From 23af240378707be895483e65a82c467eb4f32688 Mon Sep 17 00:00:00 2001 From: John Kyros Date: Wed, 25 Oct 2023 16:31:28 -0500 Subject: [PATCH 1/2] MCO: make certificate dates optional So back in 4.14 we had to change the types of our cert observability certificate dates from strings to metav1.Time. This resulted in some API breakages, and in our haste for 4.14 we removed those fields but left the rest of the object. The fields have now been added back in 4.15, and we are hitting some timing issues between when the "new" CRD gets applied, and when the "old" pods get replaced. The errors are unpleasant and are blocking CI, so we're going to make these fields optional for 4.15 and then lock them back down to required in 4.16. We will not have this issue during the 4.15->4.16 transition because the MCO has full control of these fields and will ensure they are populated in 4.15. --- machineconfiguration/v1/types.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/machineconfiguration/v1/types.go b/machineconfiguration/v1/types.go index eba56a94299..0aa83af7d2b 100644 --- a/machineconfiguration/v1/types.go +++ b/machineconfiguration/v1/types.go @@ -210,11 +210,11 @@ type ControllerCertificate struct { Signer string `json:"signer"` // notBefore is the lower boundary for validity - // +kubebuilder:validation:Required + // +optional NotBefore *metav1.Time `json:"notBefore"` // notAfter is the upper boundary for validity - // +kubebuilder:validation:Required + // +optional NotAfter *metav1.Time `json:"notAfter"` // bundleFile is the larger bundle a cert comes from @@ -445,7 +445,7 @@ type CertExpiry struct { // +kubebuilder:validation:Required Subject string `json:"subject"` // expiry is the date after which the certificate will no longer be valid - // +kubebuilder:validation:Required + // +optional Expiry *metav1.Time `json:"expiry"` } From 23b94021d0e75a1aae4cc321094bb9768ab29d2e Mon Sep 17 00:00:00 2001 From: John Kyros Date: Wed, 25 Oct 2023 16:46:48 -0500 Subject: [PATCH 2/2] make update --- machineconfiguration/v1/0000_80_controllerconfig.crd.yaml | 2 -- machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml | 1 - 2 files changed, 3 deletions(-) diff --git a/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml b/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml index ee49210bc54..5db21b422f5 100644 --- a/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml +++ b/machineconfiguration/v1/0000_80_controllerconfig.crd.yaml @@ -1224,8 +1224,6 @@ spec: type: object required: - bundleFile - - notAfter - - notBefore - signer - subject properties: diff --git a/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml b/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml index 3d6b81934b0..f2afeef4a34 100644 --- a/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml +++ b/machineconfiguration/v1/0000_80_machineconfigpool.crd.yaml @@ -227,7 +227,6 @@ spec: type: object required: - bundle - - expiry - subject properties: bundle: