From f8d4e1cc55f01d0db222270803215c9614d9874a Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Thu, 2 Feb 2023 18:08:09 +0100 Subject: [PATCH 01/16] assets.yaml recipe asset.yaml that lists all the files in assets/. It does not include any modifications to the manifests. Focused only on sourcing the assets (either copying from STAGING_DIR or using git restore). Its purpose is to have common place for both rebase procedure and rebase presubmit. --- scripts/auto-rebase/assets.yaml | 223 ++++++++++++++++++++++++++++++++ 1 file changed, 223 insertions(+) create mode 100644 scripts/auto-rebase/assets.yaml diff --git a/scripts/auto-rebase/assets.yaml b/scripts/auto-rebase/assets.yaml new file mode 100644 index 0000000000..625f9308ce --- /dev/null +++ b/scripts/auto-rebase/assets.yaml @@ -0,0 +1,223 @@ +assets: + - dir: components/openshift-dns/dns/ + src: cluster-dns-operator/assets/dns/ + files: + - file: cluster-role-binding.yaml + - file: cluster-role.yaml + - file: configmap.yaml + git_restore: True + - file: daemonset.yaml + - file: namespace.yaml + - file: service-account.yaml + - file: service.yaml + + - dir: components/openshift-dns/node-resolver + src: cluster-dns-operator/assets/node-resolver/ + files: + - file: daemonset.yaml + ignore: "it's created by processing daemonset.yaml.tmpl" + - file: daemonset.yaml.tmpl + git_restore: True + - file: service-account.yaml + - file: update-node-resolver.sh + + - dir: components/openshift-router/ + src: cluster-ingress-operator/assets/router/ + files: + - file: cluster-role-binding.yaml + - file: cluster-role.yaml + - file: configmap.yaml + git_restore: True + - file: deployment.yaml + - file: namespace.yaml + - file: service-account.yaml + - file: service-internal.yaml + - file: serving-certificate.yaml + git_restore: True + + - dir: components/lvms/ + src: lvms/amd64/ + no_clean: True + files: + - file: topolvm-controller_rbac.authorization.k8s.io_v1_clusterrole.yaml + - file: topolvm-controller_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml + - file: topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_clusterrole.yaml + - file: topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml + - file: topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_role.yaml + - file: topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_rolebinding.yaml + - file: topolvm-csi-resizer_rbac.authorization.k8s.io_v1_clusterrole.yaml + - file: topolvm-csi-resizer_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml + - file: topolvm-csi-resizer_rbac.authorization.k8s.io_v1_role.yaml + - file: topolvm-csi-resizer_rbac.authorization.k8s.io_v1_rolebinding.yaml + - file: topolvm-metrics_rbac.authorization.k8s.io_v1_role.yaml + - file: topolvm-metrics_rbac.authorization.k8s.io_v1_rolebinding.yaml + - file: topolvm-node_rbac.authorization.k8s.io_v1_clusterrole.yaml + - file: topolvm-node_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml + - file: topolvm-node_v1_serviceaccount.yaml + - file: topolvm.io_logicalvolumes.yaml + + - file: csi-driver.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-controller_deployment.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-controller_rbac.authorization.k8s.io_v1_role.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-controller_rbac.authorization.k8s.io_v1_rolebinding.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-controller_v1_serviceaccount.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-csi-snapshotter_rbac.authorization.k8s.io_v1_clusterrole.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-csi-snapshotter_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-leader-election_rbac.authorization.k8s.io_v1_role.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-leader-election_rbac.authorization.k8s.io_v1_rolebinding.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-lvmd-config_configmap_v1.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-node-metrics_v1_service.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-node-scc_rbac.authorization.k8s.io_v1_clusterrole.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-node-scc_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-node-securitycontextconstraint.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-node_daemonset.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm-openshift-storage_namespace.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + - file: topolvm_default-storage-class.yaml + ignore: "it's not yet available in LVMS Operator Bundle" + + + + - dir: components/ovn/ + ignore: "it's not covered by rebase script yet" + files: + - file: clusterrole.yaml + - file: clusterrolebinding.yaml + - file: configmap.yaml + - file: namespace.yaml + - file: role.yaml + - file: rolebinding.yaml + dirs: + - dir: master/ + files: + - file: daemonset.yaml + - file: serviceaccount.yaml + + - dir: components/service-ca/ + src: service-ca-operator/bindata/v4.0.0/controller/ + files: + - file: clusterrole.yaml + - file: clusterrolebinding.yaml + - file: deployment.yaml + - file: ns.yaml + - file: role.yaml + - file: rolebinding.yaml + - file: sa.yaml + - file: signing-cabundle.yaml + - file: signing-secret.yaml + + - dir: controllers/cluster-policy-controller/ + src: cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/ + files: + - file: namespace-security-allocation-controller-clusterrole.yaml + - file: namespace-security-allocation-controller-clusterrolebinding.yaml + - file: podsecurity-admission-label-syncer-controller-clusterrole.yaml + - file: podsecurity-admission-label-syncer-controller-clusterrolebinding.yaml + + - dir: controllers/kube-apiserver/ + src: cluster-kube-apiserver-operator/bindata/assets/config/ + files: + - file: config-overrides.yaml + - file: defaultconfig.yaml + + - dir: controllers/kube-controller-manager/ + src: cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/ + files: + - file: defaultconfig.yaml + src: ../config/ + - file: csr_approver_clusterrole.yaml + - file: csr_approver_clusterrolebinding.yaml + - file: namespace-openshift-kube-controller-manager.yaml + src: ns.yaml + + - dir: controllers/openshift-default-scc-manager/ + src: release-manifests/ + files: + - file: 0000_20_kube-apiserver-operator_00_cr-scc-anyuid.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-hostaccess.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-hostmount-anyuid.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-hostnetwork-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-hostnetwork.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-nonroot-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-nonroot.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-privileged.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-restricted-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_cr-scc-restricted.yaml + - file: 0000_20_kube-apiserver-operator_00_crb-systemauthenticated-scc-restricted-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-anyuid.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-hostaccess.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-hostmount-anyuid.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-hostnetwork-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-hostnetwork.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-nonroot-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-nonroot.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-privileged.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-restricted-v2.yaml + - file: 0000_20_kube-apiserver-operator_00_scc-restricted.yaml + + - dir: controllers/route-controller-manager/ + src: cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/ + files: + - file: 0000_50_cluster-openshift-route-controller-manager_00_namespace.yaml + src: route-controller-ns.yaml + - file: ingress-to-route-controller-clusterrole.yaml + - file: ingress-to-route-controller-clusterrolebinding.yaml + - file: route-controller-informer-clusterrole.yaml + - file: route-controller-informer-clusterrolebinding.yaml + - file: route-controller-leader-role.yaml + - file: route-controller-leader-rolebinding.yaml + - file: route-controller-sa.yaml + - file: route-controller-separate-sa-role.yaml + - file: route-controller-separate-sa-rolebinding.yaml + - file: route-controller-tokenreview-clusterrole.yaml + - file: route-controller-tokenreview-clusterrolebinding.yaml + + - dir: core/ + no_clean: True + files: + - file: 0000_50_cluster-openshift-controller-manager_00_namespace.yaml + src: /cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/ns.yaml + - file: namespace-openshift-infra.yaml + src: /cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/ + - file: priority-class-openshift-user-critical.yaml + ignore: "it's a priority class needed for oc debug node command - not available in any repo that rebase is using" + - file: securityv1-local-apiservice.yaml + ignore: "it's a local API service for security API group, needed if OpenShift API server is not present" + + - dir: crd/ + src: release-manifests/ + files: + - file: 0000_03_security-openshift_01_scc.crd.yaml + - file: 0000_03_securityinternal-openshift_02_rangeallocation.crd.yaml + - file: route.crd.yaml + src: /kubernetes/vendor/github.com/openshift/api/route/v1/ + + - dir: release/ + ignore: "it contains files generated during rebase procedure" + files: + - release-aarch64.json + - release-x86_64.json + + - dir: version/ + no_clean: True + files: + - file: microshift-version.yaml + ignore: "it's a template for ConfigMap processed during runtime" + + - file: embed.go + ignore: "it's a MicroShift specific Go file that embeds into a binary" From 3303417c28ef7bd30ed5ea53fd35f9bcedb402dc Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Thu, 9 Feb 2023 18:01:01 +0100 Subject: [PATCH 02/16] handle-assets.py introduces new way of copying manifests from staging dir based on contents of assets.yaml file --- scripts/auto-rebase/handle-assets.py | 131 +++++++++++++++++++++++++++ 1 file changed, 131 insertions(+) create mode 100755 scripts/auto-rebase/handle-assets.py diff --git a/scripts/auto-rebase/handle-assets.py b/scripts/auto-rebase/handle-assets.py new file mode 100755 index 0000000000..5ead0a2541 --- /dev/null +++ b/scripts/auto-rebase/handle-assets.py @@ -0,0 +1,131 @@ +#!/usr/bin/env python3 + +import os +import sys +import yaml +import shutil +import logging +import subprocess + +try: + from yaml import CLoader as Loader, CDumper as Dumper +except ImportError: + from yaml import Loader, Dumper + +logging.basicConfig(level=logging.DEBUG, format='%(asctime)-27s %(levelname)-10s %(message)s') + +ASSETS_DIR = "assets/" +STAGING_DIR = "_output/staging/" + + +def merge_paths(pathl, pathr): + if pathr.startswith("/"): + return pathr[1:] + return os.path.join(pathl, pathr) + + +def run_command(args=[]): + if not args: + logging.error("run_command() received empty args") + sys.exit(1) + + logging.debug(f"Executing '{' '.join(args)}'") + result = subprocess.run(args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, universal_newlines=True) + + if result.returncode != 0: + logging.error(f"Command '{' '.join(args)}' returned {result.returncode}. Output: {result.stdout}") + sys.exit(1) + + return result.returncode == 0 + + +def git_restore(path): + path = os.path.join(ASSETS_DIR, path) + logging.info(f"Restoring {path}") + return run_command(["git", "restore", path]) + + +def copy(src, dst): + src = os.path.join(STAGING_DIR, src) + dst = os.path.join(ASSETS_DIR, dst) + logging.debug(f"Copying {dst} <- {src}") + shutil.copyfile(src, dst) + + +def clear_dir(path): + path = os.path.join(ASSETS_DIR, path) + logging.info(f"Clearing directory {path}") + shutil.rmtree(path) + os.makedirs(path) + + +def should_be_ignored(asset, dst): + if 'ignore' in asset: + reason = asset['ignore'] + if not reason: + logging.error(f"{dst} is missing a reason why it's ignored") + sys.exit(1) + logging.warning(f"Ignoring {dst} because {reason}") + return True + return False + + +def handle_file(file, dst_dir="", src_prefix=""): + name = file['file'] + dst = merge_paths(dst_dir, name) + + if should_be_ignored(file, dst): + return + + if 'git_restore' in file: + git_restore(dst) + return + + src = src_prefix + if 'src' in file: + src = merge_paths(src, file['src']) + if os.path.extsep not in os.path.basename(src): + src = merge_paths(src, name) + copy(src, dst) + + +def handle_dir(dir, dst_dir="", src_prefix=""): + dst = merge_paths(dst_dir, dir['dir']) + new_src_prefix = merge_paths(src_prefix, dir['src'] if "src" in dir else "") + + if should_be_ignored(dir, dst): + return + + if dir.get('no_clean', False): + logging.info(f"Not clearing dir {dst}") + else: + clear_dir(dst) + + for f in dir.get('files', []): + handle_file(f, dst, new_src_prefix) + + for d in dir.get('dirs', []): + handle_dir(d, dst, new_src_prefix) + + +def main(): + if not os.path.isdir(ASSETS_DIR): + logging.error(f"Expected to run in root directory of microshift repository but was in {os.getcwd()}") + sys.exit(1) + + if not os.path.isdir(STAGING_DIR): + logging.error(f"{STAGING_DIR} does not exist") + sys.exit(1) + + recipe_filepath = "./scripts/auto-rebase/assets.yaml" + recipe = yaml.load(open(recipe_filepath).read(), Loader=Loader) + for asset in recipe['assets']: + if "dir" in asset: + handle_dir(asset) + + if 'file' in asset: + handle_file(asset) + + +if __name__ == "__main__": + main() From e0a152022a5f18521b1bed6575394a3245320881 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Thu, 9 Feb 2023 18:05:03 +0100 Subject: [PATCH 03/16] use handle-assets.py in rebase.sh --- scripts/auto-rebase/rebase.sh | 180 ++++++++-------------------------- 1 file changed, 41 insertions(+), 139 deletions(-) diff --git a/scripts/auto-rebase/rebase.sh b/scripts/auto-rebase/rebase.sh index a7d4f1b3db..afc93f490d 100755 --- a/scripts/auto-rebase/rebase.sh +++ b/scripts/auto-rebase/rebase.sh @@ -144,31 +144,11 @@ set_openshift_storage_ns(){ } update_lvms_manifests() { - local src="${STAGING_DIR}/lvms/amd64" local dest="${REPOROOT}/assets/components/lvms" - local manifests=( - "topolvm-controller_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml" - "topolvm-controller_rbac.authorization.k8s.io_v1_clusterrole.yaml" - "topolvm-controller_v1_serviceaccount.yaml" - "topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_clusterrole.yaml" - "topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml" - "topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_role.yaml" - "topolvm-csi-provisioner_rbac.authorization.k8s.io_v1_rolebinding.yaml" - "topolvm-csi-resizer_rbac.authorization.k8s.io_v1_clusterrole.yaml" - "topolvm-csi-resizer_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml" - "topolvm-csi-resizer_rbac.authorization.k8s.io_v1_role.yaml" - "topolvm-csi-resizer_rbac.authorization.k8s.io_v1_rolebinding.yaml" - "topolvm-metrics_rbac.authorization.k8s.io_v1_role.yaml" - "topolvm-metrics_rbac.authorization.k8s.io_v1_rolebinding.yaml" - "topolvm-node-metrics_v1_service.yaml" - "topolvm-node_rbac.authorization.k8s.io_v1_clusterrole.yaml" - "topolvm-node_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml" - "topolvm-node_v1_serviceaccount.yaml" - "topolvm.io_logicalvolumes.yaml" - ) - for m in "${manifests[@]}"; do - cp "${src}/${m}" "${dest}/" || return 1 - set_openshift_storage_ns "${dest}/${m}" + + title "Modifying LVMS manifests" + for m in "${dest}"/topolvm-*.yaml; do + set_openshift_storage_ns "${m}" done } @@ -644,142 +624,77 @@ update_images() { } -# Updates embedded component manifests by gathering these from various places -# in the staged repos and copying them into the asset directory. -update_manifests() { +copy_manifests() { if [ ! -f "${STAGING_DIR}/release_amd64.json" ]; then >&2 echo "No release found in ${STAGING_DIR}, you need to download one first." exit 1 fi + title "Copying manifests" + "$REPOROOT/scripts/auto-rebase/handle-assets.py" +} + + +# Updates embedded component manifests by gathering these from various places +# in the staged repos and copying them into the asset directory. +update_openshift_manifests() { pushd "${STAGING_DIR}" >/dev/null - title "Rebasing manifests" + title "Modifying OpenShift manifests" #-- OpenShift control plane --------------------------- - # 1) Adopt resource manifests - # Selectively copy in only those core manifests that MicroShift is already using - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/ns.yaml" "${REPOROOT}"/assets/core/0000_50_cluster-openshift-controller-manager_00_namespace.yaml - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-ns.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/0000_50_cluster-openshift-route-controller-manager_00_namespace.yaml - - # Copy embedded RBAC manifests that belong to the Route Controller Manager - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/ingress-to-route-controller-clusterrole.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/ingress-to-route-controller-clusterrolebinding.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-informer-clusterrole.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-informer-clusterrolebinding.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-leader-role.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-leader-rolebinding.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-sa.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-separate-sa-role.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-separate-sa-rolebinding.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-tokenreview-clusterrole.