From b5b65e3b2579df43165f5d0058d030d125bd58a9 Mon Sep 17 00:00:00 2001 From: Fabio Bertinatto Date: Fri, 21 May 2021 11:47:31 +0200 Subject: [PATCH 1/4] Set spec-hash annotation after modifying the Deployment --- pkg/operator/operator_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/operator/operator_test.go b/pkg/operator/operator_test.go index 892d32a78..bcd00c02c 100644 --- a/pkg/operator/operator_test.go +++ b/pkg/operator/operator_test.go @@ -259,12 +259,12 @@ func getDeployment(args []string, image string, modifiers ...deploymentModifier) if dep.Annotations == nil { dep.Annotations = map[string]string{} } - resourceapply.SetSpecHashAnnotation(&dep.ObjectMeta, dep.Spec) for _, modifier := range modifiers { dep = modifier(dep) } + resourceapply.SetSpecHashAnnotation(&dep.ObjectMeta, dep.Spec) return dep } From b47671f638cc0d88764f8f25eeb59203aefae21d Mon Sep 17 00:00:00 2001 From: Fabio Bertinatto Date: Thu, 20 May 2021 10:30:11 +0200 Subject: [PATCH 2/4] Deploy multiple operand replicas Currently, we deploy only one replica for both operands (webhook and controller). This apparently leads to the operator going unavailable when draining the node where an operand is running on. With this patch we run multiple replicas of each operand, i.e., 1 replica in single-node control-planes or 2 replicas in multi-node control-planes. Also, we set maxSurge=0 and maxUnavailable=1 to make sure nodes are drained one at a time and to prevent more than one pod running on the same node when nodePorts or hostNetwork are used. --- assets/csi_controller_deployment.yaml | 15 ++++- assets/webhook_deployment.yaml | 16 ++++- pkg/generated/bindata.go | 31 +++++++++- pkg/operator/operator.go | 6 ++ pkg/operator/operator_test.go | 60 +++++++++++++++++-- pkg/operator/starter.go | 6 +- pkg/operator/sync.go | 27 +++++++-- pkg/operator/webhookdeployment/webhook.go | 25 ++++++++ .../webhookdeployment/webhook_test.go | 55 ++++++++++++++++- 9 files changed, 223 insertions(+), 18 deletions(-) diff --git a/assets/csi_controller_deployment.yaml b/assets/csi_controller_deployment.yaml index f6da1e4d4..a3c1e6201 100644 --- a/assets/csi_controller_deployment.yaml +++ b/assets/csi_controller_deployment.yaml @@ -5,10 +5,14 @@ metadata: namespace: openshift-cluster-storage-operator spec: serviceName: "csi-snapshot-controller" - replicas: 1 selector: matchLabels: app: csi-snapshot-controller + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 template: metadata: annotations: @@ -29,6 +33,15 @@ spec: # TODO: measure on a real cluster cpu: 10m memory: 50Mi + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app: csi-snapshot-controller + topologyKey: kubernetes.io/hostname priorityClassName: "system-cluster-critical" nodeSelector: node-role.kubernetes.io/master: "" diff --git a/assets/webhook_deployment.yaml b/assets/webhook_deployment.yaml index ffbf03902..66dcb5ce3 100644 --- a/assets/webhook_deployment.yaml +++ b/assets/webhook_deployment.yaml @@ -5,10 +5,14 @@ metadata: namespace: openshift-cluster-storage-operator spec: serviceName: "csi-snapshot-webhook" - replicas: 1 selector: matchLabels: app: csi-snapshot-webhook + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 template: metadata: annotations: @@ -35,6 +39,15 @@ spec: requests: cpu: 10m memory: 20Mi + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app: csi-snapshot-webhook + topologyKey: kubernetes.io/hostname priorityClassName: "system-cluster-critical" restartPolicy: Always nodeSelector: @@ -55,4 +68,3 @@ spec: - key: node-role.kubernetes.io/master operator: Exists effect: "NoSchedule" - diff --git a/pkg/generated/bindata.go b/pkg/generated/bindata.go index f1c26884c..ca7271fc9 100644 --- a/pkg/generated/bindata.go +++ b/pkg/generated/bindata.go @@ -66,10 +66,14 @@ metadata: namespace: openshift-cluster-storage-operator spec: serviceName: "csi-snapshot-controller" - replicas: 1 selector: matchLabels: app: csi-snapshot-controller + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 template: metadata: annotations: @@ -90,6 +94,15 @@ spec: # TODO: measure on a real cluster cpu: 10m memory: 50Mi + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app: csi-snapshot-controller + topologyKey: kubernetes.io/hostname priorityClassName: "system-cluster-critical" nodeSelector: node-role.kubernetes.io/master: "" @@ -853,10 +866,14 @@ metadata: namespace: openshift-cluster-storage-operator spec: serviceName: "csi-snapshot-webhook" - replicas: 1 selector: matchLabels: app: csi-snapshot-webhook + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 template: metadata: annotations: @@ -883,6 +900,15 @@ spec: requests: cpu: 10m memory: 20Mi + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app: csi-snapshot-webhook + topologyKey: kubernetes.io/hostname priorityClassName: "system-cluster-critical" restartPolicy: Always nodeSelector: @@ -903,7 +929,6 @@ spec: - key: node-role.kubernetes.io/master operator: Exists effect: "NoSchedule" - `) func webhook_deploymentYamlBytes() ([]byte, error) { diff --git a/pkg/operator/operator.go b/pkg/operator/operator.go index ea1da7084..97ae15058 100644 --- a/pkg/operator/operator.go +++ b/pkg/operator/operator.go @@ -15,7 +15,9 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/wait" appsinformersv1 "k8s.io/client-go/informers/apps/v1" + coreinformersv1 "k8s.io/client-go/informers/core/v1" "k8s.io/client-go/kubernetes" + corelistersv1 "k8s.io/client-go/listers/core/v1" "k8s.io/client-go/tools/cache" "k8s.io/client-go/tools/leaderelection/resourcelock" "k8s.io/client-go/util/workqueue" @@ -57,6 +59,7 @@ type csiSnapshotOperator struct { syncHandler func() error + nodeLister corelistersv1.NodeLister crdLister apiextlistersv1.CustomResourceDefinitionLister crdListerSynced cache.InformerSynced crdClient apiextclient.Interface @@ -72,6 +75,7 @@ type csiSnapshotOperator struct { func NewCSISnapshotControllerOperator( client operatorclient.OperatorClient, + nodeInformer coreinformersv1.NodeInformer, crdInformer apiextinformersv1.CustomResourceDefinitionInformer, crdClient apiextclient.Interface, deployInformer appsinformersv1.DeploymentInformer, @@ -84,6 +88,7 @@ func NewCSISnapshotControllerOperator( ) *csiSnapshotOperator { csiOperator := &csiSnapshotOperator{ client: client, + nodeLister: nodeInformer.Lister(), crdClient: crdClient, kubeClient: kubeClient, versionGetter: versionGetter, @@ -94,6 +99,7 @@ func NewCSISnapshotControllerOperator( csiSnapshotControllerImage: csiSnapshotControllerImage, } + nodeInformer.Informer().AddEventHandler(csiOperator.eventHandler("node")) crdInformer.Informer().AddEventHandler(csiOperator.eventHandler("crd")) deployInformer.Informer().AddEventHandler(csiOperator.eventHandler("deployment")) client.Informer().AddEventHandler(csiOperator.eventHandler("csisnapshotcontroller")) diff --git a/pkg/operator/operator_test.go b/pkg/operator/operator_test.go index bcd00c02c..b054ded98 100644 --- a/pkg/operator/operator_test.go +++ b/pkg/operator/operator_test.go @@ -2,6 +2,7 @@ package operator import ( "context" + "fmt" "sort" "testing" "time" @@ -16,7 +17,9 @@ import ( "github.com/openshift/library-go/pkg/operator/resource/resourceapply" "github.com/openshift/library-go/pkg/operator/resource/resourceread" "github.com/openshift/library-go/pkg/operator/status" + appsv1 "k8s.io/api/apps/v1" + v1 "k8s.io/api/core/v1" apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" fakeextapi "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/fake" apiextinformers "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions" @@ -48,6 +51,7 @@ type testContext struct { } type testObjects struct { + nodes []*v1.Node deployment *appsv1.Deployment crds []*apiextv1.CustomResourceDefinition csiSnapshotController *opv1.CSISnapshotController @@ -65,14 +69,25 @@ type testReactors struct { const testVersion = "0.0.1" // Version of the operator for testing purposes (instead of getenv) +var masterNodeLabels = map[string]string{"node-role.kubernetes.io/master": ""} + func newOperator(test operatorTest) *testContext { // Convert to []runtime.Object - var initialDeployments []runtime.Object + var initialObjects []runtime.Object + if len(test.initialObjects.nodes) == 0 { + test.initialObjects.nodes = []*v1.Node{makeNode("A", masterNodeLabels)} + } + for _, node := range test.initialObjects.nodes { + initialObjects = append(initialObjects, node) + } if test.initialObjects.deployment != nil { - initialDeployments = []runtime.Object{test.initialObjects.deployment} + initialObjects = append(initialObjects, test.initialObjects.deployment) } - coreClient := fakecore.NewSimpleClientset(initialDeployments...) + coreClient := fakecore.NewSimpleClientset(initialObjects...) coreInformerFactory := coreinformers.NewSharedInformerFactory(coreClient, 0 /*no resync */) + for _, node := range test.initialObjects.nodes { + coreInformerFactory.Core().V1().Nodes().Informer().GetIndexer().Add(node) + } // Fill the informer if test.initialObjects.deployment != nil { coreInformerFactory.Apps().V1().Deployments().Informer().GetIndexer().Add(test.initialObjects.deployment) @@ -125,6 +140,7 @@ func newOperator(test operatorTest) *testContext { recorder := events.NewInMemoryRecorder("operator") op := NewCSISnapshotControllerOperator(client, + coreInformerFactory.Core().V1().Nodes(), extAPIInformerFactory.Apiextensions().V1().CustomResourceDefinitions(), extAPIClient, coreInformerFactory.Apps().V1().Deployments(), @@ -670,7 +686,31 @@ func TestSync(t *testing.T) { crds: addCRDEstablishedRector, }, }, - + { + // Deployment replicas is adjusted according to number of node selector + name: "number of replicas is set accordingly", + image: defaultImage, + initialObjects: testObjects{ + nodes: []*v1.Node{ // 3 master nodes + makeNode("A", masterNodeLabels), + makeNode("B", masterNodeLabels), + makeNode("C", masterNodeLabels), + }, + crds: getCRDs(withEstablishedConditions), + deployment: getDeployment(argsLevel2, defaultImage, + withDeploymentReplicas(1), // just 1 replica + withDeploymentGeneration(1, 1), + withDeploymentStatus(replica1, replica1, replica1)), + csiSnapshotController: csiSnapshotController(withGenerations(1)), + }, + expectedObjects: testObjects{ + crds: getCRDs(withEstablishedConditions), + deployment: getDeployment(argsLevel2, defaultImage, + withDeploymentReplicas(2), // The operator fixed replica count + withDeploymentGeneration(2, 1), // ... which bumps generation again + withDeploymentStatus(replica1, replica1, replica1)), + }, + }, // TODO: more error cases? Deployment creation fails and things like that? } @@ -729,7 +769,8 @@ func TestSync(t *testing.T) { sanitizeDeployment(actualDeployment) sanitizeDeployment(test.expectedObjects.deployment) if !equality.Semantic.DeepEqual(test.expectedObjects.deployment, actualDeployment) { - t.Errorf("Unexpected Deployment %+v content:\n%s", targetName, cmp.Diff(test.expectedObjects.deployment, actualDeployment)) + // fmt.Printf("1 -> %+v\n", test.expectedObjects.deployment.Annotations) + t.Fatalf("Unexpected Deployment %+v content:\n%s", targetName, cmp.Diff(test.expectedObjects.deployment, actualDeployment)) } } // Check expectedObjects.csiSnapshotController @@ -774,3 +815,12 @@ func sanitizeCSISnapshotController(instance *opv1.CSISnapshotController) { return instance.Status.Conditions[i].Type < instance.Status.Conditions[j].Type }) } + +func makeNode(suffix string, labels map[string]string) *v1.Node { + return &v1.Node{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("node-%s", suffix), + Labels: labels, + }, + } +} diff --git a/pkg/operator/starter.go b/pkg/operator/starter.go index eada02c42..f21c51cf2 100644 --- a/pkg/operator/starter.go +++ b/pkg/operator/starter.go @@ -67,6 +67,7 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller operator := NewCSISnapshotControllerOperator( *operatorClient, + ctrlctx.KubeNamespacedInformerFactory.Core().V1().Nodes(), ctrlctx.APIExtInformerFactory.Apiextensions().V1().CustomResourceDefinitions(), ctrlctx.ClientBuilder.APIExtClientOrDie(targetName), ctrlctx.KubeNamespacedInformerFactory.Apps().V1().Deployments(), @@ -78,7 +79,9 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller os.Getenv(operandImageEnvName), ) - webhookOperator := webhookdeployment.NewCSISnapshotWebhookController(*operatorClient, + webhookOperator := webhookdeployment.NewCSISnapshotWebhookController( + *operatorClient, + ctrlctx.KubeNamespacedInformerFactory.Core().V1().Nodes(), ctrlctx.KubeNamespacedInformerFactory.Apps().V1().Deployments(), ctrlctx.KubeNamespacedInformerFactory.Admissionregistration().V1().ValidatingWebhookConfigurations(), kubeClient, @@ -111,6 +114,7 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller }{ csiConfigInformers, configInformers, + kubeInformersForNamespaces, ctrlctx.APIExtInformerFactory, // CRDs ctrlctx.KubeNamespacedInformerFactory, // operand Deployment } { diff --git a/pkg/operator/sync.go b/pkg/operator/sync.go index 48a8b26ec..d2a743fca 100644 --- a/pkg/operator/sync.go +++ b/pkg/operator/sync.go @@ -8,6 +8,7 @@ import ( appsv1 "k8s.io/api/apps/v1" apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/util/wait" operatorv1 "github.com/openshift/api/operator/v1" @@ -108,9 +109,12 @@ func (c *csiSnapshotOperator) checkAlphaCRDs() error { } func (c *csiSnapshotOperator) syncDeployment(instance *operatorv1.CSISnapshotController) (*appsv1.Deployment, error) { - deploy := c.getExpectedDeployment(instance) + deploy, err := c.getExpectedDeployment(instance) + if err != nil { + return nil, err + } - deploy, _, err := resourceapply.ApplyDeployment( + deploy, _, err = resourceapply.ApplyDeployment( c.kubeClient.AppsV1(), c.eventRecorder, deploy, @@ -121,7 +125,7 @@ func (c *csiSnapshotOperator) syncDeployment(instance *operatorv1.CSISnapshotCon return deploy, nil } -func (c *csiSnapshotOperator) getExpectedDeployment(instance *operatorv1.CSISnapshotController) *appsv1.Deployment { +func (c *csiSnapshotOperator) getExpectedDeployment(instance *operatorv1.CSISnapshotController) (*appsv1.Deployment, error) { deployment := resourceread.ReadDeploymentV1OrDie(generated.MustAsset(deployment)) deployment.Spec.Template.Spec.Containers[0].Image = c.csiSnapshotControllerImage @@ -132,7 +136,22 @@ func (c *csiSnapshotOperator) getExpectedDeployment(instance *operatorv1.CSISnap } } - return deployment + nodeSelector := deployment.Spec.Template.Spec.NodeSelector + nodes, err := c.nodeLister.List(labels.SelectorFromSet(nodeSelector)) + if err != nil { + return nil, err + } + + // Set the deployment.Spec.Replicas field according to the number + // of available nodes. If the number of available nodes is bigger + // than 1, then the number of replicas will be 2. + replicas := int32(1) + if len(nodes) > 1 { + replicas = int32(2) + } + deployment.Spec.Replicas = &replicas + + return deployment, nil } func getLogLevel(logLevel operatorv1.LogLevel) int { diff --git a/pkg/operator/webhookdeployment/webhook.go b/pkg/operator/webhookdeployment/webhook.go index d56a49b74..ff4ce0dc5 100644 --- a/pkg/operator/webhookdeployment/webhook.go +++ b/pkg/operator/webhookdeployment/webhook.go @@ -19,17 +19,21 @@ import ( admissionv1 "k8s.io/api/admissionregistration/v1" appsv1 "k8s.io/api/apps/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/serializer" admissionnformersv1 "k8s.io/client-go/informers/admissionregistration/v1" appsinformersv1 "k8s.io/client-go/informers/apps/v1" + coreinformersv1 "k8s.io/client-go/informers/core/v1" "k8s.io/client-go/kubernetes" + corelistersv1 "k8s.io/client-go/listers/core/v1" "k8s.io/client-go/util/workqueue" ) type csiSnapshotWebhookController struct { client operatorclient.OperatorClient kubeClient kubernetes.Interface + nodeLister corelistersv1.NodeLister eventRecorder events.Recorder queue workqueue.RateLimitingInterface @@ -59,6 +63,7 @@ func init() { // NewCSISnapshotWebhookController returns a controller that creates and manages Deployment with CSI snapshot webhook. func NewCSISnapshotWebhookController( client operatorclient.OperatorClient, + nodeInformer coreinformersv1.NodeInformer, deployInformer appsinformersv1.DeploymentInformer, webhookInformer admissionnformersv1.ValidatingWebhookConfigurationInformer, kubeClient kubernetes.Interface, @@ -68,6 +73,7 @@ func NewCSISnapshotWebhookController( c := &csiSnapshotWebhookController{ client: client, kubeClient: kubeClient, + nodeLister: nodeInformer.Lister(), eventRecorder: eventRecorder, queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "csi-snapshot-controller"), csiSnapshotWebhookImage: csiSnapshotWebhookImage, @@ -75,6 +81,7 @@ func NewCSISnapshotWebhookController( return factory.New().WithSync(c.sync).WithSyncDegradedOnError(client).WithInformers( client.Informer(), + nodeInformer.Informer(), deployInformer.Informer(), webhookInformer.Informer(), ).ToController(WebhookControllerName, eventRecorder.WithComponentSuffix(WebhookControllerName)) @@ -97,6 +104,24 @@ func (c *csiSnapshotWebhookController) sync(ctx context.Context, syncCtx factory // This will set Degraded condition return err } + + // Set the number of replicas according to the number of nodes available + nodeSelector := deployment.Spec.Template.Spec.NodeSelector + nodes, err := c.nodeLister.List(labels.SelectorFromSet(nodeSelector)) + if err != nil { + // This will set Degraded condition + return err + } + + // Set the deployment.Spec.Replicas field according to the number + // of available nodes. If the number of available nodes is bigger + // than 1, then the number of replicas will be 2. + replicas := int32(1) + if len(nodes) > 1 { + replicas = int32(2) + } + deployment.Spec.Replicas = &replicas + lastGeneration := resourcemerge.ExpectedDeploymentGeneration(deployment, opStatus.Generations) deployment, _, err = resourceapply.ApplyDeployment(c.kubeClient.AppsV1(), syncCtx.Recorder(), deployment, lastGeneration) if err != nil { diff --git a/pkg/operator/webhookdeployment/webhook_test.go b/pkg/operator/webhookdeployment/webhook_test.go index 33b74961b..c6f5ccd3c 100644 --- a/pkg/operator/webhookdeployment/webhook_test.go +++ b/pkg/operator/webhookdeployment/webhook_test.go @@ -2,6 +2,7 @@ package webhookdeployment import ( "context" + "fmt" "sort" "testing" @@ -17,7 +18,7 @@ import ( "github.com/openshift/library-go/pkg/operator/resource/resourceread" admissionv1 "k8s.io/api/admissionregistration/v1" appsv1 "k8s.io/api/apps/v1" - corev1 "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/equality" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -43,6 +44,7 @@ type testContext struct { } type testObjects struct { + nodes []*v1.Node deployment *appsv1.Deployment webhookConfig *admissionv1.ValidatingWebhookConfiguration csiSnapshotController *opv1.CSISnapshotController @@ -54,9 +56,17 @@ const ( webhookName = "snapshot.storage.k8s.io" ) +var masterNodeLabels = map[string]string{"node-role.kubernetes.io/master": ""} + func newOperator(test operatorTest) *testContext { // Convert to []runtime.Object var initialObjects []runtime.Object + if len(test.initialObjects.nodes) == 0 { + test.initialObjects.nodes = []*v1.Node{makeNode("A", masterNodeLabels)} + } + for _, node := range test.initialObjects.nodes { + initialObjects = append(initialObjects, node) + } if test.initialObjects.deployment != nil { initialObjects = append(initialObjects, test.initialObjects.deployment) } @@ -66,6 +76,9 @@ func newOperator(test operatorTest) *testContext { coreClient := fakecore.NewSimpleClientset(initialObjects...) coreInformerFactory := coreinformers.NewSharedInformerFactory(coreClient, 0 /*no resync */) // Fill the informer + for _, node := range test.initialObjects.nodes { + coreInformerFactory.Core().V1().Nodes().Informer().GetIndexer().Add(node) + } if test.initialObjects.deployment != nil { coreInformerFactory.Apps().V1().Deployments().Informer().GetIndexer().Add(test.initialObjects.deployment) } @@ -96,6 +109,7 @@ func newOperator(test operatorTest) *testContext { recorder := events.NewInMemoryRecorder("operator") ctrl := NewCSISnapshotWebhookController( client, + coreInformerFactory.Core().V1().Nodes(), coreInformerFactory.Apps().V1().Deployments(), coreInformerFactory.Admissionregistration().V1().ValidatingWebhookConfigurations(), coreClient, @@ -484,6 +498,34 @@ func TestSync(t *testing.T) { withFalseConditions(opv1.OperatorStatusTypeProgressing)), }, }, + { + // Deployment replicas is adjusted according to number of node selector + name: "number of replicas is set accordingly", + image: defaultImage, + initialObjects: testObjects{ + nodes: []*v1.Node{ // 3 master nodes + makeNode("A", masterNodeLabels), + makeNode("B", masterNodeLabels), + makeNode("C", masterNodeLabels), + }, + deployment: getDeployment(argsLevel2, defaultImage, + withDeploymentReplicas(1), // just 1 replica + withDeploymentGeneration(1, 1), + withDeploymentStatus(replica1, replica1, replica1)), + webhookConfig: validatingWebhookConfiguration(1), + csiSnapshotController: csiSnapshotController( + withGenerations(1, 1), + withGeneration(1, 1), + withTrueConditions(opv1.OperatorStatusTypeAvailable), + withFalseConditions(opv1.OperatorStatusTypeProgressing)), + }, + expectedObjects: testObjects{ + deployment: getDeployment(argsLevel2, defaultImage, + withDeploymentReplicas(2), // the operator changed the number of replicas to 2 + withDeploymentGeneration(2, 1), // which bumped the generation + withDeploymentStatus(replica1, replica1, replica1)), + }, + }, } for _, test := range tests { @@ -492,7 +534,7 @@ func TestSync(t *testing.T) { ctx := newOperator(test) // Act - syncContext := factory.NewSyncContext("test", events.NewRecorder(ctx.coreClient.CoreV1().Events("test"), "test-operator", &corev1.ObjectReference{})) + syncContext := factory.NewSyncContext("test", events.NewRecorder(ctx.coreClient.CoreV1().Events("test"), "test-operator", &v1.ObjectReference{})) err := ctx.webhookController.Sync(context.TODO(), syncContext) // Assert @@ -589,3 +631,12 @@ func sanitizeCSISnapshotController(instance *opv1.CSISnapshotController) { return instance.Status.Conditions[i].Type < instance.Status.Conditions[j].Type }) } + +func makeNode(suffix string, labels map[string]string) *v1.Node { + return &v1.Node{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("node-%s", suffix), + Labels: labels, + }, + } +} From af5cba613d63317d2fd3e1371b94c3acbff6e024 Mon Sep 17 00:00:00 2001 From: Fabio Bertinatto Date: Wed, 2 Jun 2021 13:59:11 +0200 Subject: [PATCH 3/4] Create PDB to prevent all replicas going unavailable --- assets/csi_controller_deployment_pdb.yaml | 10 + assets/webhook_deployment_pdb.yaml | 10 + pkg/generated/bindata.go | 84 +++++- pkg/operator/starter.go | 16 ++ .../static_resource_controller.go | 240 ++++++++++++++++++ vendor/modules.txt | 1 + 6 files changed, 349 insertions(+), 12 deletions(-) create mode 100644 assets/csi_controller_deployment_pdb.yaml create mode 100644 assets/webhook_deployment_pdb.yaml create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go diff --git a/assets/csi_controller_deployment_pdb.yaml b/assets/csi_controller_deployment_pdb.yaml new file mode 100644 index 000000000..10059ddbc --- /dev/null +++ b/assets/csi_controller_deployment_pdb.yaml @@ -0,0 +1,10 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: csi-snapshot-controller-pdb + namespace: openshift-cluster-storage-operator +spec: + maxUnavailable: 1 + selector: + matchLabels: + app: csi-snapshot-controller diff --git a/assets/webhook_deployment_pdb.yaml b/assets/webhook_deployment_pdb.yaml new file mode 100644 index 000000000..24360d3a0 --- /dev/null +++ b/assets/webhook_deployment_pdb.yaml @@ -0,0 +1,10 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: csi-snapshot-webhook-pdb + namespace: openshift-cluster-storage-operator +spec: + maxUnavailable: 1 + selector: + matchLabels: + app: csi-snapshot-webhook diff --git a/pkg/generated/bindata.go b/pkg/generated/bindata.go index ca7271fc9..379735f21 100644 --- a/pkg/generated/bindata.go +++ b/pkg/generated/bindata.go @@ -1,11 +1,13 @@ // Code generated for package generated by go-bindata DO NOT EDIT. (@generated) // sources: // assets/csi_controller_deployment.yaml +// assets/csi_controller_deployment_pdb.yaml // assets/volumesnapshotclasses.yaml // assets/volumesnapshotcontents.yaml // assets/volumesnapshots.yaml // assets/webhook_config.yaml // assets/webhook_deployment.yaml +// assets/webhook_deployment_pdb.yaml package generated import ( @@ -135,6 +137,33 @@ func csi_controller_deploymentYaml() (*asset, error) { return a, nil } +var _csi_controller_deployment_pdbYaml = []byte(`apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: csi-snapshot-controller-pdb + namespace: openshift-cluster-storage-operator +spec: + maxUnavailable: 1 + selector: + matchLabels: + app: csi-snapshot-controller +`) + +func csi_controller_deployment_pdbYamlBytes() ([]byte, error) { + return _csi_controller_deployment_pdbYaml, nil +} + +func csi_controller_deployment_pdbYaml() (*asset, error) { + bytes, err := csi_controller_deployment_pdbYamlBytes() + if err != nil { + return nil, err + } + + info := bindataFileInfo{name: "csi_controller_deployment_pdb.yaml", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)} + a := &asset{bytes: bytes, info: info} + return a, nil +} + var _volumesnapshotclassesYaml = []byte(` --- apiVersion: apiextensions.k8s.io/v1 @@ -946,6 +975,33 @@ func webhook_deploymentYaml() (*asset, error) { return a, nil } +var _webhook_deployment_pdbYaml = []byte(`apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: csi-snapshot-webhook-pdb + namespace: openshift-cluster-storage-operator +spec: + maxUnavailable: 1 + selector: + matchLabels: + app: csi-snapshot-webhook +`) + +func webhook_deployment_pdbYamlBytes() ([]byte, error) { + return _webhook_deployment_pdbYaml, nil +} + +func webhook_deployment_pdbYaml() (*asset, error) { + bytes, err := webhook_deployment_pdbYamlBytes() + if err != nil { + return nil, err + } + + info := bindataFileInfo{name: "webhook_deployment_pdb.yaml", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)} + a := &asset{bytes: bytes, info: info} + return a, nil +} + // Asset loads and returns the asset for the given name. // It returns an error if the asset could not be found or // could not be loaded. @@ -998,12 +1054,14 @@ func AssetNames() []string { // _bindata is a table, holding each asset generator, mapped to its name. var _bindata = map[string]func() (*asset, error){ - "csi_controller_deployment.yaml": csi_controller_deploymentYaml, - "volumesnapshotclasses.yaml": volumesnapshotclassesYaml, - "volumesnapshotcontents.yaml": volumesnapshotcontentsYaml, - "volumesnapshots.yaml": volumesnapshotsYaml, - "webhook_config.yaml": webhook_configYaml, - "webhook_deployment.yaml": webhook_deploymentYaml, + "csi_controller_deployment.yaml": csi_controller_deploymentYaml, + "csi_controller_deployment_pdb.yaml": csi_controller_deployment_pdbYaml, + "volumesnapshotclasses.yaml": volumesnapshotclassesYaml, + "volumesnapshotcontents.yaml": volumesnapshotcontentsYaml, + "volumesnapshots.yaml": volumesnapshotsYaml, + "webhook_config.yaml": webhook_configYaml, + "webhook_deployment.yaml": webhook_deploymentYaml, + "webhook_deployment_pdb.yaml": webhook_deployment_pdbYaml, } // AssetDir returns the file names below a certain @@ -1047,12 +1105,14 @@ type bintree struct { } var _bintree = &bintree{nil, map[string]*bintree{ - "csi_controller_deployment.yaml": {csi_controller_deploymentYaml, map[string]*bintree{}}, - "volumesnapshotclasses.yaml": {volumesnapshotclassesYaml, map[string]*bintree{}}, - "volumesnapshotcontents.yaml": {volumesnapshotcontentsYaml, map[string]*bintree{}}, - "volumesnapshots.yaml": {volumesnapshotsYaml, map[string]*bintree{}}, - "webhook_config.yaml": {webhook_configYaml, map[string]*bintree{}}, - "webhook_deployment.yaml": {webhook_deploymentYaml, map[string]*bintree{}}, + "csi_controller_deployment.yaml": {csi_controller_deploymentYaml, map[string]*bintree{}}, + "csi_controller_deployment_pdb.yaml": {csi_controller_deployment_pdbYaml, map[string]*bintree{}}, + "volumesnapshotclasses.yaml": {volumesnapshotclassesYaml, map[string]*bintree{}}, + "volumesnapshotcontents.yaml": {volumesnapshotcontentsYaml, map[string]*bintree{}}, + "volumesnapshots.yaml": {volumesnapshotsYaml, map[string]*bintree{}}, + "webhook_config.yaml": {webhook_configYaml, map[string]*bintree{}}, + "webhook_deployment.yaml": {webhook_deploymentYaml, map[string]*bintree{}}, + "webhook_deployment_pdb.yaml": {webhook_deployment_pdbYaml, map[string]*bintree{}}, }} // RestoreAsset restores an asset under the given directory diff --git a/pkg/operator/starter.go b/pkg/operator/starter.go index f21c51cf2..1470dbaa0 100644 --- a/pkg/operator/starter.go +++ b/pkg/operator/starter.go @@ -13,11 +13,14 @@ import ( csisnapshotconfigclient "github.com/openshift/client-go/operator/clientset/versioned" informer "github.com/openshift/client-go/operator/informers/externalversions" "github.com/openshift/cluster-csi-snapshot-controller-operator/pkg/common" + "github.com/openshift/cluster-csi-snapshot-controller-operator/pkg/generated" "github.com/openshift/cluster-csi-snapshot-controller-operator/pkg/operator/webhookdeployment" "github.com/openshift/cluster-csi-snapshot-controller-operator/pkg/operatorclient" "github.com/openshift/library-go/pkg/controller/controllercmd" "github.com/openshift/library-go/pkg/operator/loglevel" "github.com/openshift/library-go/pkg/operator/management" + "github.com/openshift/library-go/pkg/operator/resource/resourceapply" + "github.com/openshift/library-go/pkg/operator/staticresourcecontroller" "github.com/openshift/library-go/pkg/operator/status" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -65,6 +68,18 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller versionGetter := status.NewVersionGetter() + staticResourcesController := staticresourcecontroller.NewStaticResourceController( + "CSISnapshotStaticResourceController", + generated.Asset, + []string{ + "csi_controller_deployment_pdb.yaml", + "webhook_deployment_pdb.yaml", + }, + (&resourceapply.ClientHolder{}).WithKubernetes(kubeClient), + operatorClient, + controllerConfig.EventRecorder, + ).AddKubeInformers(ctrlctx.KubeNamespacedInformerFactory) + operator := NewCSISnapshotControllerOperator( *operatorClient, ctrlctx.KubeNamespacedInformerFactory.Core().V1().Nodes(), @@ -128,6 +143,7 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller clusterOperatorStatus, logLevelController, managementStateController, + staticResourcesController, webhookOperator, } { go controller.Run(ctx, 1) diff --git a/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go b/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go new file mode 100644 index 000000000..6ac8e1a2b --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go @@ -0,0 +1,240 @@ +package staticresourcecontroller + +import ( + "context" + "fmt" + "strings" + "time" + + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + storagev1 "k8s.io/api/storage/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/meta" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/serializer" + utilerrors "k8s.io/apimachinery/pkg/util/errors" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/client-go/informers" + "k8s.io/client-go/tools/cache" + "k8s.io/klog/v2" + + "github.com/openshift/api" + operatorv1 "github.com/openshift/api/operator/v1" + + "github.com/openshift/library-go/pkg/controller/factory" + "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/management" + "github.com/openshift/library-go/pkg/operator/resource/resourceapply" + "github.com/openshift/library-go/pkg/operator/v1helpers" +) + +const ( + workQueueKey = "key" +) + +var ( + genericScheme = runtime.NewScheme() + genericCodecs = serializer.NewCodecFactory(genericScheme) + genericCodec = genericCodecs.UniversalDeserializer() +) + +func init() { + utilruntime.Must(api.InstallKube(genericScheme)) +} + +type StaticResourceController struct { + name string + manifests resourceapply.AssetFunc + files []string + ignoreNotFoundOnCreate bool + + operatorClient v1helpers.OperatorClient + clients *resourceapply.ClientHolder + + eventRecorder events.Recorder + + factory *factory.Factory +} + +// NewStaticResourceController returns a controller that maintains certain static manifests. Most "normal" types are supported, +// but feel free to add ones we missed. Use .AddInformer(), .AddKubeInformers(), .AddNamespaceInformer or to provide triggering conditions. +// By default, the controller sets Degraded condition on error when syncing a manifest. +// Optionally, the controller can ignore NotFound errors. This is useful when syncing CRs for CRDs that may not yet exist +// when the controller runs, such as ServiceMonitor. +func NewStaticResourceController( + name string, + manifests resourceapply.AssetFunc, + files []string, + clients *resourceapply.ClientHolder, + operatorClient v1helpers.OperatorClient, + eventRecorder events.Recorder, +) *StaticResourceController { + c := &StaticResourceController{ + name: name, + manifests: manifests, + files: files, + + operatorClient: operatorClient, + clients: clients, + + eventRecorder: eventRecorder.WithComponentSuffix(strings.ToLower(name)), + + factory: factory.New().WithInformers(operatorClient.Informer()).ResyncEvery(1 * time.Minute), + } + + return c +} + +// WithIgnoreNotFoundOnCreate makes the controller to ignore NotFound errors when applying a manifest. +// Such error is returned by the API server when the controller tries to apply a CR for CRD +// that has not yet been created. +// This is useful when creating CRs for other operators that were not started yet (such as ServiceMonitors). +// NotFound errors are reported in Degraded condition, but with Degraded=false. +func (c *StaticResourceController) WithIgnoreNotFoundOnCreate() *StaticResourceController { + c.ignoreNotFoundOnCreate = true + return c +} + +func (c *StaticResourceController) AddKubeInformers(kubeInformersByNamespace v1helpers.KubeInformersForNamespaces) *StaticResourceController { + // set the informers so we can have caching clients + c.clients = c.clients.WithKubernetesInformers(kubeInformersByNamespace) + + ret := c + for _, file := range c.files { + objBytes, err := c.manifests(file) + if err != nil { + utilruntime.HandleError(fmt.Errorf("missing %q: %v", file, err)) + continue + } + requiredObj, _, err := genericCodec.Decode(objBytes, nil, nil) + if err != nil { + utilruntime.HandleError(fmt.Errorf("cannot decode %q: %v", file, err)) + continue + } + metadata, err := meta.Accessor(requiredObj) + if err != nil { + utilruntime.HandleError(fmt.Errorf("cannot get metadata %q: %v", file, err)) + continue + } + + // find the right subset of informers. Interestingly, cluster scoped resources require cluster scoped informers + var informer informers.SharedInformerFactory + if _, ok := requiredObj.(*corev1.Namespace); ok { + informer = kubeInformersByNamespace.InformersFor(metadata.GetName()) + if informer == nil { + utilruntime.HandleError(fmt.Errorf("missing informer for namespace %q; no dynamic wiring added, time-based only.", metadata.GetName())) + continue + } + } else { + informer = kubeInformersByNamespace.InformersFor(metadata.GetNamespace()) + if informer == nil { + utilruntime.HandleError(fmt.Errorf("missing informer for namespace %q; no dynamic wiring added, time-based only.", metadata.GetNamespace())) + continue + } + } + + // iterate through the resources we know that are related to kube informers and add the pertinent informers + switch t := requiredObj.