diff --git a/Makefile b/Makefile index 3d36b2a9..9622f023 100644 --- a/Makefile +++ b/Makefile @@ -27,7 +27,7 @@ scan-terms: ## Scan for inclusive terminology # Generate manifests e.g. CRD, RBAC etc. .PHONY: manifests manifests: - $(CONTROLLER_GEN) crd:crdVersions=v1 rbac:roleName=manager-role webhook crd:maxDescLen=0 \ + $(CONTROLLER_GEN) "crd:crdVersions=v1,maxDescLen=0" rbac:roleName=manager-role webhook \ paths="./pkg/apis/conventions/...;./pkg/controllers/..." \ output:crd:dir=./config/crd/bases \ output:rbac:dir=./config/rbac \ diff --git a/config/crd/bases/conventions.carto.run_clusterpodconventions.yaml b/config/crd/bases/conventions.carto.run_clusterpodconventions.yaml index c9ec1cb8..17c075bc 100644 --- a/config/crd/bases/conventions.carto.run_clusterpodconventions.yaml +++ b/config/crd/bases/conventions.carto.run_clusterpodconventions.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: clusterpodconventions.conventions.carto.run spec: group: conventions.carto.run diff --git a/config/crd/bases/conventions.carto.run_podintents.yaml b/config/crd/bases/conventions.carto.run_podintents.yaml index d6da0083..66d1a896 100644 --- a/config/crd/bases/conventions.carto.run_podintents.yaml +++ b/config/crd/bases/conventions.carto.run_podintents.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: podintents.conventions.carto.run spec: group: conventions.carto.run diff --git a/dist/cartographer-conventions.yaml b/dist/cartographer-conventions.yaml index 97f8f3ed..c8c30090 100644 --- a/dist/cartographer-conventions.yaml +++ b/dist/cartographer-conventions.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/component: conventions name: clusterpodconventions.conventions.carto.run @@ -113,7 +113,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/component: conventions duck.knative.dev/podspecable: "true" diff --git a/pkg/apis/conventions/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/conventions/v1alpha1/zz_generated.deepcopy.go index f4194b02..7697244f 100644 --- a/pkg/apis/conventions/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/conventions/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2020-2022 VMware Inc. diff --git a/pkg/apis/thirdparty/cert-manager/v1/zz_generated.deepcopy.go b/pkg/apis/thirdparty/cert-manager/v1/zz_generated.deepcopy.go index 5bdc175f..b0cb7c4c 100644 --- a/pkg/apis/thirdparty/cert-manager/v1/zz_generated.deepcopy.go +++ b/pkg/apis/thirdparty/cert-manager/v1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2020-2022 VMware Inc. @@ -136,7 +135,8 @@ func (in *CertificateRequestSpec) DeepCopyInto(out *CertificateRequestSpec) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } diff --git a/pkg/dies/cert-manager/v1/zz_generated.die.go b/pkg/dies/cert-manager/v1/zz_generated.die.go index 235a2b3c..c52779ff 100644 --- a/pkg/dies/cert-manager/v1/zz_generated.die.go +++ b/pkg/dies/cert-manager/v1/zz_generated.die.go @@ -502,63 +502,95 @@ func (d *CertificateRequestSpecDie) DeepCopy() *CertificateRequestSpecDie { } } -// The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. +// The requested 'duration' (i.e. lifetime) of the Certificate. +// +// This option may be ignored/overridden by some issuer types. func (d *CertificateRequestSpecDie) Duration(v *apismetav1.Duration) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.Duration = v }) } -// IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. +// IssuerRef is a reference to the issuer for this CertificateRequest. If +// +// the `kind` field is not set, or set to `Issuer`, an Issuer resource with +// +// the given name in the same namespace as the CertificateRequest will be +// +// used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with +// +// the provided name will be used. The `name` field in this stanza is +// +// required at all times. The group field refers to the API group of the +// +// issuer which defaults to `cert-manager.io` if empty. func (d *CertificateRequestSpecDie) IssuerRef(v corev1.ObjectReference) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.IssuerRef = v }) } -// The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. +// The PEM-encoded x509 certificate signing request to be submitted to the +// +// CA for signing. func (d *CertificateRequestSpecDie) Request(v []byte) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.Request = v }) } -// IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. +// IsCA will request to mark the certificate as valid for certificate signing +// +// when submitting to the issuer. +// +// This will automatically add the `cert sign` usage to the list of `usages`. func (d *CertificateRequestSpecDie) IsCA(v bool) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.IsCA = v }) } -// Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. +// Usages is the set of x509 usages that are requested for the certificate. +// +// # If usages are set they SHOULD be encoded inside the CSR spec +// +// Defaults to `digital signature` and `key encipherment` if not specified. func (d *CertificateRequestSpecDie) Usages(v ...v1.KeyUsage) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.Usages = v }) } -// Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. +// Username