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - cp "${STAGING_DIR}/cluster-openshift-controller-manager-operator/bindata/v3.11.0/openshift-controller-manager/route-controller-tokenreview-clusterrolebinding.yaml" "${REPOROOT}"/assets/controllers/route-controller-manager/ - - # Copy various manifests needed by core components - cp "${STAGING_DIR}/cluster-kube-apiserver-operator/bindata/assets/config/config-overrides.yaml" "${REPOROOT}"/assets/controllers/kube-apiserver - cp "${STAGING_DIR}/cluster-kube-apiserver-operator/bindata/assets/config/defaultconfig.yaml" "${REPOROOT}"/assets/controllers/kube-apiserver - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/config/defaultconfig.yaml" "${REPOROOT}"/assets/controllers/kube-controller-manager - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/csr_approver_clusterrole.yaml" "${REPOROOT}"/assets/controllers/kube-controller-manager - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/csr_approver_clusterrolebinding.yaml" "${REPOROOT}"/assets/controllers/kube-controller-manager - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/namespace-openshift-infra.yaml" "${REPOROOT}"/assets/core - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/ns.yaml" "${REPOROOT}"/assets/controllers/kube-controller-manager/namespace-openshift-kube-controller-manager.yaml - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/namespace-security-allocation-controller-clusterrole.yaml" "${REPOROOT}"/assets/controllers/cluster-policy-controller - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/namespace-security-allocation-controller-clusterrolebinding.yaml" "${REPOROOT}"/assets/controllers/cluster-policy-controller - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/podsecurity-admission-label-syncer-controller-clusterrole.yaml" "${REPOROOT}"/assets/controllers/cluster-policy-controller - cp "${STAGING_DIR}/cluster-kube-controller-manager-operator/bindata/assets/kube-controller-manager/podsecurity-admission-label-syncer-controller-clusterrolebinding.yaml" "${REPOROOT}"/assets/controllers/cluster-policy-controller - # Selectively copy in only those CRD manifests that MicroShift is already using - cp "${REPOROOT}"/vendor/github.com/openshift/api/route/v1/route.crd.yaml "${REPOROOT}"/assets/crd - cp "${STAGING_DIR}/release-manifests/0000_03_security-openshift_01_scc.crd.yaml" "${REPOROOT}"/assets/crd - cp "${STAGING_DIR}/release-manifests/0000_03_securityinternal-openshift_02_rangeallocation.crd.yaml" "${REPOROOT}"/assets/crd - # The following manifests are just MicroShift specific and are not present in any other OpenShift repo. - # - assets/core/securityv1-local-apiservice.yaml (local API service for security API group, needed if OpenShift API server is not present) - yq -i 'with(.admission.pluginConfig.PodSecurity.configuration.defaults; .enforce = "restricted" | .audit = "restricted" | .warn = "restricted" | .enforce-version = "latest" | .audit-version = "latest" | .warn-version = "latest")' "${REPOROOT}"/assets/controllers/kube-apiserver/defaultconfig.yaml yq -i 'del(.extendedArguments.pv-recycler-pod-template-filepath-hostpath)' "${REPOROOT}"/assets/controllers/kube-controller-manager/defaultconfig.yaml yq -i 'del(.extendedArguments.pv-recycler-pod-template-filepath-nfs)' "${REPOROOT}"/assets/controllers/kube-controller-manager/defaultconfig.yaml yq -i 'del(.extendedArguments.flex-volume-plugin-dir)' "${REPOROOT}"/assets/controllers/kube-controller-manager/defaultconfig.yaml - - # Replace all SCC manifests and their CRs/CRBs - rm -f "${REPOROOT}"/assets/controllers/openshift-default-scc-manager/*.yaml - cp "${STAGING_DIR}"/release-manifests/0000_20_kube-apiserver-operator_00_cr-*.yaml "${REPOROOT}"/assets/controllers/openshift-default-scc-manager || true - cp "${STAGING_DIR}"/release-manifests/0000_20_kube-apiserver-operator_00_crb-*.yaml "${REPOROOT}"/assets/controllers/openshift-default-scc-manager || true - cp "${STAGING_DIR}"/release-manifests/0000_20_kube-apiserver-operator_00_scc-*.yaml "${REPOROOT}"/assets/controllers/openshift-default-scc-manager || true - # 2) Render operand manifest templates like the operator would - # n/a - # 3) Make MicroShift-specific changes - # Add the missing scc shortName yq -i '.spec.names.shortNames = ["scc"]' "${REPOROOT}"/assets/crd/0000_03_security-openshift_01_scc.crd.yaml - # 4) Replace MicroShift templating vars (do this last, as yq trips over Go templates) - # n/a #-- openshift-dns ------------------------------------- - # 1) Adopt resource manifests - # Replace all openshift-dns operand manifests - rm -f "${REPOROOT}"/assets/components/openshift-dns/dns/* - cp "${STAGING_DIR}"/cluster-dns-operator/assets/dns/* "${REPOROOT}"/assets/components/openshift-dns/dns || true - rm -f "${REPOROOT}"/assets/components/openshift-dns/node-resolver/* - cp "${STAGING_DIR}/"cluster-dns-operator/assets/node-resolver/* "${REPOROOT}"/assets/components/openshift-dns/node-resolver || true - # Restore the openshift-dns ConfigMap. It's content is the Corefile that the operator generates - # in https://github.com/openshift/cluster-dns-operator/blob/master/pkg/operator/controller/controller_dns_configmap.go - git restore "${REPOROOT}"/assets/components/openshift-dns/dns/configmap.yaml - # Restore the template for the node-resolver DaemonSet. It matches what's programmatically created by the operator - # in https://github.com/openshift/cluster-dns-operator/blob/master/pkg/operator/controller/controller_dns_node_resolver_daemonset.go - git restore "${REPOROOT}"/assets/components/openshift-dns/node-resolver/daemonset.yaml.tmpl - # 2) Render operand manifest templates like the operator would + # Render operand manifest templates like the operator would # Render the DNS DaemonSet yq -i '.metadata += {"name": "dns-default", "namespace": "openshift-dns"}' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.metadata += {"labels": {"dns.operator.openshift.io/owning-dns": "default"}}' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.spec.selector = {"matchLabels": {"dns.operator.openshift.io/daemonset-dns": "default"}}' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.spec.template.metadata += {"labels": {"dns.operator.openshift.io/daemonset-dns": "default"}}' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml - yq -i '.spec.template.spec.containers[0].image = "REPLACE_COREDNS_IMAGE"' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml - yq -i '.spec.template.spec.containers[1].image = "REPLACE_RBAC_PROXY_IMAGE"' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml + yq -i '.spec.template.spec.containers[0].image = "{{ .ReleaseImage.coredns }}"' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml + yq -i '.spec.template.spec.containers[1].image = "{{ .ReleaseImage.kube_rbac_proxy }}"' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.spec.template.spec.nodeSelector = {"kubernetes.io/os": "linux"}' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.spec.template.spec.volumes[0].configMap.name = "dns-default"' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.spec.template.spec.volumes[1] += {"secret": {"defaultMode": 420, "secretName": "dns-default-metrics-tls"}}' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml yq -i '.spec.template.spec.tolerations = [{"key": "node-role.kubernetes.io/master", "operator": "Exists"}]' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml sed -i '/#.*set at runtime/d' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml + # Render the node-resolver script into the DaemonSet template export NODE_RESOLVER_SCRIPT="$(sed 's|^.| &|' "${REPOROOT}"/assets/components/openshift-dns/node-resolver/update-node-resolver.sh)" envsubst < "${REPOROOT}"/assets/components/openshift-dns/node-resolver/daemonset.yaml.tmpl > "${REPOROOT}"/assets/components/openshift-dns/node-resolver/daemonset.yaml + # Render the DNS service yq -i '.metadata += {"annotations": {"service.beta.openshift.io/serving-cert-secret-name": "dns-default-metrics-tls"}}' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml yq -i '.metadata += {"name": "dns-default", "namespace": "openshift-dns"}' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml - yq -i '.spec.clusterIP = "REPLACE_CLUSTER_IP"' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml + yq -i '.spec.clusterIP = "{{.ClusterIP}}"' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml yq -i '.spec.selector = {"dns.operator.openshift.io/daemonset-dns": "default"}' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml sed -i '/#.*set at runtime/d' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml sed -i '/#.*automatically managed/d' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml - # 3) Make MicroShift-specific changes - # Fix missing imagePullPolicy + + # Fix missing imagePullPolicy yq -i '.spec.template.spec.containers[1].imagePullPolicy = "IfNotPresent"' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml - # Temporary workaround for MicroShift's missing config parameter when rendering this DaemonSet + # Temporary workaround for MicroShift's missing config parameter when rendering this DaemonSet sed -i 's|OPENSHIFT_MARKER=|NAMESERVER=${DNS_DEFAULT_SERVICE_HOST}\n OPENSHIFT_MARKER=|' "${REPOROOT}"/assets/components/openshift-dns/node-resolver/daemonset.yaml - # 4) Replace MicroShift templating vars (do this last, as yq trips over Go templates) - sed -i 's|REPLACE_COREDNS_IMAGE|{{ .ReleaseImage.coredns }}|' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml - sed -i 's|REPLACE_RBAC_PROXY_IMAGE|{{ .ReleaseImage.kube_rbac_proxy }}|' "${REPOROOT}"/assets/components/openshift-dns/dns/daemonset.yaml - sed -i 's|REPLACE_CLUSTER_IP|{{.ClusterIP}}|' "${REPOROOT}"/assets/components/openshift-dns/dns/service.yaml #-- openshift-router ---------------------------------- - # 1) Adopt resource manifests - # Replace all openshift-router operand manifests - rm -f "${REPOROOT}"/assets/components/openshift-router/* - git restore "${REPOROOT}"/assets/components/openshift-router/serving-certificate.yaml - cp "${STAGING_DIR}"/cluster-ingress-operator/assets/router/* "${REPOROOT}"/assets/components/openshift-router 2>/dev/null || true - # Restore the openshift-router's service-ca ConfigMap - git restore "${REPOROOT}"/assets/components/openshift-router/configmap.yaml - rm -r "${REPOROOT}"/assets/components/openshift-router/service-cloud.yaml - # 2) Render operand manifest templates like the operator would + # Render operand manifest templates like the operator would yq -i '.metadata += {"name": "router-default", "namespace": "openshift-ingress"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.metadata += {"labels": {"ingresscontroller.operator.openshift.io/owning-ingresscontroller": "default"}}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.minReadySeconds = 30' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.selector = {"matchLabels": {"ingresscontroller.operator.openshift.io/deployment-ingresscontroller": "default"}}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.metadata += {"labels": {"ingresscontroller.operator.openshift.io/deployment-ingresscontroller": "default"}}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml - yq -i '.spec.template.spec.containers[0].image = "REPLACE_ROUTER_IMAGE"' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml + yq -i '.spec.template.spec.containers[0].image = "{{ .ReleaseImage.haproxy_router }}"' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "STATS_PORT", "value": "1936"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "RELOAD_INTERVAL", "value": "5s"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_ALLOW_WILDCARD_ROUTES", "value": "false"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml - yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_CANONICAL_HOSTNAME", "value": "router-default.apps.REPLACE_CLUSTER_DOMAIN"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml + yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_CANONICAL_HOSTNAME", "value": "router-default.apps.{{ .BaseDomain }}"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_CIPHERS", "value": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_CIPHERSUITES", "value": "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_DISABLE_HTTP2", "value": "true"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml @@ -815,7 +730,8 @@ update_manifests() { yq -i '.metadata += {"name": "router-internal-default", "namespace": "openshift-ingress"}' "${REPOROOT}"/assets/components/openshift-router/service-internal.yaml yq -i '.spec.selector = {"ingresscontroller.operator.openshift.io/deployment-ingresscontroller": "default"}' "${REPOROOT}"/assets/components/openshift-router/service-internal.yaml sed -i '/#.*set at runtime/d' "${REPOROOT}"/assets/components/openshift-router/service-internal.yaml - # 3) Make MicroShift-specific changes + + # MicroShift-specific changes # Set replica count to 1, as we're single-node. yq -i '.spec.replicas = 1' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml # Set deployment strategy type to Recreate. @@ -826,40 +742,24 @@ update_manifests() { # Not use proxy protocol due to lack of load balancer support yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_USE_PROXY_PROTOCOL", "value": "false"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml yq -i '.spec.template.spec.containers[0].env += {"name": "GRACEFUL_SHUTDOWN_DELAY", "value": "1s"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml - yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_DOMAIN", "value": "apps.REPLACE_CLUSTER_DOMAIN"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml - # 4) Replace MicroShift templating vars (do this last, as yq trips over Go templates) - sed -i 's|REPLACE_CLUSTER_DOMAIN|{{ .BaseDomain }}|g' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml - sed -i 's|REPLACE_ROUTER_IMAGE|{{ .ReleaseImage.haproxy_router }}|' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml - + yq -i '.spec.template.spec.containers[0].env += {"name": "ROUTER_DOMAIN", "value": "apps.{{ .BaseDomain }}"}' "${REPOROOT}"/assets/components/openshift-router/deployment.yaml #-- service-ca ---------------------------------------- - # 1) Adopt resource manifests - # Replace all service-ca operand manifests - rm -f "${REPOROOT}"/assets/components/service-ca/* - cp "${STAGING_DIR}"/service-ca-operator/bindata/v4.0.0/controller/* "${REPOROOT}"/assets/components/service-ca || true - # 2) Render operand manifest templates like the operator would - # TODO: Remov the following annotations once CPC correctly creates them automatically + # Render operand manifest templates like the operator would + # TODO: Remove the following annotations once CPC correctly creates them automatically yq -i '.spec.template.spec.containers[0].args = ["-v=2"]' "${REPOROOT}"/assets/components/service-ca/deployment.yaml - yq -i '.spec.template.spec.volumes[0].secret.secretName = "REPLACE_TLS_SECRET"' "${REPOROOT}"/assets/components/service-ca/deployment.yaml - yq -i '.spec.template.spec.volumes[1].configMap.name = "REPLACE_CA_CONFIG_MAP"' "${REPOROOT}"/assets/components/service-ca/deployment.yaml + yq -i '.spec.template.spec.volumes[0].secret.secretName = "{{.TLSSecret}}"' "${REPOROOT}"/assets/components/service-ca/deployment.yaml + yq -i '.spec.template.spec.volumes[1].configMap.name = "{{.CAConfigMap}}"' "${REPOROOT}"/assets/components/service-ca/deployment.yaml + yq -i '.spec.template.spec.containers[0].image = "{{ .ReleaseImage.service_ca_operator }}"' "${REPOROOT}"/assets/components/service-ca/deployment.yaml yq -i 'del(.metadata.labels)' "${REPOROOT}"/assets/components/service-ca/ns.yaml - # 3) Make MicroShift-specific changes - # Set replica count to 1, as we're single-node. + + # Make MicroShift-specific changes yq -i '.spec.replicas = 1' "${REPOROOT}"/assets/components/service-ca/deployment.yaml - # 4) Replace MicroShift templating vars (do this last, as yq trips over Go templates) - sed -i 's|\${IMAGE}|{{ .ReleaseImage.service_ca_operator }}|' "${REPOROOT}"/assets/components/service-ca/deployment.yaml - sed -i 's|REPLACE_TLS_SECRET|{{.TLSSecret}}|' "${REPOROOT}"/assets/components/service-ca/deployment.yaml - sed -i 's|REPLACE_CA_CONFIG_MAP|{{.CAConfigMap}}|' "${REPOROOT}"/assets/components/service-ca/deployment.yaml #-- ovn-kubernetes ----------------------------------- - # 1) Adopt resource manifests - # Replace all ovn-kubernetes manifests - # # NOTE: As long as MicroShift is still based on OpenShift releases that do not yet contain the MicroShift-specific # manifests we're manually updating them as needed for now. - # TODO: Remove this comments and uncomment the lines below once we've rebased to 4.12. - #rm -rf "${REPOROOT}"/assets/components/ovn/* - #cp -r "${STAGING_DIR}"/cluster-network-operator/bindata/network/ovn-kubernetes/microshift/* "${REPOROOT}"/assets/components/ovn || true + # TODO: Enable in assets.yaml and handle modifications popd >/dev/null } @@ -1012,7 +912,8 @@ rebase_to() { echo "No changes in component images." fi - update_manifests + copy_manifests + update_openshift_manifests update_lvms_manifests if [[ -n "$(git status -s assets)" ]]; then title "## Committing changes to assets and pkg/assets" @@ -1068,7 +969,8 @@ case "$command" in update_lvms_images ;; manifests) - update_manifests + copy_manifests + update_openshift_manifests update_lvms_manifests ;; *) usage;; From 7389a7d1d9b8c0c4c565ca34a0c043c048735eaa Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Thu, 9 Feb 2023 18:05:29 +0100 Subject: [PATCH 04/16] manifest changes to align with new copying mechanism changes include: - wrapping {{ .template }} inside quotes to get correct yaml file - formatting lvms manifests with `oc create --dry-run=client` (includes sorting) - changing method of creating "lvmd" ConfigMap from templating to overriding ConfigMap's data --- .../lvms/topolvm-controller_deployment.yaml | 10 +++--- ...ler_rbac.authorization.k8s.io_v1_role.yaml | 22 ++++++------ ...c.authorization.k8s.io_v1_rolebinding.yaml | 6 ++-- .../topolvm-lvmd-config_configmap_v1.yaml | 5 ++- ...opolvm-node-securitycontextconstraint.yaml | 6 ++-- .../lvms/topolvm-node_daemonset.yaml | 36 +++++++++---------- .../topolvm-openshift-storage_namespace.yaml | 4 +-- .../openshift-dns/dns/daemonset.yaml | 4 +-- .../components/openshift-dns/dns/service.yaml | 2 +- .../openshift-router/deployment.yaml | 2 +- assets/components/service-ca/deployment.yaml | 6 ++-- pkg/components/render.go | 2 +- pkg/components/storage.go | 6 ++-- 13 files changed, 54 insertions(+), 57 deletions(-) diff --git a/assets/components/lvms/topolvm-controller_deployment.yaml b/assets/components/lvms/topolvm-controller_deployment.yaml index 7426036046..7d4cdcca8d 100644 --- a/assets/components/lvms/topolvm-controller_deployment.yaml +++ b/assets/components/lvms/topolvm-controller_deployment.yaml @@ -26,7 +26,7 @@ spec: - command: - /topolvm-controller - --cert-dir=/certs - image: {{ .ReleaseImage.topolvm_csi }} + image: '{{ .ReleaseImage.topolvm_csi }}' livenessProbe: failureThreshold: 3 