Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add externaldata v1beta1 api #270

Merged
merged 13 commits into from
Dec 14, 2022
Merged

feat: add externaldata v1beta1 api #270

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
991fe59
remove docker it
sozercan Dec 7, 2022
7eb3b1f
add v1beta1
sozercan Dec 7, 2022
e3581be
fix lint
sozercan Dec 7, 2022
faa5bac
conversion
sozercan Dec 7, 2022
020ccff
update dependencies
sozercan Dec 7, 2022
86cbcbc
autoconvert
sozercan Dec 7, 2022
6bbb1d3
update
sozercan Dec 7, 2022
0b5099a
add deprecation msg
sozercan Dec 7, 2022
82c9b73
unversioned api
sozercan Dec 8, 2022
5c99019
update unversioned
sozercan Dec 8, 2022
5318d13
remove tls skip flag
sozercan Dec 9, 2022
deba335
update remove test to https
sozercan Dec 12, 2022
ffb1219
Merge branch 'master' into externaldata-v1beta1
sozercan Dec 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
10 changes: 5 additions & 5 deletions constraint/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,17 +30,17 @@ docker-internal-test:

# Hook to run docker tests
test:
docker build . -t constraint-test && docker run -it constraint-test
docker build . -t constraint-test && docker run constraint-test

# Install CRDs into a cluster
install: manifests
kubectl apply -f config/crds

# Install the generation dependencies on the local machine
gen-dependencies:
go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0
go install k8s.io/code-generator/cmd/conversion-gen@v0.23.3
go install k8s.io/code-generator/cmd/defaulter-gen@v0.23.3
go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.10.0
go install k8s.io/code-generator/cmd/conversion-gen@v0.25.4
go install k8s.io/code-generator/cmd/defaulter-gen@v0.25.4