(type) { + case *corev1.Namespace: + ret = ret.AddNamespaceInformer(informer.Core().V1().Namespaces().Informer(), t.Name) + case *corev1.Service: + ret = ret.AddInformer(informer.Core().V1().Namespaces().Informer()) + case *corev1.Pod: + ret = ret.AddInformer(informer.Core().V1().Pods().Informer()) + case *corev1.ServiceAccount: + ret = ret.AddInformer(informer.Core().V1().ServiceAccounts().Informer()) + case *corev1.ConfigMap: + ret = ret.AddInformer(informer.Core().V1().ConfigMaps().Informer()) + case *corev1.Secret: + ret = ret.AddInformer(informer.Core().V1().Secrets().Informer()) + case *rbacv1.ClusterRole: + ret = ret.AddInformer(informer.Rbac().V1().ClusterRoles().Informer()) + case *rbacv1.ClusterRoleBinding: + ret = ret.AddInformer(informer.Rbac().V1().ClusterRoleBindings().Informer()) + case *rbacv1.Role: + ret = ret.AddInformer(informer.Rbac().V1().Roles().Informer()) + case *rbacv1.RoleBinding: + ret = ret.AddInformer(informer.Rbac().V1().RoleBindings().Informer()) + case *storagev1.StorageClass: + ret = ret.AddInformer(informer.Storage().V1().StorageClasses().Informer()) + case *storagev1.CSIDriver: + ret = ret.AddInformer(informer.Storage().V1().CSIDrivers().Informer()) + default: + // if there's a missing case, the caller can add an informer or count on a time based trigger. + // if the controller doesn't handle it, then there will be failure from the underlying apply. + klog.V(4).Infof("unhandled type %T", requiredObj) + } + } + + return ret +} + +func (c *StaticResourceController) AddInformer(informer cache.SharedIndexInformer) *StaticResourceController { + c.factory.WithInformers(informer) + return c +} + +func (c *StaticResourceController) AddNamespaceInformer(informer cache.SharedIndexInformer, namespaces ...string) *StaticResourceController { + c.factory.WithNamespaceInformer(informer, namespaces...) + return c +} + +func (c StaticResourceController) Sync(ctx context.Context, syncContext factory.SyncContext) error { + operatorSpec, _, _, err := c.operatorClient.GetOperatorState() + if err != nil { + return err + } + if !management.IsOperatorManaged(operatorSpec.ManagementState) { + return nil + } + + errors := []error{} + var notFoundErrorsCount int + directResourceResults := resourceapply.ApplyDirectly(c.clients, syncContext.Recorder(), c.manifests, c.files...) + for _, currResult := range directResourceResults { + if apierrors.IsNotFound(currResult.Error) { + notFoundErrorsCount++ + } + if currResult.Error != nil { + errors = append(errors, fmt.Errorf("%q (%T): %v", currResult.File, currResult.Type, currResult.Error)) + continue + } + } + + cnd := operatorv1.OperatorCondition{ + Type: fmt.Sprintf("%sDegraded", c.name), + Status: operatorv1.ConditionFalse, + Reason: "AsExpected", + Message: "", + } + + if len(errors) > 0 { + message := "" + for _, err := range errors { + message = message + err.Error() + "\n" + } + cnd.Status = operatorv1.ConditionTrue + cnd.Message = message + cnd.Reason = "SyncError" + + if c.ignoreNotFoundOnCreate && len(errors) == notFoundErrorsCount { + // all errors were NotFound + cnd.Status = operatorv1.ConditionFalse + } + } + + _, _, err = v1helpers.UpdateStatus(c.operatorClient, v1helpers.UpdateConditionFn(cnd)) + if err != nil { + errors = append(errors, err) + } + return utilerrors.NewAggregate(errors) +} + +func (c *StaticResourceController) Name() string { + return "StaticResourceController" +} + +func (c *StaticResourceController) Run(ctx context.Context, workers int) { + c.factory.WithSync(c.Sync).ToController(c.Name(), c.eventRecorder).Run(ctx, workers) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 49a818919..f20a8d009 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -216,6 +216,7 @@ github.com/openshift/library-go/pkg/operator/resource/resourceapply github.com/openshift/library-go/pkg/operator/resource/resourcehelper github.com/openshift/library-go/pkg/operator/resource/resourcemerge github.com/openshift/library-go/pkg/operator/resource/resourceread +github.com/openshift/library-go/pkg/operator/staticresourcecontroller github.com/openshift/library-go/pkg/operator/status github.com/openshift/library-go/pkg/operator/v1helpers github.com/openshift/library-go/pkg/serviceability From b4c301e18c0000d36cd14b1db7a85c90f0306d45 Mon Sep 17 00:00:00 2001 From: Fabio Bertinatto Date: Wed, 2 Jun 2021 14:09:44 +0200 Subject: [PATCH 4/4] Bump library-go --- go.mod | 18 +- go.sum | 46 +- pkg/operator/starter.go | 4 +- ...iserver.openshift.io_apirequestcount.yaml} | 307 +++++--- .../openshift/api/apiserver/v1/register.go | 4 +- .../api/apiserver/v1/types_apirequestcount.go | 159 ++++ .../v1/types_deprecatedapirequest.go | 114 --- .../api/apiserver/v1/zz_generated.deepcopy.go | 107 ++- .../v1/zz_generated.swagger_doc_generated.go | 88 +-- .../openshift/api/build/v1/generated.proto | 48 +- .../openshift/api/build/v1/types.go | 48 +- .../v1/zz_generated.swagger_doc_generated.go | 14 +- .../v1/001-cloudprivateipconfig.crd.yaml | 4 +- .../api/cloudnetwork/v1/generated.proto | 2 +- .../openshift/api/cloudnetwork/v1/types.go | 2 +- ...rsion-operator_01_clusteroperator.crd.yaml | 291 ++++--- ...ersion-operator_01_clusterversion.crd.yaml | 585 +++++++-------- ...03_config-operator_01_operatorhub.crd.yaml | 172 ++--- .../0000_10_config-operator_01_build.crd.yaml | 710 +++++++++--------- .../0000_10_config-operator_01_image.crd.yaml | 276 +++---- ...config-operator_01_infrastructure.crd.yaml | 31 + ...000_10_config-operator_01_network.crd.yaml | 282 +++---- .../api/config/v1/types_cluster_operator.go | 10 +- .../api/config/v1/types_infrastructure.go | 28 + .../api/config/v1/zz_generated.deepcopy.go | 21 + .../v1/zz_generated.swagger_doc_generated.go | 11 + vendor/github.com/openshift/api/go.mod | 10 +- vendor/github.com/openshift/api/go.sum | 16 +- .../0000_10-helm-chart-repository.crd.yaml | 299 ++++---- ...0000_10_config-operator_01_config.crd.yaml | 2 + ...ess-operator_00-ingresscontroller.crd.yaml | 12 +- ...00_70_cluster-network-operator_01_crd.yaml | 9 +- .../v1/0000_70_console-operator.crd.yaml | 15 +- ...perator_00-custom-resource-definition.yaml | 6 +- .../openshift/api/operator/v1/types_config.go | 2 +- .../api/operator/v1/types_console.go | 16 + .../openshift/api/operator/v1/types_dns.go | 2 +- .../api/operator/v1/types_ingress.go | 10 +- .../api/operator/v1/types_network.go | 9 +- .../api/operator/v1/zz_generated.deepcopy.go | 22 + .../v1/zz_generated.swagger_doc_generated.go | 28 +- ...rator_01_imagecontentsourcepolicy.crd.yaml | 145 ++-- ...openshift_01_clusterresourcequota.crd.yaml | 444 +++++------ ..._clusterresourcequota.crd.yaml-merge-patch | 13 - .../samples/v1/0000_10_samplesconfig.crd.yaml | 312 ++++---- .../openshift/build-machinery-go/Makefile | 2 +- .../openshift/build-machinery-go/README.md | 2 +- .../make/default.example.mk.help.log | 1 + .../make/golang.example.mk.help.log | 1 + .../build-machinery-go/make/golang.mk | 1 + .../make/operator.example.mk.help.log | 1 + .../make/targets/golang/version.mk | 65 ++ .../openshift/operator/profile-manifests.mk | 2 + .../operator/resource/resourceapply/core.go | 105 ++- .../resource/resourceapply/generic.go | 10 +- .../resource/resourceapply/monitoring.go | 89 ++- .../operator/resource/resourceapply/policy.go | 47 ++ .../resource/resourceapply/unstructured.go | 9 +- .../resourceapply/volumesnapshotclass.go | 116 +++ .../resource/resourcemerge/apiextensions.go | 37 + .../operator/resource/resourceread/policy.go | 25 + .../static_resource_controller.go | 3 + .../api/core/v1/annotation_key_constants.go | 4 +- .../pkg/api/resource/quantity_proto.go | 2 +- vendor/modules.txt | 22 +- 65 files changed, 2979 insertions(+), 2319 deletions(-) rename vendor/github.com/openshift/api/apiserver/v1/{apiserver.openshift.io_deprecatedapirequests.yaml => apiserver.openshift.io_apirequestcount.yaml} (51%) create mode 100644 vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go delete mode 100644 vendor/github.com/openshift/api/apiserver/v1/types_deprecatedapirequest.go delete mode 100644 vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml-merge-patch create mode 100644 vendor/github.com/openshift/build-machinery-go/make/targets/golang/version.mk create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/policy.go diff --git a/go.mod b/go.mod index b8193d705..ea220b29a 100644 --- a/go.mod +++ b/go.mod @@ -8,21 +8,21 @@ require ( github.com/google/go-cmp v0.5.5 github.com/google/gofuzz v1.2.0 // indirect github.com/kubernetes-csi/external-snapshotter/client/v4 v4.0.0 - github.com/openshift/api v0.0.0-20210415092137-8c78458f83d9 - github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359 - github.com/openshift/client-go v0.0.0-20210331195552-cf6c2669e01f - github.com/openshift/library-go v0.0.0-20210414082648-6e767630a0dc + github.com/openshift/api v0.0.0-20210521075222-e273a339932a + github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e + github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142 + github.com/openshift/library-go v0.0.0-20210531122633-91d29fb786be github.com/prometheus/client_golang v1.7.1 github.com/spf13/cobra v1.1.1 github.com/spf13/pflag v1.0.5 go.uber.org/multierr v1.6.0 // indirect go.uber.org/zap v1.16.0 // indirect golang.org/x/net v0.0.0-20210414194228-064579744ee0 // indirect - k8s.io/api v0.21.0 - k8s.io/apiextensions-apiserver v0.21.0 - k8s.io/apimachinery v0.21.0 - k8s.io/client-go v0.21.0 - k8s.io/component-base v0.21.0 + k8s.io/api v0.21.1 + k8s.io/apiextensions-apiserver v0.21.1 + k8s.io/apimachinery v0.21.1 + k8s.io/client-go v0.21.1 + k8s.io/component-base v0.21.1 k8s.io/klog/v2 v2.8.0 sigs.k8s.io/controller-runtime v0.6.3 sigs.k8s.io/structured-merge-diff/v4 v4.1.1 // indirect diff --git a/go.sum b/go.sum index b648bc8ef..4354efb09 100644 --- a/go.sum +++ b/go.sum @@ -419,18 +419,16 @@ github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/openshift/api v0.0.0-20210331162552-3e31249e6a55/go.mod h1:dZ4kytOo3svxJHNYd0J55hwe/6IQG5gAUHUE0F3Jkio= -github.com/openshift/api v0.0.0-20210331193751-3acddb19d360/go.mod h1:dZ4kytOo3svxJHNYd0J55hwe/6IQG5gAUHUE0F3Jkio= -github.com/openshift/api v0.0.0-20210415092137-8c78458f83d9 h1:TudJ23vtDe4zyFep9xdw1baNkZ6AyEGSkrzUzws9C0c= -github.com/openshift/api v0.0.0-20210415092137-8c78458f83d9/go.mod h1:dZ4kytOo3svxJHNYd0J55hwe/6IQG5gAUHUE0F3Jkio= -github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359 h1:ehSDsWQiUVzJZrSEXMC7ceV9JIPEyTYqrpqu3m4Wa08= -github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= -github.com/openshift/client-go v0.0.0-20210331195552-cf6c2669e01f h1:MAFVN4yW6pPSaTa1i+4Xp6FfVzZRFRETsnPfwz6VBXM= -github.com/openshift/client-go v0.0.0-20210331195552-cf6c2669e01f/go.mod h1:hHaRJ6vp2MRd/CpuZ1oJkqnMGy5eEnoAkQmKPZKcUPI= +github.com/openshift/api v0.0.0-20210521075222-e273a339932a h1:aBPwLqCg66SbQd+HrjB1GhgTfPtqSY4aeB022tEYmE0= +github.com/openshift/api v0.0.0-20210521075222-e273a339932a/go.mod h1:izBmoXbUu3z5kUa4FjZhvekTsyzIWiOoaIgJiZBBMQs= +github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e h1:F7rBobgSjtYL3/zsgDUjlTVx3Z06hdgpoldpDcn7jzc= +github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= +github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142 h1:ZHRIMCFIJN1p9LsJt4HQ+akDrys4PrYnXzOWI5LK03I= +github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142/go.mod h1:fjS8r9mqDVsPb5td3NehsNOAWa4uiFkYEfVZioQ2gH0= github.com/openshift/kubernetes-apiserver v0.0.0-20210419140141-620426e63a99 h1:KrCYRAJcgZYzMCB1PjJHJMYPu/d+dEkelq5eYyi0fDw= github.com/openshift/kubernetes-apiserver v0.0.0-20210419140141-620426e63a99/go.mod h1:w2YSn4/WIwYuxG5zJmcqtRdtqgW/J2JRgFAqps3bBpg= -github.com/openshift/library-go v0.0.0-20210414082648-6e767630a0dc h1:tywho0nChchtAD4E2YmlX9MWQ3CBoWT49GrTHfM2+ss= -github.com/openshift/library-go v0.0.0-20210414082648-6e767630a0dc/go.mod h1:pnz961veImKsbn7pQcuFbcVpCQosYiC1fUOjzEDeOLU= +github.com/openshift/library-go v0.0.0-20210531122633-91d29fb786be h1:v12fst9EGl157Et1LnsBTAXL16ZBRotS//jJR81YHYQ= +github.com/openshift/library-go v0.0.0-20210531122633-91d29fb786be/go.mod h1:87ZYjEncF0YNUKNzncb8Fiw8yFNevpIWZW83C/etzpw= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= @@ -891,41 +889,39 @@ k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI= k8s.io/api v0.18.0-beta.2/go.mod h1:2oeNnWEqcSmaM/ibSh3t7xcIqbkGXhzZdn4ezV9T4m0= k8s.io/api v0.18.6/go.mod h1:eeyxr+cwCjMdLAmr2W3RyDI0VvTawSg/3RFFBEnmZGI= k8s.io/api v0.19.0/go.mod h1:I1K45XlvTrDjmj5LoM5LuP/KYrhWbjUKT/SoPG0qTjw= -k8s.io/api v0.21.0-rc.0/go.mod h1:Dkc/ZauWJrgZhjOjeBgW89xZQiTBJA2RaBKYHXPsi2Y= -k8s.io/api v0.21.0 h1:gu5iGF4V6tfVCQ/R+8Hc0h7H1JuEhzyEi9S4R5LM8+Y= k8s.io/api v0.21.0/go.mod h1:+YbrhBBGgsxbF6o6Kj4KJPJnBmAKuXDeS3E18bgHNVU= +k8s.io/api v0.21.1 h1:94bbZ5NTjdINJEdzOkpS4vdPhkb1VFpTYC9zh43f75c= +k8s.io/api v0.21.1/go.mod h1:FstGROTmsSHBarKc8bylzXih8BLNYTiS3TZcsoEDg2s= k8s.io/apiextensions-apiserver v0.17.0/go.mod h1:XiIFUakZywkUl54fVXa7QTEHcqQz9HG55nHd1DCoHj8= k8s.io/apiextensions-apiserver v0.18.0-beta.2/go.mod h1:Hnrg5jx8/PbxRbUoqDGxtQkULjwx8FDW4WYJaKNK+fk= k8s.io/apiextensions-apiserver v0.18.6/go.mod h1:lv89S7fUysXjLZO7ke783xOwVTm6lKizADfvUM/SS/M= -k8s.io/apiextensions-apiserver v0.21.0-rc.0/go.mod h1:ItIoMBJU1gy93Qwr/B2699r4b0VmZqAOU+15BvozxMY= -k8s.io/apiextensions-apiserver v0.21.0 h1:Nd4uBuweg6ImzbxkC1W7xUNZcCV/8Vt10iTdTIVF3hw= -k8s.io/apiextensions-apiserver v0.21.0/go.mod h1:gsQGNtGkc/YoDG9loKI0V+oLZM4ljRPjc/sql5tmvzc= +k8s.io/apiextensions-apiserver v0.21.1 h1:AA+cnsb6w7SZ1vD32Z+zdgfXdXY8X9uGX5bN6EoPEIo= +k8s.io/apiextensions-apiserver v0.21.1/go.mod h1:KESQFCGjqVcVsZ9g0xX5bacMjyX5emuWcS2arzdEouA= k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= k8s.io/apimachinery v0.18.0-beta.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= k8s.io/apimachinery v0.18.6/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko= k8s.io/apimachinery v0.19.0/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= -k8s.io/apimachinery v0.21.0-rc.0/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY= -k8s.io/apimachinery v0.21.0 h1:3Fx+41if+IRavNcKOz09FwEXDBG6ORh6iMsTSelhkMA= k8s.io/apimachinery v0.21.0/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY= +k8s.io/apimachinery v0.21.1 h1:Q6XuHGlj2xc+hlMCvqyYfbv3H7SRGn2c8NycxJquDVs= +k8s.io/apimachinery v0.21.1/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY= k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k= k8s.io/client-go v0.18.0-beta.2/go.mod h1:UvuVxHjKWIcgy0iMvF+bwNDW7l0mskTNOaOW1Qv5BMA= k8s.io/client-go v0.18.6/go.mod h1:/fwtGLjYMS1MaM5oi+eXhKwG+1UHidUEXRh6cNsdO0Q= k8s.io/client-go v0.19.0/go.mod h1:H9E/VT95blcFQnlyShFgnFT9ZnJOAceiUHM3MlRC+mU= -k8s.io/client-go v0.21.0-rc.0/go.mod h1:zU5HY/bSOKH3YOqoge9nFvICgrpeSdJu8DQ4fkjKIZk= -k8s.io/client-go v0.21.0 h1:n0zzzJsAQmJngpC0IhgFcApZyoGXPrDIAD601HD09ag= k8s.io/client-go v0.21.0/go.mod h1:nNBytTF9qPFDEhoqgEPaarobC8QPae13bElIVHzIglA= +k8s.io/client-go v0.21.1 h1:bhblWYLZKUu+pm50plvQF8WpY6TXdRRtcS/K9WauOj4= +k8s.io/client-go v0.21.1/go.mod h1:/kEw4RgW+3xnBGzvp9IWxKSNA+lXn3A7AuH3gdOAzLs= k8s.io/code-generator v0.17.0/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/code-generator v0.18.0-beta.2/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc= k8s.io/code-generator v0.18.6/go.mod h1:TgNEVx9hCyPGpdtCWA34olQYLkh3ok9ar7XfSsr8b6c= k8s.io/code-generator v0.19.0/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= -k8s.io/code-generator v0.21.0-rc.0/go.mod h1:hUlps5+9QaTrKx+jiM4rmq7YmH8wPOIko64uZCHDh6Q= -k8s.io/code-generator v0.21.0/go.mod h1:hUlps5+9QaTrKx+jiM4rmq7YmH8wPOIko64uZCHDh6Q= +k8s.io/code-generator v0.21.1/go.mod h1:hUlps5+9QaTrKx+jiM4rmq7YmH8wPOIko64uZCHDh6Q= k8s.io/component-base v0.17.0/go.mod h1:rKuRAokNMY2nn2A6LP/MiwpoaMRHpfRnrPaUJJj1Yoc= k8s.io/component-base v0.18.0-beta.2/go.mod h1:HVk5FpRnyzQ/MjBr9//e/yEBjTVa2qjGXCTuUzcD7ks= k8s.io/component-base v0.18.6/go.mod h1:knSVsibPR5K6EW2XOjEHik6sdU5nCvKMrzMt2D4In14= -k8s.io/component-base v0.21.0-rc.0/go.mod h1:XlP0bM7QJFWRGZYPc5NmphkvsYQ+o7804HWH3GTGjDY= -k8s.io/component-base v0.21.0 h1:tLLGp4BBjQaCpS/KiuWh7m2xqvAdsxLm4ATxHSe5Zpg= k8s.io/component-base v0.21.0/go.mod h1:qvtjz6X0USWXbgmbfXR+Agik4RZ3jv2Bgr5QnZzdPYw= +k8s.io/component-base v0.21.1 h1:iLpj2btXbR326s/xNQWmPNGu0gaYSjzn7IN/5i28nQw= +k8s.io/component-base v0.21.1/go.mod h1:NgzFZ2qu4m1juby4TnrmpR8adRk6ka62YdH5DkIIyKA= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= @@ -941,8 +937,8 @@ k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.8.0 h1:Q3gmuM9hKEjefWFFYF0Mat+YyFJvsUyYuwyNNJ5C9Ts= k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/kube-aggregator v0.18.0-beta.2/go.mod h1:O3Td9mheraINbLHH4pzoFP2gRzG0Wk1COqzdSL4rBPk= -k8s.io/kube-aggregator v0.21.0-rc.0 h1:PxnBqTgEQHCOhWl3J6EX2OKbfx0epwgKF4phlhgNyFA= -k8s.io/kube-aggregator v0.21.0-rc.0/go.mod h1:M+whOmsAeQf8ObJ0/eO9Af1Dz2UQEB9OW9BWmt9b2sU= +k8s.io/kube-aggregator v0.21.1 h1:3pPRhOXZcJYjNDjPDizFx0G5//DArWKANZE03J5z8Ck= +k8s.io/kube-aggregator v0.21.1/go.mod h1:cAZ0n02IiSl57sQSHz4vvrz3upQRMbytOiZnpPJaQzQ= k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= diff --git a/pkg/operator/starter.go b/pkg/operator/starter.go index 1470dbaa0..11a1b80b2 100644 --- a/pkg/operator/starter.go +++ b/pkg/operator/starter.go @@ -22,6 +22,7 @@ import ( "github.com/openshift/library-go/pkg/operator/resource/resourceapply" "github.com/openshift/library-go/pkg/operator/staticresourcecontroller" "github.com/openshift/library-go/pkg/operator/status" + "github.com/openshift/library-go/pkg/operator/v1helpers" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" @@ -68,6 +69,7 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller versionGetter := status.NewVersionGetter() + kubeInformersForNamespaces := v1helpers.NewKubeInformersForNamespaces(kubeClient, operatorNamespace, targetNamespace) staticResourcesController := staticresourcecontroller.NewStaticResourceController( "CSISnapshotStaticResourceController", generated.Asset, @@ -78,7 +80,7 @@ func RunOperator(ctx context.Context, controllerConfig *controllercmd.Controller (&resourceapply.ClientHolder{}).WithKubernetes(kubeClient), operatorClient, controllerConfig.EventRecorder, - ).AddKubeInformers(ctrlctx.KubeNamespacedInformerFactory) + ).AddKubeInformers(kubeInformersForNamespaces) operator := NewCSISnapshotControllerOperator( *operatorClient, diff --git a/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_deprecatedapirequests.yaml b/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_apirequestcount.yaml similarity index 51% rename from vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_deprecatedapirequests.yaml rename to vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_apirequestcount.yaml index 89beaaa9d..3b15501e0 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_deprecatedapirequests.yaml +++ b/vendor/github.com/openshift/api/apiserver/v1/apiserver.openshift.io_apirequestcount.yaml @@ -4,22 +4,38 @@ metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" - name: deprecatedapirequests.apiserver.openshift.io + name: apirequestcounts.apiserver.openshift.io spec: group: apiserver.openshift.io names: - kind: DeprecatedAPIRequest - listKind: DeprecatedAPIRequestList - plural: deprecatedapirequests - singular: deprecatedapirequest + kind: APIRequestCount + listKind: APIRequestCountList + plural: apirequestcounts + singular: apirequestcount scope: Cluster versions: - name: v1 - schema: - openAPIV3Schema: - description: DeprecatedAPIRequest tracts requests made to a deprecated API. - The instance name should be of the form `resource.version.group`, matching - the deprecated resource. + served: true + storage: true + subresources: + status: {} + additionalPrinterColumns: + - name: RemovedInRelease + type: string + description: Release in which an API will be removed. + jsonPath: .status.removedInRelease + - name: RequestsInCurrentHour + type: integer + description: Number of requests in the current hour. + jsonPath: .status.currentHour.requestCount + - name: RequestsInLast24h + type: integer + description: Number of requests in the last 24h. + jsonPath: .status.requestCount + "schema": + "openAPIV3Schema": + description: APIRequestCount tracks requests made to an API. The instance + name must be of the form `resource.version.group`, matching the resource. type: object required: - spec @@ -40,12 +56,15 @@ spec: description: spec defines the characteristics of the resource. type: object properties: - removedRelease: - description: removedRelease is when the API will be removed. - type: string - maxLength: 64 - minLength: 3 - pattern: ^[0-9][0-9]*\.[0-9][0-9]*$ + numberOfUsersToReport: + description: numberOfUsersToReport is the number of users to include + in the report. If unspecified or zero, the default is ten. This + is default is subject to change. + type: integer + format: int64 + default: 10 + maximum: 100 + minimum: 0 status: description: status contains the observed state of the resource. type: object @@ -121,127 +140,187 @@ spec: type: string maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - requestsLast24h: - description: requestsLast24h contains request history for the last - 24 hours, indexed by the hour, so 12:00AM-12:59 is in index 0, 6am-6:59am + currentHour: + description: currentHour contains request history for the current + hour. This is porcelain to make the API easier to read by humans + seeing if they addressed a problem. This field is reset on the hour. + type: object + properties: + byNode: + description: byNode contains logs of requests per node. + type: array + maxItems: 512 + items: + description: PerNodeAPIRequestLog contains logs of requests + to a certain node. + type: object + properties: + byUser: + description: byUser contains request details by top .spec.numberOfUsersToReport + users. Note that because in the case of an apiserver, + restart the list of top users is determined on a best-effort + basis, the list might be imprecise. In addition, some + system users may be explicitly included in the list. + type: array + maxItems: 500 + items: + description: PerUserAPIRequestCount contains logs of a + user's requests. + type: object + properties: + byVerb: + description: byVerb details by verb. + type: array + maxItems: 10 + items: + description: PerVerbAPIRequestCount requestCounts + requests by API request verb. + type: object + properties: + requestCount: + description: requestCount of requests for verb. + type: integer + format: int64 + minimum: 0 + verb: + description: verb of API request (get, list, + create, etc...) + type: string + maxLength: 20 + requestCount: + description: requestCount of requests by the user + across all verbs. + type: integer + format: int64 + minimum: 0 + userAgent: + description: userAgent that made the request. The + same user often has multiple binaries which connect + (pods with many containers). The different binaries + will have different userAgents, but the same user. In + addition, we have userAgents with version information + embedded and the userName isn't likely to change. + type: string + maxLength: 1024 + username: + description: userName that made the request. + type: string + maxLength: 512 + nodeName: + description: nodeName where the request are being handled. + type: string + maxLength: 512 + minLength: 1 + requestCount: + description: requestCount is a sum of all requestCounts + across all users, even those outside of the top 10 users. + type: integer + format: int64 + minimum: 0 + requestCount: + description: requestCount is a sum of all requestCounts across + nodes. + type: integer + format: int64 + minimum: 0 + last24h: + description: last24h contains request history for the last 24 hours, + indexed by the hour, so 12:00AM-12:59 is in index 0, 6am-6:59am is index 6, etc. The index of the current hour is updated live and then duplicated into the requestsLastHour field. type: array + maxItems: 24 items: - description: RequestLog logs request for various nodes. + description: PerResourceAPIRequestLog logs request for various nodes. type: object properties: - nodes: - description: nodes contains logs of requests per node. + byNode: + description: byNode contains logs of requests per node. type: array + maxItems: 512 items: - description: NodeRequestLog contains logs of requests to a - certain node. + description: PerNodeAPIRequestLog contains logs of requests + to a certain node. type: object properties: - lastUpdate: - description: lastUpdate should *always* being within the - hour this is for. This is a time indicating the last - moment the server is recording for, not the actual update - time. - type: string - format: date-time - nodeName: - description: nodeName where the request are being handled. - type: string - users: - description: users contains request details by top 10 - users. Note that because in the case of an apiserver - restart the list of top 10 users is determined on a - best-effort basis, the list might be imprecise. + byUser: + description: byUser contains request details by top .spec.numberOfUsersToReport + users. Note that because in the case of an apiserver, + restart the list of top users is determined on a best-effort + basis, the list might be imprecise. In addition, some + system users may be explicitly included in the list. type: array + maxItems: 500 items: - description: RequestUser contains logs of a user's requests. + description: PerUserAPIRequestCount contains logs of + a user's requests. type: object properties: - count: - description: count of requests. - type: integer - requests: - description: requests details by verb. + byVerb: + description: byVerb details by verb. type: array + maxItems: 10 items: - description: RequestCount counts requests by API - request verb. + description: PerVerbAPIRequestCount requestCounts + requests by API request verb. type: object properties: - count: - description: count of requests for verb. + requestCount: + description: requestCount of requests for + verb. type: integer + format: int64 + minimum: 0 verb: description: verb of API request (get, list, create, etc...) type: string + maxLength: 20 + requestCount: + description: requestCount of requests by the user + across all verbs. + type: integer + format: int64 + minimum: 0 + userAgent: + description: userAgent that made the request. The + same user often has multiple binaries which connect + (pods with many containers). The different binaries + will have different userAgents, but the same user. In + addition, we have userAgents with version information + embedded and the userName isn't likely to change. + type: string + maxLength: 1024 username: description: userName that made the request. type: string - requestsLastHour: - description: requestsLastHour contains request history for the current - hour. This is porcelain to make the API easier to read by humans - seeing if they addressed a problem. This field is reset on the hour. - type: object - properties: - nodes: - description: nodes contains logs of requests per node. - type: array - items: - description: NodeRequestLog contains logs of requests to a certain - node. - type: object - properties: - lastUpdate: - description: lastUpdate should *always* being within the - hour this is for. This is a time indicating the last - moment the server is recording for, not the actual update - time. - type: string - format: date-time - nodeName: - description: nodeName where the request are being handled. - type: string - users: - description: users contains request details by top 10 users. - Note that because in the case of an apiserver restart - the list of top 10 users is determined on a best-effort - basis, the list might be imprecise. - type: array - items: - description: RequestUser contains logs of a user's requests. - type: object - properties: - count: - description: count of requests. - type: integer - requests: - description: requests details by verb. - type: array - items: - description: RequestCount counts requests by API - request verb. - type: object - properties: - count: - description: count of requests for verb. - type: integer - verb: - description: verb of API request (get, list, - create, etc...) - type: string - username: - description: userName that made the request. - type: string - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + maxLength: 512 + nodeName: + description: nodeName where the request are being handled. + type: string + maxLength: 512 + minLength: 1 + requestCount: + description: requestCount is a sum of all requestCounts + across all users, even those outside of the top 10 users. + type: integer + format: int64 + minimum: 0 + requestCount: + description: requestCount is a sum of all requestCounts across + nodes. + type: integer + format: int64 + minimum: 0 + removedInRelease: + description: removedInRelease is when the API will be removed. + type: string + maxLength: 64 + minLength: 0 + pattern: ^[0-9][0-9]*\.[0-9][0-9]*$ + requestCount: + description: requestCount is a sum of all requestCounts across all + current hours, nodes, and users. + type: integer + format: int64 + minimum: 0 diff --git a/vendor/github.com/openshift/api/apiserver/v1/register.go b/vendor/github.com/openshift/api/apiserver/v1/register.go index 82d3584c4..9d6e126e4 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/register.go +++ b/vendor/github.com/openshift/api/apiserver/v1/register.go @@ -30,8 +30,8 @@ func Resource(resource string) schema.GroupResource { // Adds the list of known types to api.Scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(GroupVersion, - &DeprecatedAPIRequest{}, - &DeprecatedAPIRequestList{}, + &APIRequestCount{}, + &APIRequestCountList{}, ) metav1.AddToGroupVersion(scheme, GroupVersion) return nil diff --git a/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go b/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go new file mode 100644 index 000000000..61f56a161 --- /dev/null +++ b/vendor/github.com/openshift/api/apiserver/v1/types_apirequestcount.go @@ -0,0 +1,159 @@ +// Package v1 is an api version in the apiserver.openshift.io group +package v1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +const ( + // RemovedInReleaseLabel is a label which can be used to select APIRequestCounts based on the release + // in which they are removed. The value is equivalent to .status.removedInRelease. + RemovedInReleaseLabel = "apirequestcounts.apiserver.openshift.io/removedInRelease" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:scope="Cluster" +// +kubebuilder:subresource:status +// +genclient:nonNamespaced + +// APIRequestCount tracks requests made to an API. The instance name must +// be of the form `resource.version.group`, matching the resource. +type APIRequestCount struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + // spec defines the characteristics of the resource. + // +kubebuilder:validation:Required + // +required + Spec APIRequestCountSpec `json:"spec"` + + // status contains the observed state of the resource. + Status APIRequestCountStatus `json:"status,omitempty"` +} + +type APIRequestCountSpec struct { + + // numberOfUsersToReport is the number of users to include in the report. + // If unspecified or zero, the default is ten. This is default is subject to change. + // +kubebuilder:default:=10 + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=100 + // +optional + NumberOfUsersToReport int64 `json:"numberOfUsersToReport"` +} + +// +k8s:deepcopy-gen=true +type APIRequestCountStatus struct { + + // conditions contains details of the current status of this API Resource. + // +patchMergeKey=type + // +patchStrategy=merge + Conditions []metav1.Condition `json:"conditions" patchStrategy:"merge" patchMergeKey:"type"` + + // removedInRelease is when the API will be removed. + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:Pattern=^[0-9][0-9]*\.[0-9][0-9]*$ + // +kubebuilder:validation:MaxLength=64 + // +optional + RemovedInRelease string `json:"removedInRelease,omitempty"` + + // requestCount is a sum of all requestCounts across all current hours, nodes, and users. + // +kubebuilder:validation:Minimum=0 + // +required + RequestCount int64 `json:"requestCount"` + + // currentHour contains request history for the current hour. This is porcelain to make the API + // easier to read by humans seeing if they addressed a problem. This field is reset on the hour. + // +optional + CurrentHour PerResourceAPIRequestLog `json:"currentHour"` + + // last24h contains request history for the last 24 hours, indexed by the hour, so + // 12:00AM-12:59 is in index 0, 6am-6:59am is index 6, etc. The index of the current hour + // is updated live and then duplicated into the requestsLastHour field. + // +kubebuilder:validation:MaxItems=24 + // +optional + Last24h []PerResourceAPIRequestLog `json:"last24h"` +} + +// PerResourceAPIRequestLog logs request for various nodes. +type PerResourceAPIRequestLog struct { + + // byNode contains logs of requests per node. + // +kubebuilder:validation:MaxItems=512 + // +optional + ByNode []PerNodeAPIRequestLog `json:"byNode"` + + // requestCount is a sum of all requestCounts across nodes. + // +kubebuilder:validation:Minimum=0 + // +required + RequestCount int64 `json:"requestCount"` +} + +// PerNodeAPIRequestLog contains logs of requests to a certain node. +type PerNodeAPIRequestLog struct { + + // nodeName where the request are being handled. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +required + NodeName string `json:"nodeName"` + + // requestCount is a sum of all requestCounts across all users, even those outside of the top 10 users. + // +kubebuilder:validation:Minimum=0 + // +required + RequestCount int64 `json:"requestCount"` + + // byUser contains request details by top .spec.numberOfUsersToReport users. + // Note that because in the case of an apiserver, restart the list of top users is determined on a best-effort basis, + // the list might be imprecise. + // In addition, some system users may be explicitly included in the list. + // +kubebuilder:validation:MaxItems=500 + ByUser []PerUserAPIRequestCount `json:"byUser"` +} + +// PerUserAPIRequestCount contains logs of a user's requests. +type PerUserAPIRequestCount struct { + + // userName that made the request. + // +kubebuilder:validation:MaxLength=512 + UserName string `json:"username"` + + // userAgent that made the request. + // The same user often has multiple binaries which connect (pods with many containers). The different binaries + // will have different userAgents, but the same user. In addition, we have userAgents with version information + // embedded and the userName isn't likely to change. + // +kubebuilder:validation:MaxLength=1024 + UserAgent string `json:"userAgent"` + + // requestCount of requests by the user across all verbs. + // +kubebuilder:validation:Minimum=0 + // +required + RequestCount int64 `json:"requestCount"` + + // byVerb details by verb. + // +kubebuilder:validation:MaxItems=10 + ByVerb []PerVerbAPIRequestCount `json:"byVerb"` +} + +// PerVerbAPIRequestCount requestCounts requests by API request verb. +type PerVerbAPIRequestCount struct { + + // verb of API request (get, list, create, etc...) + // +kubebuilder:validation:MaxLength=20 + // +required + Verb string `json:"verb"` + + // requestCount of requests for verb. + // +kubebuilder:validation:Minimum=0 + // +required + RequestCount int64 `json:"requestCount"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// APIRequestCountList is a list of APIRequestCount resources. +type APIRequestCountList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + + Items []APIRequestCount `json:"items"` +} diff --git a/vendor/github.com/openshift/api/apiserver/v1/types_deprecatedapirequest.go b/vendor/github.com/openshift/api/apiserver/v1/types_deprecatedapirequest.go deleted file mode 100644 index 9caf3f6ab..000000000 --- a/vendor/github.com/openshift/api/apiserver/v1/types_deprecatedapirequest.go +++ /dev/null @@ -1,114 +0,0 @@ -// Package v1 is an api version in the apiserver.openshift.io group -package v1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:scope="Cluster" -// +kubebuilder:subresource:status -// +genclient:nonNamespaced - -// DeprecatedAPIRequest tracts requests made to a deprecated API. The instance name should -// be of the form `resource.version.group`, matching the deprecated resource. -type DeprecatedAPIRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - - // spec defines the characteristics of the resource. - // +kubebuilder:validation:Required - // +required - Spec DeprecatedAPIRequestSpec `json:"spec"` - - // status contains the observed state of the resource. - Status DeprecatedAPIRequestStatus `json:"status,omitempty"` -} - -type DeprecatedAPIRequestSpec struct { - // removedRelease is when the API will be removed. - // +kubebuilder:validation:Pattern=^[0-9][0-9]*\.