httpGet: @@ -69,7 +69,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: {{ .ReleaseImage.topolvm_csi_provisioner }} + image: '{{ .ReleaseImage.topolvm_csi_provisioner }}' name: csi-provisioner resources: requests: @@ -80,7 +80,7 @@ spec: name: socket-dir - args: - --csi-address=/run/topolvm/csi-topolvm.sock - image: {{ .ReleaseImage.topolvm_csi_resizer }} + image: '{{ .ReleaseImage.topolvm_csi_resizer }}' name: csi-resizer resources: requests: @@ -91,7 +91,7 @@ spec: name: socket-dir - args: - --csi-address=/run/topolvm/csi-topolvm.sock - image: {{ .ReleaseImage.topolvm_csi_livenessprobe }} + image: '{{ .ReleaseImage.topolvm_csi_livenessprobe }}' name: liveness-probe resources: requests: @@ -106,7 +106,7 @@ spec: - -c - openssl req -nodes -x509 -newkey rsa:4096 -subj '/DC=self_signed_certificate' -keyout /certs/tls.key -out /certs/tls.crt -days 3650 - image: {{ .ReleaseImage.openssl }} + image: '{{ .ReleaseImage.openssl }}' name: self-signed-cert-generator resources: {} volumeMounts: diff --git a/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_role.yaml b/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_role.yaml index 7c26314ebb..55063101fc 100644 --- a/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_role.yaml +++ b/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_role.yaml @@ -4,14 +4,14 @@ metadata: name: topolvm-controller namespace: openshift-storage rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list - - delete - - update - - create \ No newline at end of file +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - watch + - list + - delete + - update + - create diff --git a/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_rolebinding.yaml b/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_rolebinding.yaml index 77990aeec7..f330881066 100644 --- a/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_rolebinding.yaml +++ b/assets/components/lvms/topolvm-controller_rbac.authorization.k8s.io_v1_rolebinding.yaml @@ -8,6 +8,6 @@ roleRef: kind: Role name: topolvm-controller subjects: - - kind: ServiceAccount - name: topolvm-controller - namespace: openshift-storage \ No newline at end of file +- kind: ServiceAccount + name: topolvm-controller + namespace: openshift-storage diff --git a/assets/components/lvms/topolvm-lvmd-config_configmap_v1.yaml b/assets/components/lvms/topolvm-lvmd-config_configmap_v1.yaml index 551ada233f..d60daca7a0 100644 --- a/assets/components/lvms/topolvm-lvmd-config_configmap_v1.yaml +++ b/assets/components/lvms/topolvm-lvmd-config_configmap_v1.yaml @@ -1,8 +1,7 @@ -# Source: topolvm/templates/lvmd/configmap.yaml apiVersion: v1 +data: + lvmd.yaml: "" kind: ConfigMap metadata: name: lvmd namespace: openshift-storage -data: - lvmd.yaml: {{ .lvmd }} diff --git a/assets/components/lvms/topolvm-node-securitycontextconstraint.yaml b/assets/components/lvms/topolvm-node-securitycontextconstraint.yaml index 776ffde234..f770749b8c 100644 --- a/assets/components/lvms/topolvm-node-securitycontextconstraint.yaml +++ b/assets/components/lvms/topolvm-node-securitycontextconstraint.yaml @@ -5,16 +5,16 @@ allowHostPID: true allowHostPorts: false allowPrivilegeEscalation: true allowPrivilegedContainer: true -allowedCapabilities: +allowedCapabilities: [] apiVersion: security.openshift.io/v1 -defaultAddCapabilities: +defaultAddCapabilities: [] fsGroup: type: RunAsAny groups: [] kind: SecurityContextConstraints metadata: name: topolvm-node -priority: +priority: null readOnlyRootFilesystem: false requiredDropCapabilities: [] runAsUser: diff --git a/assets/components/lvms/topolvm-node_daemonset.yaml b/assets/components/lvms/topolvm-node_daemonset.yaml index e24b66a1c6..6934f2d529 100644 --- a/assets/components/lvms/topolvm-node_daemonset.yaml +++ b/assets/components/lvms/topolvm-node_daemonset.yaml @@ -18,7 +18,7 @@ spec: template: metadata: annotations: - lvms.microshift.io/lvmd_config_sha256sum: "{{ Sha256sum .lvmd }}" + lvms.microshift.io/lvmd_config_sha256sum: '{{ Sha256sum .lvmd }}' labels: app.kubernetes.io/component: topolvm-node app.kubernetes.io/managed-by: lvms-operator @@ -30,16 +30,16 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: "kubernetes.io/os" - operator: In - values: - - "linux" + - key: kubernetes.io/os + operator: In + values: + - linux containers: - command: - /lvmd - --config=/etc/topolvm/lvmd.yaml - --container=true - image: {{ .ReleaseImage.topolvm_csi }} + image: '{{ .ReleaseImage.topolvm_csi }}' name: lvmd resources: requests: @@ -49,7 +49,7 @@ spec: privileged: true runAsUser: 0 volumeMounts: - - mountPath: {{ Dir .SocketName }} + - mountPath: '{{ Dir .SocketName }}' name: lvmd-socket-dir - mountPath: /etc/topolvm name: lvmd-config-dir @@ -61,7 +61,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: {{ .ReleaseImage.topolvm_csi }} + image: '{{ .ReleaseImage.topolvm_csi }}' livenessProbe: failureThreshold: 3 httpGet: @@ -85,7 +85,7 @@ spec: volumeMounts: - mountPath: /run/topolvm name: node-plugin-dir - - mountPath: {{ Dir .SocketName }} + - mountPath: '{{ Dir .SocketName }}' name: lvmd-socket-dir - mountPath: /var/lib/kubelet/pods mountPropagation: Bidirectional @@ -96,7 +96,7 @@ spec: - args: - --csi-address=/run/topolvm/csi-topolvm.sock - --kubelet-registration-path=/var/lib/kubelet/plugins/topolvm.io/node/csi-topolvm.sock - image: {{ .ReleaseImage.topolvm_csi_registrar }} + image: '{{ .ReleaseImage.topolvm_csi_registrar }}' lifecycle: preStop: exec: @@ -116,7 +116,7 @@ spec: name: registration-dir - args: - --csi-address=/run/topolvm/csi-topolvm.sock - image: {{ .ReleaseImage.topolvm_csi_livenessprobe }} + image: '{{ .ReleaseImage.topolvm_csi_livenessprobe }}' name: liveness-probe resources: requests: @@ -132,7 +132,7 @@ spec: - -c - until [ -f /etc/topolvm/lvmd.yaml ]; do echo waiting for lvmd config file; sleep 5; done - image: {{ .ReleaseImage.openssl }} + image: '{{ .ReleaseImage.openssl }}' name: file-checker resources: {} volumeMounts: @@ -156,14 +156,14 @@ spec: path: /var/lib/kubelet/pods/ type: DirectoryOrCreate name: pod-volumes-dir - - name: lvmd-config-dir - configMap: - name: lvmd + - configMap: items: - - key: lvmd.yaml - path: lvmd.yaml + - key: lvmd.yaml + path: lvmd.yaml + name: lvmd + name: lvmd-config-dir - emptyDir: medium: Memory name: lvmd-socket-dir updateStrategy: - type: RollingUpdate \ No newline at end of file + type: RollingUpdate diff --git a/assets/components/lvms/topolvm-openshift-storage_namespace.yaml b/assets/components/lvms/topolvm-openshift-storage_namespace.yaml index 29e1224c03..785aaed053 100644 --- a/assets/components/lvms/topolvm-openshift-storage_namespace.yaml +++ b/assets/components/lvms/topolvm-openshift-storage_namespace.yaml @@ -1,12 +1,12 @@ apiVersion: v1 kind: Namespace metadata: - name: openshift-storage annotations: openshift.io/node-selector: "" - workload.openshift.io/allowed: "management" + workload.openshift.io/allowed: management labels: openshift.io/run-level: "0" pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/warn: privileged + name: openshift-storage diff --git a/assets/components/openshift-dns/dns/daemonset.yaml b/assets/components/openshift-dns/dns/daemonset.yaml index 8c1b335fa5..7bd4077cd4 100644 --- a/assets/components/openshift-dns/dns/daemonset.yaml +++ b/assets/components/openshift-dns/dns/daemonset.yaml @@ -50,7 +50,7 @@ spec: requests: cpu: 50m memory: 70Mi - image: {{ .ReleaseImage.coredns }} + image: '{{ .ReleaseImage.coredns }}' - name: kube-rbac-proxy args: - --logtostderr @@ -70,7 +70,7 @@ spec: - mountPath: /etc/tls/private name: metrics-tls readOnly: true - image: {{ .ReleaseImage.kube_rbac_proxy }} + image: '{{ .ReleaseImage.kube_rbac_proxy }}' imagePullPolicy: IfNotPresent dnsPolicy: Default volumes: diff --git a/assets/components/openshift-dns/dns/service.yaml b/assets/components/openshift-dns/dns/service.yaml index 44a7f69941..3849d98bce 100644 --- a/assets/components/openshift-dns/dns/service.yaml +++ b/assets/components/openshift-dns/dns/service.yaml @@ -14,7 +14,7 @@ spec: port: 9154 targetPort: metrics protocol: TCP - clusterIP: {{.ClusterIP}} + clusterIP: '{{.ClusterIP}}' selector: dns.operator.openshift.io/daemonset-dns: default metadata: diff --git a/assets/components/openshift-router/deployment.yaml b/assets/components/openshift-router/deployment.yaml index 884e3d79c1..3fc5252cac 100644 --- a/assets/components/openshift-router/deployment.yaml +++ b/assets/components/openshift-router/deployment.yaml @@ -88,7 +88,7 @@ spec: - mountPath: /var/run/configmaps/service-ca name: service-ca-bundle readOnly: true - image: {{ .ReleaseImage.haproxy_router }} + image: '{{ .ReleaseImage.haproxy_router }}' ports: - name: http containerPort: 80 diff --git a/assets/components/service-ca/deployment.yaml b/assets/components/service-ca/deployment.yaml index 8f5a1030f3..495cda0952 100644 --- a/assets/components/service-ca/deployment.yaml +++ b/assets/components/service-ca/deployment.yaml @@ -25,7 +25,7 @@ spec: serviceAccountName: service-ca containers: - name: service-ca-controller - image: {{ .ReleaseImage.service_ca_operator }} + image: '{{ .ReleaseImage.service_ca_operator }}' imagePullPolicy: IfNotPresent command: ["service-ca-operator", "controller"] ports: @@ -46,10 +46,10 @@ spec: volumes: - name: signing-key secret: - secretName: {{.TLSSecret}} + secretName: '{{.TLSSecret}}' - name: signing-cabundle configMap: - name: {{.CAConfigMap}} + name: '{{.CAConfigMap}}' nodeSelector: node-role.kubernetes.io/master: "" priorityClassName: "system-cluster-critical" diff --git a/pkg/components/render.go b/pkg/components/render.go index 5aa52d0cc7..ce2c26c39d 100755 --- a/pkg/components/render.go +++ b/pkg/components/render.go @@ -54,7 +54,7 @@ func renderLvmdParams(l *lvmd.Lvmd) (assets.RenderParams, error) { if err != nil { return nil, err } - r["lvmd"] = fmt.Sprintf(`%q`, b) + r["lvmd"] = string(b) r["SocketName"] = l.SocketName return r, nil } diff --git a/pkg/components/storage.go b/pkg/components/storage.go index c4182a8dc0..8a02e68350 100644 --- a/pkg/components/storage.go +++ b/pkg/components/storage.go @@ -60,9 +60,7 @@ func startCSIPlugin(cfg *config.MicroshiftConfig, kubeconfigPath string) error { cd = []string{ "components/lvms/csi-driver.yaml", } - cm = []string{ - "components/lvms/topolvm-lvmd-config_configmap_v1.yaml", - } + cm = "components/lvms/topolvm-lvmd-config_configmap_v1.yaml" ds = []string{ "components/lvms/topolvm-node_daemonset.yaml", } @@ -120,7 +118,7 @@ func startCSIPlugin(cfg *config.MicroshiftConfig, kubeconfigPath string) error { klog.Warningf("Failed to apply clusterrolebinding %v: %v", crb, err) return err } - if err := assets.ApplyConfigMaps(cm, renderTemplate, lvmdRenderParams, kubeconfigPath); err != nil { + if err := assets.ApplyConfigMapWithData(cm, map[string]string{"lvmd.yaml": lvmdRenderParams["lvmd"].(string)}, kubeconfigPath); err != nil { klog.Warningf("Failed to apply configMap %v: %v", crb, err) return err } From 94beb0cb1bc9af78022ca56f9b0e0e2365d41d45 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Fri, 10 Feb 2023 09:55:22 +0100 Subject: [PATCH 05/16] align tests with new way to create lvmd configmap removed Test_renderLvmdConfig because it was testing approach based on renderTemplate() which is no longer used --- pkg/components/render_test.go | 53 +---------------------------------- 1 file changed, 1 insertion(+), 52 deletions(-) diff --git a/pkg/components/render_test.go b/pkg/components/render_test.go index 838aa75baa..5498cfc65c 100644 --- a/pkg/components/render_test.go +++ b/pkg/components/render_test.go @@ -46,7 +46,7 @@ func Test_renderLvmdParams(t *testing.T) { wantErr: false, want: assets.RenderParams{ "SocketName": "/run/lvmd/lvmd.socket", - "lvmd": `"device-classes:\n- default: true\n lvcreate-options: null\n name: test\n spare-gb: 5\n stripe: null\n stripe-size: \"\"\n thin-pool: null\n type: \"\"\n volume-group: vg\nsocket-name: /run/lvmd/lvmd.socket\n"`, + "lvmd": "device-classes:\n- default: true\n lvcreate-options: null\n name: test\n spare-gb: 5\n stripe: null\n stripe-size: \"\"\n thin-pool: null\n type: \"\"\n volume-group: vg\nsocket-name: /run/lvmd/lvmd.socket\n", }, }, } @@ -64,57 +64,6 @@ func Test_renderLvmdParams(t *testing.T) { } } -func Test_renderLvmdConfig(t *testing.T) { - - defL := (&lvmd.Lvmd{}).WithDefaults() - - cmWrap := func(d []byte) []byte { - base := - `# Source: topolvm/templates/lvmd/configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: lvmd - namespace: openshift-storage -data: - lvmd.yaml:` - return []byte(fmt.Sprintf("%s %q\n", base, d)) - } - - type args struct { - tb []byte - data assets.RenderParams - } - tests := []struct { - name string - args args - want []byte - wantErr bool - }{ - { - name: "should render topolvm configMap", - args: args{ - tb: embedded.MustAsset("components/lvms/topolvm-lvmd-config_configmap_v1.yaml"), - data: func() assets.RenderParams { p, _ := renderLvmdParams(defL); return p }(), - }, - want: cmWrap([]byte("device-classes:\n- default: true\n lvcreate-options: null\n name: default\n spare-gb: 0\n stripe: null\n stripe-size: \"\"\n thin-pool: null\n type: \"\"\n volume-group: rhel\nsocket-name: /run/lvmd/lvmd.socket\n")), - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := renderTemplate(tt.args.tb, tt.args.data) - if (err != nil) != tt.wantErr { - t.Errorf("renderTemplate() error = %v, wantErr %v", err, tt.wantErr) - return - } - if !reflect.DeepEqual(got, tt.want) { - t.Errorf("renderTemplate() got = %s, want %s", string(got), string(tt.want)) - } - }) - } -} - func Test_renderTopolvmDaemonsetTemplate(t *testing.T) { tb := embedded.MustAsset("components/lvms/topolvm-node_daemonset.yaml") From 3143742562ae26ceab6a6384b6f0d737479cf378 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Fri, 10 Feb 2023 10:40:27 +0100 Subject: [PATCH 06/16] check rebase.sh preconditions and install yq --- scripts/auto-rebase/rebase.sh | 30 ++++++++++++++++++++++++++ scripts/devenv-builder/configure-vm.sh | 11 ---------- 2 files changed, 30 insertions(+), 11 deletions(-) diff --git a/scripts/auto-rebase/rebase.sh b/scripts/auto-rebase/rebase.sh index afc93f490d..d9c1ade6f6 100755 --- a/scripts/auto-rebase/rebase.sh +++ b/scripts/auto-rebase/rebase.sh @@ -44,6 +44,34 @@ title() { echo -e "\E[34m$1\E[00m"; } +check_preconditions() { + if ! hash yq; then + title "Installing yq" + + YQ_VER=4.26.1 + YQ_HASH_amd64=9e35b817e7cdc358c1fcd8498f3872db169c3303b61645cc1faf972990f37582 + YQ_HASH_arm64=8966f9698a9bc321eae6745ffc5129b5e1b509017d3f710ee0eccec4f5568766 + yq_hash="YQ_HASH_$(go env GOARCH)" + YQ_URL=https://github.com/mikefarah/yq/releases/download/v${YQ_VER}/yq_linux_$(go env GOARCH) + echo -n "${!yq_hash} -" > /tmp/sum.txt + if ! (curl -Ls "${YQ_URL}" | tee /tmp/yq | sha256sum -c /tmp/sum.txt &>/dev/null); then + echo "ERROR: Expected file at ${YQ_URL} to have checksum ${!yq_hash} but instead got $(sha256sum /tmp/sum.txt -if ! (curl -Ls "${YQ_URL}" | tee /tmp/yq | sha256sum -c /tmp/sum.txt &>/dev/null); then - echo "ERROR: Expected file at ${YQ_URL} to have checksum ${!yq_hash} but instead got $(sha256sum Date: Fri, 10 Feb 2023 14:33:23 +0100 Subject: [PATCH 07/16] fix wrong schema and add missing files --- scripts/auto-rebase/assets.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/auto-rebase/assets.yaml b/scripts/auto-rebase/assets.yaml index 625f9308ce..a6d0bb71ac 100644 --- a/scripts/auto-rebase/assets.yaml +++ b/scripts/auto-rebase/assets.yaml @@ -107,6 +107,10 @@ assets: files: - file: daemonset.yaml - file: serviceaccount.yaml + - dir: node/ + files: + - file: daemonset.yaml + - file: serviceaccount.yaml - dir: components/service-ca/ src: service-ca-operator/bindata/v4.0.0/controller/ @@ -210,8 +214,8 @@ assets: - dir: release/ ignore: "it contains files generated during rebase procedure" files: - - release-aarch64.json - - release-x86_64.json + - file: release-aarch64.json + - file: release-x86_64.json - dir: version/ no_clean: True From 4b2cfabeb827229ed6768b7dd4ea9ee79a8d4bb3 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:17:56 +0100 Subject: [PATCH 08/16] update last_rebase.sh --- scripts/auto-rebase/last_rebase.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/auto-rebase/last_rebase.sh b/scripts/auto-rebase/last_rebase.sh index 39343da05d..4aa7308dd3 100755 --- a/scripts/auto-rebase/last_rebase.sh +++ b/scripts/auto-rebase/last_rebase.sh @@ -1,2 +1,2 @@ #!