Skip to content

WIP: Revert "MULTIARCH-5190: Promote ImageStreamImportMode to default" #2605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

WIP: Revert "MULTIARCH-5190: Promote ImageStreamImportMode to default" #2605

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 0 additions & 33 deletions ...erated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,17 +273,6 @@ spec:
description: Release represents an OpenShift release image and associated
metadata.
properties:
architecture:
description: |-
architecture is an optional field that indicates the
value of the cluster architecture. In this context cluster
architecture means either a single architecture or a multi
architecture.
Valid values are 'Multi' and empty.
enum:
- Multi
- ""
type: string
channels:
description: |-
channels is the set of Cincinnati channels to which the release
Expand Down Expand Up @@ -459,17 +448,6 @@ spec:
release:
description: release is the target of the update.
properties:
architecture:
description: |-
architecture is an optional field that indicates the
value of the cluster architecture. In this context cluster
architecture means either a single architecture or a multi
architecture.
Valid values are 'Multi' and empty.
enum:
- Multi
- ""
type: string
channels:
description: |-
channels is the set of Cincinnati channels to which the release
Expand Down Expand Up @@ -645,17 +623,6 @@ spec:
If the cluster is not yet fully initialized desired will be set
with the information available, which may be an image or a tag.
properties:
architecture:
description: |-
architecture is an optional field that indicates the
value of the cluster architecture. In this context cluster
architecture means either a single architecture or a multi
architecture.
Valid values are 'Multi' and empty.
enum:
- Multi
- ""
type: string
channels:
description: |-
channels is the set of Cincinnati channels to which the release
Expand Down
1 change: 1 addition & 0 deletions ...000_10_config-operator_01_images.crd.yaml → ...erator_01_images-CustomNoUpgrade.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ metadata:
include.release.openshift.io/ibm-cloud-managed: "true"
include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/bootstrap-required: "true"
release.openshift.io/feature-set: CustomNoUpgrade
name: images.config.openshift.io
spec:
group: config.openshift.io
Expand Down
183 changes: 183 additions & 0 deletions config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images-Default.crd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,183 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.openshift.io: https://github.com/openshift/api/pull/470
api.openshift.io/merged-by-featuregates: "true"
include.release.openshift.io/ibm-cloud-managed: "true"
include.release.openshift.io/self-managed-high-availability: "true"
release.openshift.io/bootstrap-required: "true"
release.openshift.io/feature-set: Default
name: images.config.openshift.io
spec:
group: config.openshift.io
names:
kind: Image
listKind: ImageList
plural: images
singular: image
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: |-
Image governs policies related to imagestream imports and runtime configuration
for external registries. It allows cluster admins to configure which registries
OpenShift is allowed to import images from, extra CA trust bundles for external
registries, and policies to block or allow registry hostnames.
When exposing OpenShift's image registry to the public, this also lets cluster
admins specify the external hostname.

Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: spec holds user settable values for configuration
properties:
additionalTrustedCA:
description: |-
additionalTrustedCA is a reference to a ConfigMap containing additional CAs that
should be trusted during imagestream import, pod image pull, build image pull, and
imageregistry pullthrough.
The namespace for this config map is openshift-config.
properties:
name:
description: name is the metadata.name of the referenced config
map
type: string
required:
- name
type: object
allowedRegistriesForImport:
description: |-
allowedRegistriesForImport limits the container image registries that normal users may import
images from. Set this list to the registries that you trust to contain valid Docker
images and that you want applications to be able to import from. Users with
permission to create Images or ImageStreamMappings via the API are not affected by
this policy - typically only administrators or system integrations will have those
permissions.
items:
description: |-
RegistryLocation contains a location of the registry specified by the registry domain
name. The domain name might include wildcards, like '*' or '??'.
properties:
domainName:
description: |-
domainName specifies a domain name for the registry
In case the registry use non-standard (80 or 443) port, the port should be included
in the domain name as well.
type: string
insecure:
description: |-
insecure indicates whether the registry is secure (https) or insecure (http)
By default (if not specified) the registry is assumed as secure.
type: boolean
type: object
type: array
x-kubernetes-list-type: atomic
externalRegistryHostnames:
description: |-
externalRegistryHostnames provides the hostnames for the default external image
registry. The external hostname should be set only when the image registry
is exposed externally. The first value is used in 'publicDockerImageRepository'
field in ImageStreams. The value must be in "hostname[:port]" format.
items:
type: string
type: array
x-kubernetes-list-type: atomic
registrySources:
description: |-
registrySources contains configuration that determines how the container runtime
should treat individual registries when accessing images for builds+pods. (e.g.
whether or not to allow insecure access). It does not contain configuration for the
internal cluster registry.
properties:
allowedRegistries:
description: |-
allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied.

Only one of BlockedRegistries or AllowedRegistries may be set.
items:
type: string
type: array
x-kubernetes-list-type: atomic
blockedRegistries:
description: |-
blockedRegistries cannot be used for image pull and push actions. All other registries are permitted.

Only one of BlockedRegistries or AllowedRegistries may be set.
items:
type: string
type: array
x-kubernetes-list-type: atomic
containerRuntimeSearchRegistries:
description: |-
containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified
domains in their pull specs. Registries will be searched in the order provided in the list.
Note: this search list only works with the container runtime, i.e CRI-O. Will NOT work with builds or imagestream imports.
format: hostname
items:
type: string
minItems: 1
type: array
x-kubernetes-list-type: set
insecureRegistries:
description: insecureRegistries are registries which do not have
a valid TLS certificates or only support HTTP connections.
items:
type: string
type: array
x-kubernetes-list-type: atomic
type: object
x-kubernetes-validations:
- message: Only one of blockedRegistries or allowedRegistries may
be set
rule: 'has(self.blockedRegistries) ? !has(self.allowedRegistries)
: true'
type: object
status:
description: status holds observed values from the cluster. They may not
be overridden.
properties:
externalRegistryHostnames:
description: |-
externalRegistryHostnames provides the hostnames for the default external image
registry. The external hostname should be set only when the image registry
is exposed externally. The first value is used in 'publicDockerImageRepository'
field in ImageStreams. The value must be in "hostname[:port]" format.
items:
type: string
type: array
x-kubernetes-list-type: atomic
internalRegistryHostname:
description: |-
internalRegistryHostname sets the hostname for the default internal image
registry. The value must be in "hostname[:port]" format.
This value is set by the image registry operator which controls the internal registry
hostname.
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
Loading