[0-9][0-9]*$ - // +kubebuilder:validation:MinLength=3 - // +kubebuilder:validation:MaxLength=64 - // +required - RemovedRelease string `json:"removedRelease"` -} - -// +k8s:deepcopy-gen=true -type DeprecatedAPIRequestStatus struct { - - // conditions contains details of the current status of this API Resource. - // +patchMergeKey=type - // +patchStrategy=merge - Conditions []metav1.Condition `json:"conditions"` - - // requestsLastHour contains request history for the current hour. This is porcelain to make the API - // easier to read by humans seeing if they addressed a problem. This field is reset on the hour. - RequestsLastHour RequestLog `json:"requestsLastHour"` - - // requestsLast24h contains request history for the last 24 hours, indexed by the hour, so - // 12:00AM-12:59 is in index 0, 6am-6:59am is index 6, etc. The index of the current hour - // is updated live and then duplicated into the requestsLastHour field. - RequestsLast24h []RequestLog `json:"requestsLast24h"` -} - -// RequestLog logs request for various nodes. -type RequestLog struct { - - // nodes contains logs of requests per node. - Nodes []NodeRequestLog `json:"nodes"` -} - -// NodeRequestLog contains logs of requests to a certain node. -type NodeRequestLog struct { - - // nodeName where the request are being handled. - NodeName string `json:"nodeName"` - - // lastUpdate should *always* being within the hour this is for. This is a time indicating - // the last moment the server is recording for, not the actual update time. - LastUpdate metav1.Time `json:"lastUpdate"` - - // users contains request details by top 10 users. Note that because in the case of an apiserver - // restart the list of top 10 users is determined on a best-effort basis, the list might be imprecise. - Users []RequestUser `json:"users"` -} - -type DeprecatedAPIRequestConditionType string - -const ( - // UsedInPastDay condition indicates a request has been made against the deprecated api in the last 24h. - UsedInPastDay DeprecatedAPIRequestConditionType = "UsedInPastDay" -) - -// RequestUser contains logs of a user's requests. -type RequestUser struct { - - // userName that made the request. - UserName string `json:"username"` - - // count of requests. - Count int `json:"count"` - - // requests details by verb. - Requests []RequestCount `json:"requests"` -} - -// RequestCount counts requests by API request verb. -type RequestCount struct { - - // verb of API request (get, list, create, etc...) - Verb string `json:"verb"` - - // count of requests for verb. - Count int `json:"count"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// DeprecatedAPIRequestList is a list of DeprecatedAPIRequest resources. -type DeprecatedAPIRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []DeprecatedAPIRequest `json:"items"` -} diff --git a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.deepcopy.go index 3fb611c1b..f350d6805 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.deepcopy.go @@ -10,7 +10,7 @@ import ( ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeprecatedAPIRequest) DeepCopyInto(out *DeprecatedAPIRequest) { +func (in *APIRequestCount) DeepCopyInto(out *APIRequestCount) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -19,18 +19,18 @@ func (in *DeprecatedAPIRequest) DeepCopyInto(out *DeprecatedAPIRequest) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeprecatedAPIRequest. -func (in *DeprecatedAPIRequest) DeepCopy() *DeprecatedAPIRequest { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIRequestCount. +func (in *APIRequestCount) DeepCopy() *APIRequestCount { if in == nil { return nil } - out := new(DeprecatedAPIRequest) + out := new(APIRequestCount) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DeprecatedAPIRequest) DeepCopyObject() runtime.Object { +func (in *APIRequestCount) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -38,13 +38,13 @@ func (in *DeprecatedAPIRequest) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeprecatedAPIRequestList) DeepCopyInto(out *DeprecatedAPIRequestList) { +func (in *APIRequestCountList) DeepCopyInto(out *APIRequestCountList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]DeprecatedAPIRequest, len(*in)) + *out = make([]APIRequestCount, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -52,18 +52,18 @@ func (in *DeprecatedAPIRequestList) DeepCopyInto(out *DeprecatedAPIRequestList) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeprecatedAPIRequestList. -func (in *DeprecatedAPIRequestList) DeepCopy() *DeprecatedAPIRequestList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIRequestCountList. +func (in *APIRequestCountList) DeepCopy() *APIRequestCountList { if in == nil { return nil } - out := new(DeprecatedAPIRequestList) + out := new(APIRequestCountList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DeprecatedAPIRequestList) DeepCopyObject() runtime.Object { +func (in *APIRequestCountList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -71,23 +71,23 @@ func (in *DeprecatedAPIRequestList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeprecatedAPIRequestSpec) DeepCopyInto(out *DeprecatedAPIRequestSpec) { +func (in *APIRequestCountSpec) DeepCopyInto(out *APIRequestCountSpec) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeprecatedAPIRequestSpec. -func (in *DeprecatedAPIRequestSpec) DeepCopy() *DeprecatedAPIRequestSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIRequestCountSpec. +func (in *APIRequestCountSpec) DeepCopy() *APIRequestCountSpec { if in == nil { return nil } - out := new(DeprecatedAPIRequestSpec) + out := new(APIRequestCountSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DeprecatedAPIRequestStatus) DeepCopyInto(out *DeprecatedAPIRequestStatus) { +func (in *APIRequestCountStatus) DeepCopyInto(out *APIRequestCountStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -96,10 +96,10 @@ func (in *DeprecatedAPIRequestStatus) DeepCopyInto(out *DeprecatedAPIRequestStat (*in)[i].DeepCopyInto(&(*out)[i]) } } - in.RequestsLastHour.DeepCopyInto(&out.RequestsLastHour) - if in.RequestsLast24h != nil { - in, out := &in.RequestsLast24h, &out.RequestsLast24h - *out = make([]RequestLog, len(*in)) + in.CurrentHour.DeepCopyInto(&out.CurrentHour) + if in.Last24h != nil { + in, out := &in.Last24h, &out.Last24h + *out = make([]PerResourceAPIRequestLog, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -107,23 +107,22 @@ func (in *DeprecatedAPIRequestStatus) DeepCopyInto(out *DeprecatedAPIRequestStat return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeprecatedAPIRequestStatus. -func (in *DeprecatedAPIRequestStatus) DeepCopy() *DeprecatedAPIRequestStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIRequestCountStatus. +func (in *APIRequestCountStatus) DeepCopy() *APIRequestCountStatus { if in == nil { return nil } - out := new(DeprecatedAPIRequestStatus) + out := new(APIRequestCountStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeRequestLog) DeepCopyInto(out *NodeRequestLog) { +func (in *PerNodeAPIRequestLog) DeepCopyInto(out *PerNodeAPIRequestLog) { *out = *in - in.LastUpdate.DeepCopyInto(&out.LastUpdate) - if in.Users != nil { - in, out := &in.Users, &out.Users - *out = make([]RequestUser, len(*in)) + if in.ByUser != nil { + in, out := &in.ByUser, &out.ByUser + *out = make([]PerUserAPIRequestCount, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -131,72 +130,72 @@ func (in *NodeRequestLog) DeepCopyInto(out *NodeRequestLog) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeRequestLog. -func (in *NodeRequestLog) DeepCopy() *NodeRequestLog { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PerNodeAPIRequestLog. +func (in *PerNodeAPIRequestLog) DeepCopy() *PerNodeAPIRequestLog { if in == nil { return nil } - out := new(NodeRequestLog) + out := new(PerNodeAPIRequestLog) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequestCount) DeepCopyInto(out *RequestCount) { +func (in *PerResourceAPIRequestLog) DeepCopyInto(out *PerResourceAPIRequestLog) { *out = *in + if in.ByNode != nil { + in, out := &in.ByNode, &out.ByNode + *out = make([]PerNodeAPIRequestLog, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestCount. -func (in *RequestCount) DeepCopy() *RequestCount { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PerResourceAPIRequestLog. +func (in *PerResourceAPIRequestLog) DeepCopy() *PerResourceAPIRequestLog { if in == nil { return nil } - out := new(RequestCount) + out := new(PerResourceAPIRequestLog) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequestLog) DeepCopyInto(out *RequestLog) { +func (in *PerUserAPIRequestCount) DeepCopyInto(out *PerUserAPIRequestCount) { *out = *in - if in.Nodes != nil { - in, out := &in.Nodes, &out.Nodes - *out = make([]NodeRequestLog, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.ByVerb != nil { + in, out := &in.ByVerb, &out.ByVerb + *out = make([]PerVerbAPIRequestCount, len(*in)) + copy(*out, *in) } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestLog. -func (in *RequestLog) DeepCopy() *RequestLog { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PerUserAPIRequestCount. +func (in *PerUserAPIRequestCount) DeepCopy() *PerUserAPIRequestCount { if in == nil { return nil } - out := new(RequestLog) + out := new(PerUserAPIRequestCount) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RequestUser) DeepCopyInto(out *RequestUser) { +func (in *PerVerbAPIRequestCount) DeepCopyInto(out *PerVerbAPIRequestCount) { *out = *in - if in.Requests != nil { - in, out := &in.Requests, &out.Requests - *out = make([]RequestCount, len(*in)) - copy(*out, *in) - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestUser. -func (in *RequestUser) DeepCopy() *RequestUser { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PerVerbAPIRequestCount. +func (in *PerVerbAPIRequestCount) DeepCopy() *PerVerbAPIRequestCount { if in == nil { return nil } - out := new(RequestUser) + out := new(PerVerbAPIRequestCount) in.DeepCopyInto(out) return out } diff --git a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.swagger_doc_generated.go index 66f3dc582..d028d3696 100644 --- a/vendor/github.com/openshift/api/apiserver/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/apiserver/v1/zz_generated.swagger_doc_generated.go @@ -11,81 +11,85 @@ package v1 // Those methods can be generated by using hack/update-swagger-docs.sh // AUTO-GENERATED FUNCTIONS START HERE -var map_DeprecatedAPIRequest = map[string]string{ - "": "DeprecatedAPIRequest tracts requests made to a deprecated API. The instance name should be of the form `resource.version.group`, matching the deprecated resource.", +var map_APIRequestCount = map[string]string{ + "": "APIRequestCount tracks requests made to an API. The instance name must be of the form `resource.version.group`, matching the resource.", "spec": "spec defines the characteristics of the resource.", "status": "status contains the observed state of the resource.", } -func (DeprecatedAPIRequest) SwaggerDoc() map[string]string { - return map_DeprecatedAPIRequest +func (APIRequestCount) SwaggerDoc() map[string]string { + return map_APIRequestCount } -var map_DeprecatedAPIRequestList = map[string]string{ - "": "DeprecatedAPIRequestList is a list of DeprecatedAPIRequest resources.", +var map_APIRequestCountList = map[string]string{ + "": "APIRequestCountList is a list of APIRequestCount resources.", } -func (DeprecatedAPIRequestList) SwaggerDoc() map[string]string { - return map_DeprecatedAPIRequestList +func (APIRequestCountList) SwaggerDoc() map[string]string { + return map_APIRequestCountList } -var map_DeprecatedAPIRequestSpec = map[string]string{ - "removedRelease": "removedRelease is when the API will be removed.", +var map_APIRequestCountSpec = map[string]string{ + "numberOfUsersToReport": "numberOfUsersToReport is the number of users to include in the report. If unspecified or zero, the default is ten. This is default is subject to change.", } -func (DeprecatedAPIRequestSpec) SwaggerDoc() map[string]string { - return map_DeprecatedAPIRequestSpec +func (APIRequestCountSpec) SwaggerDoc() map[string]string { + return map_APIRequestCountSpec } -var map_DeprecatedAPIRequestStatus = map[string]string{ +var map_APIRequestCountStatus = map[string]string{ "conditions": "conditions contains details of the current status of this API Resource.", - "requestsLastHour": "requestsLastHour contains request history for the current hour. This is porcelain to make the API easier to read by humans seeing if they addressed a problem. This field is reset on the hour.", - "requestsLast24h": "requestsLast24h contains request history for the last 24 hours, indexed by the hour, so 12:00AM-12:59 is in index 0, 6am-6:59am is index 6, etc. The index of the current hour is updated live and then duplicated into the requestsLastHour field.", + "removedInRelease": "removedInRelease is when the API will be removed.", + "requestCount": "requestCount is a sum of all requestCounts across all current hours, nodes, and users.", + "currentHour": "currentHour contains request history for the current hour. This is porcelain to make the API easier to read by humans seeing if they addressed a problem. This field is reset on the hour.", + "last24h": "last24h contains request history for the last 24 hours, indexed by the hour, so 12:00AM-12:59 is in index 0, 6am-6:59am is index 6, etc. The index of the current hour is updated live and then duplicated into the requestsLastHour field.", } -func (DeprecatedAPIRequestStatus) SwaggerDoc() map[string]string { - return map_DeprecatedAPIRequestStatus +func (APIRequestCountStatus) SwaggerDoc() map[string]string { + return map_APIRequestCountStatus } -var map_NodeRequestLog = map[string]string{ - "": "NodeRequestLog contains logs of requests to a certain node.", - "nodeName": "nodeName where the request are being handled.", - "lastUpdate": "lastUpdate should *always* being within the hour this is for. This is a time indicating the last moment the server is recording for, not the actual update time.", - "users": "users contains request details by top 10 users. Note that because in the case of an apiserver restart the list of top 10 users is determined on a best-effort basis, the list might be imprecise.", +var map_PerNodeAPIRequestLog = map[string]string{ + "": "PerNodeAPIRequestLog contains logs of requests to a certain node.", + "nodeName": "nodeName where the request are being handled.", + "requestCount": "requestCount is a sum of all requestCounts across all users, even those outside of the top 10 users.", + "byUser": "byUser contains request details by top .spec.numberOfUsersToReport users. Note that because in the case of an apiserver, restart the list of top users is determined on a best-effort basis, the list might be imprecise. In addition, some system users may be explicitly included in the list.", } -func (NodeRequestLog) SwaggerDoc() map[string]string { - return map_NodeRequestLog +func (PerNodeAPIRequestLog) SwaggerDoc() map[string]string { + return map_PerNodeAPIRequestLog } -var map_RequestCount = map[string]string{ - "": "RequestCount counts requests by API request verb.", - "verb": "verb of API request (get, list, create, etc...)", - "count": "count of requests for verb.", +var map_PerResourceAPIRequestLog = map[string]string{ + "": "PerResourceAPIRequestLog logs request for various nodes.", + "byNode": "byNode contains logs of requests per node.", + "requestCount": "requestCount is a sum of all requestCounts across nodes.", } -func (RequestCount) SwaggerDoc() map[string]string { - return map_RequestCount +func (PerResourceAPIRequestLog) SwaggerDoc() map[string]string { + return map_PerResourceAPIRequestLog } -var map_RequestLog = map[string]string{ - "": "RequestLog logs request for various nodes.", - "nodes": "nodes contains logs of requests per node.", +var map_PerUserAPIRequestCount = map[string]string{ + "": "PerUserAPIRequestCount contains logs of a user's requests.", + "username": "userName that made the request.", + "userAgent": "userAgent that made the request. The same user often has multiple binaries which connect (pods with many containers). The different binaries will have different userAgents, but the same user. In addition, we have userAgents with version information embedded and the userName isn't likely to change.", + "requestCount": "requestCount of requests by the user across all verbs.", + "byVerb": "byVerb details by verb.", } -func (RequestLog) SwaggerDoc() map[string]string { - return map_RequestLog +func (PerUserAPIRequestCount) SwaggerDoc() map[string]string { + return map_PerUserAPIRequestCount } -var map_RequestUser = map[string]string{ - "": "RequestUser contains logs of a user's requests.", - "username": "userName that made the request.", - "count": "count of requests.", - "requests": "requests details by verb.", +var map_PerVerbAPIRequestCount = map[string]string{ + "": "PerVerbAPIRequestCount requestCounts requests by API request verb.", + "verb": "verb of API request (get, list, create, etc...)", + "requestCount": "requestCount of requests for verb.", } -func (RequestUser) SwaggerDoc() map[string]string { - return map_RequestUser +func (PerVerbAPIRequestCount) SwaggerDoc() map[string]string { + return map_PerVerbAPIRequestCount } // AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/build/v1/generated.proto b/vendor/github.com/openshift/api/build/v1/generated.proto index e3e947c62..8f1154f1e 100644 --- a/vendor/github.com/openshift/api/build/v1/generated.proto +++ b/vendor/github.com/openshift/api/build/v1/generated.proto @@ -145,12 +145,9 @@ message BuildConfigStatus { // lastVersion is used to inform about number of last triggered build. optional int64 lastVersion = 1; - // ImageChangeTriggers is used to capture the runtime state of any ImageChangeTrigger specified in the BuildConfigSpec, - // including the value reconciled by the OpenShift APIServer for the lastTriggeredImageID. There will be a single entry - // in this array for each entry in the BuildConfigSpec.Triggers array where the BuildTriggerPolicy.ImageChange - // pointer is set to a non-nil value. The logical key for each entry in this array is expressed by the - // ImageStreamTagReference type. That type captures the required elements for identifying the ImageStreamTag referenced by the more - // generic ObjectReference BuildTriggerPolicy.ImageChange.From. + // ImageChangeTriggers captures the runtime state of any ImageChangeTrigger specified in the BuildConfigSpec, + // including the value reconciled by the OpenShift APIServer for the lastTriggeredImageID. There is a single entry + // in this array for each image change trigger in spec. Each trigger status references the ImageStreamTag that acts as the source of the trigger. repeated ImageChangeTriggerStatus imageChangeTriggers = 2; } @@ -882,35 +879,15 @@ message ImageChangeTrigger { // ImageChangeTriggerStatus tracks the latest resolved status of the associated ImageChangeTrigger policy // specified in the BuildConfigSpec.Triggers struct. message ImageChangeTriggerStatus { - // lastTriggeredImageID represents, at the last time a Build for this BuildConfig was instantiated, the sha/id of - // the image referenced by the the ImageStreamTag cited in the 'from' of this struct. - // The lastTriggeredImageID field will be updated by the OpenShift APIServer on all instantiations of a Build from - // the BuildConfig it processes, regardless of what is considered the cause of instantiation. - // Specifically, an instantiation of a Build could have been manually requested, or could have resulted from - // changes with any of the Triggers defined in BuildConfigSpec.Triggers. - // The reason for always updating this field across all ImageChangeTriggerStatus instances is to prevent - // multiple builds being instantiated concurrently when multiple ImageChangeTriggers fire concurrently. The system - // compares the the sha/id stored here with the associated ImageStreamTag's sha/id for the image. If they match, - // then this trigger is not a valid reason for instantiating a Build. So when ImageChangeTriggers fire concurrently, - // only one of them can "win", meaning selected as the cause for a Build instantiation request. - // Lastly, to clarify exactly what is meant by "Build instantiation", from a REST perspective, it is a HTTP POST of a - // BuildRequest object as the HTTP Body that is made to the OpenShift APIServer, where that HTTP POST also specifies - // the "buildconfigs" resource, "instantiate" subresource, as well as the namespace and name of the BuildConfig. + // lastTriggeredImageID represents the sha/id of the ImageStreamTag when a Build for this BuildConfig was started. + // The lastTriggeredImageID is updated each time a Build for this BuildConfig is started, even if this ImageStreamTag is not the reason the Build is started. optional string lastTriggeredImageID = 1; - // from is the ImageStreamTag that is used as the source of the trigger. - // This can come from an ImageStream tag referenced in this BuildConfig's Spec ImageChange Triggers, or the "from" - // this BuildConfig's build strategy if it happens to be an ImageStreamTag (where the user has specified an - // ImageChange Trigger in the spec with a 'nil' for its 'from'. + // from is the ImageStreamTag that is the source of the trigger. optional ImageStreamTagReference from = 2; - // lastTriggerTime is the last time this particular ImageChangeTrigger fired, and that trigger firing was chosen as the cause for the Build being instantiated - // from this BuildConfig. So on each Build instantiation, while lastTriggeredImageID will be updated regardless of - // whether this ImageChangeTrigger fired and deemed the cause for the Build Instantiation, this field is only updated - // when this trigger was in fact deemed the cause. As such, it is valid that this field may not be set across all the - // ImageChangeTriggers, as they may have not yet been deemed to be the cause of a Build instantiation. It is also - // valid that the times stored in lastTriggerTime will vary across all the ImageChangeTriggers, as the system - // explicitly picks only one trigger cause for a given Build. + // lastTriggerTime is the last time this particular ImageStreamTag triggered a Build to start. + // This field is only updated when this trigger specifically started a Build. optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTriggerTime = 3; } @@ -967,15 +944,12 @@ message ImageSourcePath { optional string destinationDir = 2; } -// ImageStreamTagReference captures the required elements for identifying the ImageStreamTag referenced by the more -// generic ObjectReference BuildTriggerPolicy.ImageChange.From. It is used by ImageChangeTriggerStatus, where a -// specific instance of ImageChangeTriggerStatus in maintained in BuildConfigStatus.ImageChangeTriggers for each entry -// in the BuildConfigSpec.Triggers array where the BuildTriggerPolicy.ImageChange pointer is set to a non-nil value +// ImageStreamTagReference references the ImageStreamTag in an image change trigger by namespace and name. message ImageStreamTagReference { - // namespace is the namespace where the ImageStreamTag used for an ImageChangeTrigger is located + // namespace is the namespace where the ImageStreamTag for an ImageChangeTrigger is located optional string namespace = 1; - // name is the name of the ImageStreamTag used for an ImageChangeTrigger + // name is the name of the ImageStreamTag for an ImageChangeTrigger optional string name = 2; } diff --git a/vendor/github.com/openshift/api/build/v1/types.go b/vendor/github.com/openshift/api/build/v1/types.go index cc57d5618..11cce8db9 100644 --- a/vendor/github.com/openshift/api/build/v1/types.go +++ b/vendor/github.com/openshift/api/build/v1/types.go @@ -976,12 +976,9 @@ type BuildConfigStatus struct { // lastVersion is used to inform about number of last triggered build. LastVersion int64 `json:"lastVersion" protobuf:"varint,1,opt,name=lastVersion"` - // ImageChangeTriggers is used to capture the runtime state of any ImageChangeTrigger specified in the BuildConfigSpec, - // including the value reconciled by the OpenShift APIServer for the lastTriggeredImageID. There will be a single entry - // in this array for each entry in the BuildConfigSpec.Triggers array where the BuildTriggerPolicy.ImageChange - // pointer is set to a non-nil value. The logical key for each entry in this array is expressed by the - // ImageStreamTagReference type. That type captures the required elements for identifying the ImageStreamTag referenced by the more - // generic ObjectReference BuildTriggerPolicy.ImageChange.From. + // ImageChangeTriggers captures the runtime state of any ImageChangeTrigger specified in the BuildConfigSpec, + // including the value reconciled by the OpenShift APIServer for the lastTriggeredImageID. There is a single entry + // in this array for each image change trigger in spec. Each trigger status references the ImageStreamTag that acts as the source of the trigger. ImageChangeTriggers []ImageChangeTriggerStatus `json:"imageChangeTriggers,omitempty" protobuf:"bytes,2,rep,name=imageChangeTriggers"` } @@ -1026,50 +1023,27 @@ type ImageChangeTrigger struct { Paused bool `json:"paused,omitempty" protobuf:"varint,3,opt,name=paused"` } -// ImageStreamTagReference captures the required elements for identifying the ImageStreamTag referenced by the more -// generic ObjectReference BuildTriggerPolicy.ImageChange.From. It is used by ImageChangeTriggerStatus, where a -// specific instance of ImageChangeTriggerStatus in maintained in BuildConfigStatus.ImageChangeTriggers for each entry -// in the BuildConfigSpec.Triggers array where the BuildTriggerPolicy.ImageChange pointer is set to a non-nil value +// ImageStreamTagReference references the ImageStreamTag in an image change trigger by namespace and name. type ImageStreamTagReference struct { - // namespace is the namespace where the ImageStreamTag used for an ImageChangeTrigger is located + // namespace is the namespace where the ImageStreamTag for an ImageChangeTrigger is located Namespace string `json:"namespace,omitempty" protobuf:"bytes,1,opt,name=namespace"` - // name is the name of the ImageStreamTag used for an ImageChangeTrigger + // name is the name of the ImageStreamTag for an ImageChangeTrigger Name string `json:"name,omitempty" protobuf:"bytes,2,opt,name=name"` } // ImageChangeTriggerStatus tracks the latest resolved status of the associated ImageChangeTrigger policy // specified in the BuildConfigSpec.Triggers struct. type ImageChangeTriggerStatus struct { - // lastTriggeredImageID represents, at the last time a Build for this BuildConfig was instantiated, the sha/id of - // the image referenced by the the ImageStreamTag cited in the 'from' of this struct. - // The lastTriggeredImageID field will be updated by the OpenShift APIServer on all instantiations of a Build from - // the BuildConfig it processes, regardless of what is considered the cause of instantiation. - // Specifically, an instantiation of a Build could have been manually requested, or could have resulted from - // changes with any of the Triggers defined in BuildConfigSpec.Triggers. - // The reason for always updating this field across all ImageChangeTriggerStatus instances is to prevent - // multiple builds being instantiated concurrently when multiple ImageChangeTriggers fire concurrently. The system - // compares the the sha/id stored here with the associated ImageStreamTag's sha/id for the image. If they match, - // then this trigger is not a valid reason for instantiating a Build. So when ImageChangeTriggers fire concurrently, - // only one of them can "win", meaning selected as the cause for a Build instantiation request. - // Lastly, to clarify exactly what is meant by "Build instantiation", from a REST perspective, it is a HTTP POST of a - // BuildRequest object as the HTTP Body that is made to the OpenShift APIServer, where that HTTP POST also specifies - // the "buildconfigs" resource, "instantiate" subresource, as well as the namespace and name of the BuildConfig. + // lastTriggeredImageID represents the sha/id of the ImageStreamTag when a Build for this BuildConfig was started. + // The lastTriggeredImageID is updated each time a Build for this BuildConfig is started, even if this ImageStreamTag is not the reason the Build is started. LastTriggeredImageID string `json:"lastTriggeredImageID,omitempty" protobuf:"bytes,1,opt,name=lastTriggeredImageID"` - // from is the ImageStreamTag that is used as the source of the trigger. - // This can come from an ImageStream tag referenced in this BuildConfig's Spec ImageChange Triggers, or the "from" - // this BuildConfig's build strategy if it happens to be an ImageStreamTag (where the user has specified an - // ImageChange Trigger in the spec with a 'nil' for its 'from'. + // from is the ImageStreamTag that is the source of the trigger. From ImageStreamTagReference `json:"from,omitempty" protobuf:"bytes,2,opt,name=from"` - // lastTriggerTime is the last time this particular ImageChangeTrigger fired, and that trigger firing was chosen as the cause for the Build being instantiated - // from this BuildConfig. So on each Build instantiation, while lastTriggeredImageID will be updated regardless of - // whether this ImageChangeTrigger fired and deemed the cause for the Build Instantiation, this field is only updated - // when this trigger was in fact deemed the cause. As such, it is valid that this field may not be set across all the - // ImageChangeTriggers, as they may have not yet been deemed to be the cause of a Build instantiation. It is also - // valid that the times stored in lastTriggerTime will vary across all the ImageChangeTriggers, as the system - // explicitly picks only one trigger cause for a given Build. + // lastTriggerTime is the last time this particular ImageStreamTag triggered a Build to start. + // This field is only updated when this trigger specifically started a Build. LastTriggerTime metav1.Time `json:"lastTriggerTime,omitempty" protobuf:"bytes,3,opt,name=lastTriggerTime"` } diff --git a/vendor/github.com/openshift/api/build/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/build/v1/zz_generated.swagger_doc_generated.go index f4410e6d3..9be845dfb 100644 --- a/vendor/github.com/openshift/api/build/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/build/v1/zz_generated.swagger_doc_generated.go @@ -101,7 +101,7 @@ func (BuildConfigSpec) SwaggerDoc() map[string]string { var map_BuildConfigStatus = map[string]string{ "": "BuildConfigStatus contains current state of the build config object.", "lastVersion": "lastVersion is used to inform about number of last triggered build.", - "imageChangeTriggers": "ImageChangeTriggers is used to capture the runtime state of any ImageChangeTrigger specified in the BuildConfigSpec, including the value reconciled by the OpenShift APIServer for the lastTriggeredImageID. There will be a single entry in this array for each entry in the BuildConfigSpec.Triggers array where the BuildTriggerPolicy.ImageChange pointer is set to a non-nil value. The logical key for each entry in this array is expressed by the ImageStreamTagReference type. That type captures the required elements for identifying the ImageStreamTag referenced by the more generic ObjectReference BuildTriggerPolicy.ImageChange.From.", + "imageChangeTriggers": "ImageChangeTriggers captures the runtime state of any ImageChangeTrigger specified in the BuildConfigSpec, including the value reconciled by the OpenShift APIServer for the lastTriggeredImageID. There is a single entry in this array for each image change trigger in spec. Each trigger status references the ImageStreamTag that acts as the source of the trigger.", } func (BuildConfigStatus) SwaggerDoc() map[string]string { @@ -470,9 +470,9 @@ func (ImageChangeTrigger) SwaggerDoc() map[string]string { var map_ImageChangeTriggerStatus = map[string]string{ "": "ImageChangeTriggerStatus tracks the latest resolved status of the associated ImageChangeTrigger policy specified in the BuildConfigSpec.Triggers struct.", - "lastTriggeredImageID": "lastTriggeredImageID represents, at the last time a Build for this BuildConfig was instantiated, the sha/id of the image referenced by the the ImageStreamTag cited in the 'from' of this struct. The lastTriggeredImageID field will be updated by the OpenShift APIServer on all instantiations of a Build from the BuildConfig it processes, regardless of what is considered the cause of instantiation. Specifically, an instantiation of a Build could have been manually requested, or could have resulted from changes with any of the Triggers defined in BuildConfigSpec.Triggers. The reason for always updating this field across all ImageChangeTriggerStatus instances is to prevent multiple builds being instantiated concurrently when multiple ImageChangeTriggers fire concurrently. The system compares the the sha/id stored here with the associated ImageStreamTag's sha/id for the image. If they match, then this trigger is not a valid reason for instantiating a Build. So when ImageChangeTriggers fire concurrently, only one of them can \"win\", meaning selected as the cause for a Build instantiation request. Lastly, to clarify exactly what is meant by \"Build instantiation\", from a REST perspective, it is a HTTP POST of a BuildRequest object as the HTTP Body that is made to the OpenShift APIServer, where that HTTP POST also specifies the \"buildconfigs\" resource, \"instantiate\" subresource, as well as the namespace and name of the BuildConfig.", - "from": "from is the ImageStreamTag that is used as the source of the trigger. This can come from an ImageStream tag referenced in this BuildConfig's Spec ImageChange Triggers, or the \"from\"\n this BuildConfig's build strategy if it happens to be an ImageStreamTag (where the user has specified an\nImageChange Trigger in the spec with a 'nil' for its 'from'.", - "lastTriggerTime": "lastTriggerTime is the last time this particular ImageChangeTrigger fired, and that trigger firing was chosen as the cause for the Build being instantiated from this BuildConfig. So on each Build instantiation, while lastTriggeredImageID will be updated regardless of whether this ImageChangeTrigger fired and deemed the cause for the Build Instantiation, this field is only updated when this trigger was in fact deemed the cause. As such, it is valid that this field may not be set across all the ImageChangeTriggers, as they may have not yet been deemed to be the cause of a Build instantiation. It is also valid that the times stored in lastTriggerTime will vary across all the ImageChangeTriggers, as the system explicitly picks only one trigger cause for a given Build.", + "lastTriggeredImageID": "lastTriggeredImageID represents the sha/id of the ImageStreamTag when a Build for this BuildConfig was started. The lastTriggeredImageID is updated each time a Build for this BuildConfig is started, even if this ImageStreamTag is not the reason the Build is started.", + "from": "from is the ImageStreamTag that is the source of the trigger.", + "lastTriggerTime": "lastTriggerTime is the last time this particular ImageStreamTag triggered a Build to start. This field is only updated when this trigger specifically started a Build.", } func (ImageChangeTriggerStatus) SwaggerDoc() map[string]string { @@ -512,9 +512,9 @@ func (ImageSourcePath) SwaggerDoc() map[string]string { } var map_ImageStreamTagReference = map[string]string{ - "": "ImageStreamTagReference captures the required elements for identifying the ImageStreamTag referenced by the more generic ObjectReference BuildTriggerPolicy.ImageChange.From. It is used by ImageChangeTriggerStatus, where a specific instance of ImageChangeTriggerStatus in maintained in BuildConfigStatus.ImageChangeTriggers for each entry in the BuildConfigSpec.Triggers array where the BuildTriggerPolicy.ImageChange pointer is set to a non-nil value", - "namespace": "namespace is the namespace where the ImageStreamTag used for an ImageChangeTrigger is located", - "name": "name is the name of the ImageStreamTag used for an ImageChangeTrigger", + "": "ImageStreamTagReference references the ImageStreamTag in an image change trigger by namespace and name.", + "namespace": "namespace is the namespace where the ImageStreamTag for an ImageChangeTrigger is located", + "name": "name is the name of the ImageStreamTag for an ImageChangeTrigger", } func (ImageStreamTagReference) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml b/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml index 91c71ad51..14588cba4 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/001-cloudprivateipconfig.crd.yaml @@ -1,13 +1,13 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: cloudprivateipconfig.cloud.network.openshift.io + name: cloudprivateipconfigs.cloud.network.openshift.io spec: group: cloud.network.openshift.io names: kind: CloudPrivateIPConfig listKind: CloudPrivateIPConfigList - plural: cloudprivateipconfig + plural: cloudprivateipconfigs singular: cloudprivateipconfig scope: Cluster versions: diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto b/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto index 18bba8a9f..3b675bac8 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/generated.proto @@ -28,7 +28,7 @@ option go_package = "v1"; // +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status -// +kubebuilder:resource:path=cloudprivateipconfig,scope=Cluster +// +kubebuilder:resource:path=cloudprivateipconfigs,scope=Cluster message CloudPrivateIPConfig { optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; diff --git a/vendor/github.com/openshift/api/cloudnetwork/v1/types.go b/vendor/github.com/openshift/api/cloudnetwork/v1/types.go index 3f899f559..ae98ff6e1 100644 --- a/vendor/github.com/openshift/api/cloudnetwork/v1/types.go +++ b/vendor/github.com/openshift/api/cloudnetwork/v1/types.go @@ -20,7 +20,7 @@ import ( // +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status -// +kubebuilder:resource:path=cloudprivateipconfig,scope=Cluster +// +kubebuilder:resource:path=cloudprivateipconfigs,scope=Cluster type CloudPrivateIPConfig struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml index 2bf271283..e56801b1e 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusteroperator.crd.yaml @@ -1,32 +1,11 @@ kind: CustomResourceDefinition -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 metadata: name: clusteroperators.config.openshift.io annotations: include.release.openshift.io/self-managed-high-availability: "true" include.release.openshift.io/single-node-developer: "true" spec: - additionalPrinterColumns: - - JSONPath: .status.versions[?