIOCredentialProviderConfigs().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("clusterimagepolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().ClusterImagePolicies().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("clustermonitorings"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().ClusterMonitorings().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("imagepolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().ImagePolicies().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("insightsdatagathers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().InsightsDataGathers().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("pkis"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().PKIs().Informer()}, nil // Group=config.openshift.io, Version=v1alpha2 case v1alpha2.SchemeGroupVersion.WithResource("insightsdatagathers"): diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 0512d3682f..0000000000 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,32 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - labels "k8s.io/apimachinery/pkg/labels" - listers "k8s.io/client-go/listers" - cache "k8s.io/client-go/tools/cache" -) - -// ClusterImagePolicyLister helps list ClusterImagePolicies. -// All objects returned here must be treated as read-only. -type ClusterImagePolicyLister interface { - // List lists all ClusterImagePolicies in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*configv1alpha1.ClusterImagePolicy, err error) - // Get retrieves the ClusterImagePolicy from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*configv1alpha1.ClusterImagePolicy, error) - ClusterImagePolicyListerExpansion -} - -// clusterImagePolicyLister implements the ClusterImagePolicyLister interface. -type clusterImagePolicyLister struct { - listers.ResourceIndexer[*configv1alpha1.ClusterImagePolicy] -} - -// NewClusterImagePolicyLister returns a new ClusterImagePolicyLister. -func NewClusterImagePolicyLister(indexer cache.Indexer) ClusterImagePolicyLister { - return &clusterImagePolicyLister{listers.New[*configv1alpha1.ClusterImagePolicy](indexer, configv1alpha1.Resource("clusterimagepolicy"))} -} diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go index 75ba32823f..3baf74bc8b 100644 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go +++ b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go @@ -10,22 +10,14 @@ type BackupListerExpansion interface{} // CRIOCredentialProviderConfigLister. type CRIOCredentialProviderConfigListerExpansion interface{} -// ClusterImagePolicyListerExpansion allows custom methods to be added to -// ClusterImagePolicyLister. -type ClusterImagePolicyListerExpansion interface{} - // ClusterMonitoringListerExpansion allows custom methods to be added to // ClusterMonitoringLister. type ClusterMonitoringListerExpansion interface{} -// ImagePolicyListerExpansion allows custom methods to be added to -// ImagePolicyLister. -type ImagePolicyListerExpansion interface{} - -// ImagePolicyNamespaceListerExpansion allows custom methods to be added to -// ImagePolicyNamespaceLister. -type ImagePolicyNamespaceListerExpansion interface{} - // InsightsDataGatherListerExpansion allows custom methods to be added to // InsightsDataGatherLister. type InsightsDataGatherListerExpansion interface{} + +// PKIListerExpansion allows custom methods to be added to +// PKILister. +type PKIListerExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go deleted file mode 100644 index 7050c57718..0000000000 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,54 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - labels "k8s.io/apimachinery/pkg/labels" - listers "k8s.io/client-go/listers" - cache "k8s.io/client-go/tools/cache" -) - -// ImagePolicyLister helps list ImagePolicies. -// All objects returned here must be treated as read-only. -type ImagePolicyLister interface { - // List lists all ImagePolicies in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*configv1alpha1.ImagePolicy, err error) - // ImagePolicies returns an object that can list and get ImagePolicies. - ImagePolicies(namespace string) ImagePolicyNamespaceLister - ImagePolicyListerExpansion -} - -// imagePolicyLister implements the ImagePolicyLister interface. -type imagePolicyLister struct { - listers.ResourceIndexer[*configv1alpha1.ImagePolicy] -} - -// NewImagePolicyLister returns a new ImagePolicyLister. -func NewImagePolicyLister(indexer cache.Indexer) ImagePolicyLister { - return &imagePolicyLister{listers.New[*configv1alpha1.ImagePolicy](indexer, configv1alpha1.Resource("imagepolicy"))} -} - -// ImagePolicies returns an object that can list and get ImagePolicies. -func (s *imagePolicyLister) ImagePolicies(namespace string) ImagePolicyNamespaceLister { - return imagePolicyNamespaceLister{listers.NewNamespaced[*configv1alpha1.ImagePolicy](s.ResourceIndexer, namespace)} -} - -// ImagePolicyNamespaceLister helps list and get ImagePolicies. -// All objects returned here must be treated as read-only. -type ImagePolicyNamespaceLister interface { - // List lists all ImagePolicies in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*configv1alpha1.ImagePolicy, err error) - // Get retrieves the ImagePolicy from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*configv1alpha1.ImagePolicy, error) - ImagePolicyNamespaceListerExpansion -} - -// imagePolicyNamespaceLister implements the ImagePolicyNamespaceLister -// interface. -type imagePolicyNamespaceLister struct { - listers.ResourceIndexer[*configv1alpha1.ImagePolicy] -} diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/pki.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/pki.go new file mode 100644 index 0000000000..8e644cfeb0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/pki.go @@ -0,0 +1,32 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// PKILister helps list PKIs. +// All objects returned here must be treated as read-only. +type PKILister interface { + // List lists all PKIs in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*configv1alpha1.PKI, err error) + // Get retrieves the PKI from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*configv1alpha1.PKI, error) + PKIListerExpansion +} + +// pKILister implements the PKILister interface. +type pKILister struct { + listers.ResourceIndexer[*configv1alpha1.PKI] +} + +// NewPKILister returns a new PKILister. +func NewPKILister(indexer cache.Indexer) PKILister { + return &pKILister{listers.New[*configv1alpha1.PKI](indexer, configv1alpha1.Resource("pki"))} +} diff --git a/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go index d03b7da441..5744792737 100644 --- a/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/image/applyconfigurations/internal/internal.go @@ -23,6 +23,170 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: ObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldPath + type: + scalar: string + - name: kind + type: + scalar: string + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resourceVersion + type: + scalar: string + - name: uid + type: + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.image.v1.Image map: fields: @@ -52,7 +216,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: dockerImageMetadata type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: dockerImageMetadataVersion type: scalar: string @@ -70,7 +234,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: signatures type: @@ -147,7 +311,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: created type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: imageIdentity type: scalar: string @@ -162,7 +326,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: signedClaims type: @@ -184,7 +348,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -209,7 +373,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: tag type: @@ -275,10 +439,10 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastProbeTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -320,7 +484,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: created type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: dockerImageReference type: scalar: string @@ -342,7 +506,7 @@ var schemaYAML = typed.YAMLObject(`types: default: 0 - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -379,7 +543,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: from type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io - name: generation type: scalar: numeric @@ -405,170 +569,6 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.api.core.v1.ObjectReference - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath - type: - scalar: string - - name: kind - type: - scalar: string - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string - - name: uid - type: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go index 3dd213be79..03faec6663 100644 --- a/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go @@ -23,6 +23,259 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message + type: + scalar: string + default: "" + - name: observedGeneration + type: + scalar: numeric + - name: reason + type: + scalar: string + default: "" + - name: status + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: string +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: IntOrString.intstr.util.pkg.apimachinery.k8s.io + scalar: untyped +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: matchExpressions + type: + list: + elementType: + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: matchLabels + type: + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: operator + type: + scalar: string + default: "" + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: NodeAddress.v1.core.api.k8s.io + map: + fields: + - name: address + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: ObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldPath + type: + scalar: string + - name: kind + type: + scalar: string + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resourceVersion + type: + scalar: string + - name: uid + type: + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: Taint.v1.core.api.k8s.io + map: + fields: + - name: effect + type: + scalar: string + default: "" + - name: key + type: + scalar: string + default: "" + - name: timeAdded + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: value + type: + scalar: string +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.machine.v1.AWSFailureDomain map: fields: @@ -102,7 +355,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -123,7 +376,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: selector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: state type: @@ -144,7 +397,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -319,7 +572,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -345,7 +598,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: lastUpdated type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: state type: scalar: string @@ -393,7 +646,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -414,7 +667,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -429,16 +682,16 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: maxUnhealthy type: - namedType: io.k8s.apimachinery.pkg.util.intstr.IntOrString + namedType: IntOrString.intstr.util.pkg.apimachinery.k8s.io - name: nodeStartupTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: remediationTemplate type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io - name: selector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: unhealthyConditions type: @@ -478,7 +731,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -506,7 +759,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: selector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: template type: @@ -580,7 +833,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Taint + namedType: Taint.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.machine.v1beta1.MachineStatus map: @@ -589,7 +842,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.NodeAddress + namedType: NodeAddress.v1.core.api.k8s.io elementRelationship: atomic - name: authoritativeAPI type: @@ -613,16 +866,16 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.machine.v1beta1.LastOperation - name: lastUpdated type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: nodeRef type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io - name: phase type: scalar: string - name: providerStatus type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: synchronizedAPI type: scalar: string @@ -666,7 +919,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - uid @@ -675,7 +928,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: value type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.machine.v1beta1.UnhealthyCondition map: fields: @@ -685,264 +938,11 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: timeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: type type: scalar: string default: "" -- name: io.k8s.api.core.v1.NodeAddress - map: - fields: - - name: address - type: - scalar: string - default: "" - - name: type - type: - scalar: string - default: "" -- name: io.k8s.api.core.v1.ObjectReference - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath - type: - scalar: string - - name: kind - type: - scalar: string - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string - - name: uid - type: - scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.Taint - map: - fields: - - name: effect - type: - scalar: string - default: "" - - name: key - type: - scalar: string - default: "" - - name: timeAdded - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: value - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - map: - fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message - type: - scalar: string - default: "" - - name: observedGeneration - type: - scalar: numeric - - name: reason - type: - scalar: string - default: "" - - name: status - type: - scalar: string - default: "" - - name: type - type: - scalar: string - default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - map: - fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels - type: - map: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - map: - fields: - - name: key - type: - scalar: string - default: "" - - name: operator - type: - scalar: string - default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.util.intstr.IntOrString - scalar: untyped - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go index e33d9fa11e..3a3fdc0c40 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal/internal.go @@ -23,6 +23,158 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message + type: + scalar: string + default: "" + - name: observedGeneration + type: + scalar: numeric + - name: reason + type: + scalar: string + default: "" + - name: status + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.machineconfiguration.v1.ContainerRuntimeConfig scalar: untyped list: @@ -124,7 +276,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -141,7 +293,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -175,7 +327,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -187,112 +339,6 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - name -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNode - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatus - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpec - map: - fields: - - name: configVersion - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpecMachineConfigVersion - default: {} - - name: node - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference - default: {} - - name: pool - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MCOObjectReference - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeSpecMachineConfigVersion - map: - fields: - - name: desired - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type - - name: configVersion - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusMachineConfigVersion - default: {} - - name: observedGeneration - type: - scalar: numeric - - name: pinnedImageSets - type: - list: - elementType: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusPinnedImageSet - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusMachineConfigVersion - map: - fields: - - name: current - type: - scalar: string - default: "" - - name: desired - type: - scalar: string - default: "" -- name: com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNodeStatusPinnedImageSet - map: - fields: - - name: currentGeneration - type: - scalar: numeric - - name: desiredGeneration - type: - scalar: numeric - - name: lastFailedGeneration - type: - scalar: numeric - - name: lastFailedGenerationError - type: - scalar: string - - name: name - type: - scalar: string - default: "" - name: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStream map: fields: @@ -304,7 +350,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -326,232 +372,25 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string - name: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamSpec - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamStatus map: fields: - - name: availableStreams - type: - list: - elementType: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamSet - elementRelationship: associative - keys: - - name - name: defaultStream type: scalar: string -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef - map: - fields: - - name: name - type: - scalar: string -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetStatus - default: {} -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetSpec +- name: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamStatus map: fields: - - name: pinnedImages + - name: availableStreams type: list: elementType: - namedType: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageRef + namedType: com.github.openshift.api.machineconfiguration.v1alpha1.OSImageStreamSet elementRelationship: associative keys: - name -- name: com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSetStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - map: - fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message - type: - scalar: string - default: "" - - name: observedGeneration - type: - scalar: numeric - - name: reason - type: - scalar: string - default: "" - - name: status - type: - scalar: string - default: "" - - name: type - type: - scalar: string - default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid + - name: defaultStream type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalartifactstore.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalartifactstore.go new file mode 100644 index 0000000000..e05ba78dc5 --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalartifactstore.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// AdditionalArtifactStoreApplyConfiguration represents a declarative configuration of the AdditionalArtifactStore type for use +// with apply. +// +// AdditionalArtifactStore defines an additional read-only storage location for Open Container Initiative (OCI) artifacts. +type AdditionalArtifactStoreApplyConfiguration struct { + // path specifies the absolute location of the additional artifact store. + // The path must exist on the node before configuration is applied. + // When an artifact is requested, artifacts found at this location will be used instead of + // retrieving from the registry. + // The path is required and must be between 1 and 256 characters long, begin with a forward slash, + // and only contain the characters a-z, A-Z, 0-9, '/', '.', '_', and '-'. + // Consecutive forward slashes are not permitted. + Path *machineconfigurationv1.StorePath `json:"path,omitempty"` +} + +// AdditionalArtifactStoreApplyConfiguration constructs a declarative configuration of the AdditionalArtifactStore type for use with +// apply. +func AdditionalArtifactStore() *AdditionalArtifactStoreApplyConfiguration { + return &AdditionalArtifactStoreApplyConfiguration{} +} + +// WithPath sets the Path field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Path field is set to the value of the last call. +func (b *AdditionalArtifactStoreApplyConfiguration) WithPath(value machineconfigurationv1.StorePath) *AdditionalArtifactStoreApplyConfiguration { + b.Path = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalimagestore.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalimagestore.go new file mode 100644 index 0000000000..970636fa6d --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionalimagestore.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// AdditionalImageStoreApplyConfiguration represents a declarative configuration of the AdditionalImageStore type for use +// with apply. +// +// AdditionalImageStore defines an additional read-only storage location for Open Container Initiative (OCI) images. +type AdditionalImageStoreApplyConfiguration struct { + // path specifies the absolute location of the additional image store. + // The path must exist on the node before configuration is applied. + // When a container image is requested, images found at this location will be used instead of + // retrieving from the registry. + // The path is required and must be between 1 and 256 characters long, begin with a forward slash, + // and only contain the characters a-z, A-Z, 0-9, '/', '.', '_', and '-'. + // Consecutive forward slashes are not permitted. + Path *machineconfigurationv1.StorePath `json:"path,omitempty"` +} + +// AdditionalImageStoreApplyConfiguration constructs a declarative configuration of the AdditionalImageStore type for use with +// apply. +func AdditionalImageStore() *AdditionalImageStoreApplyConfiguration { + return &AdditionalImageStoreApplyConfiguration{} +} + +// WithPath sets the Path field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Path field is set to the value of the last call. +func (b *AdditionalImageStoreApplyConfiguration) WithPath(value machineconfigurationv1.StorePath) *AdditionalImageStoreApplyConfiguration { + b.Path = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionallayerstore.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionallayerstore.go new file mode 100644 index 0000000000..ff190a7d14 --- /dev/null +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/additionallayerstore.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + machineconfigurationv1 "github.com/openshift/api/machineconfiguration/v1" +) + +// AdditionalLayerStoreApplyConfiguration represents a declarative configuration of the AdditionalLayerStore type for use +// with apply. +// +// AdditionalLayerStore defines a read-only storage location for Open Container Initiative (OCI) container image layers. +type AdditionalLayerStoreApplyConfiguration struct { + // path specifies the absolute location of the additional layer store. + // The path must exist on the node before configuration is applied. + // When a container image is requested, layers found at this location will be used instead of + // retrieving from the registry. + // The path is required and must be between 1 and 256 characters long, begin with a forward slash, + // and only contain the characters a-z, A-Z, 0-9, '/', '.', '_', and '-'. + // Consecutive forward slashes are not permitted. + Path *machineconfigurationv1.StorePath `json:"path,omitempty"` +} + +// AdditionalLayerStoreApplyConfiguration constructs a declarative configuration of the AdditionalLayerStore type for use with +// apply. +func AdditionalLayerStore() *AdditionalLayerStoreApplyConfiguration { + return &AdditionalLayerStoreApplyConfiguration{} +} + +// WithPath sets the Path field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Path field is set to the value of the last call. +func (b *AdditionalLayerStoreApplyConfiguration) WithPath(value machineconfigurationv1.StorePath) *AdditionalLayerStoreApplyConfiguration { + b.Path = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/containerruntimeconfiguration.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/containerruntimeconfiguration.go index a6602b20ec..1cf4219a14 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/containerruntimeconfiguration.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/containerruntimeconfiguration.go @@ -31,6 +31,36 @@ type ContainerRuntimeConfigurationApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, // which is subject to change over time. Currently, the default is `crun`. DefaultRuntime *machineconfigurationv1.ContainerRuntimeDefaultRuntime `json:"defaultRuntime,omitempty"` + // additionalLayerStores configures additional read-only container image layer store locations for Open Container Initiative (OCI) images. + // + // Layers are checked in order: additional stores first, then the default location. + // Stores are read-only. + // Maximum of 5 stores allowed. + // Each path must be unique. + // + // When omitted, only the default layer location is used. + // When specified, at least one store must be provided. + AdditionalLayerStores []AdditionalLayerStoreApplyConfiguration `json:"additionalLayerStores,omitempty"` + // additionalImageStores configures additional read-only container image store locations for Open Container Initiative (OCI) images. + // + // Images are checked in order: additional stores first, then the default location. + // Stores are read-only. + // Maximum of 10 stores allowed. + // Each path must be unique. + // + // When omitted, only the default image location is used. + // When specified, at least one store must be provided. + AdditionalImageStores []AdditionalImageStoreApplyConfiguration `json:"additionalImageStores,omitempty"` + // additionalArtifactStores configures additional read-only artifact storage locations for Open Container Initiative (OCI) artifacts. + // + // Artifacts are checked in order: additional stores first, then the default location (/var/lib/containers/storage/artifacts). + // Stores are read-only. + // Maximum of 10 stores allowed. + // Each path must be unique. + // + // When omitted, only the default artifact location is used. + // When specified, at least one store must be provided. + AdditionalArtifactStores []AdditionalArtifactStoreApplyConfiguration `json:"additionalArtifactStores,omitempty"` } // ContainerRuntimeConfigurationApplyConfiguration constructs a declarative configuration of the ContainerRuntimeConfiguration type for use with @@ -78,3 +108,42 @@ func (b *ContainerRuntimeConfigurationApplyConfiguration) WithDefaultRuntime(val b.DefaultRuntime = &value return b } + +// WithAdditionalLayerStores adds the given value to the AdditionalLayerStores field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalLayerStores field. +func (b *ContainerRuntimeConfigurationApplyConfiguration) WithAdditionalLayerStores(values ...*AdditionalLayerStoreApplyConfiguration) *ContainerRuntimeConfigurationApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalLayerStores") + } + b.AdditionalLayerStores = append(b.AdditionalLayerStores, *values[i]) + } + return b +} + +// WithAdditionalImageStores adds the given value to the AdditionalImageStores field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalImageStores field. +func (b *ContainerRuntimeConfigurationApplyConfiguration) WithAdditionalImageStores(values ...*AdditionalImageStoreApplyConfiguration) *ContainerRuntimeConfigurationApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalImageStores") + } + b.AdditionalImageStores = append(b.AdditionalImageStores, *values[i]) + } + return b +} + +// WithAdditionalArtifactStores adds the given value to the AdditionalArtifactStores field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalArtifactStores field. +func (b *ContainerRuntimeConfigurationApplyConfiguration) WithAdditionalArtifactStores(values ...*AdditionalArtifactStoreApplyConfiguration) *ContainerRuntimeConfigurationApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalArtifactStores") + } + b.AdditionalArtifactStores = append(b.AdditionalArtifactStores, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go index a3f0874801..e2e8c1e476 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1/machineconfignodestatus.go @@ -17,6 +17,7 @@ type MachineConfigNodeStatusApplyConfiguration struct { // and PinnedImageSetsDegraded. // The following types are only available when the ImageModeStatusReporting feature gate is enabled: ImagePulledFromRegistry, // AppliedOSImage, AppliedFiles + // The following types are only available when the NoRegistryClusterInstall feature gate is enabled: InternalReleaseImageDegraded Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"` // observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. // This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go deleted file mode 100644 index f1e9f7cbae..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignode.go +++ /dev/null @@ -1,275 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// MachineConfigNodeApplyConfiguration represents a declarative configuration of the MachineConfigNode type for use -// with apply. -// -// MachineConfigNode describes the health of the Machines on the system -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type MachineConfigNodeApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - // metadata is the standard object metadata. - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec describes the configuration of the machine config node. - Spec *MachineConfigNodeSpecApplyConfiguration `json:"spec,omitempty"` - // status describes the last observed state of this machine config node. - Status *MachineConfigNodeStatusApplyConfiguration `json:"status,omitempty"` -} - -// MachineConfigNode constructs a declarative configuration of the MachineConfigNode type for use with -// apply. -func MachineConfigNode(name string) *MachineConfigNodeApplyConfiguration { - b := &MachineConfigNodeApplyConfiguration{} - b.WithName(name) - b.WithKind("MachineConfigNode") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b -} - -// ExtractMachineConfigNodeFrom extracts the applied configuration owned by fieldManager from -// machineConfigNode for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// machineConfigNode must be a unmodified MachineConfigNode API object that was retrieved from the Kubernetes API. -// ExtractMachineConfigNodeFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractMachineConfigNodeFrom(machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, fieldManager string, subresource string) (*MachineConfigNodeApplyConfiguration, error) { - b := &MachineConfigNodeApplyConfiguration{} - err := managedfields.ExtractInto(machineConfigNode, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1alpha1.MachineConfigNode"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(machineConfigNode.Name) - - b.WithKind("MachineConfigNode") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b, nil -} - -// ExtractMachineConfigNode extracts the applied configuration owned by fieldManager from -// machineConfigNode. If no managedFields are found in machineConfigNode for fieldManager, a -// MachineConfigNodeApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// machineConfigNode must be a unmodified MachineConfigNode API object that was retrieved from the Kubernetes API. -// ExtractMachineConfigNode provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractMachineConfigNode(machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, fieldManager string) (*MachineConfigNodeApplyConfiguration, error) { - return ExtractMachineConfigNodeFrom(machineConfigNode, fieldManager, "") -} - -// ExtractMachineConfigNodeStatus extracts the applied configuration owned by fieldManager from -// machineConfigNode for the status subresource. -func ExtractMachineConfigNodeStatus(machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, fieldManager string) (*MachineConfigNodeApplyConfiguration, error) { - return ExtractMachineConfigNodeFrom(machineConfigNode, fieldManager, "status") -} - -func (b MachineConfigNodeApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithKind(value string) *MachineConfigNodeApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithAPIVersion(value string) *MachineConfigNodeApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithName(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithGenerateName(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithNamespace(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithUID(value types.UID) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithResourceVersion(value string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithGeneration(value int64) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithCreationTimestamp(value metav1.Time) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *MachineConfigNodeApplyConfiguration) WithLabels(entries map[string]string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *MachineConfigNodeApplyConfiguration) WithAnnotations(entries map[string]string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *MachineConfigNodeApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *MachineConfigNodeApplyConfiguration) WithFinalizers(values ...string) *MachineConfigNodeApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *MachineConfigNodeApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithSpec(value *MachineConfigNodeSpecApplyConfiguration) *MachineConfigNodeApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *MachineConfigNodeApplyConfiguration) WithStatus(value *MachineConfigNodeStatusApplyConfiguration) *MachineConfigNodeApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *MachineConfigNodeApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go deleted file mode 100644 index 3de85558ce..