/bin/bash -x -./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release:4.13.0-0.nightly-2023-02-07-064924" "registry.ci.openshift.org/ocp-arm64/release-arm64:4.13.0-0.nightly-arm64-2023-02-08-182807" "registry.access.redhat.com/lvms4/lvms-operator-bundle:v4.12" +./scripts/auto-rebase/rebase.sh to "registry.ci.openshift.org/ocp/release:4.13.0-0.nightly-2023-02-13-194759" "registry.ci.openshift.org/ocp-arm64/release-arm64:4.13.0-0.nightly-arm64-2023-02-14-014641" "registry.access.redhat.com/lvms4/lvms-operator-bundle:v4.12" From 7c8ab81dafa47744e3f370d25ce4169d2d25eb62 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:17:56 +0100 Subject: [PATCH 09/16] update changelog --- scripts/auto-rebase/changelog.txt | 73 +++++++++++++++++++++++++++++-- scripts/auto-rebase/commits.txt | 24 +++++----- 2 files changed, 81 insertions(+), 16 deletions(-) diff --git a/scripts/auto-rebase/changelog.txt b/scripts/auto-rebase/changelog.txt index bf4abc58d9..12de11809c 100644 --- a/scripts/auto-rebase/changelog.txt +++ b/scripts/auto-rebase/changelog.txt @@ -1,11 +1,76 @@ -# machine-config-operator embedded-component ecc6bf3dc21eb33baf56692ba7d54f9a3b9be1d1 to c06601510c0917a48912cc2dda095d8414cc5182 -facc5736a204dd8632302f7feac68e156c765792 2023-01-30T21:05:00+05:30 CGroupsV2 feature GA in MCO -# ovn-kubernetes image-arm64 9eeb7d60b9d6454d9cc4d3421c26a8e4220bf023 to 943c8fd1bdf44b1972c19541a892898255405945 +# cluster-ingress-operator embedded-component e5461ad4db784e4edf9a1833a85ebb7e3a855b57 to ba32cd487a98b2f722ef510c91a55ebf632ea62d +e3fd682bf32e9224304f67ffc1b9a6f07fdfeead 2023-02-07T18:34:39+00:00 add proxy protocol support for ibmcloud +b6cf8eb7f4e9c02dbabe78d9a71f58f4867cffca 2022-11-22T20:31:40-05:00 ** Added tests for the ParseZone function. +5fbc1e0f93047aa1292b1a0a28729421472a4a77 2022-11-10T12:34:23-05:00 GCP: Parse Zone ID with a project ID embedded +# cluster-kube-apiserver-operator embedded-component 66deb603e42d511461c9928ea2e7c2db4c4a32bb to 9def85264fec138f12e8cb5746fe32d13e0747b5 +03113c1fb5c09c918576b04b519f14a03b7e973c 2023-02-10T12:00:36-05:00 bump(*) update vendor +78dd9436eb5c7fa5eb734a5bf1fd1b9366230891 2023-02-10T12:00:14-05:00 bump(*) deps +1ac073622376e64ba96602ae465512cde022adb8 2023-01-30T14:34:58+01:00 WRKLDS-649: Guard pod set readiness probe endpoint explicitly +524673e7ee311a523a14b14d491c62a8a4260f69 2023-01-28T12:40:40-05:00 Update OWNERS +db419bd58cf1948fbf0ea5d450dc2477227ac677 2023-01-27T11:58:21-05:00 update APIRemovedInNextRelease alerts +73aa9d7a9f0d0417780a362bd721861c8503f422 2023-01-19T17:19:57+01:00 dashboard: use apiserver_storage_objects metric +4957cfee9b8ad6eee7f1ff3e8476aa0b7247430e 2023-01-18T11:01:15+01:00 alerts: update slo alerts based on upstream +# cluster-network-operator embedded-component 9196041ecf9b9337246c1302392df1cac3b4c2a1 to e40b6daba53b0bcb3dde521fe3aca45813c3be48 +22de253d04358c8b915e20396e1ddc544bb88fab 2023-02-13T07:56:36-05:00 Revert "OCPBUGS-5842: Use pods oc vs host" +9cbe43c4cffcc38d238323a1b48a7023be69f41e 2023-02-01T09:45:14+00:00 Add .hypershift.local to no proxy list +b681d7b1a93f236c5eae1c6e0d9cf1bcf2336dff 2023-01-19T08:23:30-05:00 WIP Use pods oc vs host +0e81248b71a349c29f971ef34f839b0a4aacad37 2023-01-11T17:31:32-06:00 added missing api field podref +# kubernetes embedded-component 9eb81c20e0fde9d068ed83e58c8fc870412958a9 to 149fe529fd7884d0799753f3ed54f2a89d8036d9 +2412b349c8b92fd50c425ce7cbc5e3004fcad03c 2023-02-06T18:21:13-05:00 UPSTREAM: : update vendor +da627810bfd72857fc32ad0f47573da9ca416821 2023-02-06T18:19:08-05:00 UPSTREAM: : add icsp,idms,itms validation reject creating icsp with idms/itms exist +a06fff3bd3190d8c8be72e9e39176f0abafddf0c 2023-02-06T10:49:46-05:00 UPSTREAM: 114027: make GetSubnetPrefix IP family agnostic +# machine-config-operator embedded-component c06601510c0917a48912cc2dda095d8414cc5182 to 55684a0a23d6d110331e8279af5d96f2f8e3a443 +e39971f9a07d189b382e8e9c917a0c4c99002724 2023-02-08T12:22:09+00:00 configure-ovs: fix mtu-migration cleanup +63dbed795a170fc4eff329ae459f041e2ec7d763 2023-02-07T11:07:51-05:00 daemon: Fixed uid/gid assignment typo +fcdafcfb7b114964f6644ba57cd8da671c9ae8f8 2023-02-01T21:21:16-05:00 helpers_test: add unit test for default file overwrite +1df6a949157e39c911c2989aa95e53faaf7b673a 2023-02-01T21:21:15-05:00 controller: default overwrite to true for files +# openshift-controller-manager embedded-component 847b3e92231aafc7f322f76d77afb04da2568188 to 67fcbf2f6e3d5922a1c451197d497eadddedcb8d +adb4810cf2954c2c77c461a3e9fcfe51fbec67a7 2023-02-06T11:32:13-05:00 remove tech preview feature gate for build csi volumes +# coredns image-amd64 9aaa7e0a86b69bafb9f544a0e5cb1873535a8f6b to 064eec244109a6bf2e7ef57c161f9df78cce4fcd +d18012ca2c60ee952c5f582b86b77678da200156 2022-12-08T11:13:50+00:00 Updating coredns images to be consistent with ART Reconciling with https://github.com/openshift/ocp-build-data/tree/ef52fa34ff45201392333743c99c4b25b52fe724/images/coredns.yml +# ovn-kubernetes image-amd64 9eeb7d60b9d6454d9cc4d3421c26a8e4220bf023 to ae0865a74ea4c579d849e2df593a7dccdbfd1490 +209fa70a730f0eabe540b8613e9329fd61c5813f 2023-02-10T20:23:19-06:00 rhel9: install procps-ng to get sysctl +aee5ec2d481abbd2c6c500cae1492fb2497adf76 2023-02-10T19:50:18-06:00 rhel9: no longer need to use iptables wrappers +556d772be6ce2d4b4f379a783f6ce119e0b8ef45 2023-02-10T11:54:19-06:00 cleanup: drop redundant selinux-policy install in onvkube dockerfiles +53009832649a3b9a36d36691b615caf0cd4adf02 2023-02-10T07:32:06-06:00 rhel9: oc RPM does the kubectl symlink +94f574f79edea2d651cea49846ff0a77401ecb99 2023-02-09T14:18:55-06:00 rhel9: no longer need python3-pyOpenSSL +18c461542e543ae2ac03ed03c07d99d4737d2fe8 2023-02-09T08:54:23-06:00 rhel9: remove stray `oc` install +af353a8fa66dc06fa4b30ebc0da995bd199bb33c 2023-02-08T10:44:59-06:00 Add RHEL9 image Dockerfiles +d209c5cd303e82557026acee1b933f939e50334f 2023-02-06T14:52:12-05:00 multi-homing, docs: provide multi-homing user documentation (#3378) +080b4bc5dcf60c5aaf85d18ee01c28c96ca9b915 2023-02-06T09:14:59-08:00 allow multiple NADs of the same network on a Pod +2f01717e57ddaf4c3fc5f6853ed823fb3a668bfb 2023-02-06T09:49:28+01:00 libovsdb bump: use database package +b5b61bc64aaed17ad9033af93674f57bf6694ed8 2023-02-06T09:49:19+01:00 vendor: bump libovsdb to a6a1739938309190e605e21bd756035313c39741 +e55931f429c1c3847835ef2d9bb3245581388b1e 2023-02-02T19:32:29+01:00 loadbalancer: Disable generation of neighbor responder flows for VIPs on LRs +14ab317bfa89c507721c266b0cb7224003948473 2023-02-02T15:24:47+01:00 Delete IGMP Groups when deleting stale chassis. IGMPGroup has a weak link to chassis, deleting multiple chassis may result in IGMP_Groups with identical values on columns "address", "datapath", and "chassis", when "chassis" goes empty +4ce2fede6ede6c64fb1554424cf844366e35804c 2023-02-02T17:57:19+08:00 Support dynamic node IP changes 862dedb2fd4f2f1cd92a67edc01b075fd6090556 2023-02-01T22:42:38+01:00 Fix panic if nadController is nil fca10ae8fffac69a6665ed8f0c92762432c4428c 2023-02-01T21:56:10+01:00 Fix panic when node is deleted and state is also not present 87fb483e211cc0e3cd409af5a5d5916e87200539 2023-01-30T09:58:55+01:00 Delete stale egress ip snat entries by node +200924871550cee8045ec09a52e954bd3cc0a43c 2023-01-27T09:26:38+01:00 e2e, multi-homing: add tests for flatL2 without excludeCIDRs +aae0921888d40fbeeeda2e67d6020bb96457f7c6 2023-01-18T15:03:25-06:00 iptables: use container iptables, not the host's dfddb885483c3669308faca293daad6c83b3b6a8 2022-10-20T09:51:49-05:00 logging: allow changing log-level at runtime via the pprof /debug endpoint -# kubernetes image-arm64 9eb81c20e0fde9d068ed83e58c8fc870412958a9 to 149fe529fd7884d0799753f3ed54f2a89d8036d9 +# kubernetes image-amd64 9eb81c20e0fde9d068ed83e58c8fc870412958a9 to 149fe529fd7884d0799753f3ed54f2a89d8036d9 2412b349c8b92fd50c425ce7cbc5e3004fcad03c 2023-02-06T18:21:13-05:00 UPSTREAM: : update vendor da627810bfd72857fc32ad0f47573da9ca416821 2023-02-06T18:19:08-05:00 UPSTREAM: : add icsp,idms,itms validation reject creating icsp with idms/itms exist a06fff3bd3190d8c8be72e9e39176f0abafddf0c 2023-02-06T10:49:46-05:00 UPSTREAM: 114027: make GetSubnetPrefix IP family agnostic +# coredns image-arm64 9aaa7e0a86b69bafb9f544a0e5cb1873535a8f6b to 064eec244109a6bf2e7ef57c161f9df78cce4fcd +d18012ca2c60ee952c5f582b86b77678da200156 2022-12-08T11:13:50+00:00 Updating coredns images to be consistent with ART Reconciling with https://github.com/openshift/ocp-build-data/tree/ef52fa34ff45201392333743c99c4b25b52fe724/images/coredns.yml +# ovn-kubernetes image-arm64 943c8fd1bdf44b1972c19541a892898255405945 to ae0865a74ea4c579d849e2df593a7dccdbfd1490 +209fa70a730f0eabe540b8613e9329fd61c5813f 2023-02-10T20:23:19-06:00 rhel9: install procps-ng to get sysctl +aee5ec2d481abbd2c6c500cae1492fb2497adf76 2023-02-10T19:50:18-06:00 rhel9: no longer need to use iptables wrappers +556d772be6ce2d4b4f379a783f6ce119e0b8ef45 2023-02-10T11:54:19-06:00 cleanup: drop redundant selinux-policy install in onvkube dockerfiles +53009832649a3b9a36d36691b615caf0cd4adf02 2023-02-10T07:32:06-06:00 rhel9: oc RPM does the kubectl symlink +94f574f79edea2d651cea49846ff0a77401ecb99 2023-02-09T14:18:55-06:00 rhel9: no longer need python3-pyOpenSSL +18c461542e543ae2ac03ed03c07d99d4737d2fe8 2023-02-09T08:54:23-06:00 rhel9: remove stray `oc` install +af353a8fa66dc06fa4b30ebc0da995bd199bb33c 2023-02-08T10:44:59-06:00 Add RHEL9 image Dockerfiles +d209c5cd303e82557026acee1b933f939e50334f 2023-02-06T14:52:12-05:00 multi-homing, docs: provide multi-homing user documentation (#3378) +080b4bc5dcf60c5aaf85d18ee01c28c96ca9b915 2023-02-06T09:14:59-08:00 allow multiple NADs of the same network on a Pod +2f01717e57ddaf4c3fc5f6853ed823fb3a668bfb 2023-02-06T09:49:28+01:00 libovsdb bump: use database package +b5b61bc64aaed17ad9033af93674f57bf6694ed8 2023-02-06T09:49:19+01:00 vendor: bump libovsdb to a6a1739938309190e605e21bd756035313c39741 +e55931f429c1c3847835ef2d9bb3245581388b1e 2023-02-02T19:32:29+01:00 loadbalancer: Disable generation of neighbor responder flows for VIPs on LRs +14ab317bfa89c507721c266b0cb7224003948473 2023-02-02T15:24:47+01:00 Delete IGMP Groups when deleting stale chassis. IGMPGroup has a weak link to chassis, deleting multiple chassis may result in IGMP_Groups with identical values on columns "address", "datapath", and "chassis", when "chassis" goes empty +4ce2fede6ede6c64fb1554424cf844366e35804c 2023-02-02T17:57:19+08:00 Support dynamic node IP changes +200924871550cee8045ec09a52e954bd3cc0a43c 2023-01-27T09:26:38+01:00 e2e, multi-homing: add tests for flatL2 without excludeCIDRs +aae0921888d40fbeeeda2e67d6020bb96457f7c6 2023-01-18T15:03:25-06:00 iptables: use container iptables, not the host's +# kubernetes image-arm64 149fe529fd7884d0799753f3ed54f2a89d8036d9 to c7296782f65144a9aed5b18bfb880fd4f9b9333e +4e34ec5b63fc456cf0891e0afe11b22260bef832 2023-02-06T13:35:11+01:00 UPSTREAM: : PSa metrics: log platform namespaces in audit denies diff --git a/scripts/auto-rebase/commits.txt b/scripts/auto-rebase/commits.txt index ff435f65dd..07096924e0 100644 --- a/scripts/auto-rebase/commits.txt +++ b/scripts/auto-rebase/commits.txt @@ -1,28 +1,28 @@ https://github.com/openshift/cluster-dns-operator embedded-component 637a69416fb44ee6d55150f40fffb90db82803a6 -https://github.com/openshift/cluster-ingress-operator embedded-component e5461ad4db784e4edf9a1833a85ebb7e3a855b57 -https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 66deb603e42d511461c9928ea2e7c2db4c4a32bb +https://github.com/openshift/cluster-ingress-operator embedded-component ba32cd487a98b2f722ef510c91a55ebf632ea62d +https://github.com/openshift/cluster-kube-apiserver-operator embedded-component 9def85264fec138f12e8cb5746fe32d13e0747b5 https://github.com/openshift/cluster-kube-controller-manager-operator embedded-component 7f293daf4d14fca5855513d3aaaf5b07d0e01d61 https://github.com/openshift/cluster-kube-scheduler-operator embedded-component 05ac3aefa4d63bab9aadddc890dd9390a503ad57 -https://github.com/openshift/cluster-network-operator embedded-component 9196041ecf9b9337246c1302392df1cac3b4c2a1 +https://github.com/openshift/cluster-network-operator embedded-component e40b6daba53b0bcb3dde521fe3aca45813c3be48 https://github.com/openshift/cluster-openshift-controller-manager-operator embedded-component 2aa9db33a936f043898c6fb0598eb255a73f7059 https://github.com/openshift/cluster-policy-controller embedded-component 3f8efde27bb6a50e5d50f0798877d4d2e1154dcb https://github.com/openshift/etcd embedded-component 13c18c444a8c6a86ccbba16cce664008f5f948bd -https://github.com/openshift/kubernetes embedded-component 9eb81c20e0fde9d068ed83e58c8fc870412958a9 -https://github.com/openshift/machine-config-operator embedded-component c06601510c0917a48912cc2dda095d8414cc5182 -https://github.com/openshift/openshift-controller-manager embedded-component 847b3e92231aafc7f322f76d77afb04da2568188 +https://github.com/openshift/kubernetes embedded-component 149fe529fd7884d0799753f3ed54f2a89d8036d9 +https://github.com/openshift/machine-config-operator embedded-component 55684a0a23d6d110331e8279af5d96f2f8e3a443 +https://github.com/openshift/openshift-controller-manager embedded-component 67fcbf2f6e3d5922a1c451197d497eadddedcb8d https://github.com/openshift/route-controller-manager embedded-component d7a8e22db412b6fabb7028ca0da8de8f3d9ac3c3 https://github.com/openshift/service-ca-operator embedded-component 1b89fdce3fcccecdc5fdb705fe674cd4bfc58a2a https://github.com/openshift/oc image-amd64 10f2c4952d8ba95938c1a82083664218dc02ee37 -https://github.com/openshift/coredns image-amd64 9aaa7e0a86b69bafb9f544a0e5cb1873535a8f6b +https://github.com/openshift/coredns image-amd64 064eec244109a6bf2e7ef57c161f9df78cce4fcd https://github.com/openshift/router image-amd64 6144b9abe85ee434e586eba2f21b6b309357ee78 https://github.com/openshift/kube-rbac-proxy image-amd64 0aa2830ed7359fd8cd0e2f7db0ed96a733c5990e -https://github.com/openshift/ovn-kubernetes image-amd64 9eeb7d60b9d6454d9cc4d3421c26a8e4220bf023 -https://github.com/openshift/kubernetes image-amd64 9eb81c20e0fde9d068ed83e58c8fc870412958a9 +https://github.com/openshift/ovn-kubernetes image-amd64 ae0865a74ea4c579d849e2df593a7dccdbfd1490 +https://github.com/openshift/kubernetes image-amd64 149fe529fd7884d0799753f3ed54f2a89d8036d9 https://github.com/openshift/service-ca-operator image-amd64 1b89fdce3fcccecdc5fdb705fe674cd4bfc58a2a https://github.com/openshift/oc image-arm64 10f2c4952d8ba95938c1a82083664218dc02ee37 -https://github.com/openshift/coredns image-arm64 9aaa7e0a86b69bafb9f544a0e5cb1873535a8f6b +https://github.com/openshift/coredns image-arm64 064eec244109a6bf2e7ef57c161f9df78cce4fcd https://github.com/openshift/router image-arm64 6144b9abe85ee434e586eba2f21b6b309357ee78 https://github.com/openshift/kube-rbac-proxy image-arm64 0aa2830ed7359fd8cd0e2f7db0ed96a733c5990e -https://github.com/openshift/ovn-kubernetes image-arm64 943c8fd1bdf44b1972c19541a892898255405945 -https://github.com/openshift/kubernetes image-arm64 149fe529fd7884d0799753f3ed54f2a89d8036d9 +https://github.com/openshift/ovn-kubernetes image-arm64 ae0865a74ea4c579d849e2df593a7dccdbfd1490 +https://github.com/openshift/kubernetes image-arm64 c7296782f65144a9aed5b18bfb880fd4f9b9333e https://github.com/openshift/service-ca-operator image-arm64 1b89fdce3fcccecdc5fdb705fe674cd4bfc58a2a From a5733a738f6ce2aa8a731a3847c05fbc6862f822 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:00 +0100 Subject: [PATCH 10/16] update microshift/go.mod --- go.mod | 64 +++++++++++++++++------------------ go.sum | 105 +++++++++++++++++++++++++++++---------------------------- 2 files changed, 85 insertions(+), 84 deletions(-) diff --git a/go.mod b/go.mod index 3099ccb48a..e0220c0e93 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/kelseyhightower/envconfig v1.4.0 // microshift github.com/miekg/dns v1.1.35 // microshift github.com/mitchellh/go-homedir v1.1.0 // microshift - github.com/openshift/api v0.0.0-20230120195050-6ba31fa438f2 + github.com/openshift/api v0.0.0-20230201213816-61d971884921 github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d github.com/openshift/client-go v0.0.0-20230120202327-72f107311084 github.com/openshift/cluster-policy-controller v0.0.0-20230112143856-3f8efde27bb6 @@ -162,7 +162,7 @@ require ( github.com/stoewer/go-strcase v1.2.0 // indirect github.com/stretchr/objx v0.4.0 // indirect github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect - github.com/vishvananda/netlink v1.1.0 // indirect + github.com/vishvananda/netlink v1.1.0 github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae // indirect github.com/vmware/govmomi v0.20.3 // indirect github.com/xlab/treeprint v1.1.0 // indirect @@ -232,34 +232,34 @@ require ( replace ( github.com/onsi/ginkgo/v2 => github.com/openshift/onsi-ginkgo/v2 v2.4.1-0.20221214150008-e73634cb3870 // from kubernetes - k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/kubernetes => github.com/openshift/kubernetes v0.0.0-20230203160803-9eb81c20e0fd // release kubernetes - k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes + k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/kubernetes => github.com/openshift/kubernetes v0.0.0-20230207121132-149fe529fd78 // release kubernetes + k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230207121132-149fe529fd78 // from kubernetes ) diff --git a/go.sum b/go.sum index 78a5aa0c19..34937d4bc7 100644 --- a/go.sum +++ b/go.sum @@ -599,8 +599,9 @@ github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 h1:3 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/selinux v1.10.0 h1:rAiKF8hTcgLI3w0DHm6i0ylVVcOrlgR1kK99DRLDhyU= github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= -github.com/openshift/api v0.0.0-20230120195050-6ba31fa438f2 h1:+nw0/d4spq880W7S74Twi5YU2ulsl3/a9o4OEZptYp0= github.com/openshift/api v0.0.0-20230120195050-6ba31fa438f2/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= +github.com/openshift/api v0.0.0-20230201213816-61d971884921 h1:19XfhG/rG4oxNOQ1PNtHIjW23z2+QNHC6lH1VZWhSWY= +github.com/openshift/api v0.0.0-20230201213816-61d971884921/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openshift/apiserver-library-go v0.0.0-20230120221150-cefee9e0162b h1:1AeKPWFTSSSqSl0VYmwnaOuxw2kExQgJ6pjuC4XV33A= github.com/openshift/apiserver-library-go v0.0.0-20230120221150-cefee9e0162b/go.mod h1:FmOGJTf5L1X9LiqnsNDwKJyt5ycUNxnNqpxs0rgylTc= github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d h1:RR4ah7FfaPR1WePizm0jlrsbmPu91xQZnAsVVreQV1k= @@ -609,57 +610,57 @@ github.com/openshift/client-go v0.0.0-20230120202327-72f107311084 h1:66uaqNwA+qY github.com/openshift/client-go v0.0.0-20230120202327-72f107311084/go.mod h1:M3h9m001PWac3eAudGG3isUud6yBjr5XpzLYLLTlHKo= github.com/openshift/cluster-policy-controller v0.0.0-20230112143856-3f8efde27bb6 h1:JJ8cHS+mXYwaYjpDnmnEWNj/KPvlVhed1dFLsz3zJ3g= github.com/openshift/cluster-policy-controller v0.0.0-20230112143856-3f8efde27bb6/go.mod h1:mxj0Tg1YG9PpVJDOBLsAkjZNVvQTNu1LJkw9fSAkOE4= -github.com/openshift/kubernetes v0.0.0-20230203160803-9eb81c20e0fd h1:YRhLDFcBe7YXXUH8RKE5NyzAtpo4MgQiL2WaAOeVEgM= -github.com/openshift/kubernetes v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:5Ti+IYci7dmhNCcylCEgahiCi7iEMS27/0dDQwsFPBw= -github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd h1:9FNruKCZ/toYKH4vlfzf0eBBV8w9xanzgjDtmjgR9PE= -github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:SVFZVmcfr/QnDkKqmBvlVlhurEsml57BUNDH+R/CPqk= -github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd h1:Zx6Bu04ULeWGKdfBBVlk9jOe/Wt0ly082PP0fbWE0qc= -github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:KTPWw1RHy9H6h0DU31KV3Nl9ETDDiFmVP+o1gmqt+ls= -github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd h1:AtXRsyP1kJoxm9lrOotzg8lmMK3yFzDB7OKrKcxYfzk= -github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:fcaZu5DOMCvnjHsoJrKV5iQLvaiOTv50bj8okFxwYFw= -github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd h1:n92yt5T1lgrmk3bdeSp9mrQ3ghGKbNgELpocJZRKiv0= -github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:CO72fYg4kCwaSLKgV6oMT9N1k5jhe8ZfxN1Rv7i9aL0= -github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd h1:VbB2l+KI6JAURqgd56yRodvBEGeJP8C7vK24aYnR+MU= -github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:salqUyIbJbHU1a9StwrX18tkxIoZejk8BQB9aYNkIPk= -github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd h1:/BhPPIrVwtYuhgGmFS9/q5HgbrCH9XdY+HzGRgpeU/Y= -github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:g5iGehpfJ/sjrrPZotg2ndVBM1qrl/xlKDEC6CJwoRo= -github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd h1:jkmcVp6rmVLRGN9qmWovV5aEGCZSAbELSDUGsuvUKjE= -github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:y/nn+aWz2wp+2mklRHKwQb5C36SqiS4mCgw2/C1HRpM= -github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd h1:qKhFIYujoqI+Gm/FkDWsfIohiw0feTaBXCMXdu8mgsY= -github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:pfu0i4DFeQXwdlNs9TQpFEUK+8y4I3HSCzqbmQDobJ8= -github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:ZjLs0DK9L3Xxjv99ioET5vBULmFymo1Dc1ZzF6G6L6c= -github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd h1:EgeBlm4XhGv0fxuuBj0eOUuqTFGl8l/wUDrXifwqSDY= -github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:+K4RuDOLxtVWiPZfUefwPoYThb9BEmWYp5zId0KFgU0= -github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd h1:RhBnEOb7T6xRu2QEl3kL27INFOJFZp7ABZaJLTzpTgc= -github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:IrwH1whPmwqMMBuqU2Gkb2cdmdqTg5zpbYsPC9KF8hY= -github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd h1:LjN5iAG7vgGAZ/NKDy8SWSFEdcTjuhbM909B7lZx8Tg= -github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:AuOKusKtXgnoNwjX3FYoY9nSggJKZBk9TYeUoM5dnws= -github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd h1:lZJUpmABVXppQfzxBWMv4KiLXLK4uYMxbFWIwnlkpFU= -github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:TVwnVXG26sqo03sNVSJzkjIXBXB1r5KcoNJPliZ7SjM= -github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd h1:uxU6Ej8xOTUk4WVIvz4KLsHFYJIeokBEM9fMDMH3LqM= -github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:tK3gKkqt21TbFbG/1xF5M8Q1zWAmuhS6wO3SGZd0nmw= -github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd h1:XfpgurUME3dET4xggIQ8K4lpmECHVQHVLW5guET+8YM= -github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:mgVmrJ+p9PHz4zZwo7XouLoex4tpJz3Rb8uPcw6+IJE= -github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd h1:L+S02xJiPxoUByeMa7s33575wIqq8RkbrWY0iMMhGeg= -github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:NXsaH8tQ1U2J3w6IW8hNaC4ZQFJvkC2lVoXOXZQ8ii0= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd h1:9F5089DN2tcD5EjDQwpLJtA7+5/PyeTzWd8VuRllQJo= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:YEIiQsb6SFoP9Y4gunC2nL+EL/SDEjfg++eDyZDBV18= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd h1:kRjfthk1ov4+DoA7KlPIW/BGtEA82nT+beKeRHbs4WY= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:wfRwoBCCxtoS6dmP/ijU2pC1u1COgMcL2qppCHqCeWg= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd h1:HtWjFBRNUrGExtDQZ1q2PKu43gW1WEJyLhUiOuy/HU0= -github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:0hEeqiK9VnRfKjEzziZZ/UdzDn2zolWihYE/iWC4wUM= -github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd h1:PcAMbgvdqLloyIZNDN6P316PCknHdNDefX4kkapQ1qg= -github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:6p383itqHHhUKvZADAr+LDVXOJ4ZWo0tBKVxTjqc9UY= -github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd h1:sbQxtdIvAQ+iII/CwkexpLXMeWuDVow7UUNCn8S1sy0= -github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:7VSG6sD9u3yCsNAz3+TYBN6oNXmBmfX32o9piXgdUHQ= -github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd h1:ELKwpQJDaD1NnwTCqnlOuHea2hGVZIWlqag0nvYpZRY= -github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:VD+1/CcB3GhJH1hrDcxv/Idr3wYEN5YURxV/QRrRLJk= -github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd h1:wS8zcstCgcybbblot1+wOc4lAmBzxXj0q3gjUSdPxX4= -github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:Yjxnfo5lUPUSBUqfhgoAS19ZFY/JhMC16dgEw0ilIoU= -github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd h1:bFzvykgafQ//uHxVRU9wp3kWUqFKtOPJ+7heS8pE6BY= -github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:n49VMDfRrPr3RdbpZRjo4yIF65v6ryFoeflGeAFItyc= -github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd h1:bg6Db0xW9iR72pXiM3VMj2NawwtOyUGHvjcdtFtLnxU= -github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:y8fO9+mZJPj9OK26w+MwxW4kUf+bJh1CHsPYvRjwYoA= +github.com/openshift/kubernetes v0.0.0-20230207121132-149fe529fd78 h1:xWwDDzuAyyxkKV13FaOwzuWypoBdsehBBJHY9zNAHsg= +github.com/openshift/kubernetes v0.0.0-20230207121132-149fe529fd78/go.mod h1:X+oZfq0zUE+lpHZTcVDnge20xxiyXC+XSuyivKCn5YE= +github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 h1:UGV2H8yDs0uVbdQpTb74xXOf+WhHG21ITqjKyjbGAcI= +github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78/go.mod h1:SVFZVmcfr/QnDkKqmBvlVlhurEsml57BUNDH+R/CPqk= +github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78 h1:t2iGVaC39ncioOSx+QVUYbur2wBhYGdm8xtTwk6nczY= +github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78/go.mod h1:6TuEWeKgBs443fLsnv4iOAeGNgpQcNytep4PPOq/l7Q= +github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 h1:7W2ypXSvy6pFbm5/ZtmJ3eUE8jvf5zQeQ/aWE3Xkq/w= +github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78/go.mod h1:fcaZu5DOMCvnjHsoJrKV5iQLvaiOTv50bj8okFxwYFw= +github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78 h1:7WDZKw8+hE1VX5RD0pWrEZDLGHl5aU8jmq6yQNv+JLI= +github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78/go.mod h1:CO72fYg4kCwaSLKgV6oMT9N1k5jhe8ZfxN1Rv7i9aL0= +github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 h1:5io2uMtQ3OAJWSHp22ml2k5o7pYCvrCRYbSB5x8LKLY= +github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78/go.mod h1:salqUyIbJbHU1a9StwrX18tkxIoZejk8BQB9aYNkIPk= +github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 h1:x9q7vfWAz9MKq38lRtrppxmHNJSeXOIAUoCK01eUugQ= +github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78/go.mod h1:g5iGehpfJ/sjrrPZotg2ndVBM1qrl/xlKDEC6CJwoRo= +github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78 h1:vjMSPNn5auTAQgX0F85Xso6xBTMiOYiwiMwIzw4UebA= +github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78/go.mod h1:y/nn+aWz2wp+2mklRHKwQb5C36SqiS4mCgw2/C1HRpM= +github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78 h1:blkFkIHKAIWcEXYWVYchCCFn8JIraOM92y3OAruX2BU= +github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78/go.mod h1:pfu0i4DFeQXwdlNs9TQpFEUK+8y4I3HSCzqbmQDobJ8= +github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230207121132-149fe529fd78/go.mod h1:ZjLs0DK9L3Xxjv99ioET5vBULmFymo1Dc1ZzF6G6L6c= +github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 h1:KT3WERyNYR+zkpVauowKJHaa/wY0jmF0mIglFK3kbC4= +github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78/go.mod h1:+K4RuDOLxtVWiPZfUefwPoYThb9BEmWYp5zId0KFgU0= +github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78 h1:aARqK0CeQg/IjPam4KfK2hp3buvo6jXCRuBPiEagOjk= +github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78/go.mod h1:IrwH1whPmwqMMBuqU2Gkb2cdmdqTg5zpbYsPC9KF8hY= +github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78 h1:wMoHyZESX4GsDfufW5ajwIoJZBnGbzhg2YeaqwHoY7A= +github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78/go.mod h1:AuOKusKtXgnoNwjX3FYoY9nSggJKZBk9TYeUoM5dnws= +github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78 h1:H7+O/JQU7ZKGCVYGE5CjQdkw28tB+R16fldw/IuGQSI= +github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78/go.mod h1:TVwnVXG26sqo03sNVSJzkjIXBXB1r5KcoNJPliZ7SjM= +github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78 h1:Uy2bPiH9pyB3Z2cB0uiDXHi1NV9NWw3uqUCZigjrslU= +github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78/go.mod h1:tK3gKkqt21TbFbG/1xF5M8Q1zWAmuhS6wO3SGZd0nmw= +github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78 h1:lRCTzasRjHkY7tb8NLz5mu10koddjq8hP6fsLYwMy1o= +github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78/go.mod h1:mgVmrJ+p9PHz4zZwo7XouLoex4tpJz3Rb8uPcw6+IJE= +github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78 h1:/b9/04xGd0uAoI+rcTDydQ2hRtBPVx5fftHpv/5eze4= +github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78/go.mod h1:NXsaH8tQ1U2J3w6IW8hNaC4ZQFJvkC2lVoXOXZQ8ii0= +github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78 h1:gXWibhfhyHamUi714Elr6HGjxTNFyN9BJtiwOQAqplg= +github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78/go.mod h1:YEIiQsb6SFoP9Y4gunC2nL+EL/SDEjfg++eDyZDBV18= +github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78 h1:Dq0lFXAnovyaQfdjgO3RkYqKwr7qu9F9/MD1HFNlKz0= +github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78/go.mod h1:wfRwoBCCxtoS6dmP/ijU2pC1u1COgMcL2qppCHqCeWg= +github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78 h1:Pm+1yI69lv1UXTVICEi8viJJxg1ufYW7FF0maMJpa5M= +github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78/go.mod h1:0hEeqiK9VnRfKjEzziZZ/UdzDn2zolWihYE/iWC4wUM= +github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 h1:VQKIWXij69V+3QbkCHSN5ENi0iE7mH9cNERTzc1qoEA= +github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78/go.mod h1:6p383itqHHhUKvZADAr+LDVXOJ4ZWo0tBKVxTjqc9UY= +github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78 h1:4fOIlNd/JRbiCU0EcUEnLVCXDDahEIdiD31skDxnwSI= +github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78/go.mod h1:7VSG6sD9u3yCsNAz3+TYBN6oNXmBmfX32o9piXgdUHQ= +github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78 h1:tf/KwIyNe3cUckt+lVR6dBn5UV0dxwEp9t8uVxh1P3A= +github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78/go.mod h1:VD+1/CcB3GhJH1hrDcxv/Idr3wYEN5YURxV/QRrRLJk= +github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78 h1:uy64QZKrClXDiO/F3OxnpXz7oTDUIR7SHkdX4T61R5U= +github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78/go.mod h1:Yjxnfo5lUPUSBUqfhgoAS19ZFY/JhMC16dgEw0ilIoU= +github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78 h1:r/DIXR6g8lRGL7n246qnsHMg33r2kH2OmssPRjEZTUI= +github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78/go.mod h1:n49VMDfRrPr3RdbpZRjo4yIF65v6ryFoeflGeAFItyc= +github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78 h1:PmJNZgUCEgCVlLDZFx2bP9BCfhl1YDNGmLNA2z43nHU= +github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78/go.mod h1:y8fO9+mZJPj9OK26w+MwxW4kUf+bJh1CHsPYvRjwYoA= github.com/openshift/library-go v0.0.0-20230127195720-edf819b079cf/go.mod h1:xO4nAf0qa56dgvEJWVD1WuwSJ8JWPU1TYLBQrlutWnE= github.com/openshift/library-go v0.0.0-20230130232623-47904dd9ff5a h1:OzF7I7mAzO4SBo5eO5CWoCTgMDydN/Tf2/Rq8YbMpT0= github.com/openshift/library-go v0.0.0-20230130232623-47904dd9ff5a/go.mod h1:xO4nAf0qa56dgvEJWVD1WuwSJ8JWPU1TYLBQrlutWnE= From 105e230a34d37d2926e358104ff44197f8f65c45 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:05 +0100 Subject: [PATCH 11/16] update microshift/vendor --- ...perator_01_infrastructure-Default.crd.yaml | 394 ++++++++++++------ ...r_01_infrastructure-Default.crd.yaml-patch | 24 ++ .../api/config/v1/types_infrastructure.go | 3 - .../api/machine/v1beta1/types_gcpprovider.go | 17 + .../zz_generated.swagger_doc_generated.go | 1 + .../cr_validation_registration.go | 9 + .../validate_imagecontentsourcepolicy.go | 127 ++++++ .../validate_imagedigestmirrorset.go | 114 +++++ .../validate_imagetagmirrorset.go | 93 +++++ vendor/modules.txt | 115 ++--- 10 files changed, 717 insertions(+), 180 deletions(-) create mode 100644 vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml-patch create mode 100644 vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagecontentsourcepolicy/validate_imagecontentsourcepolicy.go create mode 100644 vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset/validate_imagedigestmirrorset.go create mode 100644 vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagetagmirrorset/validate_imagetagmirrorset.go diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml index fe57bddfc6..af6638c47e 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml @@ -21,9 +21,6 @@ spec: schema: openAPIV3Schema: description: "Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster` \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer)." - type: object - required: - - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' @@ -35,43 +32,41 @@ spec: type: object spec: description: spec holds user settable values for configuration - type: object properties: cloudConfig: description: "cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. \n cloudConfig should only be consumed by the kube_cloud_config controller. The controller is responsible for using the user configuration in the spec for various platforms and combining that with the user provided ConfigMap in this field to create a stitched kube cloud config. The controller generates a ConfigMap `kube-cloud-config` in `openshift-config-managed` namespace with the kube cloud config is stored in `cloud.conf` key. All the clients are expected to use the generated ConfigMap only." - type: object properties: key: description: Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. type: string name: type: string + type: object platformSpec: description: platformSpec holds desired information specific to the underlying infrastructure provider. - type: object properties: alibabaCloud: description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. type: object aws: description: AWS contains settings specific to the Amazon Web Services infrastructure provider. - type: object properties: serviceEndpoints: description: serviceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. - type: array items: description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. - type: object properties: name: description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. - type: string pattern: ^[a-z0-9-]+$ + type: string url: description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. - type: string pattern: ^https:// + type: string + type: object + type: array + type: object azure: description: Azure contains settings specific to the Azure infrastructure provider. type: object @@ -83,26 +78,26 @@ spec: type: object external: description: ExternalPlatformType represents generic infrastructure provider. Platform-specific components should be supplemented separately. - type: object properties: cloudControllerManager: description: CloudControllerManager contains settings specific to the external Cloud Controller Manager (a.k.a. CCM or CPI) - type: object properties: state: description: "state determines whether or not an external Cloud Controller Manager is expected to be installed within the cluster. https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager \n When set to \"External\", new nodes will be tainted as uninitialized when created, preventing them from running workloads until they are initialized by the cloud controller manager. When omitted or set to \"None\", new nodes will be not tainted and no extra initialization from the cloud controller manager is expected." - type: string enum: - "" - External - None + type: string + type: object platformName: + default: Unknown description: PlatformName holds the arbitrary string representing the infrastructure provider name, expected to be set at the installation time. This field is solely for informational and reporting purposes and is not expected to be used for decision-making. type: string - default: Unknown x-kubernetes-validations: - - rule: oldSelf == 'Unknown' || self == oldSelf - message: platform name cannot be changed once set + - message: platform name cannot be changed once set + rule: oldSelf == 'Unknown' || self == oldSelf + type: object gcp: description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. type: object @@ -114,62 +109,62 @@ spec: type: object nutanix: description: Nutanix contains settings specific to the Nutanix infrastructure provider. - type: object - required: - - prismCentral - - prismElements properties: prismCentral: description: prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. - type: object - required: - - address - - port properties: address: description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) - type: string maxLength: 256 + type: string port: description: port is the port number to access the Nutanix Prism Central or Element (cluster) - type: integer format: int32 maximum: 65535 minimum: 1 + type: integer + required: + - address + - port + type: object prismElements: description: prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. - type: array items: description: NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) - type: object - required: - - endpoint - - name properties: endpoint: description: endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. - type: object - required: - - address - - port properties: address: description: address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) - type: string maxLength: 256 + type: string port: description: port is the port number to access the Nutanix Prism Central or Element (cluster) - type: integer format: int32 maximum: 65535 minimum: 1 + type: integer + required: + - address + - port + type: object name: description: name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). - type: string maxLength: 256 + type: string + required: + - endpoint + - name + type: object + type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + required: + - prismCentral + - prismElements + type: object openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. type: object @@ -178,33 +173,32 @@ spec: type: object powervs: description: PowerVS contains settings specific to the IBM Power Systems Virtual Servers infrastructure provider. - type: object properties: serviceEndpoints: description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. - type: array items: description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. - type: object - required: - - name - - url properties: name: description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - type: string pattern: ^[a-z0-9-]+$ + type: string url: description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. - type: string format: uri pattern: ^https:// + type: string + required: + - name + - url + type: object + type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + type: object type: description: type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. - type: string enum: - "" - AWS @@ -223,12 +217,166 @@ spec: - AlibabaCloud - Nutanix - External + type: string vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. + properties: + failureDomains: + description: failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used. + items: + description: VSpherePlatformFailureDomainSpec holds the region and zone failure domain and the vCenter topology of that failure domain. + properties: + name: + description: name defines the arbitrary but unique name of a failure domain. + maxLength: 256 + minLength: 1 + type: string + region: + description: region defines the name of a region tag that will be attached to a vCenter datacenter. The tag category in vCenter must be named openshift-region. + maxLength: 80 + minLength: 1 + type: string + server: + anyOf: + - format: ipv4 + - format: ipv6 + - format: hostname + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + maxLength: 255 + minLength: 1 + type: string + topology: + description: Topology describes a given failure domain using vSphere constructs + properties: + computeCluster: + description: computeCluster the absolute path of the vCenter cluster in which virtual machine will be located. The absolute path is of the form //host/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/host/.