(@.name=="operator")].version - description: The version the operator is at. - name: Version - type: string - - JSONPath: .status.conditions[?(@.type=="Available")].status - description: Whether the operator is running and stable. - name: Available - type: string - - JSONPath: .status.conditions[?(@.type=="Progressing")].status - description: Whether the operator is processing changes. - name: Progressing - type: string - - JSONPath: .status.conditions[?(@.type=="Degraded")].status - description: Whether the operator is degraded. - name: Degraded - type: string - - JSONPath: .status.conditions[?(@.type=="Available")].lastTransitionTime - description: The time the operator's Available status last changed. - name: Since - type: date group: config.openshift.io names: kind: ClusterOperator @@ -35,135 +14,151 @@ spec: singular: clusteroperator shortNames: - co - preserveUnknownFields: false scope: Cluster - subresources: - status: {} - version: v1 versions: - name: v1 served: true storage: true - validation: - openAPIV3Schema: - description: ClusterOperator is the Custom Resource object which holds the current - state of an operator. This object is used by operators to convey their state - to the rest of the cluster. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds configuration that could apply to any operator. - type: object - status: - description: status holds the information about the state of an operator. It - is consistent with status information across the Kubernetes ecosystem. - type: object - properties: - conditions: - description: conditions describes the state of the operator's managed - and monitored components. - type: array - items: - description: ClusterOperatorStatusCondition represents the state of - the operator's managed and monitored components. + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.versions[?(@.name=="operator")].version + description: The version the operator is at. + name: Version + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].status + description: Whether the operator is running and stable. + name: Available + type: string + - jsonPath: .status.conditions[?(@.type=="Progressing")].status + description: Whether the operator is processing changes. + name: Progressing + type: string + - jsonPath: .status.conditions[?(@.type=="Degraded")].status + description: Whether the operator is degraded. + name: Degraded + type: string + - jsonPath: .status.conditions[?(@.type=="Available")].lastTransitionTime + description: The time the operator's Available status last changed. + name: Since + type: date + schema: + openAPIV3Schema: + description: ClusterOperator is the Custom Resource object which holds the + current state of an operator. This object is used by operators to convey + their state to the rest of the cluster. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds configuration that could apply to any operator. + type: object + status: + description: status holds the information about the state of an operator. It + is consistent with status information across the Kubernetes ecosystem. + type: object + properties: + conditions: + description: conditions describes the state of the operator's managed + and monitored components. + type: array + items: + description: ClusterOperatorStatusCondition represents the state + of the operator's managed and monitored components. + type: object + required: + - lastTransitionTime + - status + - type + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update + to the current status property. + type: string + format: date-time + message: + description: message provides additional information about the + current condition. This is only to be consumed by humans. It + may contain Line Feed characters (U+000A), which should be + rendered as new lines. + type: string + reason: + description: reason is the CamelCase reason for the condition's + current status. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the aspect reported by this condition. + type: string + extension: + description: extension contains any additional status information + specific to the operator which owns this status object. type: object - required: - - lastTransitionTime - - status - - type - properties: - lastTransitionTime: - description: lastTransitionTime is the time of the last update - to the current status property. - type: string - format: date-time - message: - description: message provides additional information about the - current condition. This is only to be consumed by humans. It - may contain Line Feed characters (U+000A), which should be rendered - as new lines. - type: string - reason: - description: reason is the CamelCase reason for the condition's - current status. - type: string - status: - description: status of the condition, one of True, False, Unknown. - type: string - type: - description: type specifies the aspect reported by this condition. - type: string - extension: - description: extension contains any additional status information specific - to the operator which owns this status object. - type: object - nullable: true - x-kubernetes-preserve-unknown-fields: true - relatedObjects: - description: 'relatedObjects is a list of objects that are "interesting" - or related to this operator. Common uses are: 1. the detailed resource - driving the operator 2. operator namespaces 3. operand namespaces' - type: array - items: - description: ObjectReference contains enough information to let you - inspect or modify the referred object. - type: object - required: - - group - - name - - resource - properties: - group: - description: group of the referent. - type: string - name: - description: name of the referent. - type: string - namespace: - description: namespace of the referent. - type: string - resource: - description: resource of the referent. - type: string - versions: - description: versions is a slice of operator and operand version tuples. Operators - which manage multiple operands will have multiple operand entries - in the array. Available operators must report the version of the - operator itself with the name "operator". An operator reports a new - "operator" version when it has rolled out the new version to all of - its operands. - type: array - items: - type: object - required: - - name - - version - properties: - name: - description: name is the name of the particular operand this version - is for. It usually matches container images, not operators. - type: string - version: - description: version indicates which version of a particular operand - is currently being managed. It must always match the Available - operand. If 1.0.0 is Available, then this must indicate 1.0.0 - even if the operator is trying to rollout 1.1.0 - type: string - versions: - - name: v1 - served: true - storage: true + nullable: true + x-kubernetes-preserve-unknown-fields: true + relatedObjects: + description: 'relatedObjects is a list of objects that are "interesting" + or related to this operator. Common uses are: 1. the detailed resource + driving the operator 2. operator namespaces 3. operand namespaces' + type: array + items: + description: ObjectReference contains enough information to let + you inspect or modify the referred object. + type: object + required: + - group + - name + - resource + properties: + group: + description: group of the referent. + type: string + name: + description: name of the referent. + type: string + namespace: + description: namespace of the referent. + type: string + resource: + description: resource of the referent. + type: string + versions: + description: versions is a slice of operator and operand version tuples. Operators + which manage multiple operands will have multiple operand entries + in the array. Available operators must report the version of the + operator itself with the name "operator". An operator reports a + new "operator" version when it has rolled out the new version to + all of its operands. + type: array + items: + type: object + required: + - name + - version + properties: + name: + description: name is the name of the particular operand this + version is for. It usually matches container images, not + operators. + type: string + version: + description: version indicates which version of a particular + operand is currently being managed. It must always match + the Available operand. If 1.0.0 is Available, then this must + indicate 1.0.0 even if the operator is trying to rollout 1.1.0 + type: string diff --git a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml index 628538d0e..c5be735b6 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_00_cluster-version-operator_01_clusterversion.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: clusterversions.config.openshift.io @@ -7,166 +7,216 @@ metadata: include.release.openshift.io/single-node-developer: "true" spec: group: config.openshift.io + scope: Cluster versions: - name: v1 served: true storage: true - scope: Cluster - subresources: - status: {} - names: - plural: clusterversions - singular: clusterversion - kind: ClusterVersion - preserveUnknownFields: false - additionalPrinterColumns: - - name: Version - type: string - JSONPath: .status.history[?(@.state=="Completed")].version - - name: Available - type: string - JSONPath: .status.conditions[?(@.type=="Available")].status - - name: Progressing - type: string - JSONPath: .status.conditions[?(@.type=="Progressing")].status - - name: Since - type: date - JSONPath: .status.conditions[?(@.type=="Progressing")].lastTransitionTime - - name: Status - type: string - JSONPath: .status.conditions[?(@.type=="Progressing")].message - validation: - openAPIV3Schema: - description: ClusterVersion is the configuration for the ClusterVersionOperator. - This is where parameters related to automatic updates can be set. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec is the desired state of the cluster version - the operator - will work to ensure that the desired version is applied to the cluster. - type: object - required: - - clusterID - properties: - channel: - description: channel is an identifier for explicitly requesting that - a non-default set of updates be applied to this cluster. The default - channel will be contain stable updates that are appropriate for production - clusters. - type: string - clusterID: - description: clusterID uniquely identifies this cluster. This is expected - to be an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx - in hexadecimal values). This is a required field. - type: string - desiredUpdate: - description: "desiredUpdate is an optional field that indicates the - desired value of the cluster version. Setting this value will trigger - an upgrade (if the current version does not match the desired version). - The set of recommended update values is listed as part of available - updates in status, and setting values outside that range may cause - the upgrade to fail. You may specify the version field without setting - image if an update exists with that version in the availableUpdates - or history. \n If an upgrade fails the operator will halt and report - status about the failing component. Setting the desired update value - back to the previous version will cause a rollback to be attempted. - Not all rollbacks will succeed." - type: object - properties: - force: - description: "force allows an administrator to update to an image - that has failed verification, does not appear in the availableUpdates - list, or otherwise would be blocked by normal protections on update. - This option should only be used when the authenticity of the provided - image has been verified out of band because the provided image - will run with full administrative access to the cluster. Do not - use this flag with images that comes from unknown or potentially - malicious sources. \n This flag does not override other forms - of consistency checking that are required before a new update - is deployed." - type: boolean - image: - description: image is a container image location that contains the - update. When this field is part of spec, image is optional if - version is specified and the availableUpdates field contains a - matching version. - type: string - version: - description: version is a semantic versioning identifying the update - version. When this field is part of spec, version is optional - if image is specified. - type: string - overrides: - description: overrides is list of overides for components that are managed - by cluster version operator. Marking a component unmanaged will prevent - the operator from creating or updating the object. - type: array - items: - description: ComponentOverride allows overriding cluster version operator's - behavior for a component. + schema: + openAPIV3Schema: + description: ClusterVersion is the configuration for the ClusterVersionOperator. + This is where parameters related to automatic updates can be set. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the desired state of the cluster version - the operator + will work to ensure that the desired version is applied to the cluster. + type: object + required: + - clusterID + properties: + channel: + description: channel is an identifier for explicitly requesting that + a non-default set of updates be applied to this cluster. The default + channel will be contain stable updates that are appropriate for + production clusters. + type: string + clusterID: + description: clusterID uniquely identifies this cluster. This is expected + to be an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + in hexadecimal values). This is a required field. + type: string + desiredUpdate: + description: "desiredUpdate is an optional field that indicates the + desired value of the cluster version. Setting this value will trigger + an upgrade (if the current version does not match the desired version). + The set of recommended update values is listed as part of available + updates in status, and setting values outside that range may cause + the upgrade to fail. You may specify the version field without setting + image if an update exists with that version in the availableUpdates + or history. \n If an upgrade fails the operator will halt and report + status about the failing component. Setting the desired update value + back to the previous version will cause a rollback to be attempted. + Not all rollbacks will succeed." type: object - required: - - group - - kind - - name - - namespace - - unmanaged properties: - group: - description: group identifies the API group that the kind is in. - type: string - kind: - description: kind indentifies which object to override. - type: string - name: - description: name is the component's name. + force: + description: "force allows an administrator to update to an image + that has failed verification, does not appear in the availableUpdates + list, or otherwise would be blocked by normal protections on + update. This option should only be used when the authenticity + of the provided image has been verified out of band because + the provided image will run with full administrative access + to the cluster. Do not use this flag with images that comes + from unknown or potentially malicious sources. \n This flag + does not override other forms of consistency checking that are + required before a new update is deployed." + type: boolean + image: + description: image is a container image location that contains + the update. When this field is part of spec, image is optional + if version is specified and the availableUpdates field contains + a matching version. type: string - namespace: - description: namespace is the component's namespace. If the resource - is cluster scoped, the namespace should be empty. + version: + description: version is a semantic versioning identifying the + update version. When this field is part of spec, version is + optional if image is specified. type: string - unmanaged: - description: 'unmanaged controls if cluster version operator should - stop managing the resources in this cluster. Default: false' - type: boolean - upstream: - description: upstream may be used to specify the preferred update server. - By default it will use the appropriate update server for the cluster - and region. - type: string - status: - description: status contains information about the available updates and - any in-progress updates. - type: object - required: - - availableUpdates - - desired - - observedGeneration - - versionHash - properties: - availableUpdates: - description: availableUpdates contains the list of updates that are - appropriate for this cluster. This list may be empty if no updates - are recommended, if the update service is unavailable, or if an invalid - channel has been specified. - type: array - items: - description: Release represents an OpenShift release image and associated - metadata. + overrides: + description: overrides is list of overides for components that are + managed by cluster version operator. Marking a component unmanaged + will prevent the operator from creating or updating the object. + type: array + items: + description: ComponentOverride allows overriding cluster version + operator's behavior for a component. + type: object + required: + - group + - kind + - name + - namespace + - unmanaged + properties: + group: + description: group identifies the API group that the kind is + in. + type: string + kind: + description: kind indentifies which object to override. + type: string + name: + description: name is the component's name. + type: string + namespace: + description: namespace is the component's namespace. If the + resource is cluster scoped, the namespace should be empty. + type: string + unmanaged: + description: 'unmanaged controls if cluster version operator + should stop managing the resources in this cluster. Default: + false' + type: boolean + upstream: + description: upstream may be used to specify the preferred update + server. By default it will use the appropriate update server for + the cluster and region. + type: string + status: + description: status contains information about the available updates and + any in-progress updates. + type: object + required: + - availableUpdates + - desired + - observedGeneration + - versionHash + properties: + availableUpdates: + description: availableUpdates contains the list of updates that are + appropriate for this cluster. This list may be empty if no updates + are recommended, if the update service is unavailable, or if an + invalid channel has been specified. + type: array + items: + description: Release represents an OpenShift release image and associated + metadata. + type: object + properties: + channels: + description: channels is the set of Cincinnati channels to which + the release currently belongs. + type: array + items: + type: string + image: + description: image is a container image location that contains + the update. When this field is part of spec, image is optional + if version is specified and the availableUpdates field contains + a matching version. + type: string + url: + description: url contains information about this release. This + URL is set by the 'url' metadata property on a release or + the metadata returned by the update API and should be displayed + as a link in user interfaces. The URL field may not be set + for test or nightly releases. + type: string + version: + description: version is a semantic versioning identifying the + update version. When this field is part of spec, version is + optional if image is specified. + type: string + nullable: true + conditions: + description: conditions provides information about the cluster version. + The condition "Available" is set to true if the desiredUpdate has + been reached. The condition "Progressing" is set to true if an update + is being applied. The condition "Degraded" is set to true if an + update is currently blocked by a temporary or permanent error. Conditions + are only valid for the current desiredUpdate when metadata.generation + is equal to status.generation. + type: array + items: + description: ClusterOperatorStatusCondition represents the state + of the operator's managed and monitored components. + type: object + required: + - lastTransitionTime + - status + - type + properties: + lastTransitionTime: + description: lastTransitionTime is the time of the last update + to the current status property. + type: string + format: date-time + message: + description: message provides additional information about the + current condition. This is only to be consumed by humans. It + may contain Line Feed characters (U+000A), which should be + rendered as new lines. + type: string + reason: + description: reason is the CamelCase reason for the condition's + current status. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type specifies the aspect reported by this condition. + type: string + desired: + description: desired is the version that the cluster is reconciling + towards. If the cluster is not yet fully initialized desired will + be set with the information available, which may be an image or + a tag. type: object properties: channels: @@ -193,143 +243,92 @@ spec: update version. When this field is part of spec, version is optional if image is specified. type: string - nullable: true - conditions: - description: conditions provides information about the cluster version. - The condition "Available" is set to true if the desiredUpdate has - been reached. The condition "Progressing" is set to true if an update - is being applied. The condition "Degraded" is set to true if an update - is currently blocked by a temporary or permanent error. Conditions - are only valid for the current desiredUpdate when metadata.generation - is equal to status.generation. - type: array - items: - description: ClusterOperatorStatusCondition represents the state of - the operator's managed and monitored components. - type: object - required: - - lastTransitionTime - - status - - type - properties: - lastTransitionTime: - description: lastTransitionTime is the time of the last update - to the current status property. - type: string - format: date-time - message: - description: message provides additional information about the - current condition. This is only to be consumed by humans. It - may contain Line Feed characters (U+000A), which should be rendered - as new lines. - type: string - reason: - description: reason is the CamelCase reason for the condition's - current status. - type: string - status: - description: status of the condition, one of True, False, Unknown. - type: string - type: - description: type specifies the aspect reported by this condition. - type: string - desired: - description: desired is the version that the cluster is reconciling - towards. If the cluster is not yet fully initialized desired will - be set with the information available, which may be an image or a - tag. - type: object - properties: - channels: - description: channels is the set of Cincinnati channels to which - the release currently belongs. - type: array - items: - type: string - image: - description: image is a container image location that contains the - update. When this field is part of spec, image is optional if - version is specified and the availableUpdates field contains a - matching version. - type: string - url: - description: url contains information about this release. This URL - is set by the 'url' metadata property on a release or the metadata - returned by the update API and should be displayed as a link in - user interfaces. The URL field may not be set for test or nightly - releases. - type: string - version: - description: version is a semantic versioning identifying the update - version. When this field is part of spec, version is optional - if image is specified. - type: string - history: - description: history contains a list of the most recent versions applied - to the cluster. This value may be empty during cluster startup, and - then will be updated when a new update is being applied. The newest - update is first in the list and it is ordered by recency. Updates - in the history have state Completed if the rollout completed - if - an update was failing or halfway applied the state will be Partial. - Only a limited amount of update history is preserved. - type: array - items: - description: UpdateHistory is a single attempted update to the cluster. - type: object - required: - - completionTime - - image - - startedTime - - state - - verified - properties: - completionTime: - description: completionTime, if set, is when the update was fully - applied. The update that is currently being applied will have - a null completion time. Completion time will always be set for - entries that are not the current update (usually to the started - time of the next update). - type: string - format: date-time - nullable: true - image: - description: image is a container image location that contains - the update. This value is always populated. - type: string - startedTime: - description: startedTime is the time at which the update was started. - type: string - format: date-time - state: - description: state reflects whether the update was fully applied. - The Partial state indicates the update is not fully applied, - while the Completed state indicates the update was successfully - rolled out at least once (all parts of the update successfully - applied). - type: string - verified: - description: verified indicates whether the provided update was - properly verified before it was installed. If this is false - the cluster may not be trusted. - type: boolean - version: - description: version is a semantic versioning identifying the - update version. If the requested image does not define a version, - or if a failure occurs retrieving the image, this value may - be empty. - type: string - observedGeneration: - description: observedGeneration reports which version of the spec is - being synced. If this value is not equal to metadata.generation, then - the desired and conditions fields may represent a previous version. - type: integer - format: int64 - versionHash: - description: versionHash is a fingerprint of the content that the cluster - will be updated with. It is used by the operator to avoid unnecessary - work and is for internal use only. - type: string - versions: - - name: v1 - served: true - storage: true + history: + description: history contains a list of the most recent versions applied + to the cluster. This value may be empty during cluster startup, + and then will be updated when a new update is being applied. The + newest update is first in the list and it is ordered by recency. + Updates in the history have state Completed if the rollout completed + - if an update was failing or halfway applied the state will be + Partial. Only a limited amount of update history is preserved. + type: array + items: + description: UpdateHistory is a single attempted update to the cluster. + type: object + required: + - completionTime + - image + - startedTime + - state + - verified + properties: + completionTime: + description: completionTime, if set, is when the update was + fully applied. The update that is currently being applied + will have a null completion time. Completion time will always + be set for entries that are not the current update (usually + to the started time of the next update). + type: string + format: date-time + nullable: true + image: + description: image is a container image location that contains + the update. This value is always populated. + type: string + startedTime: + description: startedTime is the time at which the update was + started. + type: string + format: date-time + state: + description: state reflects whether the update was fully applied. + The Partial state indicates the update is not fully applied, + while the Completed state indicates the update was successfully + rolled out at least once (all parts of the update successfully + applied). + type: string + verified: + description: verified indicates whether the provided update + was properly verified before it was installed. If this is + false the cluster may not be trusted. + type: boolean + version: + description: version is a semantic versioning identifying the + update version. If the requested image does not define a version, + or if a failure occurs retrieving the image, this value may + be empty. + type: string + observedGeneration: + description: observedGeneration reports which version of the spec + is being synced. If this value is not equal to metadata.generation, + then the desired and conditions fields may represent a previous + version. + type: integer + format: int64 + versionHash: + description: versionHash is a fingerprint of the content that the + cluster will be updated with. It is used by the operator to avoid + unnecessary work and is for internal use only. + type: string + subresources: + status: {} + additionalPrinterColumns: + - name: Version + type: string + jsonPath: .status.history[?(@.state=="Completed")].version + - name: Available + type: string + jsonPath: .status.conditions[?(@.type=="Available")].status + - name: Progressing + type: string + jsonPath: .status.conditions[?(@.type=="Progressing")].status + - name: Since + type: date + jsonPath: .status.conditions[?(@.type=="Progressing")].lastTransitionTime + - name: Status + type: string + jsonPath: .status.conditions[?(@.type=="Progressing")].message + names: + plural: clusterversions + singular: clusterversion + kind: ClusterVersion diff --git a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml index 18e6187e6..8ea625945 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_03_config-operator_01_operatorhub.