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespec.go +++ /dev/null @@ -1,49 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeSpecApplyConfiguration represents a declarative configuration of the MachineConfigNodeSpec type for use -// with apply. -// -// MachineConfigNodeSpec describes the MachineConfigNode we are managing. -type MachineConfigNodeSpecApplyConfiguration struct { - // node contains a reference to the node for this machine config node. - Node *MCOObjectReferenceApplyConfiguration `json:"node,omitempty"` - // pool contains a reference to the machine config pool that this machine config node's - // referenced node belongs to. - Pool *MCOObjectReferenceApplyConfiguration `json:"pool,omitempty"` - // configVersion holds the desired config version for the node targeted by this machine config node resource. - // The desired version represents the machine config the node will attempt to update to and gets set before the machine config operator validates - // the new machine config against the current machine config. - ConfigVersion *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration `json:"configVersion,omitempty"` -} - -// MachineConfigNodeSpecApplyConfiguration constructs a declarative configuration of the MachineConfigNodeSpec type for use with -// apply. -func MachineConfigNodeSpec() *MachineConfigNodeSpecApplyConfiguration { - return &MachineConfigNodeSpecApplyConfiguration{} -} - -// WithNode sets the Node field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Node field is set to the value of the last call. -func (b *MachineConfigNodeSpecApplyConfiguration) WithNode(value *MCOObjectReferenceApplyConfiguration) *MachineConfigNodeSpecApplyConfiguration { - b.Node = value - return b -} - -// WithPool sets the Pool field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Pool field is set to the value of the last call. -func (b *MachineConfigNodeSpecApplyConfiguration) WithPool(value *MCOObjectReferenceApplyConfiguration) *MachineConfigNodeSpecApplyConfiguration { - b.Pool = value - return b -} - -// WithConfigVersion sets the ConfigVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ConfigVersion field is set to the value of the last call. -func (b *MachineConfigNodeSpecApplyConfiguration) WithConfigVersion(value *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration) *MachineConfigNodeSpecApplyConfiguration { - b.ConfigVersion = value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go deleted file mode 100644 index fea4b34d07..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodespecmachineconfigversion.go +++ /dev/null @@ -1,35 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeSpecMachineConfigVersionApplyConfiguration represents a declarative configuration of the MachineConfigNodeSpecMachineConfigVersion type for use -// with apply. -// -// MachineConfigNodeSpecMachineConfigVersion holds the desired config version for the current observed machine config node. -// When Current is not equal to Desired, the MachineConfigOperator is in an upgrade phase and the machine config node will -// take account of upgrade related events. Otherwise, they will be ignored given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeSpecMachineConfigVersionApplyConfiguration struct { - // desired is the name of the machine config that the the node should be upgraded to. - // This value is set when the machine config pool generates a new version of its rendered configuration. - // When this value is changed, the machine config daemon starts the node upgrade process. - // This value gets set in the machine config node spec once the machine config has been targeted for upgrade and before it is validated. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Desired *string `json:"desired,omitempty"` -} - -// MachineConfigNodeSpecMachineConfigVersionApplyConfiguration constructs a declarative configuration of the MachineConfigNodeSpecMachineConfigVersion type for use with -// apply. -func MachineConfigNodeSpecMachineConfigVersion() *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration { - return &MachineConfigNodeSpecMachineConfigVersionApplyConfiguration{} -} - -// WithDesired sets the Desired field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Desired field is set to the value of the last call. -func (b *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration) WithDesired(value string) *MachineConfigNodeSpecMachineConfigVersionApplyConfiguration { - b.Desired = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go deleted file mode 100644 index 30a2ea48d2..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatus.go +++ /dev/null @@ -1,71 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// MachineConfigNodeStatusApplyConfiguration represents a declarative configuration of the MachineConfigNodeStatus type for use -// with apply. -// -// MachineConfigNodeStatus holds the reported information on a particular machine config node. -type MachineConfigNodeStatusApplyConfiguration struct { - // conditions represent the observations of a machine config node's current state. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` - // observedGeneration represents the generation of the MachineConfigNode object observed by the Machine Config Operator's controller. - // This field is updated when the controller observes a change to the desiredConfig in the configVersion of the machine config node spec. - ObservedGeneration *int64 `json:"observedGeneration,omitempty"` - // configVersion describes the current and desired machine config version for this node. - ConfigVersion *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration `json:"configVersion,omitempty"` - // pinnedImageSets describes the current and desired pinned image sets for this node. - PinnedImageSets []MachineConfigNodeStatusPinnedImageSetApplyConfiguration `json:"pinnedImageSets,omitempty"` -} - -// MachineConfigNodeStatusApplyConfiguration constructs a declarative configuration of the MachineConfigNodeStatus type for use with -// apply. -func MachineConfigNodeStatus() *MachineConfigNodeStatusApplyConfiguration { - return &MachineConfigNodeStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *MachineConfigNodeStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *MachineConfigNodeStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} - -// WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ObservedGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusApplyConfiguration) WithObservedGeneration(value int64) *MachineConfigNodeStatusApplyConfiguration { - b.ObservedGeneration = &value - return b -} - -// WithConfigVersion sets the ConfigVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ConfigVersion field is set to the value of the last call. -func (b *MachineConfigNodeStatusApplyConfiguration) WithConfigVersion(value *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration) *MachineConfigNodeStatusApplyConfiguration { - b.ConfigVersion = value - return b -} - -// WithPinnedImageSets adds the given value to the PinnedImageSets field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the PinnedImageSets field. -func (b *MachineConfigNodeStatusApplyConfiguration) WithPinnedImageSets(values ...*MachineConfigNodeStatusPinnedImageSetApplyConfiguration) *MachineConfigNodeStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithPinnedImageSets") - } - b.PinnedImageSets = append(b.PinnedImageSets, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go deleted file mode 100644 index d2cbf4ac4e..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatusmachineconfigversion.go +++ /dev/null @@ -1,50 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeStatusMachineConfigVersionApplyConfiguration represents a declarative configuration of the MachineConfigNodeStatusMachineConfigVersion type for use -// with apply. -// -// MachineConfigNodeStatusMachineConfigVersion holds the current and desired config versions as last updated in the MCN status. -// When the current and desired versions do not match, the machine config pool is processing an upgrade and the machine config node will -// monitor the upgrade process. -// When the current and desired versions do match, the machine config node will ignore these events given that certain operations -// happen both during the MCO's upgrade mode and the daily operations mode. -type MachineConfigNodeStatusMachineConfigVersionApplyConfiguration struct { - // current is the name of the machine config currently in use on the node. - // This value is updated once the machine config daemon has completed the update of the configuration for the node. - // This value should match the desired version unless an upgrade is in progress. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Current *string `json:"current,omitempty"` - // desired is the MachineConfig the node wants to upgrade to. - // This value gets set in the machine config node status once the machine config has been validated - // against the current machine config. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Desired *string `json:"desired,omitempty"` -} - -// MachineConfigNodeStatusMachineConfigVersionApplyConfiguration constructs a declarative configuration of the MachineConfigNodeStatusMachineConfigVersion type for use with -// apply. -func MachineConfigNodeStatusMachineConfigVersion() *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration { - return &MachineConfigNodeStatusMachineConfigVersionApplyConfiguration{} -} - -// WithCurrent sets the Current field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Current field is set to the value of the last call. -func (b *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration) WithCurrent(value string) *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration { - b.Current = &value - return b -} - -// WithDesired sets the Desired field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Desired field is set to the value of the last call. -func (b *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration) WithDesired(value string) *MachineConfigNodeStatusMachineConfigVersionApplyConfiguration { - b.Desired = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go deleted file mode 100644 index 0fb280a094..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/machineconfignodestatuspinnedimageset.go +++ /dev/null @@ -1,70 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MachineConfigNodeStatusPinnedImageSetApplyConfiguration represents a declarative configuration of the MachineConfigNodeStatusPinnedImageSet type for use -// with apply. -// -// MachineConfigNodeStatusPinnedImageSet holds information about the current, desired, and failed pinned image sets for the observed machine config node. -type MachineConfigNodeStatusPinnedImageSetApplyConfiguration struct { - // name is the name of the pinned image set. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Name *string `json:"name,omitempty"` - // currentGeneration is the generation of the pinned image set that has most recently been successfully pulled and pinned on this node. - CurrentGeneration *int32 `json:"currentGeneration,omitempty"` - // desiredGeneration is the generation of the pinned image set that is targeted to be pulled and pinned on this node. - DesiredGeneration *int32 `json:"desiredGeneration,omitempty"` - // lastFailedGeneration is the generation of the most recent pinned image set that failed to be pulled and pinned on this node. - LastFailedGeneration *int32 `json:"lastFailedGeneration,omitempty"` - // lastFailedGenerationError is the error explaining why the desired images failed to be pulled and pinned. - // The error is an empty string if the image pull and pin is successful. - LastFailedGenerationError *string `json:"lastFailedGenerationError,omitempty"` -} - -// MachineConfigNodeStatusPinnedImageSetApplyConfiguration constructs a declarative configuration of the MachineConfigNodeStatusPinnedImageSet type for use with -// apply. -func MachineConfigNodeStatusPinnedImageSet() *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - return &MachineConfigNodeStatusPinnedImageSetApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithName(value string) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.Name = &value - return b -} - -// WithCurrentGeneration sets the CurrentGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CurrentGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithCurrentGeneration(value int32) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.CurrentGeneration = &value - return b -} - -// WithDesiredGeneration sets the DesiredGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DesiredGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithDesiredGeneration(value int32) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.DesiredGeneration = &value - return b -} - -// WithLastFailedGeneration sets the LastFailedGeneration field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the LastFailedGeneration field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithLastFailedGeneration(value int32) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.LastFailedGeneration = &value - return b -} - -// WithLastFailedGenerationError sets the LastFailedGenerationError field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the LastFailedGenerationError field is set to the value of the last call. -func (b *MachineConfigNodeStatusPinnedImageSetApplyConfiguration) WithLastFailedGenerationError(value string) *MachineConfigNodeStatusPinnedImageSetApplyConfiguration { - b.LastFailedGenerationError = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go deleted file mode 100644 index a44d851dc7..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/mcoobjectreference.go +++ /dev/null @@ -1,31 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// MCOObjectReferenceApplyConfiguration represents a declarative configuration of the MCOObjectReference type for use -// with apply. -// -// MCOObjectReference holds information about an object the MCO either owns -// or modifies in some way -type MCOObjectReferenceApplyConfiguration struct { - // name is the name of the object being referenced. For example, this can represent a machine - // config pool or node name. - // Must be a lowercase RFC-1123 subdomain name (https://tools.ietf.org/html/rfc1123) consisting - // of only lowercase alphanumeric characters, hyphens (-), and periods (.), and must start and end - // with an alphanumeric character, and be at most 253 characters in length. - Name *string `json:"name,omitempty"` -} - -// MCOObjectReferenceApplyConfiguration constructs a declarative configuration of the MCOObjectReference type for use with -// apply. -func MCOObjectReference() *MCOObjectReferenceApplyConfiguration { - return &MCOObjectReferenceApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *MCOObjectReferenceApplyConfiguration) WithName(value string) *MCOObjectReferenceApplyConfiguration { - b.Name = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go index 6bf94b7636..c9979e8dd6 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/osimagestreamspec.go @@ -17,6 +17,17 @@ type OSImageStreamSpecApplyConfiguration struct { // status.availableStreams to apply as the default for MachineConfigPools // that do not specify a stream override. // + // When status.availableStreams has been populated by the operator, updating + // this field requires that the new value references the name of one of the + // streams in status.availableStreams. Status-only updates by the operator + // are not subject to this constraint, allowing the operator to update + // availableStreams independently of this field. + // During initial creation, before the operator has populated status, any + // valid value is accepted. + // + // When omitted, the operator determines the default stream automatically. + // Once set, this field cannot be removed. + // // It must be a valid RFC 1123 subdomain between 1 and 253 characters in length, // consisting of lowercase alphanumeric characters, hyphens ('-'), and periods ('.'). DefaultStream *string `json:"defaultStream,omitempty"` diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go deleted file mode 100644 index a7c9110d9a..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageref.go +++ /dev/null @@ -1,31 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" -) - -// PinnedImageRefApplyConfiguration represents a declarative configuration of the PinnedImageRef type for use -// with apply. -type PinnedImageRefApplyConfiguration struct { - // name is an OCI Image referenced by digest. - // The format of the image pull spec is: host[:port][/namespace]/name@sha256:, - // where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. - // The length of the whole spec must be between 1 to 447 characters. - Name *machineconfigurationv1alpha1.ImageDigestFormat `json:"name,omitempty"` -} - -// PinnedImageRefApplyConfiguration constructs a declarative configuration of the PinnedImageRef type for use with -// apply. -func PinnedImageRef() *PinnedImageRefApplyConfiguration { - return &PinnedImageRefApplyConfiguration{} -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageRefApplyConfiguration) WithName(value machineconfigurationv1alpha1.ImageDigestFormat) *PinnedImageRefApplyConfiguration { - b.Name = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 933222ce6f..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,276 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - internal "github.com/openshift/client-go/machineconfiguration/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// PinnedImageSetApplyConfiguration represents a declarative configuration of the PinnedImageSet type for use -// with apply. -// -// PinnedImageSet describes a set of images that should be pinned by CRI-O and -// pulled to the nodes which are members of the declared MachineConfigPools. -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type PinnedImageSetApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec describes the configuration of this pinned image set. - Spec *PinnedImageSetSpecApplyConfiguration `json:"spec,omitempty"` - // status describes the last observed state of this pinned image set. - Status *PinnedImageSetStatusApplyConfiguration `json:"status,omitempty"` -} - -// PinnedImageSet constructs a declarative configuration of the PinnedImageSet type for use with -// apply. -func PinnedImageSet(name string) *PinnedImageSetApplyConfiguration { - b := &PinnedImageSetApplyConfiguration{} - b.WithName(name) - b.WithKind("PinnedImageSet") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b -} - -// ExtractPinnedImageSetFrom extracts the applied configuration owned by fieldManager from -// pinnedImageSet for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// pinnedImageSet must be a unmodified PinnedImageSet API object that was retrieved from the Kubernetes API. -// ExtractPinnedImageSetFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractPinnedImageSetFrom(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string, subresource string) (*PinnedImageSetApplyConfiguration, error) { - b := &PinnedImageSetApplyConfiguration{} - err := managedfields.ExtractInto(pinnedImageSet, internal.Parser().Type("com.github.openshift.api.machineconfiguration.v1alpha1.PinnedImageSet"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(pinnedImageSet.Name) - - b.WithKind("PinnedImageSet") - b.WithAPIVersion("machineconfiguration.openshift.io/v1alpha1") - return b, nil -} - -// ExtractPinnedImageSet extracts the applied configuration owned by fieldManager from -// pinnedImageSet. If no managedFields are found in pinnedImageSet for fieldManager, a -// PinnedImageSetApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// pinnedImageSet must be a unmodified PinnedImageSet API object that was retrieved from the Kubernetes API. -// ExtractPinnedImageSet provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractPinnedImageSet(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string) (*PinnedImageSetApplyConfiguration, error) { - return ExtractPinnedImageSetFrom(pinnedImageSet, fieldManager, "") -} - -// ExtractPinnedImageSetStatus extracts the applied configuration owned by fieldManager from -// pinnedImageSet for the status subresource. -func ExtractPinnedImageSetStatus(pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, fieldManager string) (*PinnedImageSetApplyConfiguration, error) { - return ExtractPinnedImageSetFrom(pinnedImageSet, fieldManager, "status") -} - -func (b PinnedImageSetApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithKind(value string) *PinnedImageSetApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithAPIVersion(value string) *PinnedImageSetApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithName(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithGenerateName(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithNamespace(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithUID(value types.UID) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithResourceVersion(value string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithGeneration(value int64) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithCreationTimestamp(value metav1.Time) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *PinnedImageSetApplyConfiguration) WithLabels(entries map[string]string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *PinnedImageSetApplyConfiguration) WithAnnotations(entries map[string]string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *PinnedImageSetApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *PinnedImageSetApplyConfiguration) WithFinalizers(values ...string) *PinnedImageSetApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *PinnedImageSetApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithSpec(value *PinnedImageSetSpecApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *PinnedImageSetApplyConfiguration) WithStatus(value *PinnedImageSetStatusApplyConfiguration) *PinnedImageSetApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *PinnedImageSetApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go deleted file mode 100644 index f970e753de..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetspec.go +++ /dev/null @@ -1,43 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PinnedImageSetSpecApplyConfiguration represents a declarative configuration of the PinnedImageSetSpec type for use -// with apply. -// -// PinnedImageSetSpec defines the desired state of a PinnedImageSet. -type PinnedImageSetSpecApplyConfiguration struct { - // pinnedImages is a list of OCI Image referenced by digest that should be - // pinned and pre-loaded by the nodes of a MachineConfigPool. - // Translates into a new file inside the /etc/crio/crio.conf.d directory - // with content similar to this: - // - // pinned_images = [ - // "quay.io/openshift-release-dev/ocp-release@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:...", - // ... - // ] - // - // These image references should all be by digest, tags aren't allowed. - PinnedImages []PinnedImageRefApplyConfiguration `json:"pinnedImages,omitempty"` -} - -// PinnedImageSetSpecApplyConfiguration constructs a declarative configuration of the PinnedImageSetSpec type for use with -// apply. -func PinnedImageSetSpec() *PinnedImageSetSpecApplyConfiguration { - return &PinnedImageSetSpecApplyConfiguration{} -} - -// WithPinnedImages adds the given value to the PinnedImages field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the PinnedImages field. -func (b *PinnedImageSetSpecApplyConfiguration) WithPinnedImages(values ...*PinnedImageRefApplyConfiguration) *PinnedImageSetSpecApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithPinnedImages") - } - b.PinnedImages = append(b.PinnedImages, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go deleted file mode 100644 index ecd50b2853..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1/pinnedimagesetstatus.go +++ /dev/null @@ -1,35 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// PinnedImageSetStatusApplyConfiguration represents a declarative configuration of the PinnedImageSetStatus type for use -// with apply. -// -// PinnedImageSetStatus describes the current state of a PinnedImageSet. -type PinnedImageSetStatusApplyConfiguration struct { - // conditions represent the observations of a pinned image set's current state. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// PinnedImageSetStatusApplyConfiguration constructs a declarative configuration of the PinnedImageSetStatus type for use with -// apply. -func PinnedImageSetStatus() *PinnedImageSetStatusApplyConfiguration { - return &PinnedImageSetStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *PinnedImageSetStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *PinnedImageSetStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/utils.go b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/utils.go index ecc0d71ce5..12b2123fe1 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/utils.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/applyconfigurations/utils.go @@ -18,6 +18,12 @@ import ( func ForKind(kind schema.GroupVersionKind) interface{} { switch kind { // Group=machineconfiguration.openshift.io, Version=v1 + case v1.SchemeGroupVersion.WithKind("AdditionalArtifactStore"): + return &machineconfigurationv1.AdditionalArtifactStoreApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AdditionalImageStore"): + return &machineconfigurationv1.AdditionalImageStoreApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AdditionalLayerStore"): + return &machineconfigurationv1.AdditionalLayerStoreApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("CertExpiry"): return &machineconfigurationv1.CertExpiryApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("ContainerRuntimeConfig"): @@ -142,20 +148,6 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &machineconfigurationv1alpha1.InternalReleaseImageSpecApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("InternalReleaseImageStatus"): return &machineconfigurationv1alpha1.InternalReleaseImageStatusApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNode"): - return &machineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNodeSpec"): - return &machineconfigurationv1alpha1.MachineConfigNodeSpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNodeSpecMachineConfigVersion"): - return &machineconfigurationv1alpha1.MachineConfigNodeSpecMachineConfigVersionApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNodeStatus"): - return &machineconfigurationv1alpha1.MachineConfigNodeStatusApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNodeStatusMachineConfigVersion"): - return &machineconfigurationv1alpha1.MachineConfigNodeStatusMachineConfigVersionApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNodeStatusPinnedImageSet"): - return &machineconfigurationv1alpha1.MachineConfigNodeStatusPinnedImageSetApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("MCOObjectReference"): - return &machineconfigurationv1alpha1.MCOObjectReferenceApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("OSImageStream"): return &machineconfigurationv1alpha1.OSImageStreamApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("OSImageStreamSet"): @@ -164,14 +156,6 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &machineconfigurationv1alpha1.OSImageStreamSpecApplyConfiguration{} case v1alpha1.SchemeGroupVersion.WithKind("OSImageStreamStatus"): return &machineconfigurationv1alpha1.OSImageStreamStatusApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PinnedImageRef"): - return &machineconfigurationv1alpha1.PinnedImageRefApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PinnedImageSet"): - return &machineconfigurationv1alpha1.PinnedImageSetApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PinnedImageSetSpec"): - return &machineconfigurationv1alpha1.PinnedImageSetSpecApplyConfiguration{} - case v1alpha1.SchemeGroupVersion.WithKind("PinnedImageSetStatus"): - return &machineconfigurationv1alpha1.PinnedImageSetStatusApplyConfiguration{} } return nil diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfignode.go deleted file mode 100644 index 84b5e766a3..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfignode.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - machineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - typedmachineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1" - gentype "k8s.io/client-go/gentype" -) - -// fakeMachineConfigNodes implements MachineConfigNodeInterface -type fakeMachineConfigNodes struct { - *gentype.FakeClientWithListAndApply[*v1alpha1.MachineConfigNode, *v1alpha1.MachineConfigNodeList, *machineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration] - Fake *FakeMachineconfigurationV1alpha1 -} - -func newFakeMachineConfigNodes(fake *FakeMachineconfigurationV1alpha1) typedmachineconfigurationv1alpha1.MachineConfigNodeInterface { - return &fakeMachineConfigNodes{ - gentype.NewFakeClientWithListAndApply[*v1alpha1.MachineConfigNode, *v1alpha1.MachineConfigNodeList, *machineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration]( - fake.Fake, - "", - v1alpha1.SchemeGroupVersion.WithResource("machineconfignodes"), - v1alpha1.SchemeGroupVersion.WithKind("MachineConfigNode"), - func() *v1alpha1.MachineConfigNode { return &v1alpha1.MachineConfigNode{} }, - func() *v1alpha1.MachineConfigNodeList { return &v1alpha1.MachineConfigNodeList{} }, - func(dst, src *v1alpha1.MachineConfigNodeList) { dst.ListMeta = src.ListMeta }, - func(list *v1alpha1.MachineConfigNodeList) []*v1alpha1.MachineConfigNode { - return gentype.ToPointerSlice(list.Items) - }, - func(list *v1alpha1.MachineConfigNodeList, items []*v1alpha1.MachineConfigNode) { - list.Items = gentype.FromPointerSlice(items) - }, - ), - fake, - } -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go index 6a3a1df8e9..611ae4b077 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_machineconfiguration_client.go @@ -16,18 +16,10 @@ func (c *FakeMachineconfigurationV1alpha1) InternalReleaseImages() v1alpha1.Inte return newFakeInternalReleaseImages(c) } -func (c *FakeMachineconfigurationV1alpha1) MachineConfigNodes() v1alpha1.MachineConfigNodeInterface { - return newFakeMachineConfigNodes(c) -} - func (c *FakeMachineconfigurationV1alpha1) OSImageStreams() v1alpha1.OSImageStreamInterface { return newFakeOSImageStreams(c) } -func (c *FakeMachineconfigurationV1alpha1) PinnedImageSets() v1alpha1.PinnedImageSetInterface { - return newFakePinnedImageSets(c) -} - // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeMachineconfigurationV1alpha1) RESTClient() rest.Interface { diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go deleted file mode 100644 index 1d29be7792..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/fake/fake_pinnedimageset.go +++ /dev/null @@ -1,37 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - machineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - typedmachineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1" - gentype "k8s.io/client-go/gentype" -) - -// fakePinnedImageSets implements PinnedImageSetInterface -type fakePinnedImageSets struct { - *gentype.FakeClientWithListAndApply[*v1alpha1.PinnedImageSet, *v1alpha1.PinnedImageSetList, *machineconfigurationv1alpha1.PinnedImageSetApplyConfiguration] - Fake *FakeMachineconfigurationV1alpha1 -} - -func newFakePinnedImageSets(fake *FakeMachineconfigurationV1alpha1) typedmachineconfigurationv1alpha1.PinnedImageSetInterface { - return &fakePinnedImageSets{ - gentype.NewFakeClientWithListAndApply[*v1alpha1.PinnedImageSet, *v1alpha1.PinnedImageSetList, *machineconfigurationv1alpha1.PinnedImageSetApplyConfiguration]( - fake.Fake, - "", - v1alpha1.SchemeGroupVersion.WithResource("pinnedimagesets"), - v1alpha1.SchemeGroupVersion.WithKind("PinnedImageSet"), - func() *v1alpha1.PinnedImageSet { return &v1alpha1.PinnedImageSet{} }, - func() *v1alpha1.PinnedImageSetList { return &v1alpha1.PinnedImageSetList{} }, - func(dst, src *v1alpha1.PinnedImageSetList) { dst.ListMeta = src.ListMeta }, - func(list *v1alpha1.PinnedImageSetList) []*v1alpha1.PinnedImageSet { - return gentype.ToPointerSlice(list.Items) - }, - func(list *v1alpha1.PinnedImageSetList, items []*v1alpha1.PinnedImageSet) { - list.Items = gentype.FromPointerSlice(items) - }, - ), - fake, - } -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go index 33be914914..bac8beb74b 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/generated_expansion.go @@ -4,8 +4,4 @@ package v1alpha1 type InternalReleaseImageExpansion interface{} -type MachineConfigNodeExpansion interface{} - type OSImageStreamExpansion interface{} - -type PinnedImageSetExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go deleted file mode 100644 index d84721cb07..