*? + type: string + datacenter: + description: datacenter is the name of vCenter datacenter in which virtual machines will be located. The maximum length of the datacenter name is 80 characters. + maxLength: 80 + type: string + datastore: + description: datastore is the absolute path of the datastore in which the virtual machine is located. The absolute path is of the form //datastore/ The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/datastore/.*? + type: string + folder: + description: folder is the absolute path of the folder where virtual machines are located. The absolute path is of the form //vm/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/vm/.*? + type: string + networks: + description: networks is the list of port group network names within this failure domain. Currently, we only support a single interface per RHCOS virtual machine. The available networks (port groups) can be listed using `govc ls 'network/*'` The single interface should be the absolute path of the form //network/. + items: + type: string + maxItems: 1 + minItems: 1 + type: array + resourcePool: + description: resourcePool is the absolute path of the resource pool where virtual machines will be created. The absolute path is of the form //host//Resources/. The maximum length of the path is 2048 characters. + maxLength: 2048 + pattern: ^/.*?/host/.*?/Resources.* + type: string + required: + - computeCluster + - datacenter + - datastore + - networks + type: object + zone: + description: zone defines the name of a zone tag that will be attached to a vCenter cluster. The tag category in vCenter must be named openshift-zone. + maxLength: 80 + minLength: 1 + type: string + required: + - name + - region + - server + - topology + - zone + type: object + type: array + nodeNetworking: + description: nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found. + properties: + external: + description: external represents the network configuration of the node that is externally routable. + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + items: + format: cidr + type: string + type: array + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + items: + format: cidr + type: string + type: array + type: object + internal: + description: internal represents the network configuration of the node that is routable only within the cluster. + properties: + excludeNetworkSubnetCidr: + description: excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting the IP address from the VirtualMachine's VM for use in the status.addresses fields. --- + items: + format: cidr + type: string + type: array + network: + description: network VirtualMachine's VM Network names that will be used to when searching for status.addresses fields. Note that if internal.networkSubnetCIDR and external.networkSubnetCIDR are not set, then the vNIC associated to this network must only have a single IP address assigned to it. The available networks (port groups) can be listed using `govc ls 'network/*'` + type: string + networkSubnetCidr: + description: networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs that will be used in respective status.addresses fields. --- + items: + format: cidr + type: string + type: array + type: object + type: object + vcenters: + description: vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported. --- + items: + description: VSpherePlatformVCenterSpec stores the vCenter connection fields. This is used by the vSphere CCM. + properties: + datacenters: + description: The vCenter Datacenters in which the RHCOS vm guests are located. This field will be used by the Cloud Controller Manager. Each datacenter listed here should be used within a topology. + items: + type: string + minItems: 1 + type: array + port: + description: port is the TCP port that will be used to communicate to the vCenter endpoint. When omitted, this means the user has no opinion and it is up to the platform to choose a sensible default, which is subject to change over time. + format: int32 + maximum: 32767 + minimum: 1 + type: integer + server: + anyOf: + - format: ipv4 + - format: ipv6 + - format: hostname + description: server is the fully-qualified domain name or the IP address of the vCenter server. --- + maxLength: 255 + type: string + required: + - datacenters + - server + type: object + maxItems: 1 + minItems: 0 + type: array type: object + type: object + type: object status: description: status holds observed values from the cluster. They may not be overridden. - type: object properties: apiServerInternalURI: description: apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. @@ -237,13 +385,13 @@ spec: description: apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. type: string controlPlaneTopology: - description: controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. - type: string default: HighlyAvailable + description: controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a "normal" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. enum: - HighlyAvailable - SingleReplica - External + type: string etcdDiscoveryDomain: description: 'etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.' type: string @@ -251,15 +399,14 @@ spec: description: infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. type: string infrastructureTopology: - description: 'infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is ''HighlyAvailable'', which represents the behavior operators have in a "normal" cluster. The ''SingleReplica'' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.' - type: string default: HighlyAvailable + description: 'infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is ''HighlyAvailable'', which represents the behavior operators have in a "normal" cluster. The ''SingleReplica'' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.' enum: - HighlyAvailable - SingleReplica + type: string platform: description: "platform is the underlying infrastructure provider for the cluster. \n Deprecated: Use platformStatus.type instead." - type: string enum: - "" - AWS @@ -278,103 +425,101 @@ spec: - AlibabaCloud - Nutanix - External + type: string platformStatus: description: platformStatus holds status information specific to the underlying infrastructure provider. - type: object properties: alibabaCloud: description: AlibabaCloud contains settings specific to the Alibaba Cloud infrastructure provider. - type: object - required: - - region properties: region: description: region specifies the region for Alibaba Cloud resources created for the cluster. - type: string pattern: ^[0-9A-Za-z-]+$ + type: string resourceGroupID: description: resourceGroupID is the ID of the resource group for the cluster. - type: string pattern: ^(rg-[0-9A-Za-z]+)?$ + type: string resourceTags: description: resourceTags is a list of additional tags to apply to Alibaba Cloud resources created for the cluster. - type: array - maxItems: 20 items: description: AlibabaCloudResourceTag is the set of tags to add to apply to resources. - type: object - required: - - key - - value properties: key: description: key is the key of the tag. - type: string maxLength: 128 minLength: 1 + type: string value: description: value is the value of the tag. - type: string maxLength: 128 minLength: 1 + type: string + required: + - key + - value + type: object + maxItems: 20 + type: array x-kubernetes-list-map-keys: - key x-kubernetes-list-type: map + required: + - region + type: object aws: description: AWS contains settings specific to the Amazon Web Services infrastructure provider. - type: object properties: region: description: region holds the default AWS region for new AWS resources created by the cluster. type: string resourceTags: description: resourceTags is a list of additional tags to apply to AWS resources created for the cluster. See https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html for information on tagging AWS resources. AWS supports a maximum of 50 tags per resource. OpenShift reserves 25 tags for its use, leaving 25 tags available for the user. - type: array - maxItems: 25 items: description: AWSResourceTag is a tag to apply to AWS resources created for the cluster. - type: object - required: - - key - - value properties: key: description: key is the key of the tag - type: string maxLength: 128 minLength: 1 pattern: ^[0-9A-Za-z_.:/=+-@]+$ + type: string value: description: value is the value of the tag. Some AWS service do not support empty values. Since tags are added to resources in many services, the length of the tag value must meet the requirements of all services. - type: string maxLength: 256 minLength: 1 pattern: ^[0-9A-Za-z_.:/=+-@]+$ + type: string + required: + - key + - value + type: object + maxItems: 25 + type: array serviceEndpoints: description: ServiceEndpoints list contains custom endpoints which will override default service endpoint of AWS Services. There must be only one ServiceEndpoint for a service. - type: array items: description: AWSServiceEndpoint store the configuration of a custom url to override existing defaults of AWS Services. - type: object properties: name: description: name is the name of the AWS service. The list of all the service names can be found at https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html This must be provided and cannot be empty. - type: string pattern: ^[a-z0-9-]+$ + type: string url: description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. - type: string pattern: ^https:// + type: string + type: object + type: array + type: object azure: description: Azure contains settings specific to the Azure infrastructure provider. - type: object properties: armEndpoint: description: armEndpoint specifies a URL to use for resource management in non-soverign clouds such as Azure Stack. type: string cloudName: description: cloudName is the name of the Azure cloud environment which can be used to configure the Azure SDK with the appropriate Azure API endpoints. If empty, the value is equal to `AzurePublicCloud`. - type: string enum: - "" - AzurePublicCloud @@ -382,42 +527,43 @@ spec: - AzureChinaCloud - AzureGermanCloud - AzureStackCloud + type: string networkResourceGroupName: description: networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. type: string resourceGroupName: description: resourceGroupName is the Resource Group for new Azure resources created for the cluster. type: string + type: object baremetal: description: BareMetal contains settings specific to the BareMetal platform. - type: object properties: apiServerInternalIP: description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string apiServerInternalIPs: description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array ingressIP: description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." type: string ingressIPs: description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array nodeDNSIP: description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. type: string + type: object equinixMetal: description: EquinixMetal contains settings specific to the Equinix Metal infrastructure provider. - type: object properties: apiServerInternalIP: description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. @@ -425,12 +571,12 @@ spec: ingressIP: description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. type: string + type: object external: description: External contains settings specific to the generic External infrastructure provider. type: object gcp: description: GCP contains settings specific to the Google Cloud Platform infrastructure provider. - type: object properties: projectID: description: resourceGroupName is the Project ID for new GCP resources created for the cluster. @@ -438,9 +584,9 @@ spec: region: description: region holds the region for new GCP resources created for the cluster. type: string + type: object ibmcloud: description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. - type: object properties: cisInstanceCRN: description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain @@ -457,9 +603,9 @@ spec: resourceGroupName: description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. type: string + type: object kubevirt: description: Kubevirt contains settings specific to the kubevirt infrastructure provider. - type: object properties: apiServerInternalIP: description: apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. @@ -467,44 +613,44 @@ spec: ingressIP: description: ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. type: string + type: object nutanix: description: Nutanix contains settings specific to the Nutanix infrastructure provider. - type: object properties: apiServerInternalIP: description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string apiServerInternalIPs: description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array ingressIP: description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." type: string ingressIPs: description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array + type: object openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. - type: object properties: apiServerInternalIP: description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string apiServerInternalIPs: description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array cloudName: description: cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). type: string @@ -513,44 +659,44 @@ spec: type: string ingressIPs: description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array nodeDNSIP: description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. type: string + type: object ovirt: description: Ovirt contains settings specific to the oVirt infrastructure provider. - type: object properties: apiServerInternalIP: description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string apiServerInternalIPs: description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array ingressIP: description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." type: string ingressIPs: description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array nodeDNSIP: description: 'deprecated: as of 4.6, this field is no longer set or honored. It will be removed in a future release.' type: string + type: object powervs: description: PowerVS contains settings specific to the Power Systems Virtual Servers infrastructure provider. - type: object properties: cisInstanceCRN: description: CISInstanceCRN is the CRN of the Cloud Internet Services instance managing the DNS zone for the cluster's base domain @@ -563,29 +709,29 @@ spec: type: string serviceEndpoints: description: serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. - type: array items: description: PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. - type: object - required: - - name - - url properties: name: description: name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud - type: string pattern: ^[a-z0-9-]+$ + type: string url: description: url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. - type: string format: uri pattern: ^https:// + type: string + required: + - name + - url + type: object + type: array zone: description: 'zone holds the default zone for the new Power VS resources created by the cluster. Note: Currently only single-zone OCP clusters are supported' type: string + type: object type: description: "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"EquinixMetal\", \"PowerVS\", \"AlibabaCloud\", \"Nutanix\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. \n This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set." - type: string enum: - "" - AWS @@ -604,33 +750,39 @@ spec: - AlibabaCloud - Nutanix - External + type: string vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. - type: object properties: apiServerInternalIP: description: "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. \n Deprecated: Use APIServerInternalIPs instead." type: string apiServerInternalIPs: description: apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array ingressIP: description: "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. \n Deprecated: Use IngressIPs instead." type: string ingressIPs: description: ingressIPs are the external IPs which route to the default ingress controller. The IPs are suitable targets of a wildcard DNS record used to resolve default route host names. In dual stack clusters this list contains two IPs otherwise only one. - type: array format: ip - maxItems: 2 items: type: string + maxItems: 2 + type: array nodeDNSIP: description: nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for vSphere deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. type: string + type: object + type: object + type: object + required: + - spec + type: object served: true storage: true subresources: diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml-patch b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml-patch new file mode 100644 index 0000000000..d127130add --- /dev/null +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure-Default.crd.yaml-patch @@ -0,0 +1,24 @@ +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/vcenters/items/properties/server/anyOf + value: + - format: ipv4 + - format: ipv6 + - format: hostname +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/failureDomains/items/properties/server/anyOf + value: + - format: ipv4 + - format: ipv6 + - format: hostname +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/external/properties/excludeNetworkSubnetCidr/items/format + value: cidr +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/external/properties/networkSubnetCidr/items/format + value: cidr +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/internal/properties/excludeNetworkSubnetCidr/items/format + value: cidr +- op: add + path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/internal/properties/networkSubnetCidr/items/format + value: cidr diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index f1f1697a70..b6e3afb27b 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -834,7 +834,6 @@ type VSpherePlatformSpec struct { // --- // + If VCenters is not defined use the existing cloud-config configmap defined // + in openshift-config. - // +openshift:enable:FeatureSets=TechPreviewNoUpgrade // +kubebuilder:validation:MaxItems=1 // +kubebuilder:validation:MinItems=0 // +optional @@ -842,7 +841,6 @@ type VSpherePlatformSpec struct { // failureDomains contains the definition of region, zone and the vCenter topology. // If this is omitted failure domains (regions and zones) will not be used. - // +openshift:enable:FeatureSets=TechPreviewNoUpgrade // +optional FailureDomains []VSpherePlatformFailureDomainSpec `json:"failureDomains,omitempty"` @@ -851,7 +849,6 @@ type VSpherePlatformSpec struct { // If this field is omitted, networking defaults to the legacy // address selection behavior which is to only support a single address and // return the first one found. - // +openshift:enable:FeatureSets=TechPreviewNoUpgrade // +optional NodeNetworking VSpherePlatformNodeNetworking `json:"nodeNetworking,omitempty"` } diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_gcpprovider.go b/vendor/github.com/openshift/api/machine/v1beta1/types_gcpprovider.go index 90366857c6..7461eec9f0 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_gcpprovider.