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: operatorhubs.config.openshift.io @@ -14,92 +14,92 @@ spec: plural: operatorhubs singular: operatorhub scope: Cluster - preserveUnknownFields: false - subresources: - status: {} - version: v1 versions: - name: v1 + subresources: + status: {} served: true storage: true - "validation": - "openAPIV3Schema": - description: OperatorHub is the Schema for the operatorhubs API. It can be used - to change the state of the default hub sources for OperatorHub on the cluster - from enabled to disabled and vice versa. - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OperatorHubSpec defines the desired state of OperatorHub - type: object - properties: - disableAllDefaultSources: - description: disableAllDefaultSources allows you to disable all the - default hub sources. If this is true, a specific entry in sources - can be used to enable a default source. If this is false, a specific - entry in sources can be used to disable or enable a default source. - type: boolean - sources: - description: sources is the list of default hub sources and their configuration. - If the list is empty, it implies that the default hub sources are - enabled on the cluster unless disableAllDefaultSources is true. If - disableAllDefaultSources is true and sources is not empty, the configuration - present in sources will take precedence. The list of default hub sources - and their current state will always be reflected in the status block. - type: array - items: - description: HubSource is used to specify the hub source and its configuration - type: object - properties: - disabled: - description: disabled is used to disable a default hub source - on cluster - type: boolean - name: - description: name is the name of one of the default hub sources - type: string - maxLength: 253 - minLength: 1 - status: - description: OperatorHubStatus defines the observed state of OperatorHub. - The current state of the default hub sources will always be reflected - here. - type: object - properties: - sources: - description: sources encapsulates the result of applying the configuration - for each hub source - type: array - items: - description: HubSourceStatus is used to reflect the current state - of applying the configuration to a default source - type: object - properties: - disabled: - description: disabled is used to disable a default hub source - on cluster - type: boolean - message: - description: message provides more information regarding failures - type: string - name: - description: name is the name of one of the default hub sources - type: string - maxLength: 253 - minLength: 1 - status: - description: status indicates success or failure in applying the - configuration - type: string + "schema": + "openAPIV3Schema": + description: OperatorHub is the Schema for the operatorhubs API. It can be + used to change the state of the default hub sources for OperatorHub on the + cluster from enabled to disabled and vice versa. + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OperatorHubSpec defines the desired state of OperatorHub + type: object + properties: + disableAllDefaultSources: + description: disableAllDefaultSources allows you to disable all the + default hub sources. If this is true, a specific entry in sources + can be used to enable a default source. If this is false, a specific + entry in sources can be used to disable or enable a default source. + type: boolean + sources: + description: sources is the list of default hub sources and their + configuration. If the list is empty, it implies that the default + hub sources are enabled on the cluster unless disableAllDefaultSources + is true. If disableAllDefaultSources is true and sources is not + empty, the configuration present in sources will take precedence. + The list of default hub sources and their current state will always + be reflected in the status block. + type: array + items: + description: HubSource is used to specify the hub source and its + configuration + type: object + properties: + disabled: + description: disabled is used to disable a default hub source + on cluster + type: boolean + name: + description: name is the name of one of the default hub sources + type: string + maxLength: 253 + minLength: 1 + status: + description: OperatorHubStatus defines the observed state of OperatorHub. + The current state of the default hub sources will always be reflected + here. + type: object + properties: + sources: + description: sources encapsulates the result of applying the configuration + for each hub source + type: array + items: + description: HubSourceStatus is used to reflect the current state + of applying the configuration to a default source + type: object + properties: + disabled: + description: disabled is used to disable a default hub source + on cluster + type: boolean + message: + description: message provides more information regarding failures + type: string + name: + description: name is the name of one of the default hub sources + type: string + maxLength: 253 + minLength: 1 + status: + description: status indicates success or failure in applying + the configuration + type: string diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml index fda9d275a..fd0eea93c 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_build.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: builds.config.openshift.io @@ -17,376 +17,384 @@ spec: listKind: BuildList versions: - name: v1 + subresources: + status: {} served: true storage: true - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: "Build configures the behavior of OpenShift builds for the entire - cluster. This includes default settings that can be overridden in BuildConfig - objects, and overrides which are applied to all builds. \n The canonical name - is \"cluster\"" - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec holds user-settable values for the build controller configuration - type: object - properties: - additionalTrustedCA: - description: "AdditionalTrustedCA is a reference to a ConfigMap containing - additional CAs that should be trusted for image pushes and pulls during - builds. The namespace for this config map is openshift-config. \n - DEPRECATED: Additional CAs for image pull and push should be set on - image.config.openshift.io/cluster instead." - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - buildDefaults: - description: BuildDefaults controls the default information for Builds - type: object - properties: - defaultProxy: - description: "DefaultProxy contains the default proxy settings for - all build operations, including image pull/push and source download. - \n Values can be overrode by setting the `HTTP_PROXY`, `HTTPS_PROXY`, - and `NO_PROXY` environment variables in the build config's strategy." - type: object - properties: - httpProxy: - description: httpProxy is the URL of the proxy for HTTP requests. Empty - means unset and will not result in an env var. - type: string - httpsProxy: - description: httpsProxy is the URL of the proxy for HTTPS requests. Empty - means unset and will not result in an env var. - type: string - noProxy: - description: noProxy is a comma-separated list of hostnames - and/or CIDRs for which the proxy should not be used. Empty - means unset and will not result in an env var. - type: string - readinessEndpoints: - description: readinessEndpoints is a list of endpoints used - to verify readiness of the proxy. - type: array - items: + "schema": + "openAPIV3Schema": + description: "Build configures the behavior of OpenShift builds for the entire + cluster. This includes default settings that can be overridden in BuildConfig + objects, and overrides which are applied to all builds. \n The canonical + name is \"cluster\"" + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec holds user-settable values for the build controller + configuration + type: object + properties: + additionalTrustedCA: + description: "AdditionalTrustedCA is a reference to a ConfigMap containing + additional CAs that should be trusted for image pushes and pulls + during builds. The namespace for this config map is openshift-config. + \n DEPRECATED: Additional CAs for image pull and push should be + set on image.config.openshift.io/cluster instead." + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + buildDefaults: + description: BuildDefaults controls the default information for Builds + type: object + properties: + defaultProxy: + description: "DefaultProxy contains the default proxy settings + for all build operations, including image pull/push and source + download. \n Values can be overrode by setting the `HTTP_PROXY`, + `HTTPS_PROXY`, and `NO_PROXY` environment variables in the build + config's strategy." + type: object + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. Empty + means unset and will not result in an env var. type: string - trustedCA: - description: "trustedCA is a reference to a ConfigMap containing - a CA certificate bundle. The trustedCA field should only be - consumed by a proxy validator. The validator is responsible - for reading the certificate bundle from the required key \"ca-bundle.crt\", - merging it with the system default trust bundle, and writing - the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" - in the \"openshift-config-managed\" namespace. Clients that - expect to make proxy connections must use the trusted-ca-bundle - for all HTTPS requests to the proxy, and may use the trusted-ca-bundle - for non-proxy HTTPS requests as well. \n The namespace for - the ConfigMap referenced by trustedCA is \"openshift-config\". - Here is an example ConfigMap (in yaml): \n apiVersion: v1 - kind: ConfigMap metadata: name: user-ca-bundle namespace: - openshift-config data: ca-bundle.crt: | -----BEGIN - CERTIFICATE----- Custom CA certificate bundle. -----END - CERTIFICATE-----" + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS + requests. Empty means unset and will not result in an env + var. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames + and/or CIDRs for which the proxy should not be used. Empty + means unset and will not result in an env var. + type: string + readinessEndpoints: + description: readinessEndpoints is a list of endpoints used + to verify readiness of the proxy. + type: array + items: + type: string + trustedCA: + description: "trustedCA is a reference to a ConfigMap containing + a CA certificate bundle. The trustedCA field should only + be consumed by a proxy validator. The validator is responsible + for reading the certificate bundle from the required key + \"ca-bundle.crt\", merging it with the system default trust + bundle, and writing the merged trust bundle to a ConfigMap + named \"trusted-ca-bundle\" in the \"openshift-config-managed\" + namespace. Clients that expect to make proxy connections + must use the trusted-ca-bundle for all HTTPS requests to + the proxy, and may use the trusted-ca-bundle for non-proxy + HTTPS requests as well. \n The namespace for the ConfigMap + referenced by trustedCA is \"openshift-config\". Here is + an example ConfigMap (in yaml): \n apiVersion: v1 kind: + ConfigMap metadata: name: user-ca-bundle namespace: openshift-config + \ data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- + \ Custom CA certificate bundle. -----END CERTIFICATE-----" + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + env: + description: Env is a set of default environment variables that + will be applied to the build if the specified variables do not + exist on the build + type: array + items: + description: EnvVar represents an environment variable present + in a Container. type: object required: - name properties: name: - description: name is the metadata.name of the referenced - config map + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' type: string - env: - description: Env is a set of default environment variables that - will be applied to the build if the specified variables do not - exist on the build - type: array - items: - description: EnvVar represents an environment variable present - in a Container. + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + type: object + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + type: object + required: + - key + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + type: object + required: + - fieldPath + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + type: object + required: + - resource + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + type: object + required: + - key + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + gitProxy: + description: "GitProxy contains the proxy settings for git operations + only. If set, this will override any Proxy settings for all + git commands, such as git clone. \n Values that are not set + here will be inherited from DefaultProxy." type: object - required: - - name properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. Empty + means unset and will not result in an env var. type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a variable - cannot be resolved, the reference in the input string will - be unchanged. The $(VAR_NAME) syntax can be escaped with - a double $$, ie: $$(VAR_NAME). Escaped references will never - be expanded, regardless of whether the variable exists or - not. Defaults to "".' + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS + requests. Empty means unset and will not result in an env + var. type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + noProxy: + description: noProxy is a comma-separated list of hostnames + and/or CIDRs for which the proxy should not be used. Empty + means unset and will not result in an env var. + type: string + readinessEndpoints: + description: readinessEndpoints is a list of endpoints used + to verify readiness of the proxy. + type: array + items: + type: string + trustedCA: + description: "trustedCA is a reference to a ConfigMap containing + a CA certificate bundle. The trustedCA field should only + be consumed by a proxy validator. The validator is responsible + for reading the certificate bundle from the required key + \"ca-bundle.crt\", merging it with the system default trust + bundle, and writing the merged trust bundle to a ConfigMap + named \"trusted-ca-bundle\" in the \"openshift-config-managed\" + namespace. Clients that expect to make proxy connections + must use the trusted-ca-bundle for all HTTPS requests to + the proxy, and may use the trusted-ca-bundle for non-proxy + HTTPS requests as well. \n The namespace for the ConfigMap + referenced by trustedCA is \"openshift-config\". Here is + an example ConfigMap (in yaml): \n apiVersion: v1 kind: + ConfigMap metadata: name: user-ca-bundle namespace: openshift-config + \ data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- + \ Custom CA certificate bundle. -----END CERTIFICATE-----" type: object + required: + - name properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - type: object - required: - - key - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP, status.podIPs.' - type: object - required: - - fieldPath - properties: - apiVersion: - description: Version of the schema the FieldPath is - written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the specified - API version. - type: string - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - type: object - required: - - resource - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - description: Specifies the output format of the exposed - resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - type: object - required: - - key - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - gitProxy: - description: "GitProxy contains the proxy settings for git operations - only. If set, this will override any Proxy settings for all git - commands, such as git clone. \n Values that are not set here will - be inherited from DefaultProxy." - type: object - properties: - httpProxy: - description: httpProxy is the URL of the proxy for HTTP requests. Empty - means unset and will not result in an env var. - type: string - httpsProxy: - description: httpsProxy is the URL of the proxy for HTTPS requests. Empty - means unset and will not result in an env var. - type: string - noProxy: - description: noProxy is a comma-separated list of hostnames - and/or CIDRs for which the proxy should not be used. Empty - means unset and will not result in an env var. - type: string - readinessEndpoints: - description: readinessEndpoints is a list of endpoints used - to verify readiness of the proxy. - type: array - items: - type: string - trustedCA: - description: "trustedCA is a reference to a ConfigMap containing - a CA certificate bundle. The trustedCA field should only be - consumed by a proxy validator. The validator is responsible - for reading the certificate bundle from the required key \"ca-bundle.crt\", - merging it with the system default trust bundle, and writing - the merged trust bundle to a ConfigMap named \"trusted-ca-bundle\" - in the \"openshift-config-managed\" namespace. Clients that - expect to make proxy connections must use the trusted-ca-bundle - for all HTTPS requests to the proxy, and may use the trusted-ca-bundle - for non-proxy HTTPS requests as well. \n The namespace for - the ConfigMap referenced by trustedCA is \"openshift-config\". - Here is an example ConfigMap (in yaml): \n apiVersion: v1 - kind: ConfigMap metadata: name: user-ca-bundle namespace: - openshift-config data: ca-bundle.crt: | -----BEGIN - CERTIFICATE----- Custom CA certificate bundle. -----END - CERTIFICATE-----" + name: + description: name is the metadata.name of the referenced + config map + type: string + imageLabels: + description: ImageLabels is a list of docker labels that are applied + to the resulting image. User can override a default label by + providing a label with the same name in their Build/BuildConfig. + type: array + items: type: object - required: - - name properties: name: - description: name is the metadata.name of the referenced - config map + description: Name defines the name of the label. It must + have non-zero length. + type: string + value: + description: Value defines the literal value of the label. type: string - imageLabels: - description: ImageLabels is a list of docker labels that are applied - to the resulting image. User can override a default label by providing - a label with the same name in their Build/BuildConfig. - type: array - items: + resources: + description: Resources defines resource requirements to execute + the build. type: object properties: - name: - description: Name defines the name of the label. It must have - non-zero length. - type: string - value: - description: Value defines the literal value of the label. - type: string - resources: - description: Resources defines resource requirements to execute - the build. - type: object - properties: - limits: - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - requests: - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + buildOverrides: + description: BuildOverrides controls override settings for builds + type: object + properties: + forcePull: + description: ForcePull overrides, if set, the equivalent value + in the builds, i.e. false disables force pull for all builds, + true enables force pull for all builds, independently of what + each build specifies itself + type: boolean + imageLabels: + description: ImageLabels is a list of docker labels that are applied + to the resulting image. If user provided a label in their Build/BuildConfig + with the same name as one in this list, the user's label will + be overwritten. + type: array + items: type: object - additionalProperties: - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - buildOverrides: - description: BuildOverrides controls override settings for builds - type: object - properties: - forcePull: - description: ForcePull overrides, if set, the equivalent value in - the builds, i.e. false disables force pull for all builds, true - enables force pull for all builds, independently of what each - build specifies itself - type: boolean - imageLabels: - description: ImageLabels is a list of docker labels that are applied - to the resulting image. If user provided a label in their Build/BuildConfig - with the same name as one in this list, the user's label will - be overwritten. - type: array - items: - type: object - properties: - name: - description: Name defines the name of the label. It must have - non-zero length. - type: string - value: - description: Value defines the literal value of the label. - type: string - nodeSelector: - description: NodeSelector is a selector which must be true for the - build pod to fit on a node - type: object - additionalProperties: - type: string - tolerations: - description: Tolerations is a list of Tolerations that will override - any existing tolerations set on a build pod. - type: array - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using the - matching operator . + properties: + name: + description: Name defines the name of the label. It must + have non-zero length. + type: string + value: + description: Value defines the literal value of the label. + type: string + nodeSelector: + description: NodeSelector is a selector which must be true for + the build pod to fit on a node type: object - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to - Equal. Exists is equivalent to wildcard for value, so that - a pod can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do - not evict). Zero and negative values will be treated as - 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string + additionalProperties: + type: string + tolerations: + description: Tolerations is a list of Tolerations that will override + any existing tolerations set on a build pod. + type: array + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml index 35ed9bf17..daed0de9f 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_image.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: images.config.openshift.io @@ -9,7 +9,6 @@ metadata: spec: group: config.openshift.io scope: Cluster - preserveUnknownFields: false names: kind: Image singular: image @@ -19,143 +18,144 @@ spec: - name: v1 served: true storage: true - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: Image governs policies related to imagestream imports and runtime - configuration for external registries. It allows cluster admins to configure - which registries OpenShift is allowed to import images from, extra CA trust - bundles for external registries, and policies to block or allow registry hostnames. - When exposing OpenShift's image registry to the public, this also lets cluster - admins specify the external hostname. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - additionalTrustedCA: - description: additionalTrustedCA is a reference to a ConfigMap containing - additional CAs that should be trusted during imagestream import, pod - image pull, build image pull, and imageregistry pullthrough. The namespace - for this config map is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced config - map - type: string - allowedRegistriesForImport: - description: allowedRegistriesForImport limits the container image registries - that normal users may import images from. Set this list to the registries - that you trust to contain valid Docker images and that you want applications - to be able to import from. Users with permission to create Images - or ImageStreamMappings via the API are not affected by this policy - - typically only administrators or system integrations will have those - permissions. - type: array - items: - description: RegistryLocation contains a location of the registry - specified by the registry domain name. The domain name might include - wildcards, like '*' or '??'. + subresources: + status: {} + schema: + openAPIV3Schema: + description: Image governs policies related to imagestream imports and runtime + configuration for external registries. It allows cluster admins to configure + which registries OpenShift is allowed to import images from, extra CA trust + bundles for external registries, and policies to block or allow registry + hostnames. When exposing OpenShift's image registry to the public, this + also lets cluster admins specify the external hostname. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + additionalTrustedCA: + description: additionalTrustedCA is a reference to a ConfigMap containing + additional CAs that should be trusted during imagestream import, + pod image pull, build image pull, and imageregistry pullthrough. + The namespace for this config map is openshift-config. type: object + required: + - name properties: - domainName: - description: domainName specifies a domain name for the registry - In case the registry use non-standard (80 or 443) port, the - port should be included in the domain name as well. - type: string - insecure: - description: insecure indicates whether the registry is secure - (https) or insecure (http) By default (if not specified) the - registry is assumed as secure. - type: boolean - externalRegistryHostnames: - description: externalRegistryHostnames provides the hostnames for the - default external image registry. The external hostname should be set - only when the image registry is exposed externally. The first value - is used in 'publicDockerImageRepository' field in ImageStreams. The - value must be in "hostname[:port]" format. - type: array - items: - type: string - registrySources: - description: registrySources contains configuration that determines - how the container runtime should treat individual registries when - accessing images for builds+pods. (e.g. whether or not to allow insecure - access). It does not contain configuration for the internal cluster - registry. - type: object - properties: - allowedRegistries: - description: "allowedRegistries are the only registries permitted - for image pull and push actions. All other registries are denied. - \n Only one of BlockedRegistries or AllowedRegistries may be set." - type: array - items: - type: string - blockedRegistries: - description: "blockedRegistries cannot be used for image pull and - push actions. All other registries are permitted. \n Only one - of BlockedRegistries or AllowedRegistries may be set." - type: array - items: - type: string - containerRuntimeSearchRegistries: - description: 'containerRuntimeSearchRegistries are registries that - will be searched when pulling images that do not have fully qualified - domains in their pull specs. Registries will be searched in the - order provided in the list. Note: this search list only works - with the container runtime, i.e CRI-O. Will NOT work with builds - or imagestream imports.' - type: array - format: hostname - minItems: 1 - items: + name: + description: name is the metadata.name of the referenced config + map type: string - x-kubernetes-list-type: set - insecureRegistries: - description: insecureRegistries are registries which do not have - a valid TLS certificates or only support HTTP connections. - type: array - items: - type: string - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object - properties: - externalRegistryHostnames: - description: externalRegistryHostnames provides the hostnames for the - default external image registry. The external hostname should be set - only when the image registry is exposed externally. The first value - is used in 'publicDockerImageRepository' field in ImageStreams. The - value must be in "hostname[:port]" format. - type: array - items: + allowedRegistriesForImport: + description: allowedRegistriesForImport limits the container image + registries that normal users may import images from. Set this list + to the registries that you trust to contain valid Docker images + and that you want applications to be able to import from. Users + with permission to create Images or ImageStreamMappings via the + API are not affected by this policy - typically only administrators + or system integrations will have those permissions. + type: array + items: + description: RegistryLocation contains a location of the registry + specified by the registry domain name. The domain name might include + wildcards, like '*' or '??'. + type: object + properties: + domainName: + description: domainName specifies a domain name for the registry + In case the registry use non-standard (80 or 443) port, the + port should be included in the domain name as well. + type: string + insecure: + description: insecure indicates whether the registry is secure + (https) or insecure (http) By default (if not specified) the + registry is assumed as secure. + type: boolean + externalRegistryHostnames: + description: externalRegistryHostnames provides the hostnames for + the default external image registry. The external hostname should + be set only when the image registry is exposed externally. The first + value is used in 'publicDockerImageRepository' field in ImageStreams. + The value must be in "hostname[:port]" format. + type: array + items: + type: string + registrySources: + description: registrySources contains configuration that determines + how the container runtime should treat individual registries when + accessing images for builds+pods. (e.g. whether or not to allow + insecure access). It does not contain configuration for the internal + cluster registry. + type: object + properties: + allowedRegistries: + description: "allowedRegistries are the only registries permitted + for image pull and push actions. All other registries are denied. + \n Only one of BlockedRegistries or AllowedRegistries may be + set." + type: array + items: + type: string + blockedRegistries: + description: "blockedRegistries cannot be used for image pull + and push actions. All other registries are permitted. \n Only + one of BlockedRegistries or AllowedRegistries may be set." + type: array + items: + type: string + containerRuntimeSearchRegistries: + description: 'containerRuntimeSearchRegistries are registries + that will be searched when pulling images that do not have fully + qualified domains in their pull specs. Registries will be searched + in the order provided in the list. Note: this search list only + works with the container runtime, i.e CRI-O. Will NOT work with + builds or imagestream imports.' + type: array + format: hostname + minItems: 1 + items: + type: string + x-kubernetes-list-type: set + insecureRegistries: + description: insecureRegistries are registries which do not have + a valid TLS certificates or only support HTTP connections. + type: array + items: + type: string + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + properties: + externalRegistryHostnames: + description: externalRegistryHostnames provides the hostnames for + the default external image registry. The external hostname should + be set only when the image registry is exposed externally. The first + value is used in 'publicDockerImageRepository' field in ImageStreams. + The value must be in "hostname[:port]" format. + type: array + items: + type: string + internalRegistryHostname: + description: internalRegistryHostname sets the hostname for the default + internal image registry. The value must be in "hostname[:port]" + format. This value is set by the image registry operator which controls + the internal registry hostname. For backward compatibility, users + can still use OPENSHIFT_DEFAULT_REGISTRY environment variable but + this setting overrides the environment variable. type: string - internalRegistryHostname: - description: internalRegistryHostname sets the hostname for the default - internal image registry. The value must be in "hostname[:port]" format. - This value is set by the image registry operator which controls the - internal registry hostname. For backward compatibility, users can - still use OPENSHIFT_DEFAULT_REGISTRY environment variable but this - setting overrides the environment variable. - type: string diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml index 212c1e21f..d8623cd85 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml @@ -248,6 +248,37 @@ spec: description: region holds the default AWS region for new AWS resources created by the cluster. type: string + resourceTags: + description: resourceTags is a list of additional tags to + apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html + for information on tagging AWS resources. AWS supports a + maximum of 50 tags per resource. OpenShift reserves 25 tags + for its use, leaving 25 tags available for the user. + type: array + maxItems: 25 + items: + description: AWSResourceTag is a tag to apply to AWS resources + created for the cluster. + type: object + required: + - key + - value + properties: + key: + description: key is the key of the tag + type: string + maxLength: 128 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ + value: + description: value is the value of the tag. Some AWS + service do not support empty values. Since tags are + added to resources in many services, the length of + the tag value must meet the requirements of all services. + type: string + maxLength: 256 + minLength: 1 + pattern: ^[0-9A-Za-z_.:/=+-@]+$ serviceEndpoints: description: ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml index 8d5c193ef..10eb476ed 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_network.