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfignode.go +++ /dev/null @@ -1,62 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - applyconfigurationsmachineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// MachineConfigNodesGetter has a method to return a MachineConfigNodeInterface. -// A group's client should implement this interface. -type MachineConfigNodesGetter interface { - MachineConfigNodes() MachineConfigNodeInterface -} - -// MachineConfigNodeInterface has methods to work with MachineConfigNode resources. -type MachineConfigNodeInterface interface { - Create(ctx context.Context, machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, opts v1.CreateOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - Update(ctx context.Context, machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, machineConfigNode *machineconfigurationv1alpha1.MachineConfigNode, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*machineconfigurationv1alpha1.MachineConfigNode, error) - List(ctx context.Context, opts v1.ListOptions) (*machineconfigurationv1alpha1.MachineConfigNodeList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *machineconfigurationv1alpha1.MachineConfigNode, err error) - Apply(ctx context.Context, machineConfigNode *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.MachineConfigNode, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, machineConfigNode *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.MachineConfigNode, err error) - MachineConfigNodeExpansion -} - -// machineConfigNodes implements MachineConfigNodeInterface -type machineConfigNodes struct { - *gentype.ClientWithListAndApply[*machineconfigurationv1alpha1.MachineConfigNode, *machineconfigurationv1alpha1.MachineConfigNodeList, *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration] -} - -// newMachineConfigNodes returns a MachineConfigNodes -func newMachineConfigNodes(c *MachineconfigurationV1alpha1Client) *machineConfigNodes { - return &machineConfigNodes{ - gentype.NewClientWithListAndApply[*machineconfigurationv1alpha1.MachineConfigNode, *machineconfigurationv1alpha1.MachineConfigNodeList, *applyconfigurationsmachineconfigurationv1alpha1.MachineConfigNodeApplyConfiguration]( - "machineconfignodes", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *machineconfigurationv1alpha1.MachineConfigNode { - return &machineconfigurationv1alpha1.MachineConfigNode{} - }, - func() *machineconfigurationv1alpha1.MachineConfigNodeList { - return &machineconfigurationv1alpha1.MachineConfigNodeList{} - }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go index 70682ef210..9fefd7bad0 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/machineconfiguration_client.go @@ -13,9 +13,7 @@ import ( type MachineconfigurationV1alpha1Interface interface { RESTClient() rest.Interface InternalReleaseImagesGetter - MachineConfigNodesGetter OSImageStreamsGetter - PinnedImageSetsGetter } // MachineconfigurationV1alpha1Client is used to interact with features provided by the machineconfiguration.openshift.io group. @@ -27,18 +25,10 @@ func (c *MachineconfigurationV1alpha1Client) InternalReleaseImages() InternalRel return newInternalReleaseImages(c) } -func (c *MachineconfigurationV1alpha1Client) MachineConfigNodes() MachineConfigNodeInterface { - return newMachineConfigNodes(c) -} - func (c *MachineconfigurationV1alpha1Client) OSImageStreams() OSImageStreamInterface { return newOSImageStreams(c) } -func (c *MachineconfigurationV1alpha1Client) PinnedImageSets() PinnedImageSetInterface { - return newPinnedImageSets(c) -} - // NewForConfig creates a new MachineconfigurationV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index d6aa0f3a26..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/clientset/versioned/typed/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,62 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - applyconfigurationsmachineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/applyconfigurations/machineconfiguration/v1alpha1" - scheme "github.com/openshift/client-go/machineconfiguration/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// PinnedImageSetsGetter has a method to return a PinnedImageSetInterface. -// A group's client should implement this interface. -type PinnedImageSetsGetter interface { - PinnedImageSets() PinnedImageSetInterface -} - -// PinnedImageSetInterface has methods to work with PinnedImageSet resources. -type PinnedImageSetInterface interface { - Create(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, opts v1.CreateOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - Update(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, pinnedImageSet *machineconfigurationv1alpha1.PinnedImageSet, opts v1.UpdateOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*machineconfigurationv1alpha1.PinnedImageSet, error) - List(ctx context.Context, opts v1.ListOptions) (*machineconfigurationv1alpha1.PinnedImageSetList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *machineconfigurationv1alpha1.PinnedImageSet, err error) - Apply(ctx context.Context, pinnedImageSet *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.PinnedImageSet, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, pinnedImageSet *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration, opts v1.ApplyOptions) (result *machineconfigurationv1alpha1.PinnedImageSet, err error) - PinnedImageSetExpansion -} - -// pinnedImageSets implements PinnedImageSetInterface -type pinnedImageSets struct { - *gentype.ClientWithListAndApply[*machineconfigurationv1alpha1.PinnedImageSet, *machineconfigurationv1alpha1.PinnedImageSetList, *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration] -} - -// newPinnedImageSets returns a PinnedImageSets -func newPinnedImageSets(c *MachineconfigurationV1alpha1Client) *pinnedImageSets { - return &pinnedImageSets{ - gentype.NewClientWithListAndApply[*machineconfigurationv1alpha1.PinnedImageSet, *machineconfigurationv1alpha1.PinnedImageSetList, *applyconfigurationsmachineconfigurationv1alpha1.PinnedImageSetApplyConfiguration]( - "pinnedimagesets", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *machineconfigurationv1alpha1.PinnedImageSet { - return &machineconfigurationv1alpha1.PinnedImageSet{} - }, - func() *machineconfigurationv1alpha1.PinnedImageSetList { - return &machineconfigurationv1alpha1.PinnedImageSetList{} - }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go index d8ae6246e4..c1148e7bcb 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/generic.go @@ -60,12 +60,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=machineconfiguration.openshift.io, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("internalreleaseimages"): return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1alpha1().InternalReleaseImages().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("machineconfignodes"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1alpha1().MachineConfigNodes().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("osimagestreams"): return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1alpha1().OSImageStreams().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("pinnedimagesets"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Machineconfiguration().V1alpha1().PinnedImageSets().Informer()}, nil } diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go index 54a6b6ab78..68bdde5193 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/interface.go @@ -10,12 +10,8 @@ import ( type Interface interface { // InternalReleaseImages returns a InternalReleaseImageInformer. InternalReleaseImages() InternalReleaseImageInformer - // MachineConfigNodes returns a MachineConfigNodeInformer. - MachineConfigNodes() MachineConfigNodeInformer // OSImageStreams returns a OSImageStreamInformer. OSImageStreams() OSImageStreamInformer - // PinnedImageSets returns a PinnedImageSetInformer. - PinnedImageSets() PinnedImageSetInformer } type version struct { @@ -34,17 +30,7 @@ func (v *version) InternalReleaseImages() InternalReleaseImageInformer { return &internalReleaseImageInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } -// MachineConfigNodes returns a MachineConfigNodeInformer. -func (v *version) MachineConfigNodes() MachineConfigNodeInformer { - return &machineConfigNodeInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - // OSImageStreams returns a OSImageStreamInformer. func (v *version) OSImageStreams() OSImageStreamInformer { return &oSImageStreamInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } - -// PinnedImageSets returns a PinnedImageSetInformer. -func (v *version) PinnedImageSets() PinnedImageSetInformer { - return &pinnedImageSetInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/machineconfignode.go deleted file mode 100644 index 4389c0c176..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/machineconfignode.go +++ /dev/null @@ -1,85 +0,0 @@ -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - time "time" - - apimachineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - versioned "github.com/openshift/client-go/machineconfiguration/clientset/versioned" - internalinterfaces "github.com/openshift/client-go/machineconfiguration/informers/externalversions/internalinterfaces" - machineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// MachineConfigNodeInformer provides access to a shared informer and lister for -// MachineConfigNodes. -type MachineConfigNodeInformer interface { - Informer() cache.SharedIndexInformer - Lister() machineconfigurationv1alpha1.MachineConfigNodeLister -} - -type machineConfigNodeInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewMachineConfigNodeInformer constructs a new informer for MachineConfigNode type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewMachineConfigNodeInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredMachineConfigNodeInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredMachineConfigNodeInformer constructs a new informer for MachineConfigNode type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredMachineConfigNodeInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().MachineConfigNodes().List(context.Background(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().MachineConfigNodes().Watch(context.Background(), options) - }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().MachineConfigNodes().List(ctx, options) - }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().MachineConfigNodes().Watch(ctx, options) - }, - }, client), - &apimachineconfigurationv1alpha1.MachineConfigNode{}, - resyncPeriod, - indexers, - ) -} - -func (f *machineConfigNodeInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredMachineConfigNodeInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *machineConfigNodeInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&apimachineconfigurationv1alpha1.MachineConfigNode{}, f.defaultInformer) -} - -func (f *machineConfigNodeInformer) Lister() machineconfigurationv1alpha1.MachineConfigNodeLister { - return machineconfigurationv1alpha1.NewMachineConfigNodeLister(f.Informer().GetIndexer()) -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 1f2088dd72..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,85 +0,0 @@ -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - time "time" - - apimachineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - versioned "github.com/openshift/client-go/machineconfiguration/clientset/versioned" - internalinterfaces "github.com/openshift/client-go/machineconfiguration/informers/externalversions/internalinterfaces" - machineconfigurationv1alpha1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// PinnedImageSetInformer provides access to a shared informer and lister for -// PinnedImageSets. -type PinnedImageSetInformer interface { - Informer() cache.SharedIndexInformer - Lister() machineconfigurationv1alpha1.PinnedImageSetLister -} - -type pinnedImageSetInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewPinnedImageSetInformer constructs a new informer for PinnedImageSet type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewPinnedImageSetInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredPinnedImageSetInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredPinnedImageSetInformer constructs a new informer for PinnedImageSet type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredPinnedImageSetInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().PinnedImageSets().List(context.Background(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().PinnedImageSets().Watch(context.Background(), options) - }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().PinnedImageSets().List(ctx, options) - }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.MachineconfigurationV1alpha1().PinnedImageSets().Watch(ctx, options) - }, - }, client), - &apimachineconfigurationv1alpha1.PinnedImageSet{}, - resyncPeriod, - indexers, - ) -} - -func (f *pinnedImageSetInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredPinnedImageSetInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *pinnedImageSetInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&apimachineconfigurationv1alpha1.PinnedImageSet{}, f.defaultInformer) -} - -func (f *pinnedImageSetInformer) Lister() machineconfigurationv1alpha1.PinnedImageSetLister { - return machineconfigurationv1alpha1.NewPinnedImageSetLister(f.Informer().GetIndexer()) -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go index 1dc14fe6d8..ea48806b9b 100644 --- a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go +++ b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/expansion_generated.go @@ -6,14 +6,6 @@ package v1alpha1 // InternalReleaseImageLister. type InternalReleaseImageListerExpansion interface{} -// MachineConfigNodeListerExpansion allows custom methods to be added to -// MachineConfigNodeLister. -type MachineConfigNodeListerExpansion interface{} - // OSImageStreamListerExpansion allows custom methods to be added to // OSImageStreamLister. type OSImageStreamListerExpansion interface{} - -// PinnedImageSetListerExpansion allows custom methods to be added to -// PinnedImageSetLister. -type PinnedImageSetListerExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/machineconfignode.go b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/machineconfignode.go deleted file mode 100644 index 294210e4de..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/machineconfignode.go +++ /dev/null @@ -1,32 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - labels "k8s.io/apimachinery/pkg/labels" - listers "k8s.io/client-go/listers" - cache "k8s.io/client-go/tools/cache" -) - -// MachineConfigNodeLister helps list MachineConfigNodes. -// All objects returned here must be treated as read-only. -type MachineConfigNodeLister interface { - // List lists all MachineConfigNodes in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*machineconfigurationv1alpha1.MachineConfigNode, err error) - // Get retrieves the MachineConfigNode from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*machineconfigurationv1alpha1.MachineConfigNode, error) - MachineConfigNodeListerExpansion -} - -// machineConfigNodeLister implements the MachineConfigNodeLister interface. -type machineConfigNodeLister struct { - listers.ResourceIndexer[*machineconfigurationv1alpha1.MachineConfigNode] -} - -// NewMachineConfigNodeLister returns a new MachineConfigNodeLister. -func NewMachineConfigNodeLister(indexer cache.Indexer) MachineConfigNodeLister { - return &machineConfigNodeLister{listers.New[*machineconfigurationv1alpha1.MachineConfigNode](indexer, machineconfigurationv1alpha1.Resource("machineconfignode"))} -} diff --git a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go b/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go deleted file mode 100644 index 1861270cac..0000000000 --- a/vendor/github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1/pinnedimageset.go +++ /dev/null @@ -1,32 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - machineconfigurationv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" - labels "k8s.io/apimachinery/pkg/labels" - listers "k8s.io/client-go/listers" - cache "k8s.io/client-go/tools/cache" -) - -// PinnedImageSetLister helps list PinnedImageSets. -// All objects returned here must be treated as read-only. -type PinnedImageSetLister interface { - // List lists all PinnedImageSets in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*machineconfigurationv1alpha1.PinnedImageSet, err error) - // Get retrieves the PinnedImageSet from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*machineconfigurationv1alpha1.PinnedImageSet, error) - PinnedImageSetListerExpansion -} - -// pinnedImageSetLister implements the PinnedImageSetLister interface. -type pinnedImageSetLister struct { - listers.ResourceIndexer[*machineconfigurationv1alpha1.PinnedImageSet] -} - -// NewPinnedImageSetLister returns a new PinnedImageSetLister. -func NewPinnedImageSetLister(indexer cache.Indexer) PinnedImageSetLister { - return &pinnedImageSetLister{listers.New[*machineconfigurationv1alpha1.PinnedImageSet](indexer, machineconfigurationv1alpha1.Resource("pinnedimageset"))} -} diff --git a/vendor/github.com/openshift/client-go/oauth/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/oauth/applyconfigurations/internal/internal.go index cc686d1d1c..d2d4836f3c 100644 --- a/vendor/github.com/openshift/client-go/oauth/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/oauth/applyconfigurations/internal/internal.go @@ -23,6 +23,133 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.oauth.v1.ClusterRoleScopeRestriction map: fields: @@ -65,7 +192,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: redirectURI type: @@ -108,7 +235,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: redirectURI type: @@ -154,7 +281,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: redirectURIs type: @@ -188,7 +315,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: scopes type: @@ -237,7 +364,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: redirectURI type: @@ -257,133 +384,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: userUID type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go index 51ec76686f..0fccb1b47f 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go @@ -23,61 +23,63 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.config.v1.ConfigMapFileReference +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: key + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - - name: name + default: "" + - name: observedGeneration + type: + scalar: numeric + - name: reason type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.ConfigMapNameReference - map: - fields: - - name: name + - name: status type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.CustomTLSProfile + - name: type + type: + scalar: string + default: "" +- name: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: string +- name: FieldSelectorAttributes.v1.authorization.api.k8s.io map: fields: - - name: ciphers + - name: rawSelector + type: + scalar: string + - name: requirements type: list: elementType: - scalar: string + namedType: FieldSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: minTLSVersion +- name: FieldSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: key type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.IntermediateTLSProfile - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.ModernTLSProfile - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.OldTLSProfile + - name: operator + type: + scalar: string + default: "" + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -89,191 +91,484 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.SecretNameReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.TLSProfileSpec +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: ciphers + - name: matchExpressions type: list: elementType: - scalar: string + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: minTLSVersion + - name: matchLabels type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.TLSSecurityProfile + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorAttributes.v1.authorization.api.k8s.io map: fields: - - name: custom - type: - namedType: com.github.openshift.api.config.v1.CustomTLSProfile - - name: intermediate - type: - namedType: com.github.openshift.api.config.v1.IntermediateTLSProfile - - name: modern - type: - namedType: com.github.openshift.api.config.v1.ModernTLSProfile - - name: old - type: - namedType: com.github.openshift.api.config.v1.OldTLSProfile - - name: type + - name: rawSelector type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: custom - discriminatorValue: Custom - - fieldName: intermediate - discriminatorValue: Intermediate - - fieldName: modern - discriminatorValue: Modern - - fieldName: old - discriminatorValue: Old -- name: com.github.openshift.api.operator.v1.AWSCSIDriverConfigSpec + - name: requirements + type: + list: + elementType: + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: efsVolumeMetrics - type: - namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics - - name: kmsKeyARN + - name: key type: scalar: string -- name: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters - map: - fields: - - name: connectionIdleTimeout + default: "" + - name: operator type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: subnets + scalar: string + default: "" + - name: values type: - namedType: com.github.openshift.api.operator.v1.AWSSubnets -- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + list: + elementType: + scalar: string + elementRelationship: atomic +- name: LocalObjectReference.v1.core.api.k8s.io map: fields: - - name: recursiveWalk - type: - namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig - - name: state + - name: name type: scalar: string default: "" - unions: - - discriminator: state - fields: - - fieldName: recursiveWalk - discriminatorValue: RecursiveWalk -- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: fsRateLimit + - name: apiVersion type: - scalar: numeric - - name: refreshPeriodMinutes + scalar: string + - name: fieldsType type: - scalar: numeric -- name: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters - map: - fields: - - name: classicLoadBalancer + scalar: string + - name: fieldsV1 type: - namedType: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters - - name: networkLoadBalancer + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: - namedType: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters - - name: type + scalar: string + - name: operation type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: classicLoadBalancer - discriminatorValue: ClassicLoadBalancerParameters - - fieldName: networkLoadBalancer - discriminatorValue: NetworkLoadBalancerParameters -- name: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: eipAllocations + - name: annotations type: - list: + map: elementType: scalar: string - elementRelationship: atomic - - name: subnets + - name: creationTimestamp type: - namedType: com.github.openshift.api.operator.v1.AWSSubnets -- name: com.github.openshift.api.operator.v1.AWSSubnets - map: - fields: - - name: ids + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: list: elementType: scalar: string - elementRelationship: atomic - - name: names + elementRelationship: associative + - name: generateName type: - list: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: elementType: scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.AccessLogging - map: - fields: - - name: destination - type: - namedType: com.github.openshift.api.operator.v1.LoggingDestination - default: {} - - name: httpCaptureCookies + - name: managedFields type: list: elementType: - namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: httpCaptureHeaders - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders - default: {} - - name: httpLogFormat + - name: name type: scalar: string - - name: logEmptyRequests + - name: namespace type: scalar: string -- name: com.github.openshift.api.operator.v1.AddPage - map: - fields: - - name: disabledActions + - name: ownerReferences type: list: elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition - map: - fields: - - name: name + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion type: scalar: string - default: "" - - name: namespace + - name: selfLink type: scalar: string - - name: rawCNIConfig + - name: uid type: scalar: string - - name: simpleMacvlanConfig +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ResourceAttributes.v1.authorization.api.k8s.io + map: + fields: + - name: fieldSelector + type: + namedType: FieldSelectorAttributes.v1.authorization.api.k8s.io + - name: group + type: + scalar: string + - name: labelSelector + type: + namedType: LabelSelectorAttributes.v1.authorization.api.k8s.io + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resource + type: + scalar: string + - name: subresource + type: + scalar: string + - name: verb + type: + scalar: string + - name: version + type: + scalar: string +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: Toleration.v1.core.api.k8s.io + map: + fields: + - name: effect + type: + scalar: string + - name: key + type: + scalar: string + - name: operator + type: + scalar: string + - name: tolerationSeconds + type: + scalar: numeric + - name: value + type: + scalar: string +- name: com.github.openshift.api.config.v1.ConfigMapFileReference + map: + fields: + - name: key + type: + scalar: string + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.ConfigMapNameReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.CustomTLSProfile + map: + fields: + - name: ciphers + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: minTLSVersion + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.IntermediateTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.ModernTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.OldTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.SecretNameReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TLSProfileSpec + map: + fields: + - name: ciphers + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: minTLSVersion + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TLSSecurityProfile + map: + fields: + - name: custom + type: + namedType: com.github.openshift.api.config.v1.CustomTLSProfile + - name: intermediate + type: + namedType: com.github.openshift.api.config.v1.IntermediateTLSProfile + - name: modern + type: + namedType: com.github.openshift.api.config.v1.ModernTLSProfile + - name: old + type: + namedType: com.github.openshift.api.config.v1.OldTLSProfile + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type + fields: + - fieldName: custom + discriminatorValue: Custom + - fieldName: intermediate + discriminatorValue: Intermediate + - fieldName: modern + discriminatorValue: Modern + - fieldName: old + discriminatorValue: Old +- name: com.github.openshift.api.operator.v1.AWSCSIDriverConfigSpec + map: + fields: + - name: efsVolumeMetrics + type: + namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + - name: kmsKeyARN + type: + scalar: string +- name: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters + map: + fields: + - name: connectionIdleTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: subnets + type: + namedType: com.github.openshift.api.operator.v1.AWSSubnets +- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + map: + fields: + - name: recursiveWalk + type: + namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + - name: state + type: + scalar: string + default: "" + unions: + - discriminator: state + fields: + - fieldName: recursiveWalk + discriminatorValue: RecursiveWalk +- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + map: + fields: + - name: fsRateLimit + type: + scalar: numeric + - name: refreshPeriodMinutes + type: + scalar: numeric +- name: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters + map: + fields: + - name: classicLoadBalancer + type: + namedType: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters + - name: networkLoadBalancer + type: + namedType: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type + fields: + - fieldName: classicLoadBalancer + discriminatorValue: ClassicLoadBalancerParameters + - fieldName: networkLoadBalancer + discriminatorValue: NetworkLoadBalancerParameters +- name: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters + map: + fields: + - name: eipAllocations + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: subnets + type: + namedType: com.github.openshift.api.operator.v1.AWSSubnets +- name: com.github.openshift.api.operator.v1.AWSSubnets + map: + fields: + - name: ids + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: names + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.AccessLogging + map: + fields: + - name: destination + type: + namedType: com.github.openshift.api.operator.v1.LoggingDestination + default: {} + - name: httpCaptureCookies + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie + elementRelationship: atomic + - name: httpCaptureHeaders + type: + namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders + default: {} + - name: httpLogFormat + type: + scalar: string + - name: logEmptyRequests + type: + scalar: string +- name: com.github.openshift.api.operator.v1.AddPage + map: + fields: + - name: disabledActions + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: namespace + type: + scalar: string + - name: rawCNIConfig + type: + scalar: string + - name: simpleMacvlanConfig type: namedType: com.github.openshift.api.operator.v1.SimpleMacvlanConfig - name: type @@ -300,7 +595,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -322,13 +617,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.AuthenticationStatus map: fields: @@ -389,6 +684,16 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.operator.v1.BGPManagedConfig + map: + fields: + - name: asNumber + type: + scalar: numeric + default: 64512 + - name: bgpTopology + type: + scalar: string - name: com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig map: fields: @@ -471,7 +776,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -493,13 +798,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.CSISnapshotControllerStatus map: fields: @@ -583,7 +888,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -608,13 +913,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.CloudCredentialStatus map: fields: @@ -689,7 +994,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -715,7 +1020,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -724,7 +1029,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ClusterCSIDriverStatus map: fields: @@ -781,7 +1086,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -814,13 +1119,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ConfigStatus map: fields: @@ -867,7 +1172,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -970,7 +1275,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -990,7 +1295,7 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ConsoleStatus map: fields: @@ -1043,7 +1348,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1058,10 +1363,10 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: negativeTTL type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: positiveTTL type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.DNSNodePlacement map: fields: @@ -1074,7 +1379,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.operator.v1.DNSOverTLSConfig map: @@ -1289,7 +1594,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1326,7 +1631,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -1335,7 +1640,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.EtcdStatus map: fields: @@ -1498,10 +1803,10 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: lastGatherDuration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: lastGatherTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.GathererStatus map: fields: @@ -1509,11 +1814,11 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: lastGatherDuration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: name type: scalar: string @@ -1559,450 +1864,141 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: advisorURI type: - scalar: string - default: "" - - name: description - type: - scalar: string - default: "" - - name: state - type: - scalar: string - default: "" - - name: totalRisk - type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.operator.v1.HostNetworkStrategy - map: - fields: - - name: httpPort - type: - scalar: numeric - - name: httpsPort - type: - scalar: numeric - - name: protocol - type: - scalar: string - - name: statsPort - type: - scalar: numeric -- name: com.github.openshift.api.operator.v1.HybridOverlayConfig - map: - fields: - - name: hybridClusterNetwork - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.ClusterNetworkEntry - elementRelationship: atomic - - name: hybridOverlayVXLANPort - type: - scalar: numeric -- name: com.github.openshift.api.operator.v1.IBMCloudCSIDriverConfigSpec - map: - fields: - - name: encryptionKeyCRN - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.IBMLoadBalancerParameters - map: - fields: - - name: protocol - type: - scalar: string -- name: com.github.openshift.api.operator.v1.IPAMConfig - map: - fields: - - name: staticIPAMConfig - type: - namedType: com.github.openshift.api.operator.v1.StaticIPAMConfig - - name: type - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.IPFIXConfig - map: - fields: - - name: collectors - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.IPsecConfig - map: - fields: - - name: full - type: - namedType: com.github.openshift.api.operator.v1.IPsecFullModeConfig - - name: mode - type: - scalar: string - unions: - - discriminator: mode - fields: - - fieldName: full - discriminatorValue: Full -- name: com.github.openshift.api.operator.v1.IPsecFullModeConfig - map: - fields: - - name: encapsulation - type: - scalar: string -- name: com.github.openshift.api.operator.v1.IPv4GatewayConfig - map: - fields: - - name: internalMasqueradeSubnet - type: - scalar: string -- name: com.github.openshift.api.operator.v1.IPv4OVNKubernetesConfig - map: - fields: - - name: internalJoinSubnet - type: - scalar: string - - name: internalTransitSwitchSubnet - type: - scalar: string -- name: com.github.openshift.api.operator.v1.IPv6GatewayConfig - map: - fields: - - name: internalMasqueradeSubnet - type: - scalar: string -- name: com.github.openshift.api.operator.v1.IPv6OVNKubernetesConfig - map: - fields: - - name: internalJoinSubnet - type: - scalar: string - - name: internalTransitSwitchSubnet - type: - scalar: string -- name: com.github.openshift.api.operator.v1.Ingress - map: - fields: - - name: clientDownloadsURL - type: - scalar: string - default: "" - - name: consoleURL - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.IngressController - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerStatus - default: {} -- name: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie - map: - fields: - - name: matchType - type: - scalar: string - default: "" - - name: maxLength - type: - scalar: numeric - default: 0 - - name: name + scalar: string + default: "" + - name: description type: scalar: string default: "" - - name: namePrefix + - name: state type: scalar: string default: "" - unions: - - discriminator: matchType - fields: - - fieldName: name - discriminatorValue: Name - - fieldName: namePrefix - discriminatorValue: NamePrefix -- name: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader + - name: totalRisk + type: + scalar: numeric + default: 0 +- name: com.github.openshift.api.operator.v1.HostNetworkStrategy map: fields: - - name: maxLength + - name: httpPort type: scalar: numeric - default: 0 - - name: name + - name: httpsPort + type: + scalar: numeric + - name: protocol type: scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders + - name: statsPort + type: + scalar: numeric +- name: com.github.openshift.api.operator.v1.HybridOverlayConfig map: fields: - - name: request + - name: hybridClusterNetwork type: list: elementType: - namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader + namedType: com.github.openshift.api.operator.v1.ClusterNetworkEntry elementRelationship: atomic - - name: response + - name: hybridOverlayVXLANPort type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeader + scalar: numeric +- name: com.github.openshift.api.operator.v1.IBMCloudCSIDriverConfigSpec map: fields: - - name: action - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActionUnion - default: {} - - name: name + - name: encryptionKeyCRN type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActionUnion +- name: com.github.openshift.api.operator.v1.IBMLoadBalancerParameters map: fields: - - name: set - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerSetHTTPHeader - - name: type + - name: protocol type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: set - discriminatorValue: Set -- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActions +- name: com.github.openshift.api.operator.v1.IPAMConfig map: fields: - - name: request + - name: staticIPAMConfig type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeader - elementRelationship: associative - keys: - - name - - name: response + namedType: com.github.openshift.api.operator.v1.StaticIPAMConfig + - name: type type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeader - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.IPFIXConfig map: fields: - - name: actions - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActions - default: {} - - name: forwardedHeaderPolicy - type: - scalar: string - - name: headerNameCaseAdjustments + - name: collectors type: list: elementType: scalar: string elementRelationship: atomic - - name: uniqueId - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPUniqueIdHeaderPolicy - default: {} -- name: com.github.openshift.api.operator.v1.IngressControllerHTTPUniqueIdHeaderPolicy +- name: com.github.openshift.api.operator.v1.IPsecConfig map: fields: - - name: format + - name: full type: - scalar: string - - name: name + namedType: com.github.openshift.api.operator.v1.IPsecFullModeConfig + - name: mode type: scalar: string -- name: com.github.openshift.api.operator.v1.IngressControllerLogging + unions: + - discriminator: mode + fields: + - fieldName: full + discriminatorValue: Full +- name: com.github.openshift.api.operator.v1.IPsecFullModeConfig map: fields: - - name: access + - name: encapsulation type: - namedType: com.github.openshift.api.operator.v1.AccessLogging -- name: com.github.openshift.api.operator.v1.IngressControllerSetHTTPHeader + scalar: string +- name: com.github.openshift.api.operator.v1.IPv4GatewayConfig map: fields: - - name: value + - name: internalMasqueradeSubnet type: scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.IngressControllerSpec +- name: com.github.openshift.api.operator.v1.IPv4OVNKubernetesConfig map: fields: - - name: clientTLS - type: - namedType: com.github.openshift.api.operator.v1.ClientTLS - default: {} - - name: closedClientConnectionPolicy - type: - scalar: string - default: Continue - - name: defaultCertificate - type: - namedType: io.k8s.api.core.v1.LocalObjectReference - - name: domain + - name: internalJoinSubnet type: scalar: string - - name: endpointPublishingStrategy - type: - namedType: com.github.openshift.api.operator.v1.EndpointPublishingStrategy - - name: httpCompression - type: - namedType: com.github.openshift.api.operator.v1.HTTPCompressionPolicy - default: {} - - name: httpEmptyRequestsPolicy + - name: internalTransitSwitchSubnet type: scalar: string - - name: httpErrorCodePages - type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: httpHeaders - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders - - name: idleConnectionTerminationPolicy +- name: com.github.openshift.api.operator.v1.IPv6GatewayConfig + map: + fields: + - name: internalMasqueradeSubnet type: scalar: string - default: Immediate - - name: logging - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerLogging - - name: namespaceSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: nodePlacement - type: - namedType: com.github.openshift.api.operator.v1.NodePlacement - - name: replicas - type: - scalar: numeric - - name: routeAdmission - type: - namedType: com.github.openshift.api.operator.v1.RouteAdmissionPolicy - - name: routeSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: tlsSecurityProfile - type: - namedType: com.github.openshift.api.config.v1.TLSSecurityProfile - - name: tuningOptions - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerTuningOptions - default: {} - - name: unsupportedConfigOverrides - type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.IngressControllerStatus +- name: com.github.openshift.api.operator.v1.IPv6OVNKubernetesConfig map: fields: - - name: availableReplicas - type: - scalar: numeric - default: 0 - - name: conditions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type - - name: domain + - name: internalJoinSubnet type: scalar: string - default: "" - - name: endpointPublishingStrategy - type: - namedType: com.github.openshift.api.operator.v1.EndpointPublishingStrategy - - name: namespaceSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: observedGeneration - type: - scalar: numeric - - name: routeSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: selector + - name: internalTransitSwitchSubnet type: scalar: string - default: "" - - name: tlsProfile - type: - namedType: com.github.openshift.api.config.v1.TLSProfileSpec -- name: com.github.openshift.api.operator.v1.IngressControllerTuningOptions +- name: com.github.openshift.api.operator.v1.Ingress map: fields: - - name: clientFinTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: clientTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: connectTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: headerBufferBytes - type: - scalar: numeric - - name: headerBufferMaxRewriteBytes - type: - scalar: numeric - - name: healthCheckInterval - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: httpKeepAliveTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: maxConnections - type: - scalar: numeric - - name: reloadInterval - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: serverFinTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: serverTimeout - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: threadCount - type: - scalar: numeric - - name: tlsInspectDelay + - name: clientDownloadsURL type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: tunnelTimeout + scalar: string + default: "" + - name: consoleURL type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration -- name: com.github.openshift.api.operator.v1.InsightsOperator + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.IngressController map: fields: - name: apiVersion @@ -2013,305 +2009,305 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.InsightsOperatorSpec + namedType: com.github.openshift.api.operator.v1.IngressControllerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.InsightsOperatorStatus + namedType: com.github.openshift.api.operator.v1.IngressControllerStatus default: {} -- name: com.github.openshift.api.operator.v1.InsightsOperatorSpec +- name: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie map: fields: - - name: logLevel + - name: matchType type: scalar: string - - name: managementState + default: "" + - name: maxLength + type: + scalar: numeric + default: 0 + - name: name type: scalar: string default: "" - - name: observedConfig - type: - namedType: __untyped_atomic_ - - name: operatorLogLevel + - name: namePrefix type: scalar: string - - name: unsupportedConfigOverrides + default: "" + unions: + - discriminator: matchType + fields: + - fieldName: name + discriminatorValue: Name + - fieldName: namePrefix + discriminatorValue: NamePrefix +- name: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader + map: + fields: + - name: maxLength type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.InsightsOperatorStatus + scalar: numeric + default: 0 + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders map: fields: - - name: conditions + - name: request type: list: elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type - - name: gatherStatus - type: - namedType: com.github.openshift.api.operator.v1.GatherStatus - default: {} - - name: generations + namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader + elementRelationship: atomic + - name: response type: list: elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus - elementRelationship: associative - keys: - - group - - resource - - namespace - - name - - name: insightsReport + namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeader + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeader + map: + fields: + - name: action type: - namedType: com.github.openshift.api.operator.v1.InsightsReport + namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActionUnion default: {} - - name: latestAvailableRevision - type: - scalar: numeric - - name: observedGeneration + - name: name type: - scalar: numeric - - name: readyReplicas + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActionUnion + map: + fields: + - name: set type: - scalar: numeric - default: 0 - - name: version + namedType: com.github.openshift.api.operator.v1.IngressControllerSetHTTPHeader + - name: type type: scalar: string -- name: com.github.openshift.api.operator.v1.InsightsReport + default: "" + unions: + - discriminator: type + fields: + - fieldName: set + discriminatorValue: Set +- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActions map: fields: - - name: downloadedAt - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: healthChecks + - name: request type: list: elementType: - namedType: com.github.openshift.api.operator.v1.HealthCheck - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.IrreconcilableValidationOverrides - map: - fields: - - name: storage + namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeader + elementRelationship: associative + keys: + - name + - name: response type: list: elementType: - scalar: string + namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeader elementRelationship: associative -- name: com.github.openshift.api.operator.v1.KubeAPIServer + keys: + - name +- name: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders map: fields: - - name: apiVersion + - name: actions type: - scalar: string - - name: kind + namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaderActions + default: {} + - name: forwardedHeaderPolicy type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + - name: headerNameCaseAdjustments type: - namedType: com.github.openshift.api.operator.v1.KubeAPIServerSpec - default: {} - - name: status + list: + elementType: + scalar: string + elementRelationship: atomic + - name: uniqueId type: - namedType: com.github.openshift.api.operator.v1.KubeAPIServerStatus + namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPUniqueIdHeaderPolicy default: {} -- name: com.github.openshift.api.operator.v1.KubeAPIServerSpec +- name: com.github.openshift.api.operator.v1.IngressControllerHTTPUniqueIdHeaderPolicy map: fields: - - name: eventTTLMinutes + - name: format type: - scalar: numeric - - name: failedRevisionLimit + scalar: string + - name: name type: - scalar: numeric - - name: forceRedeploymentReason + scalar: string +- name: com.github.openshift.api.operator.v1.IngressControllerLogging + map: + fields: + - name: access + type: + namedType: com.github.openshift.api.operator.v1.AccessLogging +- name: com.github.openshift.api.operator.v1.IngressControllerSetHTTPHeader + map: + fields: + - name: value type: scalar: string default: "" - - name: logLevel +- name: com.github.openshift.api.operator.v1.IngressControllerSpec + map: + fields: + - name: clientTLS type: - scalar: string - - name: managementState + namedType: com.github.openshift.api.operator.v1.ClientTLS + default: {} + - name: closedClientConnectionPolicy type: scalar: string - default: "" - - name: observedConfig + default: Continue + - name: defaultCertificate type: - namedType: __untyped_atomic_ - - name: operatorLogLevel + namedType: LocalObjectReference.v1.core.api.k8s.io + - name: domain type: scalar: string - - name: succeededRevisionLimit + - name: endpointPublishingStrategy type: - scalar: numeric - - name: unsupportedConfigOverrides + namedType: com.github.openshift.api.operator.v1.EndpointPublishingStrategy + - name: httpCompression type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.KubeAPIServerStatus - map: - fields: - - name: conditions + namedType: com.github.openshift.api.operator.v1.HTTPCompressionPolicy + default: {} + - name: httpEmptyRequestsPolicy type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type - - name: generations + scalar: string + - name: httpErrorCodePages type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus - elementRelationship: associative - keys: - - group - - resource - - namespace - - name - - name: latestAvailableRevision + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: httpHeaders type: - scalar: numeric - - name: latestAvailableRevisionReason + namedType: com.github.openshift.api.operator.v1.IngressControllerHTTPHeaders + - name: idleConnectionTerminationPolicy type: scalar: string - - name: nodeStatuses - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName - - name: observedGeneration + default: Immediate + - name: logging type: - scalar: numeric - - name: readyReplicas + namedType: com.github.openshift.api.operator.v1.IngressControllerLogging + - name: namespaceSelector type: - scalar: numeric - default: 0 - - name: serviceAccountIssuers + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: nodePlacement type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.ServiceAccountIssuerStatus - elementRelationship: atomic - - name: version + namedType: com.github.openshift.api.operator.v1.NodePlacement + - name: replicas type: - scalar: string -- name: com.github.openshift.api.operator.v1.KubeControllerManager - map: - fields: - - name: apiVersion + scalar: numeric + - name: routeAdmission type: - scalar: string - - name: kind + namedType: com.github.openshift.api.operator.v1.RouteAdmissionPolicy + - name: routeSelector type: - scalar: string - - name: metadata + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: tlsSecurityProfile type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + namedType: com.github.openshift.api.config.v1.TLSSecurityProfile + - name: tuningOptions type: - namedType: com.github.openshift.api.operator.v1.KubeControllerManagerSpec + namedType: com.github.openshift.api.operator.v1.IngressControllerTuningOptions default: {} - - name: status + - name: unsupportedConfigOverrides type: - namedType: com.github.openshift.api.operator.v1.KubeControllerManagerStatus - default: {} -- name: com.github.openshift.api.operator.v1.KubeControllerManagerSpec + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.IngressControllerStatus map: fields: - - name: failedRevisionLimit + - name: availableReplicas type: scalar: numeric - - name: forceRedeploymentReason - type: - scalar: string - default: "" - - name: logLevel + default: 0 + - name: conditions type: - scalar: string - - name: managementState + list: + elementType: + namedType: com.github.openshift.api.operator.v1.OperatorCondition + elementRelationship: associative + keys: + - type + - name: domain type: scalar: string default: "" - - name: observedConfig + - name: endpointPublishingStrategy type: - namedType: __untyped_atomic_ - - name: operatorLogLevel + namedType: com.github.openshift.api.operator.v1.EndpointPublishingStrategy + - name: namespaceSelector type: - scalar: string - - name: succeededRevisionLimit + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: observedGeneration type: scalar: numeric - - name: unsupportedConfigOverrides + - name: routeSelector type: - namedType: __untyped_atomic_ - - name: useMoreSecureServiceCA + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: selector type: - scalar: boolean - default: false -- name: com.github.openshift.api.operator.v1.KubeControllerManagerStatus + scalar: string + default: "" + - name: tlsProfile + type: + namedType: com.github.openshift.api.config.v1.TLSProfileSpec +- name: com.github.openshift.api.operator.v1.IngressControllerTuningOptions map: fields: - - name: conditions + - name: clientFinTimeout type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type - - name: generations + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: clientTimeout type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus - elementRelationship: associative - keys: - - group - - resource - - namespace - - name - - name: latestAvailableRevision + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: connectTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: headerBufferBytes type: scalar: numeric - - name: latestAvailableRevisionReason + - name: headerBufferMaxRewriteBytes type: - scalar: string - - name: nodeStatuses + scalar: numeric + - name: healthCheckInterval type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName - - name: observedGeneration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: httpKeepAliveTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: maxConnections type: scalar: numeric - - name: readyReplicas + - name: reloadInterval + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: serverFinTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: serverTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: threadCount type: scalar: numeric - default: 0 - - name: version + - name: tlsInspectDelay type: - scalar: string -- name: com.github.openshift.api.operator.v1.KubeScheduler + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: tunnelTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.InsightsOperator map: fields: - name: apiVersion @@ -2322,26 +2318,19 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.KubeSchedulerSpec + namedType: com.github.openshift.api.operator.v1.InsightsOperatorSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.KubeSchedulerStatus + namedType: com.github.openshift.api.operator.v1.InsightsOperatorStatus default: {} -- name: com.github.openshift.api.operator.v1.KubeSchedulerSpec +- name: com.github.openshift.api.operator.v1.InsightsOperatorSpec map: fields: - - name: failedRevisionLimit - type: - scalar: numeric - - name: forceRedeploymentReason - type: - scalar: string - default: "" - name: logLevel type: scalar: string @@ -2351,17 +2340,14 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - - name: succeededRevisionLimit - type: - scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.KubeSchedulerStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.InsightsOperatorStatus map: fields: - name: conditions @@ -2372,6 +2358,10 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: associative keys: - type + - name: gatherStatus + type: + namedType: com.github.openshift.api.operator.v1.GatherStatus + default: {} - name: generations type: list: @@ -2383,20 +2373,13 @@ var schemaYAML = typed.YAMLObject(`types: - resource - namespace - name + - name: insightsReport + type: + namedType: com.github.openshift.api.operator.v1.InsightsReport + default: {} - name: latestAvailableRevision type: scalar: numeric - - name: latestAvailableRevisionReason - type: - scalar: string - - name: nodeStatuses - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeStatus - elementRelationship: associative - keys: - - nodeName - name: observedGeneration type: scalar: numeric @@ -2407,7 +2390,28 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.KubeStorageVersionMigrator +- name: com.github.openshift.api.operator.v1.InsightsReport + map: + fields: + - name: downloadedAt + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: healthChecks + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.HealthCheck + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.IrreconcilableValidationOverrides + map: + fields: + - name: storage + type: + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.operator.v1.KubeAPIServer map: fields: - name: apiVersion @@ -2418,19 +2422,29 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorSpec + namedType: com.github.openshift.api.operator.v1.KubeAPIServerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorStatus + namedType: com.github.openshift.api.operator.v1.KubeAPIServerStatus default: {} -- name: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorSpec +- name: com.github.openshift.api.operator.v1.KubeAPIServerSpec map: fields: + - name: eventTTLMinutes + type: + scalar: numeric + - name: failedRevisionLimit + type: + scalar: numeric + - name: forceRedeploymentReason + type: + scalar: string + default: "" - name: logLevel type: scalar: string @@ -2440,14 +2454,17 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string + - name: succeededRevisionLimit + type: + scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.KubeAPIServerStatus map: fields: - name: conditions @@ -2457,105 +2474,49 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.operator.v1.OperatorCondition elementRelationship: associative keys: - - type - - name: generations - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus - elementRelationship: associative - keys: - - group - - resource - - namespace - - name - - name: latestAvailableRevision - type: - scalar: numeric - - name: observedGeneration - type: - scalar: numeric - - name: readyReplicas - type: - scalar: numeric - default: 0 - - name: version - type: - scalar: string -- name: com.github.openshift.api.operator.v1.LoadBalancerStrategy - map: - fields: - - name: allowedSourceRanges - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: dnsManagementPolicy - type: - scalar: string - default: Managed - - name: providerParameters - type: - namedType: com.github.openshift.api.operator.v1.ProviderLoadBalancerParameters - - name: scope - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.LoggingDestination - map: - fields: - - name: container - type: - namedType: com.github.openshift.api.operator.v1.ContainerLoggingDestinationParameters - - name: syslog - type: - namedType: com.github.openshift.api.operator.v1.SyslogLoggingDestinationParameters - - name: type - type: - scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: container - discriminatorValue: Container - - fieldName: syslog - discriminatorValue: Syslog -- name: com.github.openshift.api.operator.v1.Logo - map: - fields: - - name: themes + - type + - name: generations type: list: elementType: - namedType: com.github.openshift.api.operator.v1.Theme + namedType: com.github.openshift.api.operator.v1.GenerationStatus elementRelationship: associative keys: - - mode - - name: type + - group + - resource + - namespace + - name + - name: latestAvailableRevision type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.MTUMigration - map: - fields: - - name: machine + scalar: numeric + - name: latestAvailableRevisionReason type: - namedType: com.github.openshift.api.operator.v1.MTUMigrationValues - - name: network + scalar: string + - name: nodeStatuses type: - namedType: com.github.openshift.api.operator.v1.MTUMigrationValues -- name: com.github.openshift.api.operator.v1.MTUMigrationValues - map: - fields: - - name: from + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeStatus + elementRelationship: associative + keys: + - nodeName + - name: observedGeneration type: scalar: numeric - - name: to + - name: readyReplicas type: scalar: numeric -- name: com.github.openshift.api.operator.v1.MachineConfiguration + default: 0 + - name: serviceAccountIssuers + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.ServiceAccountIssuerStatus + elementRelationship: atomic + - name: version + type: + scalar: string +- name: com.github.openshift.api.operator.v1.KubeControllerManager map: fields: - name: apiVersion @@ -2566,23 +2527,19 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.MachineConfigurationSpec + namedType: com.github.openshift.api.operator.v1.KubeControllerManagerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.MachineConfigurationStatus + namedType: com.github.openshift.api.operator.v1.KubeControllerManagerStatus default: {} -- name: com.github.openshift.api.operator.v1.MachineConfigurationSpec +- name: com.github.openshift.api.operator.v1.KubeControllerManagerSpec map: fields: - - name: bootImageSkewEnforcement - type: - namedType: com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig - default: {} - name: failedRevisionLimit type: scalar: numeric @@ -2590,28 +2547,16 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" - - name: irreconcilableValidationOverrides - type: - namedType: com.github.openshift.api.operator.v1.IrreconcilableValidationOverrides - default: {} - name: logLevel type: scalar: string - - name: managedBootImages - type: - namedType: com.github.openshift.api.operator.v1.ManagedBootImages - default: {} - name: managementState type: scalar: string default: "" - - name: nodeDisruptionPolicy - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig - default: {} - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -2620,85 +2565,58 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.MachineConfigurationStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: useMoreSecureServiceCA + type: + scalar: boolean + default: false +- name: com.github.openshift.api.operator.v1.KubeControllerManagerStatus map: fields: - - name: bootImageSkewEnforcementStatus - type: - namedType: com.github.openshift.api.operator.v1.BootImageSkewEnforcementStatus - default: {} - name: conditions type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: com.github.openshift.api.operator.v1.OperatorCondition elementRelationship: associative keys: - type - - name: managedBootImagesStatus - type: - namedType: com.github.openshift.api.operator.v1.ManagedBootImages - default: {} - - name: nodeDisruptionPolicyStatus + - name: generations type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus - default: {} - - name: observedGeneration + list: + elementType: + namedType: com.github.openshift.api.operator.v1.GenerationStatus + elementRelationship: associative + keys: + - group + - resource + - namespace + - name + - name: latestAvailableRevision type: scalar: numeric -- name: com.github.openshift.api.operator.v1.MachineManager - map: - fields: - - name: apiGroup - type: - scalar: string - default: "" - - name: resource - type: - scalar: string - default: "" - - name: selection - type: - namedType: com.github.openshift.api.operator.v1.MachineManagerSelector - default: {} -- name: com.github.openshift.api.operator.v1.MachineManagerSelector - map: - fields: - - name: mode + - name: latestAvailableRevisionReason type: scalar: string - default: "" - - name: partial - type: - namedType: com.github.openshift.api.operator.v1.PartialSelector - unions: - - discriminator: mode - fields: - - fieldName: partial - discriminatorValue: Partial -- name: com.github.openshift.api.operator.v1.ManagedBootImages - map: - fields: - - name: machineManagers + - name: nodeStatuses type: list: elementType: - namedType: com.github.openshift.api.operator.v1.MachineManager + namedType: com.github.openshift.api.operator.v1.NodeStatus elementRelationship: associative keys: - - resource - - apiGroup -- name: com.github.openshift.api.operator.v1.NetFlowConfig - map: - fields: - - name: collectors + - nodeName + - name: observedGeneration type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.Network + scalar: numeric + - name: readyReplicas + type: + scalar: numeric + default: 0 + - name: version + type: + scalar: string +- name: com.github.openshift.api.operator.v1.KubeScheduler map: fields: - name: apiVersion @@ -2709,71 +2627,115 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.NetworkSpec + namedType: com.github.openshift.api.operator.v1.KubeSchedulerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.NetworkStatus + namedType: com.github.openshift.api.operator.v1.KubeSchedulerStatus default: {} -- name: com.github.openshift.api.operator.v1.NetworkMigration +- name: com.github.openshift.api.operator.v1.KubeSchedulerSpec map: fields: - - name: features + - name: failedRevisionLimit type: - namedType: com.github.openshift.api.operator.v1.FeaturesMigration - - name: mode + scalar: numeric + - name: forceRedeploymentReason type: scalar: string - - name: mtu + default: "" + - name: logLevel type: - namedType: com.github.openshift.api.operator.v1.MTUMigration - - name: networkType + scalar: string + - name: managementState type: scalar: string -- name: com.github.openshift.api.operator.v1.NetworkSpec + default: "" + - name: observedConfig + type: + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: operatorLogLevel + type: + scalar: string + - name: succeededRevisionLimit + type: + scalar: numeric + - name: unsupportedConfigOverrides + type: + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.KubeSchedulerStatus map: fields: - - name: additionalNetworks + - name: conditions type: list: elementType: - namedType: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition + namedType: com.github.openshift.api.operator.v1.OperatorCondition + elementRelationship: associative + keys: + - type + - name: generations + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.GenerationStatus elementRelationship: associative keys: + - group + - resource + - namespace - name - - name: additionalRoutingCapabilities + - name: latestAvailableRevision type: - namedType: com.github.openshift.api.operator.v1.AdditionalRoutingCapabilities - - name: clusterNetwork + scalar: numeric + - name: latestAvailableRevisionReason + type: + scalar: string + - name: nodeStatuses type: list: elementType: - namedType: com.github.openshift.api.operator.v1.ClusterNetworkEntry - elementRelationship: atomic - - name: defaultNetwork + namedType: com.github.openshift.api.operator.v1.NodeStatus + elementRelationship: associative + keys: + - nodeName + - name: observedGeneration type: - namedType: com.github.openshift.api.operator.v1.DefaultNetworkDefinition - default: {} - - name: deployKubeProxy + scalar: numeric + - name: readyReplicas type: - scalar: boolean - - name: disableMultiNetwork + scalar: numeric + default: 0 + - name: version type: - scalar: boolean - - name: disableNetworkDiagnostics + scalar: string +- name: com.github.openshift.api.operator.v1.KubeStorageVersionMigrator + map: + fields: + - name: apiVersion type: - scalar: boolean - default: false - - name: exportNetworkFlows + scalar: string + - name: kind type: - namedType: com.github.openshift.api.operator.v1.ExportNetworkFlows - - name: kubeProxyConfig + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorSpec + default: {} + - name: status type: - namedType: com.github.openshift.api.operator.v1.ProxyConfig + namedType: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorStatus + default: {} +- name: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorSpec + map: + fields: - name: logLevel type: scalar: string @@ -2781,28 +2743,16 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" - - name: migration - type: - namedType: com.github.openshift.api.operator.v1.NetworkMigration - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - - name: serviceNetwork - type: - list: - elementType: - scalar: string - elementRelationship: atomic - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ - - name: useMultiNetworkPolicy - type: - scalar: boolean -- name: com.github.openshift.api.operator.v1.NetworkStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorStatus map: fields: - name: conditions @@ -2837,123 +2787,35 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus - map: - fields: - - name: files - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile - elementRelationship: associative - keys: - - path - - name: sshkey - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey - default: {} - - name: units - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig - map: - fields: - - name: files - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile - elementRelationship: associative - keys: - - path - - name: sshkey - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey - default: {} - - name: units - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit - elementRelationship: associative - keys: - - name -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - map: - fields: - - name: reload - type: - namedType: com.github.openshift.api.operator.v1.ReloadService - - name: restart - type: - namedType: com.github.openshift.api.operator.v1.RestartService - - name: type - type: - scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: reload - discriminatorValue: Reload - - fieldName: restart - discriminatorValue: Restart -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile +- name: com.github.openshift.api.operator.v1.LoadBalancerStrategy map: fields: - - name: actions + - name: allowedSourceRanges type: list: elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction + scalar: string elementRelationship: atomic - - name: path + - name: dnsManagementPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit - map: - fields: - - name: actions + default: Managed + - name: providerParameters type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction - elementRelationship: atomic - - name: name + namedType: com.github.openshift.api.operator.v1.ProviderLoadBalancerParameters + - name: scope type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus - map: - fields: - - name: clusterPolicies - type: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus - default: {} -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction +- name: com.github.openshift.api.operator.v1.LoggingDestination map: fields: - - name: reload + - name: container type: - namedType: com.github.openshift.api.operator.v1.ReloadService - - name: restart + namedType: com.github.openshift.api.operator.v1.ContainerLoggingDestinationParameters + - name: syslog type: - namedType: com.github.openshift.api.operator.v1.RestartService + namedType: com.github.openshift.api.operator.v1.SyslogLoggingDestinationParameters - name: type type: scalar: string @@ -2961,104 +2823,44 @@ var schemaYAML = typed.YAMLObject(`types: unions: - discriminator: type fields: - - fieldName: reload - discriminatorValue: Reload - - fieldName: restart - discriminatorValue: Restart -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - elementRelationship: atomic - - name: path - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey - map: - fields: - - name: actions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit + - fieldName: container + discriminatorValue: Container + - fieldName: syslog + discriminatorValue: Syslog +- name: com.github.openshift.api.operator.v1.Logo map: fields: - - name: actions + - name: themes type: list: elementType: - namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction - elementRelationship: atomic - - name: name + namedType: com.github.openshift.api.operator.v1.Theme + elementRelationship: associative + keys: + - mode + - name: type type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.NodePlacement +- name: com.github.openshift.api.operator.v1.MTUMigration map: fields: - - name: nodeSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: tolerations + - name: machine type: - list: - elementType: - namedType: io.k8s.api.core.v1.Toleration - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.NodePortStrategy - map: - fields: - - name: protocol + namedType: com.github.openshift.api.operator.v1.MTUMigrationValues + - name: network type: - scalar: string -- name: com.github.openshift.api.operator.v1.NodeStatus + namedType: com.github.openshift.api.operator.v1.MTUMigrationValues +- name: com.github.openshift.api.operator.v1.MTUMigrationValues map: fields: - - name: currentRevision - type: - scalar: numeric - - name: lastFailedCount - type: - scalar: numeric - - name: lastFailedReason - type: - scalar: string - - name: lastFailedRevision - type: - scalar: numeric - - name: lastFailedRevisionErrors - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: lastFailedTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastFallbackCount - type: - scalar: numeric - - name: nodeName - type: - scalar: string - default: "" - - name: targetRevision + - name: from type: scalar: numeric -- name: com.github.openshift.api.operator.v1.OAuthAPIServerStatus - map: - fields: - - name: latestAvailableRevision + - name: to type: scalar: numeric -- name: com.github.openshift.api.operator.v1.OLM +- name: com.github.openshift.api.operator.v1.MachineConfiguration map: fields: - name: apiVersion @@ -3069,113 +2871,139 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.OLMSpec + namedType: com.github.openshift.api.operator.v1.MachineConfigurationSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.OLMStatus + namedType: com.github.openshift.api.operator.v1.MachineConfigurationStatus default: {} -- name: com.github.openshift.api.operator.v1.OLMSpec +- name: com.github.openshift.api.operator.v1.MachineConfigurationSpec map: fields: + - name: bootImageSkewEnforcement + type: + namedType: com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig + default: {} + - name: failedRevisionLimit + type: + scalar: numeric + - name: forceRedeploymentReason + type: + scalar: string + default: "" + - name: irreconcilableValidationOverrides + type: + namedType: com.github.openshift.api.operator.v1.IrreconcilableValidationOverrides + default: {} - name: logLevel type: scalar: string + - name: managedBootImages + type: + namedType: com.github.openshift.api.operator.v1.ManagedBootImages + default: {} - name: managementState type: scalar: string default: "" + - name: nodeDisruptionPolicy + type: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig + default: {} - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string + - name: succeededRevisionLimit + type: + scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.OLMStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.MachineConfigurationStatus map: fields: + - name: bootImageSkewEnforcementStatus + type: + namedType: com.github.openshift.api.operator.v1.BootImageSkewEnforcementStatus + default: {} - name: conditions type: list: elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type - - name: generations + - name: managedBootImagesStatus type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus - elementRelationship: associative - keys: - - group - - resource - - namespace - - name - - name: latestAvailableRevision + namedType: com.github.openshift.api.operator.v1.ManagedBootImages + default: {} + - name: nodeDisruptionPolicyStatus type: - scalar: numeric + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus + default: {} - name: observedGeneration type: scalar: numeric - - name: readyReplicas - type: - scalar: numeric - default: 0 - - name: version - type: - scalar: string -- name: com.github.openshift.api.operator.v1.OVNKubernetesConfig +- name: com.github.openshift.api.operator.v1.MachineManager map: fields: - - name: egressIPConfig - type: - namedType: com.github.openshift.api.operator.v1.EgressIPConfig - default: {} - - name: gatewayConfig - type: - namedType: com.github.openshift.api.operator.v1.GatewayConfig - - name: genevePort - type: - scalar: numeric - - name: hybridOverlayConfig - type: - namedType: com.github.openshift.api.operator.v1.HybridOverlayConfig - - name: ipsecConfig - type: - namedType: com.github.openshift.api.operator.v1.IPsecConfig - default: - mode: Disabled - - name: ipv4 - type: - namedType: com.github.openshift.api.operator.v1.IPv4OVNKubernetesConfig - - name: ipv6 + - name: apiGroup type: - namedType: com.github.openshift.api.operator.v1.IPv6OVNKubernetesConfig - - name: mtu + scalar: string + default: "" + - name: resource type: - scalar: numeric - - name: policyAuditConfig + scalar: string + default: "" + - name: selection type: - namedType: com.github.openshift.api.operator.v1.PolicyAuditConfig - - name: routeAdvertisements + namedType: com.github.openshift.api.operator.v1.MachineManagerSelector + default: {} +- name: com.github.openshift.api.operator.v1.MachineManagerSelector + map: + fields: + - name: mode type: scalar: string - - name: v4InternalSubnet + default: "" + - name: partial type: - scalar: string - - name: v6InternalSubnet + namedType: com.github.openshift.api.operator.v1.PartialSelector + unions: + - discriminator: mode + fields: + - fieldName: partial + discriminatorValue: Partial +- name: com.github.openshift.api.operator.v1.ManagedBootImages + map: + fields: + - name: machineManagers type: - scalar: string -- name: com.github.openshift.api.operator.v1.OpenShiftAPIServer + list: + elementType: + namedType: com.github.openshift.api.operator.v1.MachineManager + elementRelationship: associative + keys: + - resource + - apiGroup +- name: com.github.openshift.api.operator.v1.NetFlowConfig + map: + fields: + - name: collectors + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.Network map: fields: - name: apiVersion @@ -3186,94 +3014,71 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.OpenShiftAPIServerSpec + namedType: com.github.openshift.api.operator.v1.NetworkSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.OpenShiftAPIServerStatus + namedType: com.github.openshift.api.operator.v1.NetworkStatus default: {} -- name: com.github.openshift.api.operator.v1.OpenShiftAPIServerSpec +- name: com.github.openshift.api.operator.v1.NetworkMigration map: fields: - - name: logLevel + - name: features type: - scalar: string - - name: managementState + namedType: com.github.openshift.api.operator.v1.FeaturesMigration + - name: mode type: scalar: string - default: "" - - name: observedConfig + - name: mtu type: - namedType: __untyped_atomic_ - - name: operatorLogLevel + namedType: com.github.openshift.api.operator.v1.MTUMigration + - name: networkType type: scalar: string - - name: unsupportedConfigOverrides - type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.OpenShiftAPIServerStatus +- name: com.github.openshift.api.operator.v1.NetworkSpec map: fields: - - name: conditions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type - - name: generations + - name: additionalNetworks type: list: elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus + namedType: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition elementRelationship: associative keys: - - group - - resource - - namespace - name - - name: latestAvailableRevision - type: - scalar: numeric - - name: observedGeneration + - name: additionalRoutingCapabilities type: - scalar: numeric - - name: readyReplicas + namedType: com.github.openshift.api.operator.v1.AdditionalRoutingCapabilities + - name: clusterNetwork type: - scalar: numeric - default: 0 - - name: version + list: + elementType: + namedType: com.github.openshift.api.operator.v1.ClusterNetworkEntry + elementRelationship: atomic + - name: defaultNetwork type: - scalar: string -- name: com.github.openshift.api.operator.v1.OpenShiftControllerManager - map: - fields: - - name: apiVersion + namedType: com.github.openshift.api.operator.v1.DefaultNetworkDefinition + default: {} + - name: deployKubeProxy type: - scalar: string - - name: kind + scalar: boolean + - name: disableMultiNetwork type: - scalar: string - - name: metadata + scalar: boolean + - name: disableNetworkDiagnostics type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: boolean + default: false + - name: exportNetworkFlows type: - namedType: com.github.openshift.api.operator.v1.OpenShiftControllerManagerSpec - default: {} - - name: status + namedType: com.github.openshift.api.operator.v1.ExportNetworkFlows + - name: kubeProxyConfig type: - namedType: com.github.openshift.api.operator.v1.OpenShiftControllerManagerStatus - default: {} -- name: com.github.openshift.api.operator.v1.OpenShiftControllerManagerSpec - map: - fields: + namedType: com.github.openshift.api.operator.v1.ProxyConfig - name: logLevel type: scalar: string @@ -3281,16 +3086,28 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" + - name: migration + type: + namedType: com.github.openshift.api.operator.v1.NetworkMigration - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string + - name: serviceNetwork + type: + list: + elementType: + scalar: string + elementRelationship: atomic - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.OpenShiftControllerManagerStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: useMultiNetworkPolicy + type: + scalar: boolean +- name: com.github.openshift.api.operator.v1.NetworkStatus map: fields: - name: conditions @@ -3320,157 +3137,137 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: readyReplicas type: - scalar: numeric - default: 0 - - name: version - type: - scalar: string -- name: com.github.openshift.api.operator.v1.OpenShiftSDNConfig - map: - fields: - - name: enableUnidling - type: - scalar: boolean - - name: mode - type: - scalar: string - default: "" - - name: mtu - type: - scalar: numeric - - name: useExternalOpenvswitch - type: - scalar: boolean - - name: vxlanPort - type: - scalar: numeric -- name: com.github.openshift.api.operator.v1.OpenStackLoadBalancerParameters - map: - fields: - - name: floatingIP - type: - scalar: string -- name: com.github.openshift.api.operator.v1.OperatorCondition - map: - fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message - type: - scalar: string - - name: reason - type: + scalar: numeric + default: 0 + - name: version + type: scalar: string - - name: status +- name: com.github.openshift.api.operator.v1.NoOverlayConfig + map: + fields: + - name: outboundSNAT type: scalar: string - default: "" - - name: type + - name: routing type: scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.PartialSelector +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus map: fields: - - name: machineResourceSelector + - name: files type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector -- name: com.github.openshift.api.operator.v1.Perspective + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile + elementRelationship: associative + keys: + - path + - name: sshkey + type: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey + default: {} + - name: units + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyConfig map: fields: - - name: id - type: - scalar: string - default: "" - - name: pinnedResources + - name: files type: list: elementType: - namedType: com.github.openshift.api.operator.v1.PinnedResourceReference - elementRelationship: atomic - - name: visibility + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile + elementRelationship: associative + keys: + - path + - name: sshkey type: - namedType: com.github.openshift.api.operator.v1.PerspectiveVisibility + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey default: {} -- name: com.github.openshift.api.operator.v1.PerspectiveVisibility + - name: units + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit + elementRelationship: associative + keys: + - name +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction map: fields: - - name: accessReview + - name: reload type: - namedType: com.github.openshift.api.operator.v1.ResourceAttributesAccessReview - - name: state + namedType: com.github.openshift.api.operator.v1.ReloadService + - name: restart + type: + namedType: com.github.openshift.api.operator.v1.RestartService + - name: type type: scalar: string default: "" unions: - - discriminator: state + - discriminator: type fields: - - fieldName: accessReview - discriminatorValue: AccessReview -- name: com.github.openshift.api.operator.v1.PinnedResourceReference + - fieldName: reload + discriminatorValue: Reload + - fieldName: restart + discriminatorValue: Restart +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecFile map: fields: - - name: group - type: - scalar: string - default: "" - - name: resource + - name: actions type: - scalar: string - default: "" - - name: version + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction + elementRelationship: atomic + - name: path type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.PolicyAuditConfig - map: - fields: - - name: destination - type: - scalar: string - - name: maxFileSize - type: - scalar: numeric - - name: maxLogFiles - type: - scalar: numeric - - name: rateLimit - type: - scalar: numeric - - name: syslogFacility - type: - scalar: string -- name: com.github.openshift.api.operator.v1.PrivateStrategy +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecSSHKey map: fields: - - name: protocol + - name: actions type: - scalar: string -- name: com.github.openshift.api.operator.v1.ProjectAccess + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecUnit map: fields: - - name: availableClusterRoles + - name: actions type: list: elementType: - scalar: string + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicySpecAction elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.ProviderLoadBalancerParameters + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatus map: fields: - - name: aws - type: - namedType: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters - - name: gcp + - name: clusterPolicies type: - namedType: com.github.openshift.api.operator.v1.GCPLoadBalancerParameters - - name: ibm + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus + default: {} +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction + map: + fields: + - name: reload type: - namedType: com.github.openshift.api.operator.v1.IBMLoadBalancerParameters - - name: openstack + namedType: com.github.openshift.api.operator.v1.ReloadService + - name: restart type: - namedType: com.github.openshift.api.operator.v1.OpenStackLoadBalancerParameters + namedType: com.github.openshift.api.operator.v1.RestartService - name: type type: scalar: string @@ -3478,115 +3275,104 @@ var schemaYAML = typed.YAMLObject(`types: unions: - discriminator: type fields: - - fieldName: aws - discriminatorValue: AWS - - fieldName: gcp - discriminatorValue: GCP - - fieldName: ibm - discriminatorValue: IBM - - fieldName: openstack - discriminatorValue: OpenStack -- name: com.github.openshift.api.operator.v1.ProxyConfig + - fieldName: reload + discriminatorValue: Reload + - fieldName: restart + discriminatorValue: Restart +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusFile map: fields: - - name: bindAddress + - name: actions type: - scalar: string - - name: iptablesSyncPeriod + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction + elementRelationship: atomic + - name: path type: scalar: string - - name: proxyArguments - type: - map: - elementType: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.QuickStarts + default: "" +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusSSHKey map: fields: - - name: disabled + - name: actions type: list: elementType: - scalar: string + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.ReloadService +- name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusUnit map: fields: - - name: serviceName + - name: actions + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.NodeDisruptionPolicyStatusAction + elementRelationship: atomic + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.ResourceAttributesAccessReview +- name: com.github.openshift.api.operator.v1.NodePlacement map: fields: - - name: missing + - name: nodeSelector type: - list: - elementType: - namedType: io.k8s.api.authorization.v1.ResourceAttributes - elementRelationship: atomic - - name: required + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: tolerations type: list: elementType: - namedType: io.k8s.api.authorization.v1.ResourceAttributes + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.RestartService +- name: com.github.openshift.api.operator.v1.NodePortStrategy map: fields: - - name: serviceName + - name: protocol type: scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.RouteAdmissionPolicy +- name: com.github.openshift.api.operator.v1.NodeStatus map: fields: - - name: namespaceOwnership + - name: currentRevision type: - scalar: string - - name: wildcardPolicy + scalar: numeric + - name: lastFailedCount + type: + scalar: numeric + - name: lastFailedReason type: scalar: string -- name: com.github.openshift.api.operator.v1.SFlowConfig - map: - fields: - - name: collectors + - name: lastFailedRevision + type: + scalar: numeric + - name: lastFailedRevisionErrors type: list: elementType: scalar: string elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.Server - map: - fields: - - name: forwardPlugin + - name: lastFailedTime type: - namedType: com.github.openshift.api.operator.v1.ForwardPlugin - default: {} - - name: name + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastFallbackCount + type: + scalar: numeric + - name: nodeName type: scalar: string default: "" - - name: zones + - name: targetRevision type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.ServiceAccountIssuerStatus + scalar: numeric +- name: com.github.openshift.api.operator.v1.OAuthAPIServerStatus map: fields: - - name: expirationTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: name + - name: latestAvailableRevision type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.ServiceCA + scalar: numeric +- name: com.github.openshift.api.operator.v1.OLM map: fields: - name: apiVersion @@ -3597,17 +3383,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.ServiceCASpec + namedType: com.github.openshift.api.operator.v1.OLMSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.ServiceCAStatus + namedType: com.github.openshift.api.operator.v1.OLMStatus default: {} -- name: com.github.openshift.api.operator.v1.ServiceCASpec +- name: com.github.openshift.api.operator.v1.OLMSpec map: fields: - name: logLevel @@ -3619,14 +3405,14 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.ServiceCAStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.OLMStatus map: fields: - name: conditions @@ -3661,7 +3447,60 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServer +- name: com.github.openshift.api.operator.v1.OVNKubernetesConfig + map: + fields: + - name: bgpManagedConfig + type: + namedType: com.github.openshift.api.operator.v1.BGPManagedConfig + default: {} + - name: egressIPConfig + type: + namedType: com.github.openshift.api.operator.v1.EgressIPConfig + default: {} + - name: gatewayConfig + type: + namedType: com.github.openshift.api.operator.v1.GatewayConfig + - name: genevePort + type: + scalar: numeric + - name: hybridOverlayConfig + type: + namedType: com.github.openshift.api.operator.v1.HybridOverlayConfig + - name: ipsecConfig + type: + namedType: com.github.openshift.api.operator.v1.IPsecConfig + default: + mode: Disabled + - name: ipv4 + type: + namedType: com.github.openshift.api.operator.v1.IPv4OVNKubernetesConfig + - name: ipv6 + type: + namedType: com.github.openshift.api.operator.v1.IPv6OVNKubernetesConfig + - name: mtu + type: + scalar: numeric + - name: noOverlayConfig + type: + namedType: com.github.openshift.api.operator.v1.NoOverlayConfig + default: {} + - name: policyAuditConfig + type: + namedType: com.github.openshift.api.operator.v1.PolicyAuditConfig + - name: routeAdvertisements + type: + scalar: string + - name: transport + type: + scalar: string + - name: v4InternalSubnet + type: + scalar: string + - name: v6InternalSubnet + type: + scalar: string +- name: com.github.openshift.api.operator.v1.OpenShiftAPIServer map: fields: - name: apiVersion @@ -3672,17 +3511,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerSpec + namedType: com.github.openshift.api.operator.v1.OpenShiftAPIServerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerStatus + namedType: com.github.openshift.api.operator.v1.OpenShiftAPIServerStatus default: {} -- name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerSpec +- name: com.github.openshift.api.operator.v1.OpenShiftAPIServerSpec map: fields: - name: logLevel @@ -3694,14 +3533,14 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.OpenShiftAPIServerStatus map: fields: - name: conditions @@ -3736,7 +3575,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManager +- name: com.github.openshift.api.operator.v1.OpenShiftControllerManager map: fields: - name: apiVersion @@ -3747,17 +3586,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerSpec + namedType: com.github.openshift.api.operator.v1.OpenShiftControllerManagerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerStatus + namedType: com.github.openshift.api.operator.v1.OpenShiftControllerManagerStatus default: {} -- name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerSpec +- name: com.github.openshift.api.operator.v1.OpenShiftControllerManagerSpec map: fields: - name: logLevel @@ -3769,14 +3608,14 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.OpenShiftControllerManagerStatus map: fields: - name: conditions @@ -3811,85 +3650,268 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.SimpleMacvlanConfig +- name: com.github.openshift.api.operator.v1.OpenShiftSDNConfig map: fields: - - name: ipamConfig - type: - namedType: com.github.openshift.api.operator.v1.IPAMConfig - - name: master + - name: enableUnidling type: - scalar: string + scalar: boolean - name: mode type: scalar: string + default: "" - name: mtu type: - scalar: numeric -- name: com.github.openshift.api.operator.v1.StaticIPAMAddresses + scalar: numeric + - name: useExternalOpenvswitch + type: + scalar: boolean + - name: vxlanPort + type: + scalar: numeric +- name: com.github.openshift.api.operator.v1.OpenStackLoadBalancerParameters + map: + fields: + - name: floatingIP + type: + scalar: string +- name: com.github.openshift.api.operator.v1.OperatorCondition + map: + fields: + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message + type: + scalar: string + - name: reason + type: + scalar: string + - name: status + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.PartialSelector + map: + fields: + - name: machineResourceSelector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.Perspective + map: + fields: + - name: id + type: + scalar: string + default: "" + - name: pinnedResources + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.PinnedResourceReference + elementRelationship: atomic + - name: visibility + type: + namedType: com.github.openshift.api.operator.v1.PerspectiveVisibility + default: {} +- name: com.github.openshift.api.operator.v1.PerspectiveVisibility + map: + fields: + - name: accessReview + type: + namedType: com.github.openshift.api.operator.v1.ResourceAttributesAccessReview + - name: state + type: + scalar: string + default: "" + unions: + - discriminator: state + fields: + - fieldName: accessReview + discriminatorValue: AccessReview +- name: com.github.openshift.api.operator.v1.PinnedResourceReference + map: + fields: + - name: group + type: + scalar: string + default: "" + - name: resource + type: + scalar: string + default: "" + - name: version + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.PolicyAuditConfig + map: + fields: + - name: destination + type: + scalar: string + - name: maxFileSize + type: + scalar: numeric + - name: maxLogFiles + type: + scalar: numeric + - name: rateLimit + type: + scalar: numeric + - name: syslogFacility + type: + scalar: string +- name: com.github.openshift.api.operator.v1.PrivateStrategy + map: + fields: + - name: protocol + type: + scalar: string +- name: com.github.openshift.api.operator.v1.ProjectAccess + map: + fields: + - name: availableClusterRoles + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.ProviderLoadBalancerParameters + map: + fields: + - name: aws + type: + namedType: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters + - name: gcp + type: + namedType: com.github.openshift.api.operator.v1.GCPLoadBalancerParameters + - name: ibm + type: + namedType: com.github.openshift.api.operator.v1.IBMLoadBalancerParameters + - name: openstack + type: + namedType: com.github.openshift.api.operator.v1.OpenStackLoadBalancerParameters + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type + fields: + - fieldName: aws + discriminatorValue: AWS + - fieldName: gcp + discriminatorValue: GCP + - fieldName: ibm + discriminatorValue: IBM + - fieldName: openstack + discriminatorValue: OpenStack +- name: com.github.openshift.api.operator.v1.ProxyConfig + map: + fields: + - name: bindAddress + type: + scalar: string + - name: iptablesSyncPeriod + type: + scalar: string + - name: proxyArguments + type: + map: + elementType: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.QuickStarts + map: + fields: + - name: disabled + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.ReloadService map: fields: - - name: address + - name: serviceName type: scalar: string default: "" - - name: gateway - type: - scalar: string -- name: com.github.openshift.api.operator.v1.StaticIPAMConfig +- name: com.github.openshift.api.operator.v1.ResourceAttributesAccessReview map: fields: - - name: addresses + - name: missing type: list: elementType: - namedType: com.github.openshift.api.operator.v1.StaticIPAMAddresses + namedType: ResourceAttributes.v1.authorization.api.k8s.io elementRelationship: atomic - - name: dns - type: - namedType: com.github.openshift.api.operator.v1.StaticIPAMDNS - - name: routes + - name: required type: list: elementType: - namedType: com.github.openshift.api.operator.v1.StaticIPAMRoutes + namedType: ResourceAttributes.v1.authorization.api.k8s.io elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.StaticIPAMDNS +- name: com.github.openshift.api.operator.v1.RestartService map: fields: - - name: domain + - name: serviceName type: scalar: string - - name: nameservers + default: "" +- name: com.github.openshift.api.operator.v1.RouteAdmissionPolicy + map: + fields: + - name: namespaceOwnership type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: search + scalar: string + - name: wildcardPolicy + type: + scalar: string +- name: com.github.openshift.api.operator.v1.SFlowConfig + map: + fields: + - name: collectors type: list: elementType: scalar: string elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.StaticIPAMRoutes +- name: com.github.openshift.api.operator.v1.Server map: fields: - - name: destination + - name: forwardPlugin + type: + namedType: com.github.openshift.api.operator.v1.ForwardPlugin + default: {} + - name: name type: scalar: string default: "" - - name: gateway + - name: zones type: - scalar: string -- name: com.github.openshift.api.operator.v1.StatuspageProvider + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.ServiceAccountIssuerStatus map: fields: - - name: pageID + - name: expirationTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1.Storage +- name: com.github.openshift.api.operator.v1.ServiceCA map: fields: - name: apiVersion @@ -3900,17 +3922,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1.StorageSpec + namedType: com.github.openshift.api.operator.v1.ServiceCASpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1.StorageStatus + namedType: com.github.openshift.api.operator.v1.ServiceCAStatus default: {} -- name: com.github.openshift.api.operator.v1.StorageSpec +- name: com.github.openshift.api.operator.v1.ServiceCASpec map: fields: - name: logLevel @@ -3922,18 +3944,14 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ - - name: vsphereStorageDriver - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.StorageStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.ServiceCAStatus map: fields: - name: conditions @@ -3968,178 +3986,82 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1.SyslogLoggingDestinationParameters +- name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServer map: fields: - - name: address - type: - scalar: string - default: "" - - name: facility + - name: apiVersion type: scalar: string - - name: maxLength - type: - scalar: numeric - - name: port - type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.operator.v1.Theme - map: - fields: - - name: mode + - name: kind type: scalar: string - default: "" - - name: source + - name: metadata type: - namedType: com.github.openshift.api.operator.v1.FileReferenceSource + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} -- name: com.github.openshift.api.operator.v1.Upstream - map: - fields: - - name: address - type: - scalar: string - - name: port - type: - scalar: numeric - - name: type - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1.UpstreamResolvers - map: - fields: - - name: policy - type: - scalar: string - - name: protocolStrategy - type: - scalar: string - default: "" - - name: transportConfig + - name: spec type: - namedType: com.github.openshift.api.operator.v1.DNSTransportConfig + namedType: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerSpec default: {} - - name: upstreams - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.Upstream - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.VSphereCSIDriverConfigSpec - map: - fields: - - name: globalMaxSnapshotsPerBlockVolume - type: - scalar: numeric - - name: granularMaxSnapshotsPerBlockVolumeInVSAN - type: - scalar: numeric - - name: granularMaxSnapshotsPerBlockVolumeInVVOL - type: - scalar: numeric - - name: maxAllowedBlockVolumesPerNode - type: - scalar: numeric - - name: topologyCategories + - name: status type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1alpha1.BackupJobReference + namedType: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerStatus + default: {} +- name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerSpec map: fields: - - name: name + - name: logLevel type: scalar: string - default: "" - - name: namespace + - name: managementState type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1alpha1.ClusterAPI - map: - fields: - - name: apiVersion + - name: observedConfig type: - scalar: string - - name: kind + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: operatorLogLevel type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec - default: {} - - name: status + - name: unsupportedConfigOverrides type: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus - default: {} -- name: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerStatus map: fields: - - name: unmanagedCustomResourceDefinitions + - name: conditions type: list: elementType: - scalar: string + namedType: com.github.openshift.api.operator.v1.OperatorCondition elementRelationship: associative -- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus - map: - fields: - - name: activeConfigMaps - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: targetConfigMaps + keys: + - type + - name: generations type: list: elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperator - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus - default: {} -- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec - map: - fields: - - name: operatorLogLevel + namedType: com.github.openshift.api.operator.v1.GenerationStatus + elementRelationship: associative + keys: + - group + - resource + - namespace + - name + - name: latestAvailableRevision type: - scalar: string -- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus - map: - fields: + scalar: numeric - name: observedGeneration type: scalar: numeric -- name: com.github.openshift.api.operator.v1alpha1.EtcdBackup + - name: readyReplicas + type: + scalar: numeric + default: 0 + - name: version + type: + scalar: string +- name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManager map: fields: - name: apiVersion @@ -4150,64 +4072,149 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec + namedType: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus + namedType: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerStatus default: {} -- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec +- name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerSpec map: fields: - - name: pvcName + - name: logLevel + type: + scalar: string + - name: managementState type: scalar: string default: "" -- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus + - name: observedConfig + type: + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: operatorLogLevel + type: + scalar: string + - name: unsupportedConfigOverrides + type: + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerStatus map: fields: - - name: backupJob - type: - namedType: com.github.openshift.api.operator.v1alpha1.BackupJobReference - name: conditions type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: com.github.openshift.api.operator.v1.OperatorCondition elementRelationship: associative keys: - type -- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicy + - name: generations + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.GenerationStatus + elementRelationship: associative + keys: + - group + - resource + - namespace + - name + - name: latestAvailableRevision + type: + scalar: numeric + - name: observedGeneration + type: + scalar: numeric + - name: readyReplicas + type: + scalar: numeric + default: 0 + - name: version + type: + scalar: string +- name: com.github.openshift.api.operator.v1.SimpleMacvlanConfig map: fields: - - name: apiVersion + - name: ipamConfig + type: + namedType: com.github.openshift.api.operator.v1.IPAMConfig + - name: master type: scalar: string - - name: kind + - name: mode type: scalar: string - - name: metadata + - name: mtu type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: numeric +- name: com.github.openshift.api.operator.v1.StaticIPAMAddresses + map: + fields: + - name: address type: - namedType: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec - default: {} -- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec + scalar: string + default: "" + - name: gateway + type: + scalar: string +- name: com.github.openshift.api.operator.v1.StaticIPAMConfig map: fields: - - name: repositoryDigestMirrors + - name: addresses type: list: elementType: - namedType: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors + namedType: com.github.openshift.api.operator.v1.StaticIPAMAddresses elementRelationship: atomic -- name: com.github.openshift.api.operator.v1alpha1.OLM + - name: dns + type: + namedType: com.github.openshift.api.operator.v1.StaticIPAMDNS + - name: routes + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.StaticIPAMRoutes + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.StaticIPAMDNS + map: + fields: + - name: domain + type: + scalar: string + - name: nameservers + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: search + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.StaticIPAMRoutes + map: + fields: + - name: destination + type: + scalar: string + default: "" + - name: gateway + type: + scalar: string +- name: com.github.openshift.api.operator.v1.StatuspageProvider + map: + fields: + - name: pageID + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.Storage map: fields: - name: apiVersion @@ -4218,17 +4225,17 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.operator.v1alpha1.OLMSpec + namedType: com.github.openshift.api.operator.v1.StorageSpec default: {} - name: status type: - namedType: com.github.openshift.api.operator.v1alpha1.OLMStatus + namedType: com.github.openshift.api.operator.v1.StorageStatus default: {} -- name: com.github.openshift.api.operator.v1alpha1.OLMSpec +- name: com.github.openshift.api.operator.v1.StorageSpec map: fields: - name: logLevel @@ -4240,14 +4247,18 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1alpha1.OLMStatus + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: vsphereStorageDriver + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1.StorageStatus map: fields: - name: conditions @@ -4282,314 +4293,381 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string -- name: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors +- name: com.github.openshift.api.operator.v1.SyslogLoggingDestinationParameters map: fields: - - name: mirrors - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: source + - name: address type: scalar: string default: "" -- name: io.k8s.api.authorization.v1.FieldSelectorAttributes - map: - fields: - - name: rawSelector + - name: facility type: scalar: string - - name: requirements + - name: maxLength type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldSelectorRequirement - elementRelationship: atomic -- name: io.k8s.api.authorization.v1.LabelSelectorAttributes + scalar: numeric + - name: port + type: + scalar: numeric + default: 0 +- name: com.github.openshift.api.operator.v1.Theme map: fields: - - name: rawSelector + - name: mode type: scalar: string - - name: requirements + default: "" + - name: source type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic -- name: io.k8s.api.authorization.v1.ResourceAttributes + namedType: com.github.openshift.api.operator.v1.FileReferenceSource + default: {} +- name: com.github.openshift.api.operator.v1.Upstream map: fields: - - name: fieldSelector - type: - namedType: io.k8s.api.authorization.v1.FieldSelectorAttributes - - name: group + - name: address type: scalar: string - - name: labelSelector + - name: port type: - namedType: io.k8s.api.authorization.v1.LabelSelectorAttributes - - name: name + scalar: numeric + - name: type type: scalar: string - - name: namespace + default: "" +- name: com.github.openshift.api.operator.v1.UpstreamResolvers + map: + fields: + - name: policy type: scalar: string - - name: resource + - name: protocolStrategy type: scalar: string - - name: subresource + default: "" + - name: transportConfig type: - scalar: string - - name: verb + namedType: com.github.openshift.api.operator.v1.DNSTransportConfig + default: {} + - name: upstreams type: - scalar: string - - name: version + list: + elementType: + namedType: com.github.openshift.api.operator.v1.Upstream + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.VSphereCSIDriverConfigSpec + map: + fields: + - name: globalMaxSnapshotsPerBlockVolume type: - scalar: string -- name: io.k8s.api.core.v1.LocalObjectReference + scalar: numeric + - name: granularMaxSnapshotsPerBlockVolumeInVSAN + type: + scalar: numeric + - name: granularMaxSnapshotsPerBlockVolumeInVVOL + type: + scalar: numeric + - name: maxAllowedBlockVolumesPerNode + type: + scalar: numeric + - name: topologyCategories + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1alpha1.BackupJobReference map: fields: - name: name type: scalar: string default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.Toleration + - name: namespace + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPI map: fields: - - name: effect + - name: apiVersion type: scalar: string - - name: key + - name: kind type: scalar: string - - name: operator + - name: metadata type: - scalar: string - - name: tolerationSeconds + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - scalar: numeric - - name: value + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec + - name: status + type: + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponent + map: + fields: + - name: image + type: + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponentImage + default: {} + - name: type type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + unions: + - discriminator: type + fields: + - fieldName: image + discriminatorValue: Image +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponentImage map: fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message - type: - scalar: string - default: "" - - name: observedGeneration - type: - scalar: numeric - - name: reason - type: - scalar: string - default: "" - - name: status + - name: profile type: scalar: string - default: "" - - name: type + - name: ref type: scalar: string - default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldSelectorRequirement +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevision map: fields: - - name: key + - name: components + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponent + elementRelationship: atomic + - name: contentID type: scalar: string - default: "" - - name: operator + - name: name type: scalar: string - default: "" - - name: values + - name: revision + type: + scalar: numeric + - name: unmanagedCustomResourceDefinitions type: list: elementType: scalar: string elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec map: fields: - - name: matchExpressions + - name: unmanagedCustomResourceDefinitions type: list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels - type: - map: elementType: scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + elementRelationship: associative +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus map: fields: - - name: key + - name: currentRevision type: scalar: string - default: "" - - name: operator + - name: desiredRevision type: scalar: string - default: "" - - name: values + - name: revisions type: list: elementType: - scalar: string + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevision elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry +- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperator map: fields: - name: apiVersion type: scalar: string - - name: fieldsType + - name: kind type: scalar: string - - name: fieldsV1 + - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - scalar: string - - name: operation + namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec + default: {} + - name: status type: - scalar: string - - name: subresource + namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec + map: + fields: + - name: operatorLogLevel type: scalar: string - - name: time +- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus + map: + fields: + - name: observedGeneration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + scalar: numeric +- name: com.github.openshift.api.operator.v1alpha1.EtcdBackup map: fields: - - name: annotations + - name: apiVersion type: - map: - elementType: - scalar: string - - name: creationTimestamp + scalar: string + - name: kind type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds + scalar: string + - name: metadata type: - scalar: numeric - - name: deletionTimestamp + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec + map: + fields: + - name: pvcName + type: + scalar: string + default: "" +- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus + map: + fields: + - name: backupJob + type: + namedType: com.github.openshift.api.operator.v1alpha1.BackupJobReference + - name: conditions type: list: elementType: - scalar: string + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative - - name: generateName + keys: + - type +- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicy + map: + fields: + - name: apiVersion type: scalar: string - - name: generation + - name: kind type: - scalar: numeric - - name: labels + scalar: string + - name: metadata type: - map: - elementType: - scalar: string - - name: managedFields + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec + default: {} +- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec + map: + fields: + - name: repositoryDigestMirrors type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + namedType: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors elementRelationship: atomic - - name: name +- name: com.github.openshift.api.operator.v1alpha1.OLM + map: + fields: + - name: apiVersion type: scalar: string - - name: namespace + - name: kind type: scalar: string - - name: ownerReferences + - name: metadata type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.operator.v1alpha1.OLMSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.operator.v1alpha1.OLMStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.OLMSpec + map: + fields: + - name: logLevel type: scalar: string - - name: selfLink + - name: managementState type: scalar: string - - name: uid + default: "" + - name: observedConfig + type: + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: operatorLogLevel type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + - name: unsupportedConfigOverrides + type: + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1alpha1.OLMStatus map: fields: - - name: apiVersion + - name: conditions type: - scalar: string - default: "" - - name: blockOwnerDeletion + list: + elementType: + namedType: com.github.openshift.api.operator.v1.OperatorCondition + elementRelationship: associative + keys: + - type + - name: generations type: - scalar: boolean - - name: controller + list: + elementType: + namedType: com.github.openshift.api.operator.v1.GenerationStatus + elementRelationship: associative + keys: + - group + - resource + - namespace + - name + - name: latestAvailableRevision type: - scalar: boolean - - name: kind + scalar: numeric + - name: observedGeneration type: - scalar: string - default: "" - - name: name + scalar: numeric + - name: readyReplicas + type: + scalar: numeric + default: 0 + - name: version type: scalar: string - default: "" - - name: uid +- name: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors + map: + fields: + - name: mirrors + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: source type: scalar: string default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go new file mode 100644 index 0000000000..071ac3fc23 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// BGPManagedConfigApplyConfiguration represents a declarative configuration of the BGPManagedConfig type for use +// with apply. +// +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfigApplyConfiguration struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + ASNumber *int64 `json:"asNumber,omitempty"` + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node peers directly with every other node via BGP. + // This field is required when BGPManagedConfig is specified. + BGPTopology *operatorv1.BGPTopology `json:"bgpTopology,omitempty"` +} + +// BGPManagedConfigApplyConfiguration constructs a declarative configuration of the BGPManagedConfig type for use with +// apply. +func BGPManagedConfig() *BGPManagedConfigApplyConfiguration { + return &BGPManagedConfigApplyConfiguration{} +} + +// WithASNumber sets the ASNumber field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ASNumber field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithASNumber(value int64) *BGPManagedConfigApplyConfiguration { + b.ASNumber = &value + return b +} + +// WithBGPTopology sets the BGPTopology field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPTopology field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithBGPTopology(value operatorv1.BGPTopology) *BGPManagedConfigApplyConfiguration { + b.BGPTopology = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go new file mode 100644 index 0000000000..0feb3009ea --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go @@ -0,0 +1,50 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// NoOverlayConfigApplyConfiguration represents a declarative configuration of the NoOverlayConfig type for use +// with apply. +// +// NoOverlayConfig contains configuration options for networks operating in no-overlay mode. +type NoOverlayConfigApplyConfiguration struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // This field can be set to any value at installation time and can be changed afterwards. + OutboundSNAT *operatorv1.SNATOption `json:"outboundSNAT,omitempty"` + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // This field is immutable once set. + Routing *operatorv1.RoutingOption `json:"routing,omitempty"` +} + +// NoOverlayConfigApplyConfiguration constructs a declarative configuration of the NoOverlayConfig type for use with +// apply. +func NoOverlayConfig() *NoOverlayConfigApplyConfiguration { + return &NoOverlayConfigApplyConfiguration{} +} + +// WithOutboundSNAT sets the OutboundSNAT field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OutboundSNAT field is set to the value of the last call. +func (b *NoOverlayConfigApplyConfiguration) WithOutboundSNAT(value operatorv1.SNATOption) *NoOverlayConfigApplyConfiguration { + b.OutboundSNAT = &value + return b +} + +// WithRouting sets the Routing field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Routing field is set to the value of the last call. +func (b *NoOverlayConfigApplyConfiguration) WithRouting(value operatorv1.RoutingOption) *NoOverlayConfigApplyConfiguration { + b.Routing = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go index 6a2d864421..ead45f83b5 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go @@ -62,6 +62,27 @@ type OVNKubernetesConfigApplyConfiguration struct { // reasonable defaults. These defaults are subject to change over time. The // current default is "Disabled". RouteAdvertisements *operatorv1.RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + // transport sets the transport mode for pods on the default network. + // Allowed values are "NoOverlay" and "Geneve". + // "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + // "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + // When omitted, this means the user has no opinion and the platform chooses + // a reasonable default which is subject to change over time. + // The current default is "Geneve". + // "NoOverlay" can only be set at installation time and cannot be changed afterwards. + // "Geneve" may be set explicitly at any time to lock in the current default. + Transport *operatorv1.TransportOption `json:"transport,omitempty"` + // noOverlayConfig contains configuration for no-overlay mode. + // This configuration applies to the default network only. + // It is required when transport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + NoOverlayConfig *NoOverlayConfigApplyConfiguration `json:"noOverlayConfig,omitempty"` + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + // It is required when noOverlayConfig.routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // This field can be set at installation time or on day 2, and can be modified at any time. + BGPManagedConfig *BGPManagedConfigApplyConfiguration `json:"bgpManagedConfig,omitempty"` } // OVNKubernetesConfigApplyConfiguration constructs a declarative configuration of the OVNKubernetesConfig type for use with @@ -165,3 +186,27 @@ func (b *OVNKubernetesConfigApplyConfiguration) WithRouteAdvertisements(value op b.RouteAdvertisements = &value return b } + +// WithTransport sets the Transport field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Transport field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithTransport(value operatorv1.TransportOption) *OVNKubernetesConfigApplyConfiguration { + b.Transport = &value + return b +} + +// WithNoOverlayConfig sets the NoOverlayConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NoOverlayConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithNoOverlayConfig(value *NoOverlayConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.NoOverlayConfig = value + return b +} + +// WithBGPManagedConfig sets the BGPManagedConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPManagedConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithBGPManagedConfig(value *BGPManagedConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.BGPManagedConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go index 3d08f40d09..08dc16ab31 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/utils.go @@ -50,6 +50,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.AzureCSIDriverConfigSpecApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("AzureDiskEncryptionSet"): return &operatorv1.AzureDiskEncryptionSetApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BGPManagedConfig"): + return &operatorv1.BGPManagedConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BootImageSkewEnforcementConfig"): return &operatorv1.BootImageSkewEnforcementConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("BootImageSkewEnforcementStatus"): @@ -318,6 +320,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &operatorv1.NodePortStrategyApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("NodeStatus"): return &operatorv1.NodeStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NoOverlayConfig"): + return &operatorv1.NoOverlayConfigApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("OAuthAPIServerStatus"): return &operatorv1.OAuthAPIServerStatusApplyConfiguration{} case v1.SchemeGroupVersion.WithKind("OLM"): diff --git a/vendor/github.com/openshift/client-go/project/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/project/applyconfigurations/internal/internal.go index 1683cfe634..991f278355 100644 --- a/vendor/github.com/openshift/client-go/project/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/project/applyconfigurations/internal/internal.go @@ -23,75 +23,48 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.project.v1.Project +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion type: scalar: string - - name: kind + - name: fieldsType type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.project.v1.ProjectSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.project.v1.ProjectStatus - default: {} -- name: com.github.openshift.api.project.v1.ProjectRequest - map: - fields: - - name: apiVersion + - name: fieldsV1 type: - scalar: string - - name: description + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: scalar: string - - name: displayName + - name: operation type: scalar: string - - name: kind + - name: subresource type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} -- name: com.github.openshift.api.project.v1.ProjectSpec - map: - fields: - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.project.v1.ProjectStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.api.core.v1.NamespaceCondition - elementRelationship: associative - keys: - - type - - name: phase + - name: time type: - scalar: string -- name: io.k8s.api.core.v1.NamespaceCondition + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: NamespaceCondition.v1.core.api.k8s.io map: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -106,43 +79,7 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: annotations @@ -152,13 +89,13 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: creationTimestamp type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: deletionGracePeriodSeconds type: scalar: numeric - name: deletionTimestamp type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: finalizers type: list: @@ -180,7 +117,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: name type: @@ -192,7 +129,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - uid @@ -205,7 +142,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: uid type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion @@ -231,8 +168,71 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string default: "" elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io scalar: untyped +- name: com.github.openshift.api.project.v1.Project + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.project.v1.ProjectSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.project.v1.ProjectStatus + default: {} +- name: com.github.openshift.api.project.v1.ProjectRequest + map: + fields: + - name: apiVersion + type: + scalar: string + - name: description + type: + scalar: string + - name: displayName + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} +- name: com.github.openshift.api.project.v1.ProjectSpec + map: + fields: + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.project.v1.ProjectStatus + map: + fields: + - name: conditions + type: + list: + elementType: + namedType: NamespaceCondition.v1.core.api.k8s.io + elementRelationship: associative + keys: + - type + - name: phase + type: + scalar: string - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/quota/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/quota/applyconfigurations/internal/internal.go index 92b851a6fe..04d59c3a97 100644 --- a/vendor/github.com/openshift/client-go/quota/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/quota/applyconfigurations/internal/internal.go @@ -23,133 +23,7 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.quota.v1.ClusterResourceQuota - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.quota.v1.ClusterResourceQuotaSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.quota.v1.ClusterResourceQuotaStatus - default: {} -- name: com.github.openshift.api.quota.v1.ClusterResourceQuotaSelector - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: labels - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector -- name: com.github.openshift.api.quota.v1.ClusterResourceQuotaSpec - map: - fields: - - name: quota - type: - namedType: io.k8s.api.core.v1.ResourceQuotaSpec - default: {} - - name: selector - type: - namedType: com.github.openshift.api.quota.v1.ClusterResourceQuotaSelector - default: {} -- name: com.github.openshift.api.quota.v1.ClusterResourceQuotaStatus - map: - fields: - - name: namespaces - type: - list: - elementType: - namedType: com.github.openshift.api.quota.v1.ResourceQuotaStatusByNamespace - elementRelationship: atomic - - name: total - type: - namedType: io.k8s.api.core.v1.ResourceQuotaStatus - default: {} -- name: com.github.openshift.api.quota.v1.ResourceQuotaStatusByNamespace - map: - fields: - - name: namespace - type: - scalar: string - default: "" - - name: status - type: - namedType: io.k8s.api.core.v1.ResourceQuotaStatus - default: {} -- name: io.k8s.api.core.v1.ResourceQuotaSpec - map: - fields: - - name: hard - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: scopeSelector - type: - namedType: io.k8s.api.core.v1.ScopeSelector - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceQuotaStatus - map: - fields: - - name: hard - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: used - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.ScopeSelector - map: - fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.api.core.v1.ScopedResourceSelectorRequirement - elementRelationship: atomic - elementRelationship: atomic -- name: io.k8s.api.core.v1.ScopedResourceSelectorRequirement - map: - fields: - - name: operator - type: - scalar: string - default: "" - - name: scopeName - type: - scalar: string - default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.api.resource.Quantity - scalar: untyped -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -161,14 +35,14 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: matchExpressions type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: matchLabels type: @@ -176,7 +50,7 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: key @@ -193,7 +67,7 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion @@ -204,7 +78,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: fieldsV1 type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io - name: manager type: scalar: string @@ -216,8 +90,8 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: time type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: annotations @@ -227,13 +101,13 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: creationTimestamp type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: deletionGracePeriodSeconds type: scalar: numeric - name: deletionTimestamp type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: finalizers type: list: @@ -255,7 +129,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: name type: @@ -267,7 +141,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - uid @@ -280,7 +154,7 @@ var schemaYAML = typed.YAMLObject(`types: - name: uid type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion @@ -306,8 +180,134 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string default: "" elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time +- name: Quantity.resource.api.pkg.apimachinery.k8s.io + scalar: string +- name: ResourceQuotaSpec.v1.core.api.k8s.io + map: + fields: + - name: hard + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: scopeSelector + type: + namedType: ScopeSelector.v1.core.api.k8s.io + - name: scopes + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: ResourceQuotaStatus.v1.core.api.k8s.io + map: + fields: + - name: hard + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: used + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: ScopeSelector.v1.core.api.k8s.io + map: + fields: + - name: matchExpressions + type: + list: + elementType: + namedType: ScopedResourceSelectorRequirement.v1.core.api.k8s.io + elementRelationship: atomic + elementRelationship: atomic +- name: ScopedResourceSelectorRequirement.v1.core.api.k8s.io + map: + fields: + - name: operator + type: + scalar: string + default: "" + - name: scopeName + type: + scalar: string + default: "" + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io scalar: untyped +- name: com.github.openshift.api.quota.v1.ClusterResourceQuota + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.quota.v1.ClusterResourceQuotaSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.quota.v1.ClusterResourceQuotaStatus + default: {} +- name: com.github.openshift.api.quota.v1.ClusterResourceQuotaSelector + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: labels + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.quota.v1.ClusterResourceQuotaSpec + map: + fields: + - name: quota + type: + namedType: ResourceQuotaSpec.v1.core.api.k8s.io + default: {} + - name: selector + type: + namedType: com.github.openshift.api.quota.v1.ClusterResourceQuotaSelector + default: {} +- name: com.github.openshift.api.quota.v1.ClusterResourceQuotaStatus + map: + fields: + - name: namespaces + type: + list: + elementType: + namedType: com.github.openshift.api.quota.v1.ResourceQuotaStatusByNamespace + elementRelationship: atomic + - name: total + type: + namedType: ResourceQuotaStatus.v1.core.api.k8s.io + default: {} +- name: com.github.openshift.api.quota.v1.ResourceQuotaStatusByNamespace + map: + fields: + - name: namespace + type: + scalar: string + default: "" + - name: status + type: + namedType: ResourceQuotaStatus.v1.core.api.k8s.io + default: {} - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go index ab54d1d9ab..757d9d0b9b 100644 --- a/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go @@ -23,6 +23,135 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: IntOrString.intstr.util.pkg.apimachinery.k8s.io + scalar: untyped +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.route.v1.LocalObjectReference map: fields: @@ -41,7 +170,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -131,7 +260,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -151,7 +280,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: targetPort type: - namedType: io.k8s.apimachinery.pkg.util.intstr.IntOrString + namedType: IntOrString.intstr.util.pkg.apimachinery.k8s.io - name: com.github.openshift.api.route.v1.RouteSetHTTPHeader map: fields: @@ -244,135 +373,6 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.util.intstr.IntOrString - scalar: untyped - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go index dcb584450d..851c515a23 100644 --- a/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go @@ -23,6 +23,148 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: SELinuxOptions.v1.core.api.k8s.io + map: + fields: + - name: level + type: + scalar: string + - name: role + type: + scalar: string + - name: type + type: + scalar: string + - name: user + type: + scalar: string +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.security.v1.AllowedFlexVolume map: fields: @@ -65,7 +207,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: range type: @@ -91,7 +233,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: seLinuxOptions type: - namedType: io.k8s.api.core.v1.SELinuxOptions + namedType: SELinuxOptions.v1.core.api.k8s.io - name: type type: scalar: string @@ -176,7 +318,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: priority type: @@ -237,148 +379,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: type type: scalar: string -- name: io.k8s.api.core.v1.SELinuxOptions - map: - fields: - - name: level - type: - scalar: string - - name: role - type: - scalar: string - - name: type - type: - scalar: string - - name: user - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/template/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/template/applyconfigurations/internal/internal.go index 67e03399b2..efdf664e93 100644 --- a/vendor/github.com/openshift/client-go/template/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/template/applyconfigurations/internal/internal.go @@ -23,6 +23,178 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: LocalObjectReference.v1.core.api.k8s.io + map: + fields: + - name: name + type: + scalar: string + default: "" + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: ObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldPath + type: + scalar: string + - name: kind + type: + scalar: string + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resourceVersion + type: + scalar: string + - name: uid + type: + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.template.v1.BrokerTemplateInstance map: fields: @@ -34,7 +206,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -51,11 +223,11 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: secret type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io default: {} - name: templateInstance type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io default: {} - name: com.github.openshift.api.template.v1.Parameter map: @@ -101,13 +273,13 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: objects type: list: elementType: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io elementRelationship: atomic - name: parameters type: @@ -126,7 +298,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -141,7 +313,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -163,7 +335,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: ref type: - namedType: io.k8s.api.core.v1.ObjectReference + namedType: ObjectReference.v1.core.api.k8s.io default: {} - name: com.github.openshift.api.template.v1.TemplateInstanceRequester map: @@ -196,7 +368,7 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.template.v1.TemplateInstanceRequester - name: secret type: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: LocalObjectReference.v1.core.api.k8s.io - name: template type: namedType: com.github.openshift.api.template.v1.Template @@ -216,178 +388,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: com.github.openshift.api.template.v1.TemplateInstanceObject elementRelationship: atomic -- name: io.k8s.api.core.v1.LocalObjectReference - map: - fields: - - name: name - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ObjectReference - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath - type: - scalar: string - - name: kind - type: - scalar: string - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string - - name: uid - type: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/user/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/user/applyconfigurations/internal/internal.go index c4b4bc770c..55428431b0 100644 --- a/vendor/github.com/openshift/client-go/user/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/user/applyconfigurations/internal/internal.go @@ -23,109 +23,7 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.user.v1.Group - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: users - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.user.v1.Identity - map: - fields: - - name: apiVersion - type: - scalar: string - - name: extra - type: - map: - elementType: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: providerName - type: - scalar: string - default: "" - - name: providerUserName - type: - scalar: string - default: "" - - name: user - type: - namedType: io.k8s.api.core.v1.ObjectReference - default: {} -- name: com.github.openshift.api.user.v1.User - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fullName - type: - scalar: string - - name: groups - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: identities - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} -- name: io.k8s.api.core.v1.ObjectReference - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath - type: - scalar: string - - name: kind - type: - scalar: string - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resourceVersion - type: - scalar: string - - name: uid - type: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -137,7 +35,7 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion @@ -148,7 +46,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: fieldsV1 type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io - name: manager type: scalar: string @@ -160,8 +58,8 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: time type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: annotations @@ -171,13 +69,13 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: creationTimestamp type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: deletionGracePeriodSeconds type: scalar: numeric - name: deletionTimestamp type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: finalizers type: list: @@ -199,7 +97,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: name type: @@ -211,7 +109,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - uid @@ -224,7 +122,32 @@ var schemaYAML = typed.YAMLObject(`types: - name: uid type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference +- name: ObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldPath + type: + scalar: string + - name: kind + type: + scalar: string + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resourceVersion + type: + scalar: string + - name: uid + type: + scalar: string + elementRelationship: atomic +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - name: apiVersion @@ -250,8 +173,85 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string default: "" elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io scalar: untyped +- name: com.github.openshift.api.user.v1.Group + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: users + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.user.v1.Identity + map: + fields: + - name: apiVersion + type: + scalar: string + - name: extra + type: + map: + elementType: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: providerName + type: + scalar: string + default: "" + - name: providerUserName + type: + scalar: string + default: "" + - name: user + type: + namedType: ObjectReference.v1.core.api.k8s.io + default: {} +- name: com.github.openshift.api.user.v1.User + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fullName + type: + scalar: string + - name: groups + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: identities + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/modules.txt b/vendor/modules.txt index 31acfee3b6..2a6676c74f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1269,7 +1269,7 @@ github.com/openshift-eng/openshift-tests-extension/pkg/ginkgo github.com/openshift-eng/openshift-tests-extension/pkg/junit github.com/openshift-eng/openshift-tests-extension/pkg/util/sets github.com/openshift-eng/openshift-tests-extension/pkg/version -# github.com/openshift/api v0.0.0-20260304160726-df03ea1d00f4 +# github.com/openshift/api v0.0.0-20260326111139-30c2ef7a272e ## explicit; go 1.25.0 github.com/openshift/api github.com/openshift/api/annotations @@ -1356,7 +1356,7 @@ github.com/openshift/api/template github.com/openshift/api/template/v1 github.com/openshift/api/user github.com/openshift/api/user/v1 -# github.com/openshift/client-go v0.0.0-20260302182750-20813ce71ca6 +# github.com/openshift/client-go v0.0.0-20260330134249-7e1499aaacd7 ## explicit; go 1.25.0 github.com/openshift/client-go/apps/applyconfigurations/apps/v1 github.com/openshift/client-go/apps/applyconfigurations/internal From 625c0d1cc06936669d21a441a3e2c22df31be69a Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Tue, 31 Mar 2026 04:23:41 -0400 Subject: [PATCH 04/13] managed the MCN status --- cmd/machine-config-daemon/start.go | 4 +- .../internalreleaseimage_manager.go | 101 +++++++++--------- .../internalreleaseimage/iriregistry.go | 78 ++++++++------ 3 files changed, 97 insertions(+), 86 deletions(-) diff --git a/cmd/machine-config-daemon/start.go b/cmd/machine-config-daemon/start.go index 462b73c3f8..801e82cafd 100644 --- a/cmd/machine-config-daemon/start.go +++ b/cmd/machine-config-daemon/start.go @@ -240,16 +240,14 @@ func runStartCmd(_ *cobra.Command, _ []string) { startOpts.nodeName, ctrlctx.ClientBuilder.MachineConfigClientOrDie(componentName), ctrlctx.InformerFactory.Machineconfiguration().V1alpha1().InternalReleaseImages(), - nodeScopedInformer, ) - go internalReleaseImageManager.Run(2, stopCh) + go internalReleaseImageManager.Run(1, stopCh) } ctrlctx.KubeInformerFactory.Start(stopCh) ctrlctx.KubeNamespacedInformerFactory.Start(stopCh) ctrlctx.InformerFactory.Start(stopCh) ctrlctx.OperatorInformerFactory.Start(stopCh) - ctrlctx.ConfigInformerFactory.Start(stopCh) nodeScopedInformerStartFunc(ctrlctx.Stop) close(ctrlctx.InformersStarted) diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go index 24ef7aa786..7a924fe8d9 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go @@ -2,19 +2,19 @@ package internalreleaseimage import ( "context" + "crypto/tls" "fmt" + "net/http" "reflect" "time" - corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/wait" - coreinformersv1 "k8s.io/client-go/informers/core/v1" - corev1lister "k8s.io/client-go/listers/core/v1" "k8s.io/client-go/tools/cache" "k8s.io/client-go/util/workqueue" "k8s.io/klog/v2" @@ -37,9 +37,6 @@ const ( // controller configuration maxRetriesController = 15 syncRetryInterval = 30 * time.Second - - // mcn looks for conditions with this prefix if seen will degrade the pool - degradeMessagePrefix = "Error:" ) // Manager manages the IRI registry data on disk @@ -48,17 +45,15 @@ type Manager struct { nodeName string backoff wait.Backoff - mcfgClient mcfgclientset.Interface + mcfgClient mcfgclientset.Interface + registryClient *http.Client - syncHandler func(mcp string) error + syncHandler func(iri string) error enqueueInternalReleaseImage func(*mcfgv1alpha1.InternalReleaseImage) queue workqueue.TypedRateLimitingInterface[string] iriLister mcfglistersv1alpha1.InternalReleaseImageLister iriListerSynced cache.InformerSynced - - nodeLister corev1lister.NodeLister - nodeListerSynced cache.InformerSynced } // NewInternalReleaseImageManager creates a new internal release image manager. @@ -66,7 +61,6 @@ func New( nodeName string, mcfgClient mcfgclientset.Interface, iriInformer mcfginformersv1alpha1.InternalReleaseImageInformer, - nodeInformer coreinformersv1.NodeInformer, ) *Manager { i := &Manager{ nodeName: nodeName, @@ -89,9 +83,6 @@ func New( i.iriLister = iriInformer.Lister() i.iriListerSynced = iriInformer.Informer().HasSynced - i.nodeLister = nodeInformer.Lister() - i.nodeListerSynced = nodeInformer.Informer().HasSynced - iriInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: i.addInternalReleaseImage, UpdateFunc: i.updateInternalReleaseImage, @@ -108,12 +99,21 @@ func (i *Manager) Run(workers int, stopCh <-chan struct{}) { if !cache.WaitForCacheSync( stopCh, i.iriListerSynced, - i.nodeListerSynced, ) { klog.Errorf("failed to sync initial listers cache") return } + if i.registryClient == nil { + i.registryClient = &http.Client{Timeout: 3 * time.Second, + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: true, + }, + }, + } + } + klog.Infof("Starting InternalReleaseImage Manager") defer klog.Infof("Shutting down InternalReleaseImage Manager") @@ -215,28 +215,11 @@ func (i *Manager) deleteInternalReleaseImage(obj interface{}) { i.enqueueInternalReleaseImage(iri) } -// getNodeWithRetry gets the node with retries. This avoids some races when the local node -// is new but not found during startup. -func (i *Manager) getNodeWithRetry(nodeName string) (*corev1.Node, - error) { - var node *corev1.Node - err := wait.ExponentialBackoff(i.backoff, func() (bool, error) { - var err error - node, err = i.nodeLister.Get(nodeName) - if err != nil { - if apierrors.IsNotFound(err) { - // log warning and retry because we are tolerating unexpected behavior from the informer - klog.Warningf("Node %q not found, retrying", nodeName) - return false, nil - } - return false, err - } - return true, nil - }) - return node, err -} +func (i *Manager) updateMCNStatus(mcnOld, mcn *v1.MachineConfigNode) error { + if equality.Semantic.DeepEqual(&mcnOld.Status, &mcn.Status) { + return nil + } -func (i *Manager) updateMCNStatus(mcn *v1.MachineConfigNode) error { _, err := i.mcfgClient.MachineconfigurationV1().MachineConfigNodes().UpdateStatus(context.Background(), mcn, metav1.UpdateOptions{}) if err != nil { return fmt.Errorf("failed to update MCN %s InternalReleaseImage Status conditions: %w", mcn.Name, err) @@ -285,7 +268,9 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriR mcnUpdated.Status.InternalReleaseImage.Releases = append(mcnUpdated.Status.InternalReleaseImage.Releases, iriRelease) } - // Check release availability for each bundle + // Check release availability for each bundle. If at least one release image is not available + // then mark the MCN as degraded. + mcnDegraded := false for n := range mcnUpdated.Status.InternalReleaseImage.Releases { r := &mcnUpdated.Status.InternalReleaseImage.Releases[n] @@ -304,6 +289,8 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriR Message: "The specified release image is available", }) } else { + mcnDegraded = true + klog.Errorf("Release image %s not available for bundle %s. Error: %v", r.Image, r.Name, err) meta.SetStatusCondition(&r.Conditions, metav1.Condition{ Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), Status: metav1.ConditionTrue, @@ -318,15 +305,36 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriR }) } } + if !mcnDegraded { + meta.SetStatusCondition(&mcnUpdated.Status.Conditions, metav1.Condition{ + Type: string(v1.MachineConfigNodeInternalReleaseImageDegraded), + Status: metav1.ConditionFalse, + Reason: "AllReleasesAvailable", + Message: "All the release images are available", + }) + } else { + meta.SetStatusCondition(&mcnUpdated.Status.Conditions, metav1.Condition{ + Type: string(v1.MachineConfigNodeInternalReleaseImageDegraded), + Status: metav1.ConditionTrue, + Reason: "ReleaseImageNotFound", + Message: "One or more release bundle are not available", + }) + } - return i.updateMCNStatus(mcnUpdated) + return i.updateMCNStatus(mcn, mcnUpdated) } func (i *Manager) setMachineConfigNodeAsDegraded(mcn *v1.MachineConfigNode, registryErr error) error { reason := "RegistryUnreachable" mcnUpdated := mcn.DeepCopy() - // TODO: Update mcnUpdated.Status.Conditions with InternalReleaseImageDegraded + meta.SetStatusCondition(&mcnUpdated.Status.Conditions, metav1.Condition{ + Type: string(v1.MachineConfigNodeInternalReleaseImageDegraded), + Status: metav1.ConditionTrue, + Reason: reason, + Message: registryErr.Error(), + }) + // Mark all the current releases as Degraded and not Available. for n := range mcnUpdated.Status.InternalReleaseImage.Releases { r := &mcnUpdated.Status.InternalReleaseImage.Releases[n] @@ -345,7 +353,7 @@ func (i *Manager) setMachineConfigNodeAsDegraded(mcn *v1.MachineConfigNode, regi }) } - return i.updateMCNStatus(mcnUpdated) + return i.updateMCNStatus(mcn, mcnUpdated) } func (i *Manager) syncInternalReleaseImage(key string) error { @@ -361,12 +369,6 @@ func (i *Manager) syncInternalReleaseImage(key string) error { return err } - // Get the current node. - node, err := i.getNodeWithRetry(i.nodeName) - if err != nil { - return fmt.Errorf("failed to get node %q: %v", i.nodeName, err) - } - // Get the MachineConfigNode for the current node. mcn, err := i.mcfgClient.MachineconfigurationV1().MachineConfigNodes().Get(context.TODO(), i.nodeName, metav1.GetOptions{}) if err != nil { @@ -377,9 +379,8 @@ func (i *Manager) syncInternalReleaseImage(key string) error { return err } - iriReg := newIRIRegistry(node) + iriReg := newIRIRegistry(i.nodeName, i.registryClient) if registryErr := iriReg.CheckLocalRegistry(); registryErr != nil { - klog.Errorf("No available local InternalReleaseImage registry found for node %s. Error: %v", i.nodeName, registryErr) err = i.setMachineConfigNodeAsDegraded(mcn, registryErr) } else { err = i.refreshMachineConfigNodeStatus(mcn, iriReg) @@ -389,6 +390,6 @@ func (i *Manager) syncInternalReleaseImage(key string) error { return err } - i.queue.AddAfter(key, syncRetryInterval) + i.queue.AddAfter(common.InternalReleaseImageInstanceName, syncRetryInterval) return nil } diff --git a/pkg/daemon/internalreleaseimage/iriregistry.go b/pkg/daemon/internalreleaseimage/iriregistry.go index 6d42ef0cee..a7f6b82f54 100644 --- a/pkg/daemon/internalreleaseimage/iriregistry.go +++ b/pkg/daemon/internalreleaseimage/iriregistry.go @@ -7,9 +7,7 @@ import ( "io" "net/http" "regexp" - "time" - corev1 "k8s.io/api/core/v1" "k8s.io/klog/v2" ) @@ -22,7 +20,7 @@ const ( ) type iriRegistry struct { - node *corev1.Node + nodeName string registryHostPort string client *http.Client } @@ -32,12 +30,20 @@ type registryTagsList struct { Tags []string `json:"tags"` } -func newIRIRegistry(node *corev1.Node) *iriRegistry { +type registryErrorCode struct { + Code string `json:"code"` + Message string `json:"message"` + Detail interface{} `json:"detail"` +} + +type registryErrorResponse struct { + Errors []registryErrorCode `json:"errors"` +} + +func newIRIRegistry(nodeName string, client *http.Client) *iriRegistry { return &iriRegistry{ - node: node, - client: &http.Client{ - Timeout: 3 * time.Second, - }, + nodeName: nodeName, + client: client, // The IRI registry runs on the current node. registryHostPort: fmt.Sprintf("%s:%d", iriRegistryHost, iriRegistryPort), } @@ -57,26 +63,37 @@ func (r *iriRegistry) query(endpoint string, headers ...map[string]string) (*htt } resp, err := r.client.Do(req) if err != nil { - return nil, err + return nil, fmt.Errorf("registry query %s failed with error: %v", regURL, err) } + + if resp.StatusCode != http.StatusOK { + defer resp.Body.Close() + errMsg := fmt.Sprintf("registry query %s failed with code %d", regURL, resp.StatusCode) + + // Check if additional error details are reported in the message body. + var errResp registryErrorResponse + if err := json.NewDecoder(resp.Body).Decode(&errResp); err == nil { + if len(errResp.Errors) > 0 { + errMsg = fmt.Sprintf("%s. Message: %s. Details: %v", errMsg, errResp.Errors[0].Message, errResp.Errors[0].Detail) + } + } + return nil, fmt.Errorf("%s", errMsg) + } + return resp, nil } func (r *iriRegistry) CheckLocalRegistry() error { - klog.V(2).Infof("Checking local InternalReleaseImage registry status for node %s at %s", r.node.Name, r.registryHostPort) + klog.V(2).Infof("Checking local InternalReleaseImage registry status for node %s at %s", r.nodeName, r.registryHostPort) resp, err := r.query("") if err != nil { + klog.Errorf("No available local InternalReleaseImage registry found for node %s. Error: %v", r.nodeName, err) return err } - statusCode := resp.StatusCode - resp.Body.Close() - - if statusCode != http.StatusOK { - return fmt.Errorf("Registry check for for node %s (%s) failed with status code %d", r.node.Name, r.registryHostPort, statusCode) - } + defer resp.Body.Close() - klog.V(2).Infof("The local InternalReleaseImage registry is available for node %s (%s)", r.node.Name, r.registryHostPort) + klog.V(2).Infof("The local InternalReleaseImage registry is available for node %s (%s)", r.nodeName, r.registryHostPort) return nil } @@ -104,16 +121,13 @@ func (r *iriRegistry) getRepositoryTags(repo string) (*registryTagsList, error) klog.V(2).Infof("Retrieving repository tags for %s", repo) resp, err := r.query(endpoint) if err != nil { - return nil, err + return nil, fmt.Errorf("error while retrieving repository tags for %s: %w", endpoint, err) } defer resp.Body.Close() - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("error while retrieving registry tags for %s. Status code: %d", repo, resp.StatusCode) - } releaseTags, err := r.parseTagsList(resp.Body) if err != nil { - return nil, err + return nil, fmt.Errorf("error while parsing repository tags for %s: %w", endpoint, err) } return releaseTags, nil } @@ -123,7 +137,7 @@ func (r *iriRegistry) GetOCPBundlesTags() (*registryTagsList, error) { } func (r *iriRegistry) GetOCPBundleReleaseTag(_ string) (string, error) { - // Currently the IRI resource supports only one release bundle, and thus one OCP release. Since the release bundle + // Note: currently the IRI resource supports only one release bundle, and thus one OCP release. Since the release bundle // image does not yet contain the necessary release metadata (see https://redhat.atlassian.net/browse/AGENT-1312), // let's fetch directly the current release image. ocpReleases, err := r.getRepositoryTags(ocpReleasesRepo) @@ -154,18 +168,16 @@ func (r *iriRegistry) CheckImageAvailability(pullspec string) error { return fmt.Errorf("pullspec %s not owned by the current registry", pullspec) } - manifestsQuery := fmt.Sprintf("/%s/manifests/%s", repo, digest) - resp, err := r.query(manifestsQuery, map[string]string{ - "Accept": "application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v2+json", - }) + endpoint := fmt.Sprintf("/%s/manifests/%s", repo, digest) + resp, err := r.query(endpoint, map[string]string{ + "Accept": "application/vnd.oci.image.index.v1+json, " + + "application/vnd.oci.image.manifest.v1+json, " + + "application/vnd.docker.distribution.manifest.list.v2+json, " + + "application/vnd.docker.distribution.manifest.v2+json"}) if err != nil { - return err + return fmt.Errorf("error while checking image availability for %s: %w", endpoint, err) } - statusCode := resp.StatusCode - resp.Body.Close() + defer resp.Body.Close() - if statusCode != http.StatusOK { - return fmt.Errorf("error while checking release availability: %w", err) - } return nil } From 0a034891ebf0d6a3f3350dce86f5790bfff79687 Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Mon, 6 Apr 2026 13:01:06 -0400 Subject: [PATCH 05/13] add MCD IRI unit tests --- .../internalreleaseimage_fakeregistry_test.go | 140 ++++++++++++++++ .../internalreleaseimage_helpers_test.go | 54 ++++++ .../internalreleaseimage_manager_test.go | 157 ++++++++++++++++++ 3 files changed, 351 insertions(+) create mode 100644 pkg/daemon/internalreleaseimage/internalreleaseimage_fakeregistry_test.go create mode 100644 pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go create mode 100644 pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_fakeregistry_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_fakeregistry_test.go new file mode 100644 index 0000000000..1fc7d258f9 --- /dev/null +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_fakeregistry_test.go @@ -0,0 +1,140 @@ +package internalreleaseimage + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/tls" + "crypto/x509" + "crypto/x509/pkix" + "encoding/pem" + "fmt" + "log" + "math/big" + "net" + "net/http" + "net/http/httptest" + "time" +) + +type FakeIRIRegistry struct { + mux *http.ServeMux + server *httptest.Server + responses map[string][]registryResponse +} + +type registryResponse struct { + statusCode int + body string +} + +// NewFakeIRIRegistry creates a new instance of the fake registry. +func NewFakeIRIRegistry() *FakeIRIRegistry { + return &FakeIRIRegistry{ + responses: make(map[string][]registryResponse), + } +} + +func (fr *FakeIRIRegistry) AddResponse(endpoint string, statusCode int, body string) *FakeIRIRegistry { + epReplies, found := fr.responses[endpoint] + if !found { + epReplies = []registryResponse{} + } + + epReplies = append(epReplies, registryResponse{ + statusCode: statusCode, + body: body, + }) + fr.responses[endpoint] = epReplies + + return fr +} + +// Start configures the handlers, brings up the local server for the +// registry. +func (fr *FakeIRIRegistry) Start() error { + fr.mux = http.NewServeMux() + + // Ping handler + fr.mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { + epReplies, found := fr.responses[r.URL.Path] + if !found || len(epReplies) == 0 { + log.Fatalf("unexpected endpoint call received: %s", r.URL.Path) + } + reply := epReplies[0] + fr.responses[r.URL.Path] = epReplies[1:] + + w.Header().Set("Content-Type", "application/json") + w.Header().Set("Docker-Distribution-Api-Version", "registry/2.0") + w.WriteHeader(reply.statusCode) + + if _, err := w.Write([]byte(reply.body)); err != nil { + log.Fatal(err) + } + }) + + err := fr.newTLSServer(fr.mux.ServeHTTP) + if err != nil { + return err + } + fr.server.StartTLS() + + return nil +} + +func (fr *FakeIRIRegistry) newTLSServer(handler http.HandlerFunc) error { + listener, err := net.Listen("tcp", "127.0.0.1:22625") + if err != nil { + return fmt.Errorf("failed to bind port: %v", err) + } + fr.server = httptest.NewUnstartedServer(handler) + fr.server.Listener = listener + cert, err := fr.generateSelfSignedCert() + if err != nil { + return fmt.Errorf("error configuring server cert: %w", err) + } + fr.server.TLS = &tls.Config{ + MinVersion: tls.VersionTLS13, + Certificates: []tls.Certificate{cert}, + } + return nil +} + +func (fr *FakeIRIRegistry) generateSelfSignedCert() (tls.Certificate, error) { + // Generate the private key + pk, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return tls.Certificate{}, err + } + // Generate the serial number + sn, err := rand.Int(rand.Reader, big.NewInt(1000000)) + if err != nil { + return tls.Certificate{}, err + } + // Create the certificate template + template := x509.Certificate{ + SerialNumber: sn, + Subject: pkix.Name{ + Organization: []string{"IRI Tester"}, + }, + NotBefore: time.Now(), + NotAfter: time.Now().Add(1 * time.Hour), + KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, + BasicConstraintsValid: true, + DNSNames: []string{"localhost"}, + IPAddresses: []net.IP{net.ParseIP("127.0.0.1")}, + } + certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &pk.PublicKey, pk) + if err != nil { + return tls.Certificate{}, err + } + + certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER}) + keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(pk)}) + return tls.X509KeyPair(certPEM, keyPEM) +} + +// Close shutdowns the fake registry server. +func (fr *FakeIRIRegistry) Close() { + fr.server.Close() +} diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go new file mode 100644 index 0000000000..77949d781e --- /dev/null +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go @@ -0,0 +1,54 @@ +package internalreleaseimage + +import ( + mcfgv1 "github.com/openshift/api/machineconfiguration/v1" + mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" + "github.com/openshift/machine-config-operator/pkg/controller/common" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" +) + +// iriBuilder simplifies the creation of an InternalReleaseImage resource in the test. +type iriBuilder struct { + obj *mcfgv1alpha1.InternalReleaseImage +} + +func iri() *iriBuilder { + return &iriBuilder{ + obj: &mcfgv1alpha1.InternalReleaseImage{ + ObjectMeta: v1.ObjectMeta{ + Name: common.InternalReleaseImageInstanceName, + }, + Spec: mcfgv1alpha1.InternalReleaseImageSpec{ + Releases: []mcfgv1alpha1.InternalReleaseImageRef{ + { + Name: "ocp-release-bundle-4.21.5-x86_64", + }, + }, + }, + }, + } +} + +func (ib *iriBuilder) build() runtime.Object { + return ib.obj +} + +// mcnBuilder simplifies the creation of a MachineConfigNode resource in the test. +type mcnBuilder struct { + obj *mcfgv1.MachineConfigNode +} + +func machineConfigNode(name string) *mcnBuilder { + return &mcnBuilder{ + obj: &mcfgv1.MachineConfigNode{ + ObjectMeta: v1.ObjectMeta{ + Name: name, + }, + }, + } +} + +func (mb *mcnBuilder) build() runtime.Object { + return mb.obj +} diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go new file mode 100644 index 0000000000..fb8191310b --- /dev/null +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go @@ -0,0 +1,157 @@ +package internalreleaseimage + +import ( + "context" + "crypto/tls" + "net/http" + "testing" + "time" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + mcfgv1 "github.com/openshift/api/machineconfiguration/v1" + mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" + "github.com/openshift/client-go/machineconfiguration/clientset/versioned/fake" + mcfginformers "github.com/openshift/client-go/machineconfiguration/informers/externalversions" + "github.com/openshift/machine-config-operator/pkg/controller/common" +) + +func verifyCondition(t *testing.T, conditions []v1.Condition, eCondType string, eCondStatus v1.ConditionStatus) { + t.Helper() + for _, c := range conditions { + if c.Type == eCondType { + assert.Equal(t, eCondStatus, c.Status) + return + } + } + assert.Failf(t, "expected condition type %s with status %s not found", eCondType) +} + +func TestInternalReleaseImageManager(t *testing.T) { + cases := []struct { + name string + + iri *iriBuilder + nodeName string + mcn *mcnBuilder + setupRegistry func(r *FakeIRIRegistry) + verify func(t *testing.T, actualMCN *mcfgv1.MachineConfigNode) + + registryDisabled bool + }{ + { + name: "feature not enabled", + mcn: machineConfigNode("master-0"), + + verify: func(t *testing.T, mcn *mcfgv1.MachineConfigNode) { + assert.Empty(t, mcn.Status.InternalReleaseImage) + }, + }, + { + name: "happy path", + iri: iri(), + nodeName: "master-0", + mcn: machineConfigNode("master-0"), + + setupRegistry: func(r *FakeIRIRegistry) { + r.AddResponse("/v2", http.StatusOK, "{}"). + AddResponse("/v2/openshift/release-bundles/tags/list", http.StatusOK, `{"name":"openshift/release-bundles","tags":["ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515"]}`). + AddResponse("/v2/openshift/release-images/tags/list", http.StatusOK, `{"name":"openshift/release-images","tags":["68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389"]}`). + AddResponse("/v2/openshift/release-images/manifests/sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", http.StatusOK, "{}") + }, + + verify: func(t *testing.T, mcn *mcfgv1.MachineConfigNode) { + verifyCondition(t, mcn.Status.Conditions, string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), metav1.ConditionFalse) + + assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) + r := mcn.Status.InternalReleaseImage.Releases[0] + assert.Equal(t, r.Name, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515") + assert.Equal(t, r.Image, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389") + verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), metav1.ConditionTrue) + verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), metav1.ConditionFalse) + }, + }, + { + name: "registry down", + iri: iri(), + nodeName: "master-0", + mcn: machineConfigNode("master-0"), + + registryDisabled: true, + + verify: func(t *testing.T, mcn *mcfgv1.MachineConfigNode) { + verifyCondition(t, mcn.Status.Conditions, string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), metav1.ConditionTrue) + + assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 0) + }, + }, + { + name: "Missing release manifest", + iri: iri(), + nodeName: "master-0", + mcn: machineConfigNode("master-0"), + + setupRegistry: func(r *FakeIRIRegistry) { + r.AddResponse("/v2", http.StatusOK, "{}"). + AddResponse("/v2/openshift/release-bundles/tags/list", http.StatusOK, `{"name":"openshift/release-bundles","tags":["ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515"]}`). + AddResponse("/v2/openshift/release-images/tags/list", http.StatusOK, `{"name":"openshift/release-images","tags":["68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389"]}`). + AddResponse("/v2/openshift/release-images/manifests/sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", http.StatusNotFound, `{"errors":[{"code":"MANIFEST_UNKNOWN","message":"manifest unknown","detail":{"Tag":"68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0388"}}]}`) + }, + + verify: func(t *testing.T, mcn *mcfgv1.MachineConfigNode) { + verifyCondition(t, mcn.Status.Conditions, string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), metav1.ConditionTrue) + + assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) + r := mcn.Status.InternalReleaseImage.Releases[0] + assert.Equal(t, r.Name, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515") + assert.Equal(t, r.Image, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389") + verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), metav1.ConditionFalse) + verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), metav1.ConditionTrue) + }, + }, + } + for _, tc := range cases { + t.Run(tc.name, func(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + + fakeMCClient := fake.NewClientset(tc.mcn.obj) + mcInformerFactory := mcfginformers.NewSharedInformerFactory(fakeMCClient, func() time.Duration { return 0 }()) + iriInformer := mcInformerFactory.Machineconfiguration().V1alpha1().InternalReleaseImages() + mcInformerFactory.Start(ctx.Done()) + mcInformerFactory.WaitForCacheSync(ctx.Done()) + + if tc.iri != nil { + require.NoError(t, iriInformer.Informer().GetIndexer().Add(tc.iri.build())) + } + + if !tc.registryDisabled { + fakeRegistry := NewFakeIRIRegistry() + if tc.setupRegistry != nil { + tc.setupRegistry(fakeRegistry) + } + require.NoError(t, fakeRegistry.Start()) + defer fakeRegistry.Close() + } + + iriManager := New(tc.nodeName, fakeMCClient, iriInformer) + iriManager.registryClient = &http.Client{ + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: true, + }, + }, + } + require.NoError(t, iriManager.syncHandler(common.InternalReleaseImageInstanceName)) + + if tc.mcn != nil { + mcnUpdated, err := fakeMCClient.MachineconfigurationV1().MachineConfigNodes().Get(context.Background(), tc.mcn.obj.Name, v1.GetOptions{}) + require.NoError(t, err) + tc.verify(t, mcnUpdated) + } + }) + } +} From 06ff2047a427e4a462b460ab6d88a9b117524a3a Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Mon, 6 Apr 2026 13:25:49 -0400 Subject: [PATCH 06/13] using MachineConfigNodeLister instead of the client --- cmd/machine-config-daemon/start.go | 1 + .../internalreleaseimage_manager.go | 50 ++++++++++++------- .../internalreleaseimage_manager_test.go | 35 +++++++------ .../internalreleaseimage/iriregistry.go | 2 +- 4 files changed, 54 insertions(+), 34 deletions(-) diff --git a/cmd/machine-config-daemon/start.go b/cmd/machine-config-daemon/start.go index 801e82cafd..ce36c78fdd 100644 --- a/cmd/machine-config-daemon/start.go +++ b/cmd/machine-config-daemon/start.go @@ -240,6 +240,7 @@ func runStartCmd(_ *cobra.Command, _ []string) { startOpts.nodeName, ctrlctx.ClientBuilder.MachineConfigClientOrDie(componentName), ctrlctx.InformerFactory.Machineconfiguration().V1alpha1().InternalReleaseImages(), + ctrlctx.InformerFactory.Machineconfiguration().V1().MachineConfigNodes(), ) go internalReleaseImageManager.Run(1, stopCh) } diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go index 7a924fe8d9..7841f78150 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go @@ -2,7 +2,6 @@ package internalreleaseimage import ( "context" - "crypto/tls" "fmt" "net/http" "reflect" @@ -19,10 +18,12 @@ import ( "k8s.io/client-go/util/workqueue" "k8s.io/klog/v2" - v1 "github.com/openshift/api/machineconfiguration/v1" + mcfgv1 "github.com/openshift/api/machineconfiguration/v1" mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" mcfgclientset "github.com/openshift/client-go/machineconfiguration/clientset/versioned" + mcfginformersv1 "github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1" mcfginformersv1alpha1 "github.com/openshift/client-go/machineconfiguration/informers/externalversions/machineconfiguration/v1alpha1" + mcfglistersv1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1" mcfglistersv1alpha1 "github.com/openshift/client-go/machineconfiguration/listers/machineconfiguration/v1alpha1" "github.com/openshift/machine-config-operator/pkg/controller/common" ) @@ -54,6 +55,9 @@ type Manager struct { iriLister mcfglistersv1alpha1.InternalReleaseImageLister iriListerSynced cache.InformerSynced + + mcnLister mcfglistersv1.MachineConfigNodeLister + mcnListerSynced cache.InformerSynced } // NewInternalReleaseImageManager creates a new internal release image manager. @@ -61,6 +65,7 @@ func New( nodeName string, mcfgClient mcfgclientset.Interface, iriInformer mcfginformersv1alpha1.InternalReleaseImageInformer, + mcnInformer mcfginformersv1.MachineConfigNodeInformer, ) *Manager { i := &Manager{ nodeName: nodeName, @@ -83,12 +88,19 @@ func New( i.iriLister = iriInformer.Lister() i.iriListerSynced = iriInformer.Informer().HasSynced + i.mcnLister = mcnInformer.Lister() + i.mcnListerSynced = mcnInformer.Informer().HasSynced + iriInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: i.addInternalReleaseImage, UpdateFunc: i.updateInternalReleaseImage, DeleteFunc: i.deleteInternalReleaseImage, }) + mcnInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ + AddFunc: i.addMachineConfigNode, + }) + return i } @@ -99,19 +111,14 @@ func (i *Manager) Run(workers int, stopCh <-chan struct{}) { if !cache.WaitForCacheSync( stopCh, i.iriListerSynced, + i.mcnListerSynced, ) { klog.Errorf("failed to sync initial listers cache") return } if i.registryClient == nil { - i.registryClient = &http.Client{Timeout: 3 * time.Second, - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{ - InsecureSkipVerify: true, - }, - }, - } + i.registryClient = &http.Client{Timeout: 3 * time.Second} } klog.Infof("Starting InternalReleaseImage Manager") @@ -215,7 +222,16 @@ func (i *Manager) deleteInternalReleaseImage(obj interface{}) { i.enqueueInternalReleaseImage(iri) } -func (i *Manager) updateMCNStatus(mcnOld, mcn *v1.MachineConfigNode) error { +func (i *Manager) addMachineConfigNode(obj interface{}) { + curMCN := obj.(*mcfgv1.MachineConfigNode) + + if curMCN.Name == i.nodeName { + klog.V(4).Infof("MachineConfigNode %s added", curMCN.Name) + i.queue.Add(common.InternalReleaseImageInstanceName) + } +} + +func (i *Manager) updateMCNStatus(mcnOld, mcn *mcfgv1.MachineConfigNode) error { if equality.Semantic.DeepEqual(&mcnOld.Status, &mcn.Status) { return nil } @@ -227,7 +243,7 @@ func (i *Manager) updateMCNStatus(mcnOld, mcn *v1.MachineConfigNode) error { return nil } -func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriReg *iriRegistry) error { +func (i *Manager) refreshMachineConfigNodeStatus(mcn *mcfgv1.MachineConfigNode, iriReg *iriRegistry) error { // Get the current OCP releases bundles stored in the local IRI registry. registryBundles, err := iriReg.GetOCPBundlesTags() if err != nil { @@ -261,7 +277,7 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriR } pullSpec := iriReg.GetOCPReleasePullSpec(ocpReleaseTag) - iriRelease := v1.MachineConfigNodeStatusInternalReleaseImageRef{ + iriRelease := mcfgv1.MachineConfigNodeStatusInternalReleaseImageRef{ Name: bundle, Image: pullSpec, } @@ -307,14 +323,14 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriR } if !mcnDegraded { meta.SetStatusCondition(&mcnUpdated.Status.Conditions, metav1.Condition{ - Type: string(v1.MachineConfigNodeInternalReleaseImageDegraded), + Type: string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), Status: metav1.ConditionFalse, Reason: "AllReleasesAvailable", Message: "All the release images are available", }) } else { meta.SetStatusCondition(&mcnUpdated.Status.Conditions, metav1.Condition{ - Type: string(v1.MachineConfigNodeInternalReleaseImageDegraded), + Type: string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), Status: metav1.ConditionTrue, Reason: "ReleaseImageNotFound", Message: "One or more release bundle are not available", @@ -324,12 +340,12 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *v1.MachineConfigNode, iriR return i.updateMCNStatus(mcn, mcnUpdated) } -func (i *Manager) setMachineConfigNodeAsDegraded(mcn *v1.MachineConfigNode, registryErr error) error { +func (i *Manager) setMachineConfigNodeAsDegraded(mcn *mcfgv1.MachineConfigNode, registryErr error) error { reason := "RegistryUnreachable" mcnUpdated := mcn.DeepCopy() meta.SetStatusCondition(&mcnUpdated.Status.Conditions, metav1.Condition{ - Type: string(v1.MachineConfigNodeInternalReleaseImageDegraded), + Type: string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), Status: metav1.ConditionTrue, Reason: reason, Message: registryErr.Error(), @@ -370,7 +386,7 @@ func (i *Manager) syncInternalReleaseImage(key string) error { } // Get the MachineConfigNode for the current node. - mcn, err := i.mcfgClient.MachineconfigurationV1().MachineConfigNodes().Get(context.TODO(), i.nodeName, metav1.GetOptions{}) + mcn, err := i.mcnLister.Get(i.nodeName) if err != nil { if apierrors.IsNotFound(err) { klog.V(2).Infof("MachineConfigNode %s not yet present, waiting for its creation", i.nodeName) diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go index fb8191310b..e011d926e8 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go @@ -19,17 +19,6 @@ import ( "github.com/openshift/machine-config-operator/pkg/controller/common" ) -func verifyCondition(t *testing.T, conditions []v1.Condition, eCondType string, eCondStatus v1.ConditionStatus) { - t.Helper() - for _, c := range conditions { - if c.Type == eCondType { - assert.Equal(t, eCondStatus, c.Status) - return - } - } - assert.Failf(t, "expected condition type %s with status %s not found", eCondType) -} - func TestInternalReleaseImageManager(t *testing.T) { cases := []struct { name string @@ -68,8 +57,8 @@ func TestInternalReleaseImageManager(t *testing.T) { assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) r := mcn.Status.InternalReleaseImage.Releases[0] - assert.Equal(t, r.Name, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515") - assert.Equal(t, r.Image, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389") + assert.Equal(t, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515", r.Name) + assert.Equal(t, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", r.Image) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), metav1.ConditionTrue) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), metav1.ConditionFalse) }, @@ -106,8 +95,8 @@ func TestInternalReleaseImageManager(t *testing.T) { assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) r := mcn.Status.InternalReleaseImage.Releases[0] - assert.Equal(t, r.Name, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515") - assert.Equal(t, r.Image, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389") + assert.Equal(t, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515", r.Name) + assert.Equal(t, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", r.Image) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), metav1.ConditionFalse) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), metav1.ConditionTrue) }, @@ -121,9 +110,12 @@ func TestInternalReleaseImageManager(t *testing.T) { fakeMCClient := fake.NewClientset(tc.mcn.obj) mcInformerFactory := mcfginformers.NewSharedInformerFactory(fakeMCClient, func() time.Duration { return 0 }()) iriInformer := mcInformerFactory.Machineconfiguration().V1alpha1().InternalReleaseImages() + mcnInformer := mcInformerFactory.Machineconfiguration().V1().MachineConfigNodes() + mcInformerFactory.Start(ctx.Done()) mcInformerFactory.WaitForCacheSync(ctx.Done()) + require.NoError(t, mcnInformer.Informer().GetIndexer().Add(tc.mcn.build())) if tc.iri != nil { require.NoError(t, iriInformer.Informer().GetIndexer().Add(tc.iri.build())) } @@ -137,7 +129,7 @@ func TestInternalReleaseImageManager(t *testing.T) { defer fakeRegistry.Close() } - iriManager := New(tc.nodeName, fakeMCClient, iriInformer) + iriManager := New(tc.nodeName, fakeMCClient, iriInformer, mcnInformer) iriManager.registryClient = &http.Client{ Transport: &http.Transport{ TLSClientConfig: &tls.Config{ @@ -155,3 +147,14 @@ func TestInternalReleaseImageManager(t *testing.T) { }) } } + +func verifyCondition(t *testing.T, conditions []v1.Condition, eCondType string, eCondStatus v1.ConditionStatus) { + t.Helper() + for _, c := range conditions { + if c.Type == eCondType { + assert.Equal(t, eCondStatus, c.Status) + return + } + } + assert.Failf(t, "expected condition type %s not found", eCondType) +} diff --git a/pkg/daemon/internalreleaseimage/iriregistry.go b/pkg/daemon/internalreleaseimage/iriregistry.go index a7f6b82f54..b6b96c92f3 100644 --- a/pkg/daemon/internalreleaseimage/iriregistry.go +++ b/pkg/daemon/internalreleaseimage/iriregistry.go @@ -116,7 +116,7 @@ func (r *iriRegistry) parseTagsList(reader io.Reader) (*registryTagsList, error) } func (r *iriRegistry) getRepositoryTags(repo string) (*registryTagsList, error) { - endpoint := fmt.Sprintf("/%s/tags/list", repo) + endpoint := fmt.Sprintf("%s/tags/list", repo) klog.V(2).Infof("Retrieving repository tags for %s", repo) resp, err := r.query(endpoint) From caf52e2614c279490c3917c0bc4a21ff96c8e6ea Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Tue, 7 Apr 2026 09:46:40 -0400 Subject: [PATCH 07/13] fix stale reference to FeatureGateMachineConfigNodes feature since it has been removed in https://github.com/openshift/api/pull/2715 and no longer required --- pkg/daemon/upgrade_monitor_test.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/pkg/daemon/upgrade_monitor_test.go b/pkg/daemon/upgrade_monitor_test.go index 2f2e63f0c0..99e2416182 100644 --- a/pkg/daemon/upgrade_monitor_test.go +++ b/pkg/daemon/upgrade_monitor_test.go @@ -10,7 +10,6 @@ import ( apicfgv1 "github.com/openshift/api/config/v1" "github.com/openshift/machine-config-operator/pkg/upgrademonitor" - features "github.com/openshift/api/features" v1 "github.com/openshift/api/machineconfiguration/v1" "github.com/openshift/client-go/machineconfiguration/clientset/versioned/fake" informers "github.com/openshift/client-go/machineconfiguration/informers/externalversions" @@ -111,9 +110,7 @@ func (tc upgradeMonitorTestCase) run(t *testing.T) { f.oclient = mcopfake.NewSimpleClientset(f.objects...) fgHandler := ctrlcommon.NewFeatureGatesHardcodedHandler( - []apicfgv1.FeatureGateName{ - features.FeatureGateMachineConfigNodes, - }, + []apicfgv1.FeatureGateName{}, []apicfgv1.FeatureGateName{}, ) From 4adea70fc3f35fd5a57acfbf649227e1be050930 Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Tue, 7 Apr 2026 12:10:04 -0400 Subject: [PATCH 08/13] add basic e2e test for MCD IRI --- .../internalreleaseimage_manager_test.go | 5 +-- test/e2e-iri/iri_test.go | 43 +++++++++++++++++++ 2 files changed, 45 insertions(+), 3 deletions(-) diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go index e011d926e8..115ae28108 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go @@ -10,7 +10,6 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" mcfgv1 "github.com/openshift/api/machineconfiguration/v1" mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" @@ -140,7 +139,7 @@ func TestInternalReleaseImageManager(t *testing.T) { require.NoError(t, iriManager.syncHandler(common.InternalReleaseImageInstanceName)) if tc.mcn != nil { - mcnUpdated, err := fakeMCClient.MachineconfigurationV1().MachineConfigNodes().Get(context.Background(), tc.mcn.obj.Name, v1.GetOptions{}) + mcnUpdated, err := fakeMCClient.MachineconfigurationV1().MachineConfigNodes().Get(context.Background(), tc.mcn.obj.Name, metav1.GetOptions{}) require.NoError(t, err) tc.verify(t, mcnUpdated) } @@ -148,7 +147,7 @@ func TestInternalReleaseImageManager(t *testing.T) { } } -func verifyCondition(t *testing.T, conditions []v1.Condition, eCondType string, eCondStatus v1.ConditionStatus) { +func verifyCondition(t *testing.T, conditions []metav1.Condition, eCondType string, eCondStatus metav1.ConditionStatus) { t.Helper() for _, c := range conditions { if c.Type == eCondType { diff --git a/test/e2e-iri/iri_test.go b/test/e2e-iri/iri_test.go index b9d85570bd..4ed1bde98c 100644 --- a/test/e2e-iri/iri_test.go +++ b/test/e2e-iri/iri_test.go @@ -19,11 +19,14 @@ import ( configv1 "github.com/openshift/api/config/v1" mcfgv1 "github.com/openshift/api/machineconfiguration/v1" + mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" ctrlcommon "github.com/openshift/machine-config-operator/pkg/controller/common" "github.com/openshift/machine-config-operator/test/framework" ) func TestIRIResource_Available(t *testing.T) { + skipIfNoBaremetal(t) + cs := framework.NewClientSet("") ctx := context.Background() @@ -38,8 +41,44 @@ func TestIRIResource_Available(t *testing.T) { require.NoError(t, err) } +func TestMachineConfigNodesStatus(t *testing.T) { + skipIfNoBaremetal(t) + + cs := framework.NewClientSet("") + ctx := context.Background() + + cv, err := cs.ClusterVersions().Get(ctx, "version", v1.GetOptions{}) + require.NoError(t, err) + + mcnList, err := cs.MachineConfigNodes().List(ctx, v1.ListOptions{}) + require.NoError(t, err) + + for _, mcn := range mcnList.Items { + requireCondition(t, mcn.Status.Conditions, string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), v1.ConditionFalse) + + require.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) + r := mcn.Status.InternalReleaseImage.Releases[0] + require.Contains(t, r.Name, cv.Status.Desired.Version) + require.NotEmpty(t, r.Image, "OCP release pullspec cannot be empty") + + requireCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), v1.ConditionTrue) + requireCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), v1.ConditionFalse) + } +} + +func requireCondition(t *testing.T, conditions []v1.Condition, condType string, condStatus v1.ConditionStatus) { + t.Helper() + for _, c := range conditions { + if c.Type == condType && c.Status == condStatus { + return + } + } + t.Fatalf("expected condition %q with status %q not found", condType, condStatus) +} + func TestIRIController_VerifyIRIRegistryOnAllTheMasterNodes_NoCert(t *testing.T) { skipIfOpenShiftCI(t) + skipIfNoBaremetal(t) masterNodes, err := framework.NewClientSet("").CoreV1Interface.Nodes().List(context.TODO(), v1.ListOptions{LabelSelector: "node-role.kubernetes.io/master="}) require.NoError(t, err) @@ -138,6 +177,8 @@ func pingIRIRegistry(t *testing.T, client *http.Client, ipAddr string) { } func TestIRIController_ShouldPreventDeletionWhenInUse(t *testing.T) { + skipIfNoBaremetal(t) + cs := framework.NewClientSet("") ctx := context.Background() @@ -180,6 +221,8 @@ func TestIRIController_ShouldPreventDeletionWhenInUse(t *testing.T) { } func TestIRIController_ShouldRestoreMachineConfigsWhenModified(t *testing.T) { + skipIfNoBaremetal(t) + cases := []struct { name string userAction func(t *testing.T, ctx context.Context, cs *framework.ClientSet, configs []*mcfgv1.MachineConfig) From 411484cdd2131eee0e35ab08b04e9c7981841b87 Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Wed, 8 Apr 2026 03:50:28 -0400 Subject: [PATCH 09/13] various fixes --- pkg/daemon/internalreleaseimage/OWNERS | 3 ++- .../internalreleaseimage_manager.go | 23 +++++-------------- .../internalreleaseimage/iriregistry.go | 6 ++--- 3 files changed, 11 insertions(+), 21 deletions(-) diff --git a/pkg/daemon/internalreleaseimage/OWNERS b/pkg/daemon/internalreleaseimage/OWNERS index 74e8b7eee0..fca386fa65 100644 --- a/pkg/daemon/internalreleaseimage/OWNERS +++ b/pkg/daemon/internalreleaseimage/OWNERS @@ -11,4 +11,5 @@ reviewers: - bfournie - pawanpinjarkar - rwsu - - zaneb \ No newline at end of file + - zaneb + \ No newline at end of file diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go index 7841f78150..fb2575ad60 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go @@ -8,7 +8,7 @@ import ( "time" "k8s.io/apimachinery/pkg/api/equality" - "k8s.io/apimachinery/pkg/api/errors" + apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -29,22 +29,15 @@ import ( ) const ( - // backoff configuration - maxRetries = 5 - retryDuration = 1 * time.Second - retryFactor = 2.0 - retryCap = 10 * time.Second - // controller configuration maxRetriesController = 15 - syncRetryInterval = 30 * time.Second + syncRetryInterval = 60 * time.Second ) // Manager manages the IRI registry data on disk // and takes care of updating the MCN status IRI fields for the current node. type Manager struct { nodeName string - backoff wait.Backoff mcfgClient mcfgclientset.Interface registryClient *http.Client @@ -69,15 +62,9 @@ func New( ) *Manager { i := &Manager{ nodeName: nodeName, - queue: workqueue.NewTypedRateLimitingQueueWithConfig[string]( + queue: workqueue.NewTypedRateLimitingQueueWithConfig( workqueue.DefaultTypedControllerRateLimiter[string](), workqueue.TypedRateLimitingQueueConfig[string]{Name: "internal-release-image-manager"}), - backoff: wait.Backoff{ - Steps: maxRetries, - Duration: retryDuration, - Factor: retryFactor, - Cap: retryCap, - }, } i.mcfgClient = mcfgClient @@ -286,6 +273,8 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *mcfgv1.MachineConfigNode, // Check release availability for each bundle. If at least one release image is not available // then mark the MCN as degraded. + // When the bundle deletion will be supported, it will be required also to check for missing bundles + // and update properly the MachineConfigNode resource. mcnDegraded := false for n := range mcnUpdated.Status.InternalReleaseImage.Releases { r := &mcnUpdated.Status.InternalReleaseImage.Releases[n] @@ -377,7 +366,7 @@ func (i *Manager) syncInternalReleaseImage(key string) error { // Fetch the InternalReleaseImage. _, err := i.iriLister.Get(common.InternalReleaseImageInstanceName) - if errors.IsNotFound(err) { + if apierrors.IsNotFound(err) { // Manage the feature only when the IRI resource was defined. return nil } diff --git a/pkg/daemon/internalreleaseimage/iriregistry.go b/pkg/daemon/internalreleaseimage/iriregistry.go index b6b96c92f3..96d3b20676 100644 --- a/pkg/daemon/internalreleaseimage/iriregistry.go +++ b/pkg/daemon/internalreleaseimage/iriregistry.go @@ -137,9 +137,9 @@ func (r *iriRegistry) GetOCPBundlesTags() (*registryTagsList, error) { } func (r *iriRegistry) GetOCPBundleReleaseTag(_ string) (string, error) { - // Note: currently the IRI resource supports only one release bundle, and thus one OCP release. Since the release bundle - // image does not yet contain the necessary release metadata (see https://redhat.atlassian.net/browse/AGENT-1312), - // let's fetch directly the current release image. + //TODO: Replace this temporary implementation by reading the associated + //release tag via manifest annotation in the bundle image, as soon as + //https://github.com/openshift/appliance/pull/685 will be completed. ocpReleases, err := r.getRepositoryTags(ocpReleasesRepo) if err != nil { return "", err From d10907285728d4841babec23c257733486f4938c Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Wed, 8 Apr 2026 06:46:21 -0400 Subject: [PATCH 10/13] cleanup MCN on IRI deletion --- .../internalreleaseimage_helpers_test.go | 31 +++++++++++++ .../internalreleaseimage_manager.go | 44 +++++++++++++++---- .../internalreleaseimage_manager_test.go | 19 +++++++- .../internalreleaseimage/iriregistry.go | 6 +-- 4 files changed, 86 insertions(+), 14 deletions(-) diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go index 77949d781e..e7d72918a3 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_helpers_test.go @@ -4,6 +4,7 @@ import ( mcfgv1 "github.com/openshift/api/machineconfiguration/v1" mcfgv1alpha1 "github.com/openshift/api/machineconfiguration/v1alpha1" "github.com/openshift/machine-config-operator/pkg/controller/common" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" ) @@ -49,6 +50,36 @@ func machineConfigNode(name string) *mcnBuilder { } } +func (mb *mcnBuilder) withIRIBundle(bundleName string, image string) *mcnBuilder { + mb.obj.Status = mcfgv1.MachineConfigNodeStatus{ + Conditions: []v1.Condition{ + { + Type: string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), + Status: metav1.ConditionFalse, + }, + }, + InternalReleaseImage: mcfgv1.MachineConfigNodeStatusInternalReleaseImage{ + Releases: []mcfgv1.MachineConfigNodeStatusInternalReleaseImageRef{ + { + Name: bundleName, + Image: image, + Conditions: []v1.Condition{ + { + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), + Status: metav1.ConditionFalse, + }, + { + Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), + Status: metav1.ConditionTrue, + }, + }, + }, + }, + }, + } + return mb +} + func (mb *mcnBuilder) build() runtime.Object { return mb.obj } diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go index fb2575ad60..38890d9e82 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go @@ -361,18 +361,29 @@ func (i *Manager) setMachineConfigNodeAsDegraded(mcn *mcfgv1.MachineConfigNode, return i.updateMCNStatus(mcn, mcnUpdated) } -func (i *Manager) syncInternalReleaseImage(key string) error { - klog.V(4).Infof("Syncing InternalReleaseImage %q", key) - - // Fetch the InternalReleaseImage. - _, err := i.iriLister.Get(common.InternalReleaseImageInstanceName) - if apierrors.IsNotFound(err) { - // Manage the feature only when the IRI resource was defined. +func (i *Manager) cleanupMachineConfigNodeStatus(mcn *mcfgv1.MachineConfigNode) error { + if len(mcn.Status.InternalReleaseImage.Releases) == 0 { return nil } - if err != nil { - return err + + // Remove the IRI condition. + mcnUpdated := mcn.DeepCopy() + var filtered []metav1.Condition + for _, c := range mcnUpdated.Status.Conditions { + if c.Type != string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded) { + filtered = append(filtered, c) + } } + mcnUpdated.Status.Conditions = filtered + + // Cleanup the IRI status field. + mcnUpdated.Status.InternalReleaseImage = mcfgv1.MachineConfigNodeStatusInternalReleaseImage{} + + return i.updateMCNStatus(mcn, mcnUpdated) +} + +func (i *Manager) syncInternalReleaseImage(key string) error { + klog.V(4).Infof("Syncing InternalReleaseImage %q", key) // Get the MachineConfigNode for the current node. mcn, err := i.mcnLister.Get(i.nodeName) @@ -384,6 +395,21 @@ func (i *Manager) syncInternalReleaseImage(key string) error { return err } + // Fetch the InternalReleaseImage. + _, err = i.iriLister.Get(common.InternalReleaseImageInstanceName) + if apierrors.IsNotFound(err) { + // Manage the feature only when the IRI resource was defined. + // If not present, refresh the related MCN resource if required. + err = i.cleanupMachineConfigNodeStatus(mcn) + if err != nil { + return err + } + return nil + } + if err != nil { + return err + } + iriReg := newIRIRegistry(i.nodeName, i.registryClient) if registryErr := iriReg.CheckLocalRegistry(); registryErr != nil { err = i.setMachineConfigNodeAsDegraded(mcn, registryErr) diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go index 115ae28108..1523d52b1b 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go @@ -31,8 +31,23 @@ func TestInternalReleaseImageManager(t *testing.T) { registryDisabled bool }{ { - name: "feature not enabled", - mcn: machineConfigNode("master-0"), + name: "cleanup MachineConfigNode status when IRI is deleted", + mcn: machineConfigNode("master-0").withIRIBundle("ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515", "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389"), + nodeName: "master-0", + iri: nil, + + verify: func(t *testing.T, mcn *mcfgv1.MachineConfigNode) { + for _, c := range mcn.Status.Conditions { + assert.NotEqual(t, string(mcfgv1.MachineConfigNodeInternalReleaseImageDegraded), c.Type) + } + assert.Empty(t, mcn.Status.InternalReleaseImage) + }, + }, + { + name: "feature not enabled", + mcn: machineConfigNode("master-0"), + nodeName: "master-0", + iri: nil, verify: func(t *testing.T, mcn *mcfgv1.MachineConfigNode) { assert.Empty(t, mcn.Status.InternalReleaseImage) diff --git a/pkg/daemon/internalreleaseimage/iriregistry.go b/pkg/daemon/internalreleaseimage/iriregistry.go index 96d3b20676..e8e5572f5b 100644 --- a/pkg/daemon/internalreleaseimage/iriregistry.go +++ b/pkg/daemon/internalreleaseimage/iriregistry.go @@ -137,9 +137,9 @@ func (r *iriRegistry) GetOCPBundlesTags() (*registryTagsList, error) { } func (r *iriRegistry) GetOCPBundleReleaseTag(_ string) (string, error) { - //TODO: Replace this temporary implementation by reading the associated - //release tag via manifest annotation in the bundle image, as soon as - //https://github.com/openshift/appliance/pull/685 will be completed. + // TODO: Replace this temporary implementation by reading the associated + // release tag via manifest annotation in the bundle image, as soon as + // https://github.com/openshift/appliance/pull/685 will be completed. ocpReleases, err := r.getRepositoryTags(ocpReleasesRepo) if err != nil { return "", err From 80403a3c1b60f1134ec37125c5b8c49a1a298ab3 Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Wed, 8 Apr 2026 15:04:55 -0400 Subject: [PATCH 11/13] add missing verbs for mcd service role --- manifests/machineconfigdaemon/clusterrole.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/machineconfigdaemon/clusterrole.yaml b/manifests/machineconfigdaemon/clusterrole.yaml index 64467892bf..35f76040c5 100644 --- a/manifests/machineconfigdaemon/clusterrole.yaml +++ b/manifests/machineconfigdaemon/clusterrole.yaml @@ -17,7 +17,7 @@ rules: verbs: ["get", "list", "watch"] - apiGroups: ["machineconfiguration.openshift.io"] resources: ["machineconfignodes", "machineconfignodes/status"] - verbs: ["create", "update", "patch", "get"] + verbs: ["create", "update", "patch", "get", "list", "watch"] - apiGroups: ["security.openshift.io"] resourceNames: ["privileged"] resources: ["securitycontextconstraints"] From 22b65522f934b5a6e2686151e54b744cfeca2029 Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Thu, 9 Apr 2026 05:29:55 -0400 Subject: [PATCH 12/13] temporary fix for the MCN IRI status CEL validation rule --- .../internalreleaseimage_manager.go | 19 +++++++++++++++++-- .../internalreleaseimage_manager_test.go | 4 ++-- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go index 38890d9e82..8767ad4f14 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager.go @@ -5,6 +5,7 @@ import ( "fmt" "net/http" "reflect" + "strings" "time" "k8s.io/apimachinery/pkg/api/equality" @@ -230,6 +231,20 @@ func (i *Manager) updateMCNStatus(mcnOld, mcn *mcfgv1.MachineConfigNode) error { return nil } +// TODO: Remove this method once the MCN IRI CEL validation rule for the image field will be fixed, +// since currently it does not accept the plain 'localhost' value +func (i *Manager) sanitizeImagePullspec(image string) string { + const ( + short = "localhost" + long = "localhost.localdomain" + ) + + if strings.Contains(image, long) { + return strings.ReplaceAll(image, long, short) + } + return strings.ReplaceAll(image, short, long) +} + func (i *Manager) refreshMachineConfigNodeStatus(mcn *mcfgv1.MachineConfigNode, iriReg *iriRegistry) error { // Get the current OCP releases bundles stored in the local IRI registry. registryBundles, err := iriReg.GetOCPBundlesTags() @@ -266,7 +281,7 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *mcfgv1.MachineConfigNode, iriRelease := mcfgv1.MachineConfigNodeStatusInternalReleaseImageRef{ Name: bundle, - Image: pullSpec, + Image: i.sanitizeImagePullspec(pullSpec), } mcnUpdated.Status.InternalReleaseImage.Releases = append(mcnUpdated.Status.InternalReleaseImage.Releases, iriRelease) } @@ -279,7 +294,7 @@ func (i *Manager) refreshMachineConfigNodeStatus(mcn *mcfgv1.MachineConfigNode, for n := range mcnUpdated.Status.InternalReleaseImage.Releases { r := &mcnUpdated.Status.InternalReleaseImage.Releases[n] - err := iriReg.CheckImageAvailability(r.Image) + err := iriReg.CheckImageAvailability(i.sanitizeImagePullspec(r.Image)) if err == nil { meta.SetStatusCondition(&r.Conditions, metav1.Condition{ Type: string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), diff --git a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go index 1523d52b1b..1dca985c1b 100644 --- a/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go +++ b/pkg/daemon/internalreleaseimage/internalreleaseimage_manager_test.go @@ -72,7 +72,7 @@ func TestInternalReleaseImageManager(t *testing.T) { assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) r := mcn.Status.InternalReleaseImage.Releases[0] assert.Equal(t, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515", r.Name) - assert.Equal(t, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", r.Image) + assert.Equal(t, "localhost.localdomain:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", r.Image) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), metav1.ConditionTrue) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), metav1.ConditionFalse) }, @@ -110,7 +110,7 @@ func TestInternalReleaseImageManager(t *testing.T) { assert.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) r := mcn.Status.InternalReleaseImage.Releases[0] assert.Equal(t, "ocp-release-bundle-4.22.0-0.ci-2026-04-01-050515", r.Name) - assert.Equal(t, "localhost:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", r.Image) + assert.Equal(t, "localhost.localdomain:22625/openshift/release-images@sha256:68bdf24405449be5c78a1f27a7b64fc9ee980e4bc3c9b169e8b3da08e50e0389", r.Image) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), metav1.ConditionFalse) verifyCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeDegraded), metav1.ConditionTrue) }, From d639f33bdfcc5ee6daa3ff8f9315b3ee6302bb5b Mon Sep 17 00:00:00 2001 From: Andrea Fasano Date: Thu, 9 Apr 2026 09:22:19 -0400 Subject: [PATCH 13/13] e2e test fix --- test/e2e-iri/iri_test.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/test/e2e-iri/iri_test.go b/test/e2e-iri/iri_test.go index 4ed1bde98c..1268279a9d 100644 --- a/test/e2e-iri/iri_test.go +++ b/test/e2e-iri/iri_test.go @@ -58,7 +58,13 @@ func TestMachineConfigNodesStatus(t *testing.T) { require.Len(t, mcn.Status.InternalReleaseImage.Releases, 1) r := mcn.Status.InternalReleaseImage.Releases[0] - require.Contains(t, r.Name, cv.Status.Desired.Version) + + expectedVersion := "ocp-release-bundle-" + cv.Status.Desired.Version + // MCN IRI Name field max len is 64 chars + if len(expectedVersion) > 64 { + expectedVersion = expectedVersion[:64] + } + require.Equal(t, expectedVersion, r.Name) require.NotEmpty(t, r.Image, "OCP release pullspec cannot be empty") requireCondition(t, r.Conditions, string(mcfgv1alpha1.InternalReleaseImageConditionTypeAvailable), v1.ConditionTrue)