# Generate manifests e.g. CRD, RBAC etc.
manifests:
Expand Down Expand Up @@ -75,7 +75,7 @@ generate: generate-defaults
# TODO: Once https://github.com/kubernetes/kubernetes/issues/101567 is fixed, update
# conversion-gen and get us back to running `make generate` in our CI pipeline
conversion-gen \
--input-dirs "./pkg/apis/templates/..." \
--input-dirs "./pkg/apis/templates/...,./pkg/apis/externaldata/..." \
--go-header-file=./hack/boilerplate.go.txt \
--output-file-base=zz_generated.conversion \
--extra-dirs=k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1
Expand Down
53 changes: 41 additions & 12 deletions constraint/config/crds/externaldata.gatekeeper.sh_providers.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
name: providers.externaldata.gatekeeper.sh
spec:
Expand All @@ -15,7 +15,10 @@ spec:
singular: provider
scope: Cluster
versions:
- name: v1alpha1
- deprecated: true
deprecationWarning: externaldata.gatekeeper.sh/v1alpha1 is deprecated. Use externaldata.gatekeeper.sh/v1beta1
instead.
name: v1alpha1
schema:
openAPIV3Schema:
description: Provider is the Schema for the Provider API
Expand All @@ -40,10 +43,6 @@ spec:
TLS CA bundle in PEM format. It is used to verify the signature
of the provider's certificate.
type: string
insecureTLSSkipVerify:
description: InsecureTLSSkipVerify skips the verification of Provider's
certificate if enabled.
type: boolean
timeout:
description: Timeout is the timeout when querying the provider.
type: integer
Expand All @@ -55,9 +54,39 @@ spec:
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
- name: v1beta1
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec defines the Provider specifications.
properties:
caBundle:
description: CABundle is a base64-encoded string that contains the
TLS CA bundle in PEM format. It is used to verify the signature
of the provider's certificate.
type: string
timeout:
description: Timeout is the timeout when querying the provider.
type: integer
url:
description: URL is the url for the provider. URL is prefixed with
http:// or https://.
type: string
type: object
type: object
served: true
storage: false
sozercan marked this conversation as resolved.
Show resolved Hide resolved
8 changes: 1 addition & 7 deletions constraint/config/crds/templates.gatekeeper.sh_constrainttemplates.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
name: constrainttemplates.templates.gatekeeper.sh
spec:
Expand Down Expand Up @@ -324,9 +324,3 @@ spec:
storage: false
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
9 changes: 9 additions & 0 deletions constraint/config/samples/externaldata_v1beta1_provider.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: externaldata.gatekeeper.sh/v1beta1
kind: Provider
metadata:
labels:
controller-tools.k8s.io: "1.0"
name: provider-sample
spec:
# Add fields here
foo: bar
128 changes: 56 additions & 72 deletions constraint/deploy/crds.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.10.0
name: constrainttemplates.templates.gatekeeper.sh
spec:
group: templates.gatekeeper.sh
Expand All @@ -17,18 +17,13 @@ spec:
- name: v1
schema:
openAPIV3Schema:
description: ConstraintTemplate is the Schema for the constrainttemplates
API
description: ConstraintTemplate is the Schema for the constrainttemplates API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
Expand Down Expand Up @@ -80,13 +75,11 @@ spec:
properties:
byPod:
items:
description: ByPodStatus defines the observed state of ConstraintTemplate
as seen by an individual controller
description: ByPodStatus defines the observed state of ConstraintTemplate as seen by an individual controller
properties:
errors:
items:
description: CreateCRDError represents a single error caught
during parsing, compiling, etc.
description: CreateCRDError represents a single error caught during parsing, compiling, etc.
properties:
code:
type: string
Expand All @@ -100,8 +93,7 @@ spec:
type: object
type: array
id:
description: a unique identifier for the pod that wrote the
status
description: a unique identifier for the pod that wrote the status
type: string
observedGeneration:
format: int64
Expand All @@ -120,18 +112,13 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ConstraintTemplate is the Schema for the constrainttemplates
API
description: ConstraintTemplate is the Schema for the constrainttemplates API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
Expand Down Expand Up @@ -183,13 +170,11 @@ spec:
properties:
byPod:
items:
description: ByPodStatus defines the observed state of ConstraintTemplate
as seen by an individual controller
description: ByPodStatus defines the observed state of ConstraintTemplate as seen by an individual controller
properties:
errors:
items:
description: CreateCRDError represents a single error caught
during parsing, compiling, etc.
description: CreateCRDError represents a single error caught during parsing, compiling, etc.
properties:
code:
type: string
Expand All @@ -203,8 +188,7 @@ spec:
type: object
type: array
id:
description: a unique identifier for the pod that wrote the
status
description: a unique identifier for the pod that wrote the status
type: string
observedGeneration:
format: int64
Expand All @@ -223,18 +207,13 @@ spec:
- name: v1beta1
schema:
openAPIV3Schema:
description: ConstraintTemplate is the Schema for the constrainttemplates
API
description: ConstraintTemplate is the Schema for the constrainttemplates API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
Expand Down Expand Up @@ -286,13 +265,11 @@ spec:
properties:
byPod:
items:
description: ByPodStatus defines the observed state of ConstraintTemplate
as seen by an individual controller
description: ByPodStatus defines the observed state of ConstraintTemplate as seen by an individual controller
properties:
errors:
items:
description: CreateCRDError represents a single error caught
during parsing, compiling, etc.
description: CreateCRDError represents a single error caught during parsing, compiling, etc.
properties:
code:
type: string
Expand All @@ -306,8 +283,7 @@ spec:
type: object
type: array
id:
description: a unique identifier for the pod that wrote the
status
description: a unique identifier for the pod that wrote the status
type: string
observedGeneration:
format: int64
Expand All @@ -323,18 +299,12 @@ spec:
storage: false
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
name: providers.externaldata.gatekeeper.sh
spec:
Expand All @@ -346,49 +316,63 @@ spec:
singular: provider
scope: Cluster
versions:
- name: v1alpha1
- deprecated: true
deprecationWarning: externaldata.gatekeeper.sh/v1alpha1 is deprecated. Use externaldata.gatekeeper.sh/v1beta1 instead.
name: v1alpha1
schema:
openAPIV3Schema:
description: Provider is the Schema for the Provider API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec defines the Provider specifications.
properties:
caBundle:
description: CABundle is a base64-encoded string that contains the
TLS CA bundle in PEM format. It is used to verify the signature
of the provider's certificate.
description: CABundle is a base64-encoded string that contains the TLS CA bundle in PEM format. It is used to verify the signature of the provider's certificate.
type: string
insecureTLSSkipVerify:
description: InsecureTLSSkipVerify skips the verification of Provider's
certificate if enabled.
type: boolean
timeout:
description: Timeout is the timeout when querying the provider.
type: integer
url:
description: URL is the url for the provider. URL is prefixed with
http:// or https://.
description: URL is the url for the provider. URL is prefixed with http:// or https://.
type: string
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
- name: v1beta1
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec defines the Provider specifications.
properties:
caBundle:
description: CABundle is a base64-encoded string that contains the TLS CA bundle in PEM format. It is used to verify the signature of the provider's certificate.
type: string
timeout:
description: Timeout is the timeout when querying the provider.
type: integer
url:
description: URL is the url for the provider. URL is prefixed with http:// or https://.
type: string
type: object
type: object
served: true
storage: false