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: networks.config.openshift.io @@ -19,148 +19,154 @@ spec: - name: v1 served: true storage: true - "validation": - "openAPIV3Schema": - description: 'Network holds cluster-wide information about Network. The canonical - name is `cluster`. It is used to configure the desired network configuration, - such as: IP address pools for services/pod IPs, network plugin, etc. Please - view network.spec for an explanation on what applies when configuring this - resource.' - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration. As a general - rule, this SHOULD NOT be read directly. Instead, you should consume the - NetworkStatus, as it indicates the currently deployed configuration. Currently, - most spec fields are immutable after installation. Please view the individual - ones for further details on each. - type: object - properties: - clusterNetwork: - description: IP address pool to use for pod IPs. This field is immutable - after installation. - type: array - items: - description: ClusterNetworkEntry is a contiguous block of IP addresses - from which pod IPs are allocated. + "schema": + "openAPIV3Schema": + description: 'Network holds cluster-wide information about Network. The canonical + name is `cluster`. It is used to configure the desired network configuration, + such as: IP address pools for services/pod IPs, network plugin, etc. Please + view network.spec for an explanation on what applies when configuring this + resource.' + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration. As a general + rule, this SHOULD NOT be read directly. Instead, you should consume + the NetworkStatus, as it indicates the currently deployed configuration. + Currently, most spec fields are immutable after installation. Please + view the individual ones for further details on each. + type: object + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. This field is immutable + after installation. + type: array + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + type: object + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. If this field is not used by the plugin, it can be left + unset. + type: integer + format: int32 + minimum: 0 + externalIP: + description: externalIP defines configuration for controllers that + affect Service.ExternalIP. If nil, then ExternalIP is not allowed + to be set. type: object properties: - cidr: - description: The complete block for pod IPs. - type: string - hostPrefix: - description: The size (prefix) of block to allocate to each node. - If this field is not used by the plugin, it can be left unset. - type: integer - format: int32 - minimum: 0 - externalIP: - description: externalIP defines configuration for controllers that affect - Service.ExternalIP. If nil, then ExternalIP is not allowed to be set. - type: object - properties: - autoAssignCIDRs: - description: autoAssignCIDRs is a list of CIDRs from which to automatically - assign Service.ExternalIP. These are assigned when the service - is of type LoadBalancer. In general, this is only useful for bare-metal - clusters. In Openshift 3.x, this was misleadingly called "IngressIPs". - Automatically assigned External IPs are not affected by any ExternalIPPolicy - rules. Currently, only one entry may be provided. - type: array - items: - type: string - policy: - description: policy is a set of restrictions applied to the ExternalIP - field. If nil or empty, then ExternalIP is not allowed to be set. + autoAssignCIDRs: + description: autoAssignCIDRs is a list of CIDRs from which to + automatically assign Service.ExternalIP. These are assigned + when the service is of type LoadBalancer. In general, this is + only useful for bare-metal clusters. In Openshift 3.x, this + was misleadingly called "IngressIPs". Automatically assigned + External IPs are not affected by any ExternalIPPolicy rules. + Currently, only one entry may be provided. + type: array + items: + type: string + policy: + description: policy is a set of restrictions applied to the ExternalIP + field. If nil or empty, then ExternalIP is not allowed to be + set. + type: object + properties: + allowedCIDRs: + description: allowedCIDRs is the list of allowed CIDRs. + type: array + items: + type: string + rejectedCIDRs: + description: rejectedCIDRs is the list of disallowed CIDRs. + These take precedence over allowedCIDRs. + type: array + items: + type: string + networkType: + description: 'NetworkType is the plugin that is to be deployed (e.g. + OpenShiftSDN). This should match a value that the cluster-network-operator + understands, or else no networking will be installed. Currently + supported values are: - OpenShiftSDN This field is immutable after + installation.' + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. This field is immutable after installation. + type: array + items: + type: string + serviceNodePortRange: + description: The port range allowed for Services of type NodePort. + If not specified, the default of 30000-32767 will be used. Such + Services without a NodePort specified will have one automatically + allocated from this range. This parameter can be updated after the + cluster is installed. + type: string + pattern: ^([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])-([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. + type: array + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. type: object properties: - allowedCIDRs: - description: allowedCIDRs is the list of allowed CIDRs. - type: array - items: - type: string - rejectedCIDRs: - description: rejectedCIDRs is the list of disallowed CIDRs. - These take precedence over allowedCIDRs. - type: array - items: - type: string - networkType: - description: 'NetworkType is the plugin that is to be deployed (e.g. - OpenShiftSDN). This should match a value that the cluster-network-operator - understands, or else no networking will be installed. Currently supported - values are: - OpenShiftSDN This field is immutable after installation.' - type: string - serviceNetwork: - description: IP address pool for services. Currently, we only support - a single entry here. This field is immutable after installation. - type: array - items: - type: string - serviceNodePortRange: - description: The port range allowed for Services of type NodePort. If - not specified, the default of 30000-32767 will be used. Such Services - without a NodePort specified will have one automatically allocated - from this range. This parameter can be updated after the cluster is - installed. - type: string - pattern: ^([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])-([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ - status: - description: status holds observed values from the cluster. They may not - be overridden. - type: object - properties: - clusterNetwork: - description: IP address pool to use for pod IPs. - type: array - items: - description: ClusterNetworkEntry is a contiguous block of IP addresses - from which pod IPs are allocated. + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. If this field is not used by the plugin, it can be left + unset. + type: integer + format: int32 + minimum: 0 + clusterNetworkMTU: + description: ClusterNetworkMTU is the MTU for inter-pod networking. + type: integer + migration: + description: Migration contains the cluster network migration configuration. type: object properties: - cidr: - description: The complete block for pod IPs. + networkType: + description: 'NetworkType is the target plugin that is to be deployed. + Currently supported values are: OpenShiftSDN, OVNKubernetes' type: string - hostPrefix: - description: The size (prefix) of block to allocate to each node. - If this field is not used by the plugin, it can be left unset. - type: integer - format: int32 - minimum: 0 - clusterNetworkMTU: - description: ClusterNetworkMTU is the MTU for inter-pod networking. - type: integer - migration: - description: Migration contains the cluster network migration configuration. - type: object - properties: - networkType: - description: 'NetworkType is the target plugin that is to be deployed. - Currently supported values are: OpenShiftSDN, OVNKubernetes' - type: string - enum: - - OpenShiftSDN - - OVNKubernetes - networkType: - description: NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). - type: string - serviceNetwork: - description: IP address pool for services. Currently, we only support - a single entry here. - type: array - items: + enum: + - OpenShiftSDN + - OVNKubernetes + networkType: + description: NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. + type: array + items: + type: string diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go index 299adb1c9..92f500dfd 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_operator.go @@ -142,6 +142,8 @@ type ClusterStatusConditionType string const ( // Available indicates that the operand (eg: openshift-apiserver for the // openshift-apiserver-operator), is functional and available in the cluster. + // Available=False means at least part of the component is non-functional, + // and that the condition requires immediate administrator intervention. OperatorAvailable ClusterStatusConditionType = "Available" // Progressing indicates that the operator is actively rolling out new code, @@ -162,10 +164,10 @@ const ( // persist over a long enough period to report Degraded. A service should not // report Degraded during the course of a normal upgrade. A service may report // Degraded in response to a persistent infrastructure failure that requires - // administrator intervention. For example, if a control plane host is unhealthy - // and must be replaced. An operator should report Degraded if unexpected - // errors occur over a period, but the expectation is that all unexpected errors - // are handled as operators mature. + // eventual administrator intervention. For example, if a control plane host + // is unhealthy and must be replaced. An operator should report Degraded if + // unexpected errors occur over a period, but the expectation is that all + // unexpected errors are handled as operators mature. OperatorDegraded ClusterStatusConditionType = "Degraded" // Upgradeable indicates whether the operator is in a state that is safe to upgrade. When status is `False` diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index d5ebcc91c..6e78d5ea6 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -313,6 +313,34 @@ type AWSPlatformStatus struct { // There must be only one ServiceEndpoint for a service. // +optional ServiceEndpoints []AWSServiceEndpoint `json:"serviceEndpoints,omitempty"` + + // resourceTags is a list of additional tags to apply to AWS resources created for the cluster. + // See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. + // AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags + // available for the user. + // +kubebuilder:validation:MaxItems=25 + // +optional + ResourceTags []AWSResourceTag `json:"resourceTags,omitempty"` +} + +// AWSResourceTag is a tag to apply to AWS resources created for the cluster. +type AWSResourceTag struct { + // key is the key of the tag + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$` + // +required + Key string `json:"key"` + // value is the value of the tag. + // Some AWS service do not support empty values. Since tags are added to resources in many services, the + // length of the tag value must meet the requirements of all services. + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + // +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$` + // +required + Value string `json:"value"` } // AzurePlatformSpec holds the desired state of the Azure infrastructure provider. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index e6012e04e..cb933dac0 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -207,6 +207,11 @@ func (in *AWSPlatformStatus) DeepCopyInto(out *AWSPlatformStatus) { *out = make([]AWSServiceEndpoint, len(*in)) copy(*out, *in) } + if in.ResourceTags != nil { + in, out := &in.ResourceTags, &out.ResourceTags + *out = make([]AWSResourceTag, len(*in)) + copy(*out, *in) + } return } @@ -220,6 +225,22 @@ func (in *AWSPlatformStatus) DeepCopy() *AWSPlatformStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AWSResourceTag) DeepCopyInto(out *AWSResourceTag) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSResourceTag. +func (in *AWSResourceTag) DeepCopy() *AWSResourceTag { + if in == nil { + return nil + } + out := new(AWSResourceTag) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSServiceEndpoint) DeepCopyInto(out *AWSServiceEndpoint) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 6cc78bc37..22de664b2 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -725,12 +725,23 @@ var map_AWSPlatformStatus = map[string]string{ "": "AWSPlatformStatus holds the current status of the Amazon Web Services infrastructure provider.", "region": "region holds the default AWS region for new AWS resources created by the cluster.", "serviceEndpoints": "ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service.", + "resourceTags": "resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user.", } func (AWSPlatformStatus) SwaggerDoc() map[string]string { return map_AWSPlatformStatus } +var map_AWSResourceTag = map[string]string{ + "": "AWSResourceTag is a tag to apply to AWS resources created for the cluster.", + "key": "key is the key of the tag", + "value": "value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services.", +} + +func (AWSResourceTag) SwaggerDoc() map[string]string { + return map_AWSResourceTag +} + var map_AWSServiceEndpoint = map[string]string{ "": "AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services.", "name": "name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty.", diff --git a/vendor/github.com/openshift/api/go.mod b/vendor/github.com/openshift/api/go.mod index 8cfba0f9f..b3a0a203a 100644 --- a/vendor/github.com/openshift/api/go.mod +++ b/vendor/github.com/openshift/api/go.mod @@ -1,14 +1,14 @@ module github.com/openshift/api -go 1.15 +go 1.16 require ( github.com/gogo/protobuf v1.3.2 - github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359 + github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e github.com/spf13/pflag v1.0.5 golang.org/x/tools v0.1.0 - k8s.io/api v0.21.0-rc.0 - k8s.io/apimachinery v0.21.0-rc.0 - k8s.io/code-generator v0.21.0-rc.0 + k8s.io/api v0.21.1 + k8s.io/apimachinery v0.21.1 + k8s.io/code-generator v0.21.1 k8s.io/klog/v2 v2.8.0 ) diff --git a/vendor/github.com/openshift/api/go.sum b/vendor/github.com/openshift/api/go.sum index 0d3268d5f..496a65f54 100644 --- a/vendor/github.com/openshift/api/go.sum +++ b/vendor/github.com/openshift/api/go.sum @@ -102,8 +102,8 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359 h1:ehSDsWQiUVzJZrSEXMC7ceV9JIPEyTYqrpqu3m4Wa08= -github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= +github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e h1:F7rBobgSjtYL3/zsgDUjlTVx3Z06hdgpoldpDcn7jzc= +github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -221,12 +221,12 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.21.0-rc.0 h1:t/kW96KdNJNamYNqxaxRirahK+FaWJQ6BJPbXm5Jb+o= -k8s.io/api v0.21.0-rc.0/go.mod h1:Dkc/ZauWJrgZhjOjeBgW89xZQiTBJA2RaBKYHXPsi2Y= -k8s.io/apimachinery v0.21.0-rc.0 h1:m9dyzHb8QZAHOZKIz2SiabSif1oLsfgrnwiago/9xJA= -k8s.io/apimachinery v0.21.0-rc.0/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY= -k8s.io/code-generator v0.21.0-rc.0 h1:5XqZwy0dHr3LssJ9ImpO8dCjdTvZ8Bw84b90dZ46kPk= -k8s.io/code-generator v0.21.0-rc.0/go.mod h1:hUlps5+9QaTrKx+jiM4rmq7YmH8wPOIko64uZCHDh6Q= +k8s.io/api v0.21.1 h1:94bbZ5NTjdINJEdzOkpS4vdPhkb1VFpTYC9zh43f75c= +k8s.io/api v0.21.1/go.mod h1:FstGROTmsSHBarKc8bylzXih8BLNYTiS3TZcsoEDg2s= +k8s.io/apimachinery v0.21.1 h1:Q6XuHGlj2xc+hlMCvqyYfbv3H7SRGn2c8NycxJquDVs= +k8s.io/apimachinery v0.21.1/go.mod h1:jbreFvJo3ov9rj7eWT7+sYiRx+qZuCYXwWT1bcDswPY= +k8s.io/code-generator v0.21.1 h1:jvcxHpVu5dm/LMXr3GOj/jroiP8+v2YnJE9i2OVRenk= +k8s.io/code-generator v0.21.1/go.mod h1:hUlps5+9QaTrKx+jiM4rmq7YmH8wPOIko64uZCHDh6Q= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027 h1:Uusb3oh8XcdzDF/ndlI4ToKTYVlkCSJP39SRY2mfRAw= k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= diff --git a/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml b/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml index 21416cad7..ac9d2823c 100644 --- a/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml +++ b/vendor/github.com/openshift/api/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: helmchartrepositories.helm.openshift.io @@ -8,7 +8,6 @@ metadata: include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster - preserveUnknownFields: false group: helm.openshift.io names: kind: HelmChartRepository @@ -19,156 +18,156 @@ spec: - name: v1beta1 served: true storage: true - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: HelmChartRepository holds cluster-wide configuration for proxied - Helm chart repository - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - connectionConfig: - description: Required configuration for connecting to the chart repo - type: object - properties: - ca: - description: ca is an optional reference to a config map by name - containing the PEM-encoded CA bundle. It is used as a trust anchor - to validate the TLS certificate presented by the remote server. - The key "ca-bundle.crt" is used to locate the data. If empty, - the default system roots are used. The namespace for this config - map is openshift-config. + subresources: + status: {} + schema: + openAPIV3Schema: + description: HelmChartRepository holds cluster-wide configuration for proxied + Helm chart repository + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + connectionConfig: + description: Required configuration for connecting to the chart repo + type: object + properties: + ca: + description: ca is an optional reference to a config map by name + containing the PEM-encoded CA bundle. It is used as a trust + anchor to validate the TLS certificate presented by the remote + server. The key "ca-bundle.crt" is used to locate the data. + If empty, the default system roots are used. The namespace for + this config map is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + tlsClientConfig: + description: tlsClientConfig is an optional reference to a secret + by name that contains the PEM-encoded TLS client certificate + and private key to present when connecting to the server. The + key "tls.crt" is used to locate the client certificate. The + key "tls.key" is used to locate the private key. The namespace + for this secret is openshift-config. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + url: + description: Chart repository URL + type: string + maxLength: 2048 + pattern: ^https?:\/\/ + description: + description: Optional human readable repository description, it can + be used by UI for displaying purposes + type: string + maxLength: 2048 + minLength: 1 + disabled: + description: If set to true, disable the repo usage in the cluster + type: boolean + name: + description: Optional associated human readable repository name, it + can be used by UI for displaying purposes + type: string + maxLength: 100 + minLength: 1 + status: + description: Observed status of the repository within the cluster.. + type: object + properties: + conditions: + description: conditions is a list of conditions and their statuses + type: array + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type + \ // +patchStrategy=merge // +listType=map // +listMapKey=type + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" type: object required: - - name + - lastTransitionTime + - message + - reason + - status + - type properties: - name: - description: name is the metadata.name of the referenced config - map + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. type: string - tlsClientConfig: - description: tlsClientConfig is an optional reference to a secret - by name that contains the PEM-encoded TLS client certificate and - private key to present when connecting to the server. The key - "tls.crt" is used to locate the client certificate. The key "tls.key" - is used to locate the private key. The namespace for this secret - is openshift-config. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret + format: date-time + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. type: string - url: - description: Chart repository URL - type: string - maxLength: 2048 - pattern: ^https?:\/\/ - description: - description: Optional human readable repository description, it can - be used by UI for displaying purposes - type: string - maxLength: 2048 - minLength: 1 - disabled: - description: If set to true, disable the repo usage in the cluster - type: boolean - name: - description: Optional associated human readable repository name, it - can be used by UI for displaying purposes - type: string - maxLength: 100 - minLength: 1 - status: - description: Observed status of the repository within the cluster.. - type: object - properties: - conditions: - description: conditions is a list of conditions and their statuses - type: array - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - type FooStatus struct{ // Represents the observations of a foo's - current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // - +patchStrategy=merge // +listType=map // +listMapKey=type - \ Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" - type: object - required: - - lastTransitionTime - - message - - reason - - status - - type - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - type: string - format: date-time - message: - description: message is a human readable message indicating details - about the transition. This may be an empty string. - type: string - maxLength: 32768 - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - type: integer - format: int64 - minimum: 0 - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers of - specific condition types may define expected values and meanings - for this field, and whether the values are considered a guaranteed - API. The value should be a CamelCase string. This field may - not be empty. - type: string - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - status: - description: status of the condition, one of True, False, Unknown. - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - type: string - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + maxLength: 32768 + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + type: integer + format: int64 + minimum: 0 + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + type: string + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + status: + description: status of the condition, one of True, False, Unknown. + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + type: string + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ diff --git a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml index 5a90f45db..525b81c0e 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml @@ -24,6 +24,8 @@ spec: schema: openAPIV3Schema: description: Config provides information to configure the config operator. + It handles installation, migration or synchronization of cloud based cluster + configurations like AWS or Azure. type: object required: - spec diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index b2c13e055..eaaecf0b2 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -667,7 +667,7 @@ spec: properties: nodeSelector: description: "nodeSelector is the node selector applied to ingress - controller deployments. \n If unset, the default is: \n beta.kubernetes.io/os: + controller deployments. \n If unset, the default is: \n kubernetes.io/os: linux node-role.kubernetes.io/worker: '' \n If set, the specified selector is used and replaces the default." properties: @@ -981,15 +981,17 @@ spec: description: "threadCount defines the number of threads created per HAProxy process. Creating more threads allows each ingress controller pod to handle more connections, at the cost of more - system resources being used. If this field is empty, the IngressController - will use the default value. The current default is 4 threads, - but this may change in future releases. \n Setting this field - is generally not recommended. Increasing the number of HAProxy + system resources being used. HAProxy currently supports up to + 64 threads. If this field is empty, the IngressController will + use the default value. The current default is 4 threads, but + this may change in future releases. \n Setting this field is + generally not recommended. Increasing the number of HAProxy threads allows ingress controller pods to utilize more CPU time under load, potentially starving other pods if set too high. Reducing the number of threads may cause the ingress controller to perform poorly." format: int32 + maximum: 64 minimum: 1 type: integer type: object diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml index 2c9c04ea8..2cd8df93e 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml @@ -417,8 +417,9 @@ spec: properties: collectors: description: ipfixCollectors is list of strings formatted - as ip:port + as ip:port with a maximum of ten items type: array + maxItems: 10 minItems: 1 items: type: string @@ -430,8 +431,9 @@ spec: collectors: description: netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. It is a list of - strings formatted as ip:port + strings formatted as ip:port with a maximum of ten items type: array + maxItems: 10 minItems: 1 items: type: string @@ -442,8 +444,9 @@ spec: properties: collectors: description: sFlowCollectors is list of strings formatted - as ip:port + as ip:port with a maximum of ten items type: array + maxItems: 10 minItems: 1 items: type: string diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml index d640e6038..2253aaa42 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml @@ -50,6 +50,19 @@ spec: of customization options to the web console. type: object properties: + addPage: + description: addPage allows customizing actions on the Add page + in developer perspective. + type: object + properties: + disabledActions: + description: disabledActions is a list of actions that are + not shown to users. Each action in the list is represented + by its ID. + type: array + minItems: 1 + items: + type: string brand: description: brand is the default branding of the web console which can be overridden by providing the brand field. There @@ -256,7 +269,7 @@ spec: domain, manual DNS configurations steps are necessary. The default console route will be maintained to reserve the default hostname for console if the custom route is removed. If not specified, default - route will be used. + route will be used. DEPRECATED type: object properties: hostname: diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml index 7d50cfe76..66e595bb8 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_dns-operator_00-custom-resource-definition.yaml @@ -63,9 +63,9 @@ spec: nodeSelector: description: "nodeSelector is the node selector applied to DNS pods. \n If empty, the default is used, which is currently the - following: \n beta.kubernetes.io/os: linux \n This default - is subject to change. \n If set, the specified selector is used - and replaces the default." + following: \n kubernetes.io/os: linux \n This default is subject + to change. \n If set, the specified selector is used and replaces + the default." type: object additionalProperties: type: string diff --git a/vendor/github.com/openshift/api/operator/v1/types_config.go b/vendor/github.com/openshift/api/operator/v1/types_config.go index 267f3682e..e073269ff 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_config.go +++ b/vendor/github.com/openshift/api/operator/v1/types_config.go @@ -8,7 +8,7 @@ import ( // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// Config provides information to configure the config operator. +// Config provides information to configure the config operator. It handles installation, migration or synchronization of cloud based cluster configurations like AWS or Azure. type Config struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata"` diff --git a/vendor/github.com/openshift/api/operator/v1/types_console.go b/vendor/github.com/openshift/api/operator/v1/types_console.go index 866ce26fa..2f6443df7 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_console.go +++ b/vendor/github.com/openshift/api/operator/v1/types_console.go @@ -40,6 +40,7 @@ type ConsoleSpec struct { // The default console route will be maintained to reserve the default hostname // for console if the custom route is removed. // If not specified, default route will be used. + // DEPRECATED // +optional Route ConsoleConfigRoute `json:"route"` // plugins defines a list of enabled console plugin names. @@ -48,6 +49,7 @@ type ConsoleSpec struct { } // ConsoleConfigRoute holds information on external route access to console. +// DEPRECATED type ConsoleConfigRoute struct { // hostname is the desired custom domain under which console will be available. Hostname string `json:"hostname"` @@ -123,6 +125,10 @@ type ConsoleCustomization struct { // +kubebuilder:validation:Optional // +optional QuickStarts QuickStarts `json:"quickStarts,omitempty"` + // addPage allows customizing actions on the Add page in developer perspective. + // +kubebuilder:validation:Optional + // +optional + AddPage AddPage `json:"addPage,omitempty"` } // ProjectAccess contains options for project access roles @@ -183,6 +189,16 @@ type QuickStarts struct { Disabled []string `json:"disabled,omitempty"` } +// AddPage allows customizing actions on the Add page in developer perspective. +type AddPage struct { + // disabledActions is a list of actions that are not shown to users. + // Each action in the list is represented by its ID. + // +kubebuilder:validation:Optional + // +kubebuilder:validation:MinItems=1 + // +optional + DisabledActions []string `json:"disabledActions,omitempty"` +} + // Brand is a specific supported brand within the console. // +kubebuilder:validation:Pattern=`^$|^(ocp|origin|okd|dedicated|online|azure)$` type Brand string diff --git a/vendor/github.com/openshift/api/operator/v1/types_dns.go b/vendor/github.com/openshift/api/operator/v1/types_dns.go index 112907c9b..ce4cf3238 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_dns.go +++ b/vendor/github.com/openshift/api/operator/v1/types_dns.go @@ -99,7 +99,7 @@ type DNSNodePlacement struct { // // If empty, the default is used, which is currently the following: // - // beta.kubernetes.io/os: linux + // kubernetes.io/os: linux // // This default is subject to change. // diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index fa107ab87..126b53cf0 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -217,7 +217,7 @@ type NodePlacement struct { // // If unset, the default is: // - // beta.kubernetes.io/os: linux + // kubernetes.io/os: linux // node-role.kubernetes.io/worker: '' // // If set, the specified selector is used and replaces the default. @@ -1064,9 +1064,10 @@ type IngressControllerTuningOptions struct { // threadCount defines the number of threads created per HAProxy process. // Creating more threads allows each ingress controller pod to handle more - // connections, at the cost of more system resources being used. If this - // field is empty, the IngressController will use the default value. The - // current default is 4 threads, but this may change in future releases. + // connections, at the cost of more system resources being used. HAProxy + // currently supports up to 64 threads. If this field is empty, the + // IngressController will use the default value. The current default is 4 + // threads, but this may change in future releases. // // Setting this field is generally not recommended. Increasing the number // of HAProxy threads allows ingress controller pods to utilize more CPU @@ -1076,6 +1077,7 @@ type IngressControllerTuningOptions struct { // // +kubebuilder:validation:Optional // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=64 // +optional ThreadCount int32 `json:"threadCount,omitempty"` } diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index d258773c2..33b23bc8a 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -395,20 +395,23 @@ type ExportNetworkFlows struct { type NetFlowConfig struct { // netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. - // It is a list of strings formatted as ip:port + // It is a list of strings formatted as ip:port with a maximum of ten items // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 Collectors []IPPort `json:"collectors,omitempty"` } type SFlowConfig struct { - // sFlowCollectors is list of strings formatted as ip:port + // sFlowCollectors is list of strings formatted as ip:port with a maximum of ten items // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 Collectors []IPPort `json:"collectors,omitempty"` } type IPFIXConfig struct { - // ipfixCollectors is list of strings formatted as ip:port + // ipfixCollectors is list of strings formatted as ip:port with a maximum of ten items // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 Collectors []IPPort `json:"collectors,omitempty"` } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 9368a39d6..befbfb16c 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -92,6 +92,27 @@ func (in *AccessLogging) DeepCopy() *AccessLogging { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AddPage) DeepCopyInto(out *AddPage) { + *out = *in + if in.DisabledActions != nil { + in, out := &in.DisabledActions, &out.DisabledActions + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddPage. +func (in *AddPage) DeepCopy() *AddPage { + if in == nil { + return nil + } + out := new(AddPage) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AdditionalNetworkDefinition) DeepCopyInto(out *AdditionalNetworkDefinition) { *out = *in @@ -657,6 +678,7 @@ func (in *ConsoleCustomization) DeepCopyInto(out *ConsoleCustomization) { in.DeveloperCatalog.DeepCopyInto(&out.DeveloperCatalog) in.ProjectAccess.DeepCopyInto(&out.ProjectAccess) in.QuickStarts.DeepCopyInto(&out.QuickStarts) + in.AddPage.DeepCopyInto(&out.AddPage) return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 59c937c74..0324f679c 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -161,7 +161,7 @@ func (CloudCredentialStatus) SwaggerDoc() map[string]string { } var map_Config = map[string]string{ - "": "Config provides information to configure the config operator.", + "": "Config provides information to configure the config operator. It handles installation, migration or synchronization of cloud based cluster configurations like AWS or Azure.", "spec": "spec is the specification of the desired behavior of the Config Operator.", "status": "status defines the observed status of the Config Operator.", } @@ -179,6 +179,15 @@ func (ConfigList) SwaggerDoc() map[string]string { return map_ConfigList } +var map_AddPage = map[string]string{ + "": "AddPage allows customizing actions on the Add page in developer perspective.", + "disabledActions": "disabledActions is a list of actions that are not shown to users. Each action in the list is represented by its ID.", +} + +func (AddPage) SwaggerDoc() map[string]string { + return map_AddPage +} + var map_Console = map[string]string{ "": "Console provides a means to configure an operator to manage the console.", } @@ -188,7 +197,7 @@ func (Console) SwaggerDoc() map[string]string { } var map_ConsoleConfigRoute = map[string]string{ - "": "ConsoleConfigRoute holds information on external route access to console.", + "": "ConsoleConfigRoute holds information on external route access to console. DEPRECATED", "hostname": "hostname is the desired custom domain under which console will be available.", "secret": "secret points to secret in the openshift-config namespace that contains custom certificate and key and needs to be created manually by the cluster admin. Referenced Secret is required to contain following key value pairs: - \"tls.crt\" - to specifies custom certificate - \"tls.key\" - to specifies private key of the custom certificate If the custom hostname uses the default routing suffix of the cluster, the Secret specification for a serving certificate will not be needed.", } @@ -206,6 +215,7 @@ var map_ConsoleCustomization = map[string]string{ "developerCatalog": "developerCatalog allows to configure the shown developer catalog categories.", "projectAccess": "projectAccess allows customizing the available list of ClusterRoles in the Developer perspective Project access page which can be used by a project admin to specify roles to other users and restrict access within the project. If set, the list will replace the default ClusterRole options.", "quickStarts": "quickStarts allows customization of available ConsoleQuickStart resources in console.", + "addPage": "addPage allows customizing actions on the Add page in developer perspective.", } func (ConsoleCustomization) SwaggerDoc() map[string]string { @@ -225,7 +235,7 @@ var map_ConsoleSpec = map[string]string{ "": "ConsoleSpec is the specification of the desired behavior of the Console.", "customization": "customization is used to optionally provide a small set of customization options to the web console.", "providers": "providers contains configuration for using specific service providers.", - "route": "route contains hostname and secret reference that contains the serving certificate. If a custom route is specified, a new route will be created with the provided hostname, under which console will be available. In case of custom hostname uses the default routing suffix of the cluster, the Secret specification for a serving certificate will not be needed. In case of custom hostname points to an arbitrary domain, manual DNS configurations steps are necessary. The default console route will be maintained to reserve the default hostname for console if the custom route is removed. If not specified, default route will be used.", + "route": "route contains hostname and secret reference that contains the serving certificate. If a custom route is specified, a new route will be created with the provided hostname, under which console will be available. In case of custom hostname uses the default routing suffix of the cluster, the Secret specification for a serving certificate will not be needed. In case of custom hostname points to an arbitrary domain, manual DNS configurations steps are necessary. The default console route will be maintained to reserve the default hostname for console if the custom route is removed. If not specified, default route will be used. DEPRECATED", "plugins": "plugins defines a list of enabled console plugin names.", } @@ -385,7 +395,7 @@ func (DNSList) SwaggerDoc() map[string]string { var map_DNSNodePlacement = map[string]string{ "": "DNSNodePlacement describes the node scheduling configuration for DNS pods.", - "nodeSelector": "nodeSelector is the node selector applied to DNS pods.