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_gcpprovider.go @@ -55,6 +55,16 @@ const ( IntegrityMonitoringPolicyDisabled IntegrityMonitoringPolicy = "Disabled" ) +// ConfidentialComputePolicy represents the confidential compute configuration for the GCP machine. +type ConfidentialComputePolicy string + +const ( + // ConfidentialComputePolicyEnabled enables confidential compute for the GCP machine. + ConfidentialComputePolicyEnabled ConfidentialComputePolicy = "Enabled" + // ConfidentialComputePolicyDisabled disables confidential compute for the GCP machine. + ConfidentialComputePolicyDisabled ConfidentialComputePolicy = "Disabled" +) + // GCPMachineProviderSpec is the type that will be embedded in a Machine.Spec.ProviderSpec field // for an GCP virtual machine. It is used by the GCP machine actuator to create a single Machine. // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). @@ -129,6 +139,13 @@ type GCPMachineProviderSpec struct { // ShieldedInstanceConfig is the Shielded VM configuration for the VM // +optional ShieldedInstanceConfig GCPShieldedInstanceConfig `json:"shieldedInstanceConfig,omitempty"` + + // confidentialCompute Defines whether the instance should have confidential compute enabled. + // If enabled OnHostMaintenance is required to be set to "Terminate". + // If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. + // +kubebuilder:validation:Enum=Enabled;Disabled + // +optional + ConfidentialCompute ConfidentialComputePolicy `json:"confidentialCompute,omitempty"` } // GCPDisk describes disks for GCP. diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go index b89b321c40..db002492d4 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go @@ -388,6 +388,7 @@ var map_GCPMachineProviderSpec = map[string]string{ "onHostMaintenance": "OnHostMaintenance determines the behavior when a maintenance event occurs that might cause the instance to reboot. This is required to be set to \"Terminate\" if you want to provision machine with attached GPUs. Otherwise, allowed values are \"Migrate\" and \"Terminate\". If omitted, the platform chooses a default, which is subject to change over time, currently that default is \"Migrate\".", "restartPolicy": "RestartPolicy determines the behavior when an instance crashes or the underlying infrastructure provider stops the instance as part of a maintenance event (default \"Always\"). Cannot be \"Always\" with preemptible instances. Otherwise, allowed values are \"Always\" and \"Never\". If omitted, the platform chooses a default, which is subject to change over time, currently that default is \"Always\". RestartPolicy represents AutomaticRestart in GCP compute api", "shieldedInstanceConfig": "ShieldedInstanceConfig is the Shielded VM configuration for the VM", + "confidentialCompute": "confidentialCompute Defines whether the instance should have confidential compute enabled. If enabled OnHostMaintenance is required to be set to \"Terminate\". If omitted, the platform chooses a default, which is subject to change over time, currently that default is false.", } func (GCPMachineProviderSpec) SwaggerDoc() map[string]string { diff --git a/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/customresourcevalidationregistration/cr_validation_registration.go b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/customresourcevalidationregistration/cr_validation_registration.go index 3ac0752aa8..cc1de149b3 100644 --- a/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/customresourcevalidationregistration/cr_validation_registration.go +++ b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/customresourcevalidationregistration/cr_validation_registration.go @@ -3,6 +3,9 @@ package customresourcevalidationregistration import ( "k8s.io/apiserver/pkg/admission" "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/apirequestcount" + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagecontentsourcepolicy" + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset" + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagetagmirrorset" "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/apiserver" "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/authentication" @@ -31,6 +34,9 @@ var AllCustomResourceValidators = []string{ console.PluginName, dns.PluginName, image.PluginName, + imagecontentsourcepolicy.PluginName, + imagedigestmirrorset.PluginName, + imagetagmirrorset.PluginName, oauth.PluginName, project.PluginName, config.PluginName, @@ -58,6 +64,9 @@ func RegisterCustomResourceValidation(plugins *admission.Plugins) { console.Register(plugins) dns.Register(plugins) image.Register(plugins) + imagecontentsourcepolicy.Register(plugins) + imagedigestmirrorset.Register(plugins) + imagetagmirrorset.Register(plugins) oauth.Register(plugins) project.Register(plugins) config.Register(plugins) diff --git a/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagecontentsourcepolicy/validate_imagecontentsourcepolicy.go b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagecontentsourcepolicy/validate_imagecontentsourcepolicy.go new file mode 100644 index 0000000000..4be38617b8 --- /dev/null +++ b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagecontentsourcepolicy/validate_imagecontentsourcepolicy.go @@ -0,0 +1,127 @@ +package imagecontentsourcepolicy + +import ( + "context" + "fmt" + "io" + + operatorv1alpha1 "github.com/openshift/api/operator/v1alpha1" + configv1client "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + "github.com/openshift/library-go/pkg/apiserver/admission/admissionrestconfig" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/admission" + "k8s.io/client-go/rest" + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation" + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset" +) + +const PluginName = "operator.openshift.io/ValidateImageContentSourcePolicy" + +// Register registers a plugin +func Register(plugins *admission.Plugins) { + + plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) { + return newValidateICSP() + }) +} + +type validateCustomResourceWithClient struct { + admission.ValidationInterface + + imageDigestMirrorSetsGetter configv1client.ImageDigestMirrorSetsGetter + imageTagMirrorSetsGetter configv1client.ImageTagMirrorSetsGetter +} + +func newValidateICSP() (admission.Interface, error) { + ret := &validateCustomResourceWithClient{} + + delegate, err := customresourcevalidation.NewValidator( + map[schema.GroupResource]bool{ + operatorv1alpha1.Resource(imagedigestmirrorset.ICSPResource): true, + }, + map[schema.GroupVersionKind]customresourcevalidation.ObjectValidator{ + operatorv1alpha1.GroupVersion.WithKind(imagedigestmirrorset.ICSPKind): imagecontentsourcepolicy{imageDigestMirrorSetsGetter: ret.getImageDigestMirrorSetsGetter, imageTagMirrorSetsGetter: ret.getImageTagMirrorSetsGetter}, + }) + if err != nil { + return nil, err + } + ret.ValidationInterface = delegate + return ret, nil +} + +var _ admissionrestconfig.WantsRESTClientConfig = &validateCustomResourceWithClient{} + +func (i *validateCustomResourceWithClient) getImageDigestMirrorSetsGetter() configv1client.ImageDigestMirrorSetsGetter { + return i.imageDigestMirrorSetsGetter +} + +func (i *validateCustomResourceWithClient) getImageTagMirrorSetsGetter() configv1client.ImageTagMirrorSetsGetter { + return i.imageTagMirrorSetsGetter +} + +func (i *validateCustomResourceWithClient) SetRESTClientConfig(restClientConfig rest.Config) { + client, err := configv1client.NewForConfig(&restClientConfig) + if err != nil { + utilruntime.HandleError(err) + return + } + i.imageDigestMirrorSetsGetter = client + i.imageTagMirrorSetsGetter = client +} + +func (i *validateCustomResourceWithClient) ValidateInitialization() error { + if i.imageDigestMirrorSetsGetter == nil { + return fmt.Errorf(PluginName + " needs an imageDigestMirrorSetsGetter") + } + + if i.imageTagMirrorSetsGetter == nil { + return fmt.Errorf(PluginName + " needs an imageTagMirrorSetsGetter") + } + + if initializationValidator, ok := i.ValidationInterface.(admission.InitializationValidator); ok { + return initializationValidator.ValidateInitialization() + } + + return nil +} + +type imagecontentsourcepolicy struct { + imageDigestMirrorSetsGetter func() configv1client.ImageDigestMirrorSetsGetter + imageTagMirrorSetsGetter func() configv1client.ImageTagMirrorSetsGetter +} + +func (i imagecontentsourcepolicy) ValidateCreate(uncastObj runtime.Object) field.ErrorList { + return i.validateICSPUse("create") +} + +func (i imagecontentsourcepolicy) ValidateUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList { + return i.validateICSPUse("update") +} + +func (i imagecontentsourcepolicy) ValidateStatusUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList { + return i.validateICSPUse("update") +} + +func (i imagecontentsourcepolicy) validateICSPUse(action string) field.ErrorList { + idmsList, err := i.imageDigestMirrorSetsGetter().ImageDigestMirrorSets().List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return field.ErrorList{field.InternalError(field.NewPath("Kind", imagedigestmirrorset.IDMSKind), err)} + } + if len(idmsList.Items) > 0 { + return field.ErrorList{ + field.Forbidden(field.NewPath("Kind", imagedigestmirrorset.ICSPKind), fmt.Sprintf("can't %s %s when %s resources exist", action, imagedigestmirrorset.ICSPKind, imagedigestmirrorset.IDMSKind))} + } + itmsList, err := i.imageTagMirrorSetsGetter().ImageTagMirrorSets().List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return field.ErrorList{field.InternalError(field.NewPath("Kind", imagedigestmirrorset.ITMSKind), err)} + } + if len(itmsList.Items) > 0 { + return field.ErrorList{ + field.Forbidden(field.NewPath("Kind", imagedigestmirrorset.ICSPKind), fmt.Sprintf("can't %s %s when %s resources exist", action, imagedigestmirrorset.ICSPKind, imagedigestmirrorset.ITMSKind))} + } + return nil +} diff --git a/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset/validate_imagedigestmirrorset.go b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset/validate_imagedigestmirrorset.go new file mode 100644 index 0000000000..3c1f4257ba --- /dev/null +++ b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset/validate_imagedigestmirrorset.go @@ -0,0 +1,114 @@ +package imagedigestmirrorset + +import ( + "context" + "fmt" + "io" + + v1 "github.com/openshift/api/config/v1" + operatorsv1alpha1client "github.com/openshift/client-go/operator/clientset/versioned/typed/operator/v1alpha1" + "github.com/openshift/library-go/pkg/apiserver/admission/admissionrestconfig" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/admission" + "k8s.io/client-go/rest" + + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation" +) + +const ( + PluginName = "config.openshift.io/ValidateImageDigestMirrorSet" + ICSPKind = "ImageContentSourcePolicy" + ICSPResource = "imagecontentsourcepolicies" + IDMSKind = "ImageDigestMirrorSet" + IDMSResource = "imagedigestmirrorsets" + ITMSKind = "ImageTagMirrorSet" + ITMSResource = "imagetagmirrorsets" +) + +// Register registers a plugin +func Register(plugins *admission.Plugins) { + + plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) { + return newValidateIDMS() + }) +} + +type validateCustomResourceWithClient struct { + admission.ValidationInterface + + imageContentSourcePoliciesGetter operatorsv1alpha1client.ImageContentSourcePoliciesGetter +} + +func newValidateIDMS() (admission.Interface, error) { + ret := &validateCustomResourceWithClient{} + + delegate, err := customresourcevalidation.NewValidator( + map[schema.GroupResource]bool{ + v1.Resource(IDMSResource): true, + }, + map[schema.GroupVersionKind]customresourcevalidation.ObjectValidator{ + v1.GroupVersion.WithKind(IDMSKind): imagedigestmirrorsetV1{imageContentSourcePoliciesGetter: ret.getImageContentSourcePoliciesGetter}, + }) + if err != nil { + return nil, err + } + ret.ValidationInterface = delegate + return ret, nil +} + +var _ admissionrestconfig.WantsRESTClientConfig = &validateCustomResourceWithClient{} + +func (i *validateCustomResourceWithClient) getImageContentSourcePoliciesGetter() operatorsv1alpha1client.ImageContentSourcePoliciesGetter { + return i.imageContentSourcePoliciesGetter +} + +func (i *validateCustomResourceWithClient) SetRESTClientConfig(restClientConfig rest.Config) { + var err error + i.imageContentSourcePoliciesGetter, err = operatorsv1alpha1client.NewForConfig(&restClientConfig) + if err != nil { + utilruntime.HandleError(err) + return + } +} + +func (i *validateCustomResourceWithClient) ValidateInitialization() error { + if i.imageContentSourcePoliciesGetter == nil { + return fmt.Errorf(PluginName + " needs an imageContentSourcePoliciesGetter") + } + if initializationValidator, ok := i.ValidationInterface.(admission.InitializationValidator); ok { + return initializationValidator.ValidateInitialization() + } + return nil +} + +type imagedigestmirrorsetV1 struct { + imageContentSourcePoliciesGetter func() operatorsv1alpha1client.ImageContentSourcePoliciesGetter +} + +func (i imagedigestmirrorsetV1) ValidateCreate(uncastObj runtime.Object) field.ErrorList { + return ValidateITMSIDMSUse("create", i.imageContentSourcePoliciesGetter(), IDMSKind) +} + +func (i imagedigestmirrorsetV1) ValidateUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList { + return ValidateITMSIDMSUse("update", i.imageContentSourcePoliciesGetter(), IDMSKind) +} + +func (i imagedigestmirrorsetV1) ValidateStatusUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList { + return ValidateITMSIDMSUse("update", i.imageContentSourcePoliciesGetter(), IDMSKind) +} + +func ValidateITMSIDMSUse(action string, icspGetter operatorsv1alpha1client.ImageContentSourcePoliciesGetter, kind string) field.ErrorList { + icspList, err := icspGetter.ImageContentSourcePolicies().List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return field.ErrorList{field.InternalError(field.NewPath("Kind", ICSPKind), err)} + } + if len(icspList.Items) > 0 { + return field.ErrorList{ + field.Forbidden(field.NewPath("Kind", kind), fmt.Sprintf("can't %s %s when %s resources exist", action, kind, ICSPKind))} + } + return nil +} diff --git a/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagetagmirrorset/validate_imagetagmirrorset.go b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagetagmirrorset/validate_imagetagmirrorset.go new file mode 100644 index 0000000000..226de3885b --- /dev/null +++ b/vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagetagmirrorset/validate_imagetagmirrorset.go @@ -0,0 +1,93 @@ +package imagetagmirrorset + +import ( + "fmt" + "io" + + v1 "github.com/openshift/api/config/v1" + operatorsv1alpha1client "github.com/openshift/client-go/operator/clientset/versioned/typed/operator/v1alpha1" + "github.com/openshift/library-go/pkg/apiserver/admission/admissionrestconfig" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" + "k8s.io/apiserver/pkg/admission" + "k8s.io/client-go/rest" + + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation" + "k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset" +) + +const PluginName = "config.openshift.io/ValidateImageTagMirrorSet" + +// Register registers a plugin +func Register(plugins *admission.Plugins) { + + plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) { + return newValidateITMS() + }) +} + +type validateCustomResourceWithClient struct { + admission.ValidationInterface + + imageContentSourcePoliciesGetter operatorsv1alpha1client.ImageContentSourcePoliciesGetter +} + +func newValidateITMS() (admission.Interface, error) { + ret := &validateCustomResourceWithClient{} + + delegate, err := customresourcevalidation.NewValidator( + map[schema.GroupResource]bool{ + v1.Resource(imagedigestmirrorset.ITMSResource): true, + }, + map[schema.GroupVersionKind]customresourcevalidation.ObjectValidator{ + v1.GroupVersion.WithKind(imagedigestmirrorset.ITMSKind): imagetagmirrorsetV1{imageContentSourcePoliciesGetter: ret.getImageContentSourcePoliciesGetter}, + }) + if err != nil { + return nil, err + } + ret.ValidationInterface = delegate + return ret, nil +} + +var _ admissionrestconfig.WantsRESTClientConfig = &validateCustomResourceWithClient{} + +func (i *validateCustomResourceWithClient) getImageContentSourcePoliciesGetter() operatorsv1alpha1client.ImageContentSourcePoliciesGetter { + return i.imageContentSourcePoliciesGetter +} + +func (i *validateCustomResourceWithClient) SetRESTClientConfig(restClientConfig rest.Config) { + var err error + i.imageContentSourcePoliciesGetter, err = operatorsv1alpha1client.NewForConfig(&restClientConfig) + if err != nil { + utilruntime.HandleError(err) + return + } +} + +func (i *validateCustomResourceWithClient) ValidateInitialization() error { + if i.imageContentSourcePoliciesGetter == nil { + return fmt.Errorf(PluginName + " needs an imageContentSourcePoliciesGetter") + } + if initializationValidator, ok := i.ValidationInterface.