contains the name of the user that created the CertificateRequest. +// +// Populated by the cert-manager webhook on creation and immutable. func (d *CertificateRequestSpecDie) Username(v string) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.Username = v }) } -// UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. +// UID contains the uid of the user that created the CertificateRequest. +// +// Populated by the cert-manager webhook on creation and immutable. func (d *CertificateRequestSpecDie) UID(v string) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.UID = v }) } -// Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. +// Groups contains group membership of the user that created the CertificateRequest. +// +// Populated by the cert-manager webhook on creation and immutable. func (d *CertificateRequestSpecDie) Groups(v ...string) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.Groups = v }) } -// Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. +// Extra contains extra attributes of the user that created the CertificateRequest. +// +// Populated by the cert-manager webhook on creation and immutable. func (d *CertificateRequestSpecDie) Extra(v map[string][]string) *CertificateRequestSpecDie { return d.DieStamp(func(r *v1.CertificateRequestSpec) { r.Extra = v @@ -747,28 +779,46 @@ func (d *CertificateRequestStatusDie) DeepCopy() *CertificateRequestStatusDie { } } -// List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. +// List of status conditions to indicate the status of a CertificateRequest. +// +// Known condition types are `Ready` and `InvalidRequest`. func (d *CertificateRequestStatusDie) Conditions(v ...v1.CertificateRequestCondition) *CertificateRequestStatusDie { return d.DieStamp(func(r *v1.CertificateRequestStatus) { r.Conditions = v }) } -// The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. +// The PEM encoded x509 certificate resulting from the certificate +// +// signing request. +// +// # If not set, the CertificateRequest has either not been completed or has +// +// failed. More information on failure can be found by checking the +// +// `conditions` field. func (d *CertificateRequestStatusDie) Certificate(v []byte) *CertificateRequestStatusDie { return d.DieStamp(func(r *v1.CertificateRequestStatus) { r.Certificate = v }) } -// The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. +// The PEM encoded x509 certificate of the signer, also known as the CA +// +// (Certificate Authority). +// +// This is set on a best-effort basis by different issuers. +// +// If not set, the CA is assumed to be unknown/not available. func (d *CertificateRequestStatusDie) CA(v []byte) *CertificateRequestStatusDie { return d.DieStamp(func(r *v1.CertificateRequestStatus) { r.CA = v }) } -// FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. +// FailureTime stores the time that this CertificateRequest failed. This is +// +// used to influence garbage collection and back-off. func (d *CertificateRequestStatusDie) FailureTime(v *apismetav1.Time) *CertificateRequestStatusDie { return d.DieStamp(func(r *v1.CertificateRequestStatus) { r.FailureTime = v diff --git a/pkg/dies/conventions/v1alpha1/zz_generated.die.go b/pkg/dies/conventions/v1alpha1/zz_generated.die.go index acdf6070..f4d20b23 100644 --- a/pkg/dies/conventions/v1alpha1/zz_generated.die.go +++ b/pkg/dies/conventions/v1alpha1/zz_generated.die.go @@ -487,7 +487,9 @@ func (d *ClusterPodConventionSpecDie) DeepCopy() *ClusterPodConventionSpecDie { } } -// Label selector for workloads. It must match the workload's pod template's labels. +// Label selector for workloads. +// +// It must match the workload's pod template's labels. func (d *ClusterPodConventionSpecDie) Selectors(v ...metav1.LabelSelector) *ClusterPodConventionSpecDie { return d.DieStamp(func(r *conventionsv1alpha1.ClusterPodConventionSpec) { r.Selectors = v @@ -1363,14 +1365,20 @@ func (d *PodIntentSpecDie) DeepCopy() *PodIntentSpecDie { } } -// ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account +// ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate +// +// the image pull if the service account has attached pull secrets. For more information: +// +// https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account func (d *PodIntentSpecDie) ServiceAccountName(v string) *PodIntentSpecDie { return d.DieStamp(func(r *conventionsv1alpha1.PodIntentSpec) { r.ServiceAccountName = v }) } -// ImagePullSecrets contains the names of the Kubernetes Secrets containing registry login information to resolve image metadata. +// ImagePullSecrets contains the names of the Kubernetes Secrets containing registry login +// +// information to resolve image metadata. func (d *PodIntentSpecDie) ImagePullSecrets(v ...corev1.LocalObjectReference) *PodIntentSpecDie { return d.DieStamp(func(r *conventionsv1alpha1.PodIntentSpec) { r.ImagePullSecrets = v diff --git a/webhook/api/v1alpha1/zz_generated.deepcopy.go b/webhook/api/v1alpha1/zz_generated.deepcopy.go index 2284d665..5d68cd1e 100644 --- a/webhook/api/v1alpha1/zz_generated.deepcopy.go +++ b/webhook/api/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated /* Copyright 2020-2022 VMware Inc.