\n\nIf empty, the default is used, which is currently the following:\n\n beta.kubernetes.io/os: linux\n\nThis default is subject to change.\n\nIf set, the specified selector is used and replaces the default.", + "nodeSelector": "nodeSelector is the node selector applied to DNS pods.\n\nIf empty, the default is used, which is currently the following:\n\n kubernetes.io/os: linux\n\nThis default is subject to change.\n\nIf set, the specified selector is used and replaces the default.", "tolerations": "tolerations is a list of tolerations applied to DNS pods.\n\nThe default is an empty list. This default is subject to change.\n\nSee https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/", } @@ -658,7 +668,7 @@ var map_IngressControllerTuningOptions = map[string]string{ "": "IngressControllerTuningOptions specifies options for tuning the performance of ingress controller pods", "headerBufferBytes": "headerBufferBytes describes how much memory should be reserved (in bytes) for IngressController connection sessions. Note that this value must be at least 16384 if HTTP/2 is enabled for the IngressController (https://tools.ietf.org/html/rfc7540). If this field is empty, the IngressController will use a default value of 32768 bytes.\n\nSetting this field is generally not recommended as headerBufferBytes values that are too small may break the IngressController and headerBufferBytes values that are too large could cause the IngressController to use significantly more memory than necessary.", "headerBufferMaxRewriteBytes": "headerBufferMaxRewriteBytes describes how much memory should be reserved (in bytes) from headerBufferBytes for HTTP header rewriting and appending for IngressController connection sessions. Note that incoming HTTP requests will be limited to (headerBufferBytes - headerBufferMaxRewriteBytes) bytes, meaning headerBufferBytes must be greater than headerBufferMaxRewriteBytes. If this field is empty, the IngressController will use a default value of 8192 bytes.\n\nSetting this field is generally not recommended as headerBufferMaxRewriteBytes values that are too small may break the IngressController and headerBufferMaxRewriteBytes values that are too large could cause the IngressController to use significantly more memory than necessary.", - "threadCount": "threadCount defines the number of threads created per HAProxy process. Creating more threads allows each ingress controller pod to handle more connections, at the cost of more system resources being used. If this field is empty, the IngressController will use the default value. The current default is 4 threads, but this may change in future releases.\n\nSetting this field is generally not recommended. Increasing the number of HAProxy threads allows ingress controller pods to utilize more CPU time under load, potentially starving other pods if set too high. Reducing the number of threads may cause the ingress controller to perform poorly.", + "threadCount": "threadCount defines the number of threads created per HAProxy process. Creating more threads allows each ingress controller pod to handle more connections, at the cost of more system resources being used. HAProxy currently supports up to 64 threads. If this field is empty, the IngressController will use the default value. The current default is 4 threads, but this may change in future releases.\n\nSetting this field is generally not recommended. Increasing the number of HAProxy threads allows ingress controller pods to utilize more CPU time under load, potentially starving other pods if set too high. Reducing the number of threads may cause the ingress controller to perform poorly.", } func (IngressControllerTuningOptions) SwaggerDoc() map[string]string { @@ -688,7 +698,7 @@ func (LoggingDestination) SwaggerDoc() map[string]string { var map_NodePlacement = map[string]string{ "": "NodePlacement describes node scheduling configuration for an ingress controller.", - "nodeSelector": "nodeSelector is the node selector applied to ingress controller deployments.\n\nIf unset, the default is:\n\n beta.kubernetes.io/os: linux\n node-role.kubernetes.io/worker: ''\n\nIf set, the specified selector is used and replaces the default.", + "nodeSelector": "nodeSelector is the node selector applied to ingress controller deployments.\n\nIf unset, the default is:\n\n kubernetes.io/os: linux\n node-role.kubernetes.io/worker: ''\n\nIf set, the specified selector is used and replaces the default.", "tolerations": "tolerations is a list of tolerations applied to ingress controller deployments.\n\nThe default is an empty list.\n\nSee https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/", } @@ -863,7 +873,7 @@ func (IPAMConfig) SwaggerDoc() map[string]string { } var map_IPFIXConfig = map[string]string{ - "collectors": "ipfixCollectors is list of strings formatted as ip:port", + "collectors": "ipfixCollectors is list of strings formatted as ip:port with a maximum of ten items", } func (IPFIXConfig) SwaggerDoc() map[string]string { @@ -887,7 +897,7 @@ func (KuryrConfig) SwaggerDoc() map[string]string { } var map_NetFlowConfig = map[string]string{ - "collectors": "netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. It is a list of strings formatted as ip:port", + "collectors": "netFlow defines the NetFlow collectors that will consume the flow data exported from OVS. It is a list of strings formatted as ip:port with a maximum of ten items", } func (NetFlowConfig) SwaggerDoc() map[string]string { @@ -995,7 +1005,7 @@ func (ProxyConfig) SwaggerDoc() map[string]string { } var map_SFlowConfig = map[string]string{ - "collectors": "sFlowCollectors is list of strings formatted as ip:port", + "collectors": "sFlowCollectors is list of strings formatted as ip:port with a maximum of ten items", } func (SFlowConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml index 16c5e4f8e..92d1404fc 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1alpha1/0000_10_config-operator_01_imagecontentsourcepolicy.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: imagecontentsourcepolicies.operator.openshift.io @@ -9,7 +9,6 @@ metadata: spec: group: operator.openshift.io scope: Cluster - preserveUnknownFields: false names: kind: ImageContentSourcePolicy singular: imagecontentsourcepolicy @@ -19,74 +18,76 @@ spec: - name: v1alpha1 served: true storage: true - subresources: - status: {} - "validation": - "openAPIV3Schema": - description: ImageContentSourcePolicy holds cluster-wide information about how - to handle registry mirror rules. When multiple policies are defined, the outcome - of the behavior is defined on each field. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: spec holds user settable values for configuration - type: object - properties: - repositoryDigestMirrors: - description: "repositoryDigestMirrors allows images referenced by image - digests in pods to be pulled from alternative mirrored repository - locations. The image pull specification provided to the pod will be - compared to the source locations described in RepositoryDigestMirrors - and the image may be pulled down from any of the mirrors in the list - instead of the specified repository allowing administrators to choose - a potentially faster mirror. Only image pull specifications that have - an image digest will have this behavior applied to them - tags will - continue to be pulled from the specified repository in the pull spec. - \n Each “source” repository is treated independently; configurations - for different “source” repositories don’t interact. \n When multiple - policies are defined for the same “source” repository, the sets of - defined mirrors will be merged together, preserving the relative order - of the mirrors, if possible. For example, if policy A has mirrors - `a, b, c` and policy B has mirrors `c, d, e`, the mirrors will be - used in the order `a, b, c, d, e`. If the orders of mirror entries - conflict (e.g. `a, b` vs. `b, a`) the configuration is not rejected - but the resulting order is unspecified." - type: array - items: - description: 'RepositoryDigestMirrors holds cluster-wide information - about how to handle mirros in the registries config. Note: the mirrors - only work when pulling the images that are referenced by their digests.' - type: object - required: - - source - properties: - mirrors: - description: mirrors is one or more repositories that may also - contain the same images. The order of mirrors in this list is - treated as the user's desired priority, while source is by default - considered lower priority than all mirrors. Other cluster configuration, - including (but not limited to) other repositoryDigestMirrors - objects, may impact the exact order mirrors are contacted in, - or some mirrors may be contacted in parallel, so this should - be considered a preference rather than a guarantee of ordering. - type: array - items: + subresources: + status: {} + schema: + openAPIV3Schema: + description: ImageContentSourcePolicy holds cluster-wide information about + how to handle registry mirror rules. When multiple policies are defined, + the outcome of the behavior is defined on each field. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + type: object + properties: + repositoryDigestMirrors: + description: "repositoryDigestMirrors allows images referenced by + image digests in pods to be pulled from alternative mirrored repository + locations. The image pull specification provided to the pod will + be compared to the source locations described in RepositoryDigestMirrors + and the image may be pulled down from any of the mirrors in the + list instead of the specified repository allowing administrators + to choose a potentially faster mirror. Only image pull specifications + that have an image digest will have this behavior applied to them + - tags will continue to be pulled from the specified repository + in the pull spec. \n Each “source” repository is treated independently; + configurations for different “source” repositories don’t interact. + \n When multiple policies are defined for the same “source” repository, + the sets of defined mirrors will be merged together, preserving + the relative order of the mirrors, if possible. For example, if + policy A has mirrors `a, b, c` and policy B has mirrors `c, d, e`, + the mirrors will be used in the order `a, b, c, d, e`. If the orders + of mirror entries conflict (e.g. `a, b` vs. `b, a`) the configuration + is not rejected but the resulting order is unspecified." + type: array + items: + description: 'RepositoryDigestMirrors holds cluster-wide information + about how to handle mirros in the registries config. Note: the + mirrors only work when pulling the images that are referenced + by their digests.' + type: object + required: + - source + properties: + mirrors: + description: mirrors is one or more repositories that may also + contain the same images. The order of mirrors in this list + is treated as the user's desired priority, while source is + by default considered lower priority than all mirrors. Other + cluster configuration, including (but not limited to) other + repositoryDigestMirrors objects, may impact the exact order + mirrors are contacted in, or some mirrors may be contacted + in parallel, so this should be considered a preference rather + than a guarantee of ordering. + type: array + items: + type: string + source: + description: source is the repository that users refer to, e.g. + in image pull specifications. type: string - source: - description: source is the repository that users refer to, e.g. - in image pull specifications. - type: string diff --git a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml index ae60b571a..260236550 100644 --- a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml +++ b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -13,233 +13,235 @@ spec: listKind: ClusterResourceQuotaList plural: clusterresourcequotas singular: clusterresourcequota - preserveUnknownFields: false scope: Cluster - subresources: - status: {} - validation: - openAPIV3Schema: - description: ClusterResourceQuota mirrors ResourceQuota at a cluster scope. This - object is easily convertible to synthetic ResourceQuota object to allow quota - evaluation re-use. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired quota - properties: - quota: - description: Quota defines the desired quota - properties: - hard: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - type: "" - x-kubernetes-int-or-string: true - description: 'hard is the set of desired hard limits for each named - resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' - type: object - scopeSelector: - description: scopeSelector is also a collection of filters like - scopes that must match each object tracked by a quota but expressed - using ScopeSelectorOperator in combination with possible values. - For a resource to match, both scopes AND scopeSelector (if specified - in spec), must be matched. - properties: - matchExpressions: - description: A list of scope selector requirements by scope - of the resources. - items: - description: A scoped-resource selector requirement is a selector - that contains values, a scope name, and an operator that - relates the scope name and values. - properties: - operator: - description: Represents a scope's relationship to a set - of values. Valid operators are In, NotIn, Exists, DoesNotExist. - type: string - scopeName: - description: The name of the scope that the selector applies - to. - type: string - values: - description: An array of string values. If the operator - is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ClusterResourceQuota mirrors ResourceQuota at a cluster scope. This + object is easily convertible to synthetic ResourceQuota object to allow + quota evaluation re-use. + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired quota + type: object + required: + - quota + - selector + properties: + quota: + description: Quota defines the desired quota + type: object + properties: + hard: + description: 'hard is the set of desired hard limits for each + named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scopeSelector: + description: scopeSelector is also a collection of filters like + scopes that must match each object tracked by a quota but expressed + using ScopeSelectorOperator in combination with possible values. + For a resource to match, both scopes AND scopeSelector (if specified + in spec), must be matched. + type: object + properties: + matchExpressions: + description: A list of scope selector requirements by scope + of the resources. + type: array + items: + description: A scoped-resource selector requirement is a + selector that contains values, a scope name, and an operator + that relates the scope name and values. + type: object + required: + - operator + - scopeName + properties: + operator: + description: Represents a scope's relationship to a + set of values. Valid operators are In, NotIn, Exists, + DoesNotExist. type: string - type: array - required: - - operator - - scopeName - type: object - type: array - type: object - scopes: - description: A collection of filters that must match each object - tracked by a quota. If not specified, the quota matches all objects. - items: - description: A ResourceQuotaScope defines a filter that must match - each object tracked by a quota - type: string - type: array - type: object - selector: - description: Selector is the selector used to match projects. It should - only select active projects on the scale of dozens (though it can - select many more less active projects). These projects will contend - on object creation through this resource. - properties: - annotations: - additionalProperties: - type: string - description: AnnotationSelector is used to select projects by annotation. - nullable: true - type: object - labels: - description: LabelSelector is used to select projects by label. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + scopeName: + description: The name of the scope that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - type: object - required: - - quota - - selector - type: object - status: - description: Status defines the actual enforced quota and its current usage - properties: - namespaces: - description: Namespaces slices the usage by project. This division - allows for quick resolution of deletion reconciliation inside of a - single project without requiring a recalculation across all projects. This - can be used to pull the deltas for a given project. - items: - description: ResourceQuotaStatusByNamespace gives status for a particular - project + values: + description: An array of string values. If the operator + is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during + a strategic merge patch. + type: array + items: + type: string + scopes: + description: A collection of filters that must match each object + tracked by a quota. If not specified, the quota matches all + objects. + type: array + items: + description: A ResourceQuotaScope defines a filter that must + match each object tracked by a quota + type: string + selector: + description: Selector is the selector used to match projects. It should + only select active projects on the scale of dozens (though it can + select many more less active projects). These projects will contend + on object creation through this resource. + type: object properties: - namespace: - description: Namespace the project this status applies to - type: string - status: - description: Status indicates how many resources have been consumed - by this project + annotations: + description: AnnotationSelector is used to select projects by + annotation. + type: object + additionalProperties: + type: string + nullable: true + labels: + description: LabelSelector is used to select projects by label. + type: object properties: - hard: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Hard is the set of enforced hard limits for - each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. type: object - used: additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Used is the current observed total usage of the - resource in the namespace. - type: object - type: object - required: - - namespace - - status - type: object - nullable: true - type: array - total: - description: Total defines the actual enforced quota and its current - usage across all projects - properties: - hard: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Hard is the set of enforced hard limits for each named - resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' - type: object - used: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Used is the current observed total usage of the resource - in the namespace. + type: string + nullable: true + status: + description: Status defines the actual enforced quota and its current + usage + type: object + required: + - total + properties: + namespaces: + description: Namespaces slices the usage by project. This division + allows for quick resolution of deletion reconciliation inside of + a single project without requiring a recalculation across all projects. This + can be used to pull the deltas for a given project. + type: array + items: + description: ResourceQuotaStatusByNamespace gives status for a particular + project type: object - type: object - required: - - total - type: object - required: - - metadata - - spec - type: object - versions: - - name: v1 + required: + - namespace + - status + properties: + namespace: + description: Namespace the project this status applies to + type: string + status: + description: Status indicates how many resources have been consumed + by this project + type: object + properties: + hard: + description: 'Hard is the set of enforced hard limits for + each named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + used: + description: Used is the current observed total usage of + the resource in the namespace. + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + nullable: true + total: + description: Total defines the actual enforced quota and its current + usage across all projects + type: object + properties: + hard: + description: 'Hard is the set of enforced hard limits for each + named resource. More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/' + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + used: + description: Used is the current observed total usage of the resource + in the namespace. + type: object + additionalProperties: + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true served: true storage: true + subresources: + status: {} diff --git a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml-merge-patch b/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml-merge-patch deleted file mode 100644 index 1897fdbee..000000000 --- a/vendor/github.com/openshift/api/quota/v1/0000_03_quota-openshift_01_clusterresourcequota.crd.yaml-merge-patch +++ /dev/null @@ -1,13 +0,0 @@ -spec: - validation: - openAPIV3Schema: - properties: - spec: - properties: - quota: - properties: - hard: - additionalProperties: - type: "" - x-kubernetes-int-or-string: true - diff --git a/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml b/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml index 185fe4bd1..f0bd21eda 100644 --- a/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml +++ b/vendor/github.com/openshift/api/samples/v1/0000_10_samplesconfig.crd.yaml @@ -1,4 +1,4 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: configs.samples.operator.openshift.io @@ -10,169 +10,169 @@ metadata: include.release.openshift.io/single-node-developer: "true" spec: scope: Cluster - subresources: - status: {} preserveUnknownFields: false group: samples.operator.openshift.io versions: - name: v1 + subresources: + status: {} served: true storage: true - names: - plural: configs - singular: config - kind: Config - listKind: ConfigList - "validation": - "openAPIV3Schema": - description: Config contains the configuration and detailed condition status - for the Samples Operator. - type: object - required: - - metadata - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigSpec contains the desired configuration and state for - the Samples Operator, controlling various behavior around the imagestreams - and templates it creates/updates in the openshift namespace. - type: object - properties: - architectures: - description: architectures determine which hardware architecture(s) - to install, where x86_64, ppc64le, and s390x are the only supported - choices currently. - type: array - items: - type: string - managementState: - description: managementState is top level on/off type of switch for - all operators. When "Managed", this operator processes config and - manipulates the samples accordingly. When "Unmanaged", this operator - ignores any updates to the resources it watches. When "Removed", it - reacts that same wasy as it does if the Config object is deleted, - meaning any ImageStreams or Templates it manages (i.e. it honors the - skipped lists) and the registry secret are deleted, along with the - ConfigMap in the operator's namespace that represents the last config - used to manipulate the samples, - type: string - pattern: ^(Managed|Unmanaged|Force|Removed)$ - samplesRegistry: - description: samplesRegistry allows for the specification of which registry - is accessed by the ImageStreams for their image content. Defaults - on the content in https://github.com/openshift/library that are pulled - into this github repository, but based on our pulling only ocp content - it typically defaults to registry.redhat.io. - type: string - skippedImagestreams: - description: skippedImagestreams specifies names of image streams that - should NOT be created/updated. Admins can use this to allow them - to delete content they don’t want. They will still have to manually - delete the content but the operator will not recreate(or update) anything - listed here. - type: array - items: + "schema": + "openAPIV3Schema": + description: Config contains the configuration and detailed condition status + for the Samples Operator. + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConfigSpec contains the desired configuration and state for + the Samples Operator, controlling various behavior around the imagestreams + and templates it creates/updates in the openshift namespace. + type: object + properties: + architectures: + description: architectures determine which hardware architecture(s) + to install, where x86_64, ppc64le, and s390x are the only supported + choices currently. + type: array + items: + type: string + managementState: + description: managementState is top level on/off type of switch for + all operators. When "Managed", this operator processes config and + manipulates the samples accordingly. When "Unmanaged", this operator + ignores any updates to the resources it watches. When "Removed", + it reacts that same wasy as it does if the Config object is deleted, + meaning any ImageStreams or Templates it manages (i.e. it honors + the skipped lists) and the registry secret are deleted, along with + the ConfigMap in the operator's namespace that represents the last + config used to manipulate the samples, type: string - skippedTemplates: - description: skippedTemplates specifies names of templates that should - NOT be created/updated. Admins can use this to allow them to delete - content they don’t want. They will still have to manually delete - the content but the operator will not recreate(or update) anything - listed here. - type: array - items: + pattern: ^(Managed|Unmanaged|Force|Removed)$ + samplesRegistry: + description: samplesRegistry allows for the specification of which + registry is accessed by the ImageStreams for their image content. Defaults + on the content in https://github.com/openshift/library that are + pulled into this github repository, but based on our pulling only + ocp content it typically defaults to registry.redhat.io. type: string - status: - description: ConfigStatus contains the actual configuration in effect, as - well as various details that describe the state of the Samples Operator. - type: object - properties: - architectures: - description: architectures determine which hardware architecture(s) - to install, where x86_64 and ppc64le are the supported choices. - type: array - items: + skippedImagestreams: + description: skippedImagestreams specifies names of image streams + that should NOT be created/updated. Admins can use this to allow + them to delete content they don’t want. They will still have to + manually delete the content but the operator will not recreate(or + update) anything listed here. + type: array + items: + type: string + skippedTemplates: + description: skippedTemplates specifies names of templates that should + NOT be created/updated. Admins can use this to allow them to delete + content they don’t want. They will still have to manually delete + the content but the operator will not recreate(or update) anything + listed here. + type: array + items: + type: string + status: + description: ConfigStatus contains the actual configuration in effect, + as well as various details that describe the state of the Samples Operator. + type: object + properties: + architectures: + description: architectures determine which hardware architecture(s) + to install, where x86_64 and ppc64le are the supported choices. + type: array + items: + type: string + conditions: + description: conditions represents the available maintenance status + of the sample imagestreams and templates. + type: array + items: + description: ConfigCondition captures various conditions of the + Config as entries are processed. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. + type: string + format: date-time + lastUpdateTime: + description: lastUpdateTime is the last time this condition + was updated. + type: string + format: date-time + message: + description: message is a human readable message indicating + details about the transition. + type: string + reason: + description: reason is what caused the condition's last transition. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type of condition. + type: string + managementState: + description: managementState reflects the current operational status + of the on/off switch for the operator. This operator compares the + ManagementState as part of determining that we are turning the operator + back on (i.e. "Managed") when it was previously "Unmanaged". type: string - conditions: - description: conditions represents the available maintenance status - of the sample imagestreams and templates. - type: array - items: - description: ConfigCondition captures various conditions of the Config - as entries are processed. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. - type: string - format: date-time - lastUpdateTime: - description: lastUpdateTime is the last time this condition was - updated. - type: string - format: date-time - message: - description: message is a human readable message indicating details - about the transition. - type: string - reason: - description: reason is what caused the condition's last transition. - type: string - status: - description: status of the condition, one of True, False, Unknown. - type: string - type: - description: type of condition. - type: string - managementState: - description: managementState reflects the current operational status - of the on/off switch for the operator. This operator compares the - ManagementState as part of determining that we are turning the operator - back on (i.e. "Managed") when it was previously "Unmanaged". - type: string - pattern: ^(Managed|Unmanaged|Force|Removed)$ - samplesRegistry: - description: samplesRegistry allows for the specification of which registry - is accessed by the ImageStreams for their image content. Defaults - on the content in https://github.com/openshift/library that are pulled - into this github repository, but based on our pulling only ocp content - it typically defaults to registry.redhat.io. - type: string - skippedImagestreams: - description: skippedImagestreams specifies names of image streams that - should NOT be created/updated. Admins can use this to allow them - to delete content they don’t want. They will still have to manually - delete the content but the operator will not recreate(or update) anything - listed here. - type: array - items: + pattern: ^(Managed|Unmanaged|Force|Removed)$ + samplesRegistry: + description: samplesRegistry allows for the specification of which + registry is accessed by the ImageStreams for their image content. Defaults + on the content in https://github.com/openshift/library that are + pulled into this github repository, but based on our pulling only + ocp content it typically defaults to registry.redhat.io. type: string - skippedTemplates: - description: skippedTemplates specifies names of templates that should - NOT be created/updated. Admins can use this to allow them to delete - content they don’t want. They will still have to manually delete - the content but the operator will not recreate(or update) anything - listed here. - type: array - items: + skippedImagestreams: + description: skippedImagestreams specifies names of image streams + that should NOT be created/updated. Admins can use this to allow + them to delete content they don’t want. They will still have to + manually delete the content but the operator will not recreate(or + update) anything listed here. + type: array + items: + type: string + skippedTemplates: + description: skippedTemplates specifies names of templates that should + NOT be created/updated. Admins can use this to allow them to delete + content they don’t want. They will still have to manually delete + the content but the operator will not recreate(or update) anything + listed here. + type: array + items: + type: string + version: + description: version is the value of the operator's payload based + version indicator when it was last successfully processed type: string - version: - description: version is the value of the operator's payload based version - indicator when it was last successfully processed - type: string + names: + plural: configs + singular: config + kind: Config + listKind: ConfigList diff --git a/vendor/github.com/openshift/build-machinery-go/Makefile b/vendor/github.com/openshift/build-machinery-go/Makefile index aa131b622..7b69ea411 100644 --- a/vendor/github.com/openshift/build-machinery-go/Makefile +++ b/vendor/github.com/openshift/build-machinery-go/Makefile @@ -19,7 +19,7 @@ define update-makefile-log mkdir -p "$(3)" set -o pipefail; $(MAKE) -j 1 -C "$(dir $(1))" -f "$(notdir $(1))" --no-print-directory --warn-undefined-variables $(2) 2>&1 | \ sed 's/\.\(buildDate\|versionFromGit\|commitFromGit\|gitTreeState\)="[^"]*" /.\1="" /g' | \ - sed -E 's~/.*/(github.com/openshift/build-machinery-go/.*)~/\1~g' | \ + sed -E 's~/[^ ]*/(github.com/openshift/build-machinery-go/[^ ]*)~/\1~g' | \ sed '/\/tmp\/tmp./d' | \ sed '/git checkout -b/d' | \ sed -E 's~^[<> ]*((\+\+\+|\-\-\-) \./(testing/)?manifests/.*.yaml).*~\1~' | \ diff --git a/vendor/github.com/openshift/build-machinery-go/README.md b/vendor/github.com/openshift/build-machinery-go/README.md index bd37d7346..66862f61a 100644 --- a/vendor/github.com/openshift/build-machinery-go/README.md +++ b/vendor/github.com/openshift/build-machinery-go/README.md @@ -40,5 +40,5 @@ Extends [#Default](). ### Updating generated files We track the log output from the makefile tests to make sure any change is visible and can be audited. Unfortunately due to subtle linux tooling differences in distributions and versions, `make update` may not get you the exact output as the CI. To avoid it, just run the command in the same container as CI: ``` -podman run -it --rm --pull=always -v $( pwd ):/go/src/$( go list -m ) --workdir=/go/src/$( go list -m ) registry.svc.ci.openshift.org/openshift/release:rhel-8-release-golang-1.15-openshift-4.7 make update +podman run -it --rm --pull=always -v $( pwd ):/go/src/$( go list -m ) --workdir=/go/src/$( go list -m ) registry.ci.openshift.org/openshift/release:rhel-8-release-golang-1.15-openshift-4.7 make update ``` diff --git a/vendor/github.com/openshift/build-machinery-go/make/default.example.mk.help.log b/vendor/github.com/openshift/build-machinery-go/make/default.example.mk.help.log index 05285660d..39b697937 100644 --- a/vendor/github.com/openshift/build-machinery-go/make/default.example.mk.help.log +++ b/vendor/github.com/openshift/build-machinery-go/make/default.example.mk.help.log @@ -20,5 +20,6 @@ verify-codegen verify-deps verify-generated verify-gofmt +verify-golang-versions verify-golint verify-govet diff --git a/vendor/github.com/openshift/build-machinery-go/make/golang.example.mk.help.log b/vendor/github.com/openshift/build-machinery-go/make/golang.example.mk.help.log index a5cc906dd..2a908b013 100644 --- a/vendor/github.com/openshift/build-machinery-go/make/golang.example.mk.help.log +++ b/vendor/github.com/openshift/build-machinery-go/make/golang.example.mk.help.log @@ -10,5 +10,6 @@ update update-gofmt verify verify-gofmt +verify-golang-versions verify-golint verify-govet diff --git a/vendor/github.com/openshift/build-machinery-go/make/golang.mk b/vendor/github.com/openshift/build-machinery-go/make/golang.mk index 15a0b49bc..2c16ccafc 100644 --- a/vendor/github.com/openshift/build-machinery-go/make/golang.mk +++ b/vendor/github.com/openshift/build-machinery-go/make/golang.mk @@ -6,6 +6,7 @@ self_dir := $(dir $(lastword $(MAKEFILE_LIST))) verify: verify-gofmt verify: verify-govet +verify: verify-golang-versions .PHONY: verify update: update-gofmt diff --git a/vendor/github.com/openshift/build-machinery-go/make/operator.example.mk.help.log b/vendor/github.com/openshift/build-machinery-go/make/operator.example.mk.help.log index 42a5fd5a3..834cfbb90 100644 --- a/vendor/github.com/openshift/build-machinery-go/make/operator.example.mk.help.log +++ b/vendor/github.com/openshift/build-machinery-go/make/operator.example.mk.help.log @@ -26,6 +26,7 @@ verify-codegen verify-deps verify-generated verify-gofmt +verify-golang-versions verify-golint verify-govet verify-profile-manifests diff --git a/vendor/github.com/openshift/build-machinery-go/make/targets/golang/version.mk b/vendor/github.com/openshift/build-machinery-go/make/targets/golang/version.mk new file mode 100644 index 000000000..7532dfcf9 --- /dev/null +++ b/vendor/github.com/openshift/build-machinery-go/make/targets/golang/version.mk @@ -0,0 +1,65 @@ +self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) + +.empty-golang-versions-files: + @rm -f "$(PERMANENT_TMP)/golang-versions" "$(PERMANENT_TMP)/named-golang-versions" +.PHONE: .empty-golang-versions-files + +verify-golang-versions: + @if [ -f "$(PERMANENT_TMP)/golang-versions" ]; then \ + LINES=$$(cat "$(PERMANENT_TMP)/golang-versions" | sort | uniq | wc -l); \ + if [ $${LINES} -gt 1 ]; then \ + echo "Golang version mismatch:"; \ + cat "$(PERMANENT_TMP)/named-golang-versions" | sort | sed 's/^/- /'; \ + false; \ + fi; \ + fi +.PHONY: verify-golang-versions + +# $1 - filename (symbolic, used as postfix in Makefile target) +# $2 - golang version +define verify-golang-version-reference-internal +verify-golang-versions-$(1): .empty-golang-versions-files +verify-golang-versions-$(1): + @mkdir -p "$(PERMANENT_TMP)" + @echo "$(1): $(2)" >> "$(PERMANENT_TMP)/named-golang-versions" + @echo "$(2)" >> "$(PERMANENT_TMP)/golang-versions" +.PHONY: verify-golang-versions-$(1) + +verify-golang-versions: verify-golang-versions-$(1) +endef + +# $1 - filename (symbolic, used as postfix in Makefile target) +# $2 - golang version +define verify-golang-version-reference +$(eval $(call verify-golang-version-reference-internal,$(1),$(2))) +endef + +# $1 - Dockerfile filename (symbolic, used as postfix in Makefile target) +define verify-Dockerfile-builder-golang-version +$(call verify-golang-version-reference,$(1),$(shell grep "AS builder" "$(1)" | sed 's/.*golang-\([[:digit:]][[:digit:]]*.[[:digit:]][[:digit:]]*\).*/\1/')) +endef + +define verify-go-mod-golang-version +$(call verify-golang-version-reference,go.mod,$(shell grep -e 'go [[:digit:]]*\.[[:digit:]]*' go.mod 2>/dev/null | sed 's/go //')) +endef + +define verify-buildroot-golang-version +$(call verify-golang-version-reference,.ci-operator.yaml,$(shell grep -e 'tag: .*golang-[[:digit:]]*\.[[:digit:]]' .ci-operator.yaml 2>/dev/null | sed 's/.*golang-\([[:digit:]][[:digit:]]*.[[:digit:]][[:digit:]]*\).*/\1/')) +endef + +# $1 - optional Dockerfile filename (symbolic, used as postfix in Makefile target) +define verify-golang-versions +$(if $(1),$(call verify-Dockerfile-builder-golang-version,$(1))) \ +$(if $(wildcard ./.ci-operator.yaml),$(if $(shell grep 'build_root_image:' .ci-operator.yaml 2>/dev/null),$(call verify-buildroot-golang-version))) \ +$(if $(wildcard ./go.mod),$(call verify-go-mod-golang-version)) +endef + +# We need to be careful to expand all the paths before any include is done +# or self_dir could be modified for the next include by the included file. +# Also doing this at the end of the file allows us to use self_dir before it could be modified. +include $(addprefix $(self_dir), \ + ../../lib/golang.mk \ +) +include $(addprefix $(self_dir), \ + ../../lib/tmp.mk \ +) \ No newline at end of file diff --git a/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/profile-manifests.mk b/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/profile-manifests.mk index b57ecd5ea..a338831a9 100644 --- a/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/profile-manifests.mk +++ b/vendor/github.com/openshift/build-machinery-go/make/targets/openshift/operator/profile-manifests.mk @@ -6,6 +6,7 @@ self_dir :=$(dir $(lastword $(MAKEFILE_LIST))) # $3 - output file define patch-manifest-yq $(YQ) m -x '$(2)' '$(1)' > '$(3)' + sed -i '$(3)' -e '1s/^/# *** AUTOMATICALLY GENERATED FILE - DO NOT EDIT ***\n/' endef @@ -15,6 +16,7 @@ endef # $3 - output file define patch-manifest-yaml-patch $(YAML_PATCH) -o '$(1)' < '$(2)' > '$(3)' + sed -i '$(3)' -e '1s/^/# *** AUTOMATICALLY GENERATED FILE - DO NOT EDIT ***\n/' endef diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go index a8e5f25f1..854e29f59 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go @@ -13,6 +13,7 @@ import ( "k8s.io/apimachinery/pkg/api/equality" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/sets" coreclientv1 "k8s.io/client-go/kubernetes/typed/core/v1" "github.com/openshift/library-go/pkg/operator/events" @@ -327,25 +328,41 @@ func ApplySecret(client coreclientv1.SecretsGetter, recorder events.Recorder, re return actual, true, err } +// SyncConfigMap applies a ConfigMap from a location `sourceNamespace/sourceName` to `targetNamespace/targetName` func SyncConfigMap(client coreclientv1.ConfigMapsGetter, recorder events.Recorder, sourceNamespace, sourceName, targetNamespace, targetName string, ownerRefs []metav1.OwnerReference) (*corev1.ConfigMap, bool, error) { + return SyncPartialConfigMap(client, recorder, sourceNamespace, sourceName, targetNamespace, targetName, nil, ownerRefs) +} + +// SyncPartialConfigMap does what SyncConfigMap does but it only synchronizes a subset of keys given by `syncedKeys`. +// SyncPartialConfigMap will delete the target if `syncedKeys` are set but the source does not contain any of these keys. +func SyncPartialConfigMap(client coreclientv1.ConfigMapsGetter, recorder events.Recorder, sourceNamespace, sourceName, targetNamespace, targetName string, syncedKeys sets.String, ownerRefs []metav1.OwnerReference) (*corev1.ConfigMap, bool, error) { source, err := client.ConfigMaps(sourceNamespace).Get(context.TODO(), sourceName, metav1.GetOptions{}) switch { case apierrors.IsNotFound(err): - deleteErr := client.ConfigMaps(targetNamespace).Delete(context.TODO(), targetName, metav1.DeleteOptions{}) - if _, getErr := client.ConfigMaps(targetNamespace).Get(context.TODO(), targetName, metav1.GetOptions{}); getErr != nil && apierrors.IsNotFound(getErr) { - return nil, true, nil - } - if apierrors.IsNotFound(deleteErr) { - return nil, false, nil - } - if deleteErr == nil { - recorder.Eventf("TargetConfigDeleted", "Deleted target configmap %s/%s because source config does not exist", targetNamespace, targetName) - return nil, true, nil - } - return nil, false, deleteErr + modified, err := deleteConfigMapSyncTarget(client, recorder, targetNamespace, targetName) + return nil, modified, err case err != nil: return nil, false, err default: + if len(syncedKeys) > 0 { + for sourceKey := range source.Data { + if !syncedKeys.Has(sourceKey) { + delete(source.Data, sourceKey) + } + } + for sourceKey := range source.BinaryData { + if !syncedKeys.Has(sourceKey) { + delete(source.BinaryData, sourceKey) + } + } + + // remove the synced CM if the requested fields are not present in source + if len(source.Data)+len(source.BinaryData) == 0 { + modified, err := deleteConfigMapSyncTarget(client, recorder, targetNamespace, targetName) + return nil, modified, err + } + } + source.Namespace = targetNamespace source.Name = targetName source.ResourceVersion = "" @@ -354,22 +371,31 @@ func SyncConfigMap(client coreclientv1.ConfigMapsGetter, recorder events.Recorde } } +func deleteConfigMapSyncTarget(client coreclientv1.ConfigMapsGetter, recorder events.Recorder, targetNamespace, targetName string) (bool, error) { + err := client.ConfigMaps(targetNamespace).Delete(context.TODO(), targetName, metav1.DeleteOptions{}) + if apierrors.IsNotFound(err) { + return false, nil + } + if err == nil { + recorder.Eventf("TargetConfigDeleted", "Deleted target configmap %s/%s because source config does not exist", targetNamespace, targetName) + return true, nil + } + return false, err +} + +// SyncSecret applies a Secret from a location `sourceNamespace/sourceName` to `targetNamespace/targetName` func SyncSecret(client coreclientv1.SecretsGetter, recorder events.Recorder, sourceNamespace, sourceName, targetNamespace, targetName string, ownerRefs []metav1.OwnerReference) (*corev1.Secret, bool, error) { + return SyncPartialSecret(client, recorder, sourceNamespace, sourceName, targetNamespace, targetName, nil, ownerRefs) +} + +// SyncPartialSecret does what SyncSecret does but it only synchronizes a subset of keys given by `syncedKeys`. +// SyncPartialSecret will delete the target if `syncedKeys` are set but the source does not contain any of these keys. +func SyncPartialSecret(client coreclientv1.SecretsGetter, recorder events.Recorder, sourceNamespace, sourceName, targetNamespace, targetName string, syncedKeys sets.String, ownerRefs []metav1.OwnerReference) (*corev1.Secret, bool, error) { source, err := client.Secrets(sourceNamespace).Get(context.TODO(), sourceName, metav1.GetOptions{}) switch { case apierrors.IsNotFound(err): - if _, getErr := client.Secrets(targetNamespace).Get(context.TODO(), targetName, metav1.GetOptions{}); getErr != nil && apierrors.IsNotFound(getErr) { - return nil, true, nil - } - deleteErr := client.Secrets(targetNamespace).Delete(context.TODO(), targetName, metav1.DeleteOptions{}) - if apierrors.IsNotFound(deleteErr) { - return nil, false, nil - } - if deleteErr == nil { - recorder.Eventf("TargetSecretDeleted", "Deleted target secret %s/%s because source config does not exist", targetNamespace, targetName) - return nil, true, nil - } - return nil, false, deleteErr + modified, err := deleteSecretSyncTarget(client, recorder, targetNamespace, targetName) + return nil, modified, err case err != nil: return nil, false, err default: @@ -391,6 +417,25 @@ func SyncSecret(client coreclientv1.SecretsGetter, recorder events.Recorder, sou source.Type = corev1.SecretTypeOpaque } + if len(syncedKeys) > 0 { + for sourceKey := range source.Data { + if !syncedKeys.Has(sourceKey) { + delete(source.Data, sourceKey) + } + } + for sourceKey := range source.StringData { + if !syncedKeys.Has(sourceKey) { + delete(source.StringData, sourceKey) + } + } + + // remove the synced secret if the requested fields are not present in source + if len(source.Data)+len(source.StringData) == 0 { + modified, err := deleteSecretSyncTarget(client, recorder, targetNamespace, targetName) + return nil, modified, err + } + } + source.Namespace = targetNamespace source.Name = targetName source.ResourceVersion = "" @@ -398,3 +443,15 @@ func SyncSecret(client coreclientv1.SecretsGetter, recorder events.Recorder, sou return ApplySecret(client, recorder, source) } } + +func deleteSecretSyncTarget(client coreclientv1.SecretsGetter, recorder events.Recorder, targetNamespace, targetName string) (bool, error) { + err := client.Secrets(targetNamespace).Delete(context.TODO(), targetName, metav1.DeleteOptions{}) + if apierrors.IsNotFound(err) { + return false, nil + } + if err == nil { + recorder.Eventf("TargetSecretDeleted", "Deleted target secret %s/%s because source config does not exist", targetNamespace, targetName) + return true, nil + } + return false, err +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go index b13453923..b8d9fe236 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go @@ -4,6 +4,7 @@ import ( "fmt" corev1 "k8s.io/api/core/v1" + policyv1 "k8s.io/api/policy/v1" rbacv1 "k8s.io/api/rbac/v1" storagev1 "k8s.io/api/storage/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" @@ -33,7 +34,8 @@ func init() { utilruntime.Must(api.InstallKube(genericScheme)) utilruntime.Must(apiextensionsv1beta1.AddToScheme(genericScheme)) utilruntime.Must(apiextensionsv1.AddToScheme(genericScheme)) - + // TODO: remove once openshift/api/pull/929 is merged + utilruntime.Must(policyv1.AddToScheme(genericScheme)) } type AssetFunc func(name string) ([]byte, error) @@ -165,6 +167,12 @@ func ApplyDirectly(clients *ClientHolder, recorder events.Recorder, manifests As } else { result.Result, result.Changed, result.Error = ApplyRoleBinding(clients.kubeClient.RbacV1(), recorder, t) } + case *policyv1.PodDisruptionBudget: + if clients.kubeClient == nil { + result.Error = fmt.Errorf("missing kubeClient") + } else { + result.Result, result.Changed, result.Error = ApplyPodDisruptionBudget(clients.kubeClient.PolicyV1(), recorder, t) + } case *apiextensionsv1beta1.CustomResourceDefinition: if clients.apiExtensionsClient == nil { result.Error = fmt.Errorf("missing apiExtensionsClient") diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go index ae05022f4..f929481fe 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go @@ -3,23 +3,22 @@ package resourceapply import ( "context" - "github.com/imdario/mergo" - "k8s.io/klog/v2" - + "github.com/openshift/library-go/pkg/operator/events" "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/dynamic" - - "github.com/openshift/library-go/pkg/operator/events" + "k8s.io/klog/v2" ) var serviceMonitorGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "servicemonitors"} -func ensureServiceMonitorSpec(required, existing *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { - requiredSpec, _, err := unstructured.NestedMap(required.UnstructuredContent(), "spec") +func ensureGenericSpec(required, existing *unstructured.Unstructured, mimicDefaultingFn mimicDefaultingFunc, equalityChecker equalityChecker) (*unstructured.Unstructured, bool, error) { + requiredCopy := required.DeepCopy() + mimicDefaultingFn(requiredCopy) + requiredSpec, _, err := unstructured.NestedMap(requiredCopy.UnstructuredContent(), "spec") if err != nil { return nil, false, err } @@ -28,22 +27,33 @@ func ensureServiceMonitorSpec(required, existing *unstructured.Unstructured) (*u return nil, false, err } - if err := mergo.Merge(&existingSpec, &requiredSpec); err != nil { - return nil, false, err - } - - if equality.Semantic.DeepEqual(existingSpec, requiredSpec) { + if equalityChecker.DeepEqual(existingSpec, requiredSpec) { return existing, false, nil } existingCopy := existing.DeepCopy() - if err := unstructured.SetNestedMap(existingCopy.UnstructuredContent(), existingSpec, "spec"); err != nil { + if err := unstructured.SetNestedMap(existingCopy.UnstructuredContent(), requiredSpec, "spec"); err != nil { return nil, true, err } return existingCopy, true, nil } +// mimicDefaultingFunc is used to set fields that are defaulted. This allows for sparse manifests to apply correctly. +// For instance, if field .spec.foo is set to 10 if not set, then a function of this type could be used to set +// the field to 10 to match the comparison. This is soemtimes (often?) easier than updating the semantic equality. +// We often see this in places like RBAC and CRD. Logically it can happen generically too. +type mimicDefaultingFunc func(obj *unstructured.Unstructured) + +func noDefaulting(obj *unstructured.Unstructured) {} + +// equalityChecker allows for custom equality comparisons. This can be used to allow equality checks to skip certain +// operator managed fields. This capability allows something like .spec.scale to be specified or changed by a component +// like HPA. Use this capability sparingly. Most places ought to just use `equality.Semantic` +type equalityChecker interface { + DeepEqual(a1, a2 interface{}) bool +} + // ApplyServiceMonitor applies the Prometheus service monitor. func ApplyServiceMonitor(client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { namespace := required.GetNamespace() @@ -64,20 +74,20 @@ func ApplyServiceMonitor(client dynamic.Interface, recorder events.Recorder, req existingCopy := existing.DeepCopy() - updated, endpointsModified, err := ensureServiceMonitorSpec(required, existingCopy) + toUpdate, modified, err := ensureGenericSpec(required, existingCopy, noDefaulting, equality.Semantic) if err != nil { return nil, false, err } - if !endpointsModified { + if !modified { return nil, false, nil } if klog.V(4).Enabled() { - klog.Infof("ServiceMonitor %q changes: %v", namespace+"/"+required.GetName(), JSONPatchNoError(existing, existingCopy)) + klog.Infof("ServiceMonitor %q changes: %v", namespace+"/"+required.GetName(), JSONPatchNoError(existing, toUpdate)) } - newObj, err := client.Resource(serviceMonitorGVR).Namespace(namespace).Update(context.TODO(), updated, metav1.UpdateOptions{}) + newObj, err := client.Resource(serviceMonitorGVR).Namespace(namespace).Update(context.TODO(), toUpdate, metav1.UpdateOptions{}) if err != nil { recorder.Warningf("ServiceMonitorUpdateFailed", "Failed to update ServiceMonitor.monitoring.coreos.com/v1: %v", err) return nil, true, err @@ -86,3 +96,48 @@ func ApplyServiceMonitor(client dynamic.Interface, recorder events.Recorder, req recorder.Eventf("ServiceMonitorUpdated", "Updated ServiceMonitor.monitoring.coreos.com/v1 because it changed") return newObj, true, err } + +var prometheusRuleGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "prometheusrules"} + +// ApplyPrometheusRule applies the PrometheusRule +func ApplyPrometheusRule(client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + namespace := required.GetNamespace() + + existing, err := client.Resource(prometheusRuleGVR).Namespace(namespace).Get(context.TODO(), required.GetName(), metav1.GetOptions{}) + if errors.IsNotFound(err) { + newObj, createErr := client.Resource(prometheusRuleGVR).Namespace(namespace).Create(context.TODO(), required, metav1.CreateOptions{}) + if createErr != nil { + recorder.Warningf("PrometheusRuleCreateFailed", "Failed to create PrometheusRule.monitoring.coreos.com/v1: %v", createErr) + return nil, true, createErr + } + recorder.Eventf("PrometheusRuleCreated", "Created PrometheusRule.monitoring.coreos.com/v1 because it was missing") + return newObj, true, nil + } + if err != nil { + return nil, false, err + } + + existingCopy := existing.DeepCopy() + + toUpdate, modified, err := ensureGenericSpec(required, existingCopy, noDefaulting, equality.Semantic) + if err != nil { + return nil, false, err + } + + if !modified { + return nil, false, nil + } + + if klog.V(4).Enabled() { + klog.Infof("PrometheusRule %q changes: %v", namespace+"/"+required.GetName(), JSONPatchNoError(existing, toUpdate)) + } + + newObj, err := client.Resource(prometheusRuleGVR).Namespace(namespace).Update(context.TODO(), toUpdate, metav1.UpdateOptions{}) + if err != nil { + recorder.Warningf("PrometheusRuleUpdateFailed", "Failed to update PrometheusRule.monitoring.coreos.com/v1: %v", err) + return nil, true, err + } + + recorder.Eventf("PrometheusRuleUpdated", "Updated PrometheusRule.monitoring.coreos.com/v1 because it changed") + return newObj, true, err +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go new file mode 100644 index 000000000..ecd0eb6bf --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go @@ -0,0 +1,47 @@ +package resourceapply + +import ( + "context" + + policyv1 "k8s.io/api/policy/v1" + "k8s.io/klog/v2" + + "k8s.io/apimachinery/pkg/api/equality" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + policyclientv1 "k8s.io/client-go/kubernetes/typed/policy/v1" + + "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" +) + +func ApplyPodDisruptionBudget(client policyclientv1.PodDisruptionBudgetsGetter, recorder events.Recorder, required *policyv1.PodDisruptionBudget) (*policyv1.PodDisruptionBudget, bool, error) { + existing, err := client.PodDisruptionBudgets(required.Namespace).Get(context.TODO(), required.Name, metav1.GetOptions{}) + if apierrors.IsNotFound(err) { + actual, err := client.PodDisruptionBudgets(required.Namespace).Create(context.TODO(), required, metav1.CreateOptions{}) + reportCreateEvent(recorder, required, err) + return actual, true, err + } + if err != nil { + return nil, false, err + } + + modified := resourcemerge.BoolPtr(false) + existingCopy := existing.DeepCopy() + + resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) + contentSame := equality.Semantic.DeepEqual(existingCopy.Spec, required.Spec) + if contentSame && !*modified { + return existingCopy, false, nil + } + + existingCopy.Spec = required.Spec + + if klog.V(4).Enabled() { + klog.Infof("PodDisruptionBudget %q changes: %v", required.Name, JSONPatchNoError(existing, existingCopy)) + } + + actual, err := client.PodDisruptionBudgets(required.Namespace).Update(context.TODO(), existingCopy, metav1.UpdateOptions{}) + reportUpdateEvent(recorder, required, err) + return actual, true, err +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go index 404557860..a18447423 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go @@ -12,9 +12,14 @@ import ( // ApplyKnownUnstructured applies few selected Unstructured types, where it semantic knowledge // to merge existing & required objects intelligently. Feel free to add more. func ApplyKnownUnstructured(client dynamic.Interface, recorder events.Recorder, obj *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { - serviceMonitorGK := schema.GroupKind{Group: "monitoring.coreos.com", Kind: "ServiceMonitor"} - if obj.GetObjectKind().GroupVersionKind().GroupKind() == serviceMonitorGK { + switch obj.GetObjectKind().GroupVersionKind().GroupKind() { + case schema.GroupKind{Group: "monitoring.coreos.com", Kind: "ServiceMonitor"}: return ApplyServiceMonitor(client, recorder, obj) + case schema.GroupKind{Group: "monitoring.coreos.com", Kind: "PrometheusRule"}: + return ApplyPrometheusRule(client, recorder, obj) + case schema.GroupKind{Group: "snapshot.storage.k8s.io", Kind: "VolumeSnapshotClass"}: + return ApplyVolumeSnapshotClass(client, recorder, obj) + } return nil, false, fmt.Errorf("unsupported object type: %s", obj.GetKind()) diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go new file mode 100644 index 000000000..c3e557e48 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go @@ -0,0 +1,116 @@ +package resourceapply + +import ( + "context" + + "k8s.io/klog/v2" + + "k8s.io/apimachinery/pkg/api/equality" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/client-go/dynamic" + + "github.com/openshift/library-go/pkg/operator/events" +) + +const ( + VolumeSnapshotClassGroup = "snapshot.storage.k8s.io" + VolumeSnapshotClassVersion = "v1" + VolumeSnapshotClassResource = "volumesnapshotclasses" +) + +var volumeSnapshotClassResourceGVR schema.GroupVersionResource = schema.GroupVersionResource{ + Group: VolumeSnapshotClassGroup, + Version: VolumeSnapshotClassVersion, + Resource: VolumeSnapshotClassResource, +} + +func ensureGenericVolumeSnapshotClass(required, existing *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + var existingCopy *unstructured.Unstructured + + // Apply "parameters" + requiredParameters, _, err := unstructured.NestedMap(required.UnstructuredContent(), "parameters") + if err != nil { + return nil, false, err + } + existingParameters, _, err := unstructured.NestedMap(existing.UnstructuredContent(), "parameters") + if err != nil { + return nil, false, err + } + if !equality.Semantic.DeepEqual(existingParameters, requiredParameters) { + if existingCopy == nil { + existingCopy = existing.DeepCopy() + } + if err := unstructured.SetNestedMap(existingCopy.UnstructuredContent(), requiredParameters, "parameters"); err != nil { + return nil, true, err + } + } + + // Apply "driver" and "deletionPolicy" + for _, fieldName := range []string{"driver", "deletionPolicy"} { + requiredField, _, err := unstructured.NestedString(required.UnstructuredContent(), fieldName) + if err != nil { + return nil, false, err + } + existingField, _, err := unstructured.NestedString(existing.UnstructuredContent(), fieldName) + if err != nil { + return nil, false, err + } + if requiredField != existingField { + if existingCopy == nil { + existingCopy = existing.DeepCopy() + } + if err := unstructured.SetNestedField(existingCopy.UnstructuredContent(), requiredField, fieldName); err != nil { + return nil, true, err + } + } + } + + // If existingCopy is not nil, then the object has been modified + if existingCopy != nil { + return existingCopy, true, nil + } + + return existing, false, nil +} + +// ApplyVolumeSnapshotClass applies Volume Snapshot Class. +func ApplyVolumeSnapshotClass(client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + existing, err := client.Resource(volumeSnapshotClassResourceGVR).Get(context.TODO(), required.GetName(), metav1.GetOptions{}) + if errors.IsNotFound(err) { + newObj, createErr := client.Resource(volumeSnapshotClassResourceGVR).Create(context.TODO(), required, metav1.CreateOptions{}) + if createErr != nil { + recorder.Warningf("VolumeSnapshotClassCreateFailed", "Failed to create VolumeSnapshotClass.snapshot.storage.k8s.io/v1: %v", createErr) + return nil, true, createErr + } + recorder.Eventf("VolumeSnapshotClassCreated", "Created VolumeSnapshotClass.snapshot.storage.k8s.io/v1 because it was missing") + return newObj, true, nil + } + if err != nil { + return nil, false, err + } + + toUpdate, modified, err := ensureGenericVolumeSnapshotClass(required, existing) + if err != nil { + return nil, false, err + } + + if !modified { + return existing, false, nil + } + + if klog.V(4).Enabled() { + klog.Infof("VolumeSnapshotClass %q changes: %v", required.GetName(), JSONPatchNoError(existing, toUpdate)) + } + + newObj, err := client.Resource(volumeSnapshotClassResourceGVR).Update(context.TODO(), toUpdate, metav1.UpdateOptions{}) + if err != nil { + recorder.Warningf("VolumeSnapshotClassFailed", "Failed to update VolumeSnapshotClass.snapshot.storage.k8s.io/v1: %v", err) + return nil, true, err + } + + recorder.Eventf("VolumeSnapshotClassUpdated", "Updated VolumeSnapshotClass.snapshot.storage.k8s.io/v1 because it changed") + return newObj, true, err +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/apiextensions.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/apiextensions.go index 06e4743f4..754a5aabe 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/apiextensions.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcemerge/apiextensions.go @@ -1,9 +1,12 @@ package resourcemerge import ( + "strings" + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" apiextensionsv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" "k8s.io/apimachinery/pkg/api/equality" + utilpointer "k8s.io/utils/pointer" ) // EnsureCustomResourceDefinitionV1Beta1 ensures that the existing matches the required. @@ -23,9 +26,43 @@ func EnsureCustomResourceDefinitionV1Beta1(modified *bool, existing *apiextensio func EnsureCustomResourceDefinitionV1(modified *bool, existing *apiextensionsv1.CustomResourceDefinition, required apiextensionsv1.CustomResourceDefinition) { EnsureObjectMeta(modified, &existing.ObjectMeta, required.ObjectMeta) + // we need to match defaults + mimicCRDV1Defaulting(&required) // we stomp everything if !equality.Semantic.DeepEqual(existing.Spec, required.Spec) { *modified = true existing.Spec = required.Spec } } + +func mimicCRDV1Defaulting(required *apiextensionsv1.CustomResourceDefinition) { + crd_SetDefaults_CustomResourceDefinitionSpec(&required.Spec) + + if required.Spec.Conversion != nil && + required.Spec.Conversion.Webhook != nil && + required.Spec.Conversion.Webhook.ClientConfig != nil && + required.Spec.Conversion.Webhook.ClientConfig.Service != nil { + crd_SetDefaults_ServiceReference(required.Spec.Conversion.Webhook.ClientConfig.Service) + } +} + +// lifted from https://github.com/kubernetes/kubernetes/blob/v1.21.0/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/defaults.go#L42-L61 +func crd_SetDefaults_CustomResourceDefinitionSpec(obj *apiextensionsv1.CustomResourceDefinitionSpec) { + if len(obj.Names.Singular) == 0 { + obj.Names.Singular = strings.ToLower(obj.Names.Kind) + } + if len(obj.Names.ListKind) == 0 && len(obj.Names.Kind) > 0 { + obj.Names.ListKind = obj.Names.Kind + "List" + } + if obj.Conversion == nil { + obj.Conversion = &apiextensionsv1.CustomResourceConversion{ + Strategy: apiextensionsv1.NoneConverter, + } + } +} + +func crd_SetDefaults_ServiceReference(obj *apiextensionsv1.ServiceReference) { + if obj.Port == nil { + obj.Port = utilpointer.Int32Ptr(443) + } +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/policy.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/policy.go new file mode 100644 index 000000000..fe058fdc6 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceread/policy.go @@ -0,0 +1,25 @@ +package resourceread + +import ( + policyv1 "k8s.io/api/policy/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var ( + policyScheme = runtime.NewScheme() + policyCodecs = serializer.NewCodecFactory(policyScheme) +) + +func init() { + utilruntime.Must(policyv1.AddToScheme(policyScheme)) +} + +func ReadPodDisruptionBudgetV1OrDie(objBytes []byte) *policyv1.PodDisruptionBudget { + requiredObj, err := runtime.Decode(policyCodecs.UniversalDecoder(policyv1.SchemeGroupVersion), objBytes) + if err != nil { + panic(err) + } + return requiredObj.(*policyv1.PodDisruptionBudget) +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go b/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go index 6ac8e1a2b..6adfb9987 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/staticresourcecontroller/static_resource_controller.go @@ -7,6 +7,7 @@ import ( "time" corev1 "k8s.io/api/core/v1" + policyv1 "k8s.io/api/policy/v1" rbacv1 "k8s.io/api/rbac/v1" storagev1 "k8s.io/api/storage/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -156,6 +157,8 @@ func (c *StaticResourceController) AddKubeInformers(kubeInformersByNamespace v1h ret = ret.AddInformer(informer.Rbac().V1().Roles().Informer()) case *rbacv1.RoleBinding: ret = ret.AddInformer(informer.Rbac().V1().RoleBindings().Informer()) + case *policyv1.PodDisruptionBudget: + ret = ret.AddInformer(informer.Policy().V1().PodDisruptionBudgets().Informer()) case *storagev1.StorageClass: ret = ret.AddInformer(informer.Storage().V1().StorageClasses().Informer()) case *storagev1.CSIDriver: diff --git a/vendor/k8s.io/api/core/v1/annotation_key_constants.go b/vendor/k8s.io/api/core/v1/annotation_key_constants.go index 612f6aa74..22476b2bd 100644 --- a/vendor/k8s.io/api/core/v1/annotation_key_constants.go +++ b/vendor/k8s.io/api/core/v1/annotation_key_constants.go @@ -148,7 +148,7 @@ const ( PodDeletionCost = "controller.kubernetes.io/pod-deletion-cost" // AnnotationTopologyAwareHints can be used to enable or disable Topology - // Aware Hints for a Service. This may be set to "auto" or "disabled". Any - // other value is treated as "disabled". + // Aware Hints for a Service. This may be set to "Auto" or "Disabled". Any + // other value is treated as "Disabled". AnnotationTopologyAwareHints = "service.kubernetes.io/topology-aware-hints" ) diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go index f89ca163c..3e0cdb10d 100644 --- a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go +++ b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go @@ -166,7 +166,7 @@ func (m *Quantity) Unmarshal(data []byte) error { if err != nil { return err } - if skippy < 0 { + if (skippy < 0) || (iNdEx+skippy) < 0 { return ErrInvalidLengthGenerated } if (iNdEx + skippy) > l { diff --git a/vendor/modules.txt b/vendor/modules.txt index f20a8d009..76ec9d2a0 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -102,7 +102,7 @@ github.com/modern-go/concurrent github.com/modern-go/reflect2 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 github.com/munnerz/goautoneg -# github.com/openshift/api v0.0.0-20210415092137-8c78458f83d9 +# github.com/openshift/api v0.0.0-20210521075222-e273a339932a ## explicit github.com/openshift/api github.com/openshift/api/apiserver @@ -160,7 +160,7 @@ github.com/openshift/api/template github.com/openshift/api/template/v1 github.com/openshift/api/user github.com/openshift/api/user/v1 -# github.com/openshift/build-machinery-go v0.0.0-20210209125900-0da259a2c359 +# github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e ## explicit github.com/openshift/build-machinery-go github.com/openshift/build-machinery-go/make @@ -170,7 +170,7 @@ github.com/openshift/build-machinery-go/make/targets/golang github.com/openshift/build-machinery-go/make/targets/openshift github.com/openshift/build-machinery-go/make/targets/openshift/operator github.com/openshift/build-machinery-go/scripts -# github.com/openshift/client-go v0.0.0-20210331195552-cf6c2669e01f +# github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142 ## explicit github.com/openshift/client-go/config/clientset/versioned github.com/openshift/client-go/config/clientset/versioned/scheme @@ -194,7 +194,7 @@ github.com/openshift/client-go/operator/informers/externalversions/operator/v1 github.com/openshift/client-go/operator/informers/externalversions/operator/v1alpha1 github.com/openshift/client-go/operator/listers/operator/v1 github.com/openshift/client-go/operator/listers/operator/v1alpha1 -# github.com/openshift/library-go v0.0.0-20210414082648-6e767630a0dc +# github.com/openshift/library-go v0.0.0-20210531122633-91d29fb786be ## explicit github.com/openshift/library-go/pkg/authorization/hardcodedauthorizer github.com/openshift/library-go/pkg/config/client @@ -411,7 +411,7 @@ gopkg.in/inf.v0 gopkg.in/natefinch/lumberjack.v2 # gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v2 -# k8s.io/api v0.21.0 +# k8s.io/api v0.21.1 ## explicit k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -459,7 +459,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.21.0 +# k8s.io/apiextensions-apiserver v0.21.1 ## explicit k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 @@ -478,7 +478,7 @@ k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensio k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1 k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1 -# k8s.io/apimachinery v0.21.0 +# k8s.io/apimachinery v0.21.1 ## explicit k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -533,7 +533,7 @@ k8s.io/apimachinery/pkg/version k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.21.0 => github.com/openshift/kubernetes-apiserver v0.0.0-20210419140141-620426e63a99 +# k8s.io/apiserver v0.21.1 => github.com/openshift/kubernetes-apiserver v0.0.0-20210419140141-620426e63a99 k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/configuration k8s.io/apiserver/pkg/admission/initializer @@ -657,7 +657,7 @@ k8s.io/apiserver/plugin/pkg/audit/truncate k8s.io/apiserver/plugin/pkg/audit/webhook k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook -# k8s.io/client-go v0.21.0 +# k8s.io/client-go v0.21.1 ## explicit k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1beta1 @@ -921,7 +921,7 @@ k8s.io/client-go/util/homedir k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/component-base v0.21.0 +# k8s.io/component-base v0.21.1 ## explicit k8s.io/component-base/cli/flag k8s.io/component-base/featuregate @@ -937,7 +937,7 @@ k8s.io/component-base/version # k8s.io/klog/v2 v2.8.0 ## explicit k8s.io/klog/v2 -# k8s.io/kube-aggregator v0.21.0-rc.0 +# k8s.io/kube-aggregator v0.21.1 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/v1 k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1