(admission.InitializationValidator); ok { + return initializationValidator.ValidateInitialization() + } + return nil +} + +type imagetagmirrorsetV1 struct { + imageContentSourcePoliciesGetter func() operatorsv1alpha1client.ImageContentSourcePoliciesGetter +} + +func (i imagetagmirrorsetV1) ValidateCreate(uncastObj runtime.Object) field.ErrorList { + return imagedigestmirrorset.ValidateITMSIDMSUse("create", i.imageContentSourcePoliciesGetter(), imagedigestmirrorset.ITMSKind) +} + +func (i imagetagmirrorsetV1) ValidateUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList { + return imagedigestmirrorset.ValidateITMSIDMSUse("update", i.imageContentSourcePoliciesGetter(), imagedigestmirrorset.ITMSKind) +} + +func (i imagetagmirrorsetV1) ValidateStatusUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList { + return imagedigestmirrorset.ValidateITMSIDMSUse("update", i.imageContentSourcePoliciesGetter(), imagedigestmirrorset.ITMSKind) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index da28a741bd..6cf6a10603 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -560,7 +560,7 @@ github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/api v0.0.0-20230120195050-6ba31fa438f2 +# github.com/openshift/api v0.0.0-20230201213816-61d971884921 ## explicit; go 1.19 github.com/openshift/api github.com/openshift/api/apiserver @@ -1365,7 +1365,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/api v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -1421,7 +1421,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/apiextensions-apiserver v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/apiextensions-apiserver/pkg/apihelpers k8s.io/apiextensions-apiserver/pkg/apis/apiextensions @@ -1465,7 +1465,7 @@ k8s.io/apiextensions-apiserver/pkg/generated/openapi k8s.io/apiextensions-apiserver/pkg/registry/customresource k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition -# k8s.io/apimachinery v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/apimachinery v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -1529,7 +1529,7 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/apiserver v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/cel @@ -1683,12 +1683,12 @@ k8s.io/apiserver/plugin/pkg/audit/webhook k8s.io/apiserver/plugin/pkg/authenticator/token/oidc k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook -# k8s.io/cli-runtime v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/cli-runtime v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/cli-runtime/pkg/genericclioptions k8s.io/cli-runtime/pkg/printers k8s.io/cli-runtime/pkg/resource -# k8s.io/client-go v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/client-go v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1 @@ -2018,7 +2018,7 @@ k8s.io/client-go/util/jsonpath k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/cloud-provider v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/cloud-provider v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/cloud-provider k8s.io/cloud-provider/api @@ -2038,14 +2038,14 @@ k8s.io/cloud-provider/service/helpers k8s.io/cloud-provider/volume k8s.io/cloud-provider/volume/errors k8s.io/cloud-provider/volume/helpers -# k8s.io/cluster-bootstrap v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/cluster-bootstrap v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/cluster-bootstrap/token/api k8s.io/cluster-bootstrap/token/jws k8s.io/cluster-bootstrap/token/util k8s.io/cluster-bootstrap/util/secrets k8s.io/cluster-bootstrap/util/tokens -# k8s.io/component-base v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/component-base v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/component-base/cli k8s.io/component-base/cli/flag @@ -2078,7 +2078,7 @@ k8s.io/component-base/tracing k8s.io/component-base/tracing/api/v1 k8s.io/component-base/version k8s.io/component-base/version/verflag -# k8s.io/component-helpers v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/component-helpers v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/component-helpers/apimachinery/lease k8s.io/component-helpers/apps/poddisruptionbudget @@ -2091,7 +2091,7 @@ k8s.io/component-helpers/scheduling/corev1 k8s.io/component-helpers/scheduling/corev1/nodeaffinity k8s.io/component-helpers/storage/ephemeral k8s.io/component-helpers/storage/volume -# k8s.io/controller-manager v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/controller-manager v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/controller-manager/app k8s.io/controller-manager/config @@ -2108,16 +2108,16 @@ k8s.io/controller-manager/pkg/informerfactory k8s.io/controller-manager/pkg/leadermigration k8s.io/controller-manager/pkg/leadermigration/config k8s.io/controller-manager/pkg/leadermigration/options -# k8s.io/cri-api v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/cri-api v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/cri-api/pkg/apis k8s.io/cri-api/pkg/apis/runtime/v1 k8s.io/cri-api/pkg/errors -# k8s.io/csi-translation-lib v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/csi-translation-lib v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/csi-translation-lib k8s.io/csi-translation-lib/plugins -# k8s.io/dynamic-resource-allocation v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/dynamic-resource-allocation v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/dynamic-resource-allocation/resourceclaim # k8s.io/gengo v0.0.0-20220902162205-c0856e24416d @@ -2136,11 +2136,11 @@ k8s.io/klog/v2/internal/clock k8s.io/klog/v2/internal/dbg k8s.io/klog/v2/internal/serialize k8s.io/klog/v2/internal/severity -# k8s.io/kms v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kms v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kms/apis/v1beta1 k8s.io/kms/apis/v2alpha1 -# k8s.io/kube-aggregator v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kube-aggregator v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/install @@ -2171,7 +2171,7 @@ k8s.io/kube-aggregator/pkg/controllers/status k8s.io/kube-aggregator/pkg/registry/apiservice k8s.io/kube-aggregator/pkg/registry/apiservice/etcd k8s.io/kube-aggregator/pkg/registry/apiservice/rest -# k8s.io/kube-controller-manager v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kube-controller-manager v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kube-controller-manager/config/v1alpha1 # k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 @@ -2204,13 +2204,13 @@ k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson k8s.io/kube-openapi/pkg/validation/validate -# k8s.io/kube-scheduler v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kube-scheduler v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kube-scheduler/config/v1 k8s.io/kube-scheduler/config/v1beta2 k8s.io/kube-scheduler/config/v1beta3 k8s.io/kube-scheduler/extender/v1 -# k8s.io/kubectl v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kubectl v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kubectl/pkg/apps k8s.io/kubectl/pkg/cmd/apiresources @@ -2246,7 +2246,7 @@ k8s.io/kubectl/pkg/util/storage k8s.io/kubectl/pkg/util/templates k8s.io/kubectl/pkg/util/term k8s.io/kubectl/pkg/validation -# k8s.io/kubelet v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kubelet v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kubelet/config/v1 k8s.io/kubelet/config/v1alpha1 @@ -2263,7 +2263,7 @@ k8s.io/kubelet/pkg/apis/pluginregistration/v1 k8s.io/kubelet/pkg/apis/podresources/v1 k8s.io/kubelet/pkg/apis/podresources/v1alpha1 k8s.io/kubelet/pkg/apis/stats/v1alpha1 -# k8s.io/kubernetes v1.26.1 => github.com/openshift/kubernetes v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kubernetes v1.26.1 => github.com/openshift/kubernetes v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kubernetes/cmd/kube-apiserver/app k8s.io/kubernetes/cmd/kube-apiserver/app/options @@ -2299,6 +2299,9 @@ k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/cu k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/dns k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/features k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/image +k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagecontentsourcepolicy +k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagedigestmirrorset +k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/imagetagmirrorset k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/kubecontrollermanager k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/network k8s.io/kubernetes/openshift-kube-apiserver/admission/customresourcevalidation/node @@ -3047,7 +3050,7 @@ k8s.io/kubernetes/third_party/forked/gonum/graph k8s.io/kubernetes/third_party/forked/gonum/graph/internal/linear k8s.io/kubernetes/third_party/forked/gonum/graph/simple k8s.io/kubernetes/third_party/forked/gonum/graph/traverse -# k8s.io/legacy-cloud-providers v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/legacy-cloud-providers v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/legacy-cloud-providers/aws k8s.io/legacy-cloud-providers/azure @@ -3090,7 +3093,7 @@ k8s.io/legacy-cloud-providers/gce/gcpcredential k8s.io/legacy-cloud-providers/vsphere k8s.io/legacy-cloud-providers/vsphere/vclib k8s.io/legacy-cloud-providers/vsphere/vclib/diskmanagers -# k8s.io/metrics v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/metrics v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/metrics/pkg/apis/custom_metrics k8s.io/metrics/pkg/apis/custom_metrics/v1beta1 @@ -3105,10 +3108,10 @@ k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1 k8s.io/metrics/pkg/client/custom_metrics k8s.io/metrics/pkg/client/custom_metrics/scheme k8s.io/metrics/pkg/client/external_metrics -# k8s.io/mount-utils v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/mount-utils v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/mount-utils -# k8s.io/pod-security-admission v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/pod-security-admission v0.0.0 => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/pod-security-admission/admission k8s.io/pod-security-admission/admission/api @@ -3251,33 +3254,33 @@ sigs.k8s.io/structured-merge-diff/v4/value ## explicit; go 1.12 sigs.k8s.io/yaml # github.com/onsi/ginkgo/v2 => github.com/openshift/onsi-ginkgo/v2 v2.4.1-0.20221214150008-e73634cb3870 -# k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kubernetes => github.com/openshift/kubernetes v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 +# k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78 +# k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 +# k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 +# k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78 +# k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230207121132-149fe529fd78 +# k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 +# k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78 +# k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78 +# k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78 +# k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kubernetes => github.com/openshift/kubernetes v0.0.0-20230207121132-149fe529fd78 +# k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78 +# k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78 +# k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78 +# k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78 +# k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230207121132-149fe529fd78 +# k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230207121132-149fe529fd78 +# k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230207121132-149fe529fd78 From 998d05f1a1dc6b3ceb8bbdf231a7e1041e38e118 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:05 +0100 Subject: [PATCH 12/16] update etcd/go.mod --- etcd/go.mod | 58 ++++++++++++++++++++++++++--------------------------- etcd/go.sum | 24 +++++++++++----------- 2 files changed, 41 insertions(+), 41 deletions(-) diff --git a/etcd/go.mod b/etcd/go.mod index b2954d3bcb..69935ba5cf 100644 --- a/etcd/go.mod +++ b/etcd/go.mod @@ -145,33 +145,33 @@ replace ( go.etcd.io/etcd/pkg/v3 => github.com/openshift/etcd/pkg/v3 v3.5.1-0.20230125165349-13c18c444a8c // from etcd go.etcd.io/etcd/raft/v3 => github.com/openshift/etcd/raft/v3 v3.5.1-0.20230125165349-13c18c444a8c // from etcd go.etcd.io/etcd/server/v3 => github.com/openshift/etcd/server/v3 v3.5.1-0.20230125165349-13c18c444a8c // from etcd - k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd // from kubernetes - k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes - k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230203160803-9eb81c20e0fd // staging kubernetes + k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 // from kubernetes + k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230207121132-149fe529fd78 // staging kubernetes + k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230207121132-149fe529fd78 // staging kubernetes ) diff --git a/etcd/go.sum b/etcd/go.sum index 546d673d49..7a505cd188 100644 --- a/etcd/go.sum +++ b/etcd/go.sum @@ -373,18 +373,18 @@ github.com/openshift/etcd/raft/v3 v3.5.1-0.20230125165349-13c18c444a8c h1:F2zw47 github.com/openshift/etcd/raft/v3 v3.5.1-0.20230125165349-13c18c444a8c/go.mod h1:wL8kkRGx1Hp8FmZUuHfL3K2/OaGIDaXGr1N7i2G07J0= github.com/openshift/etcd/server/v3 v3.5.1-0.20230125165349-13c18c444a8c h1:dlpgsW1KSYbbI8pV2T1n38SvXGbxsJwwpHqJ8NHqH4w= github.com/openshift/etcd/server/v3 v3.5.1-0.20230125165349-13c18c444a8c/go.mod h1:6/Gfe8XTGXQJgLYQ65oGKMfPivb2EASLUSMSWN9Sroo= -github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd h1:9FNruKCZ/toYKH4vlfzf0eBBV8w9xanzgjDtmjgR9PE= -github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:SVFZVmcfr/QnDkKqmBvlVlhurEsml57BUNDH+R/CPqk= -github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd h1:AtXRsyP1kJoxm9lrOotzg8lmMK3yFzDB7OKrKcxYfzk= -github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:fcaZu5DOMCvnjHsoJrKV5iQLvaiOTv50bj8okFxwYFw= -github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd h1:VbB2l+KI6JAURqgd56yRodvBEGeJP8C7vK24aYnR+MU= -github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:salqUyIbJbHU1a9StwrX18tkxIoZejk8BQB9aYNkIPk= -github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd h1:/BhPPIrVwtYuhgGmFS9/q5HgbrCH9XdY+HzGRgpeU/Y= -github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:g5iGehpfJ/sjrrPZotg2ndVBM1qrl/xlKDEC6CJwoRo= -github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd h1:EgeBlm4XhGv0fxuuBj0eOUuqTFGl8l/wUDrXifwqSDY= -github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:+K4RuDOLxtVWiPZfUefwPoYThb9BEmWYp5zId0KFgU0= -github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd h1:PcAMbgvdqLloyIZNDN6P316PCknHdNDefX4kkapQ1qg= -github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd/go.mod h1:6p383itqHHhUKvZADAr+LDVXOJ4ZWo0tBKVxTjqc9UY= +github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 h1:UGV2H8yDs0uVbdQpTb74xXOf+WhHG21ITqjKyjbGAcI= +github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78/go.mod h1:SVFZVmcfr/QnDkKqmBvlVlhurEsml57BUNDH+R/CPqk= +github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 h1:7W2ypXSvy6pFbm5/ZtmJ3eUE8jvf5zQeQ/aWE3Xkq/w= +github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78/go.mod h1:fcaZu5DOMCvnjHsoJrKV5iQLvaiOTv50bj8okFxwYFw= +github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 h1:5io2uMtQ3OAJWSHp22ml2k5o7pYCvrCRYbSB5x8LKLY= +github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78/go.mod h1:salqUyIbJbHU1a9StwrX18tkxIoZejk8BQB9aYNkIPk= +github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 h1:x9q7vfWAz9MKq38lRtrppxmHNJSeXOIAUoCK01eUugQ= +github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78/go.mod h1:g5iGehpfJ/sjrrPZotg2ndVBM1qrl/xlKDEC6CJwoRo= +github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 h1:KT3WERyNYR+zkpVauowKJHaa/wY0jmF0mIglFK3kbC4= +github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78/go.mod h1:+K4RuDOLxtVWiPZfUefwPoYThb9BEmWYp5zId0KFgU0= +github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 h1:VQKIWXij69V+3QbkCHSN5ENi0iE7mH9cNERTzc1qoEA= +github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78/go.mod h1:6p383itqHHhUKvZADAr+LDVXOJ4ZWo0tBKVxTjqc9UY= github.com/openshift/microshift v0.0.0-20221121140706-b79e07fef323 h1:qWkONKhLAU0biKbmMDwtRkczjEZLBcYL9eU7+iP8DUc= github.com/openshift/microshift v0.0.0-20221121140706-b79e07fef323/go.mod h1:u8rVpKDZS2FEJafInQzH1BbGkHUc8ScJVZ8GTIxnVK8= github.com/openshift/onsi-ginkgo/v2 v2.4.1-0.20221214150008-e73634cb3870 h1:YH3Z3ZWCDWjkAGdZpK5rCm5pRZ4wt0uEx1GwvCiO3+I= From 450eea05cbca6861708f1fdc7decb1c81e64ea36 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:07 +0100 Subject: [PATCH 13/16] update etcd/vendor --- etcd/vendor/modules.txt | 70 ++++++++++++++++++++--------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/etcd/vendor/modules.txt b/etcd/vendor/modules.txt index f9f1466b33..def292b63b 100644 --- a/etcd/vendor/modules.txt +++ b/etcd/vendor/modules.txt @@ -588,7 +588,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/api v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -644,7 +644,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apimachinery v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/apimachinery v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/apimachinery/pkg/api/errors k8s.io/apimachinery/pkg/api/meta @@ -691,12 +691,12 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/cli-runtime v0.25.2 => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/cli-runtime v0.25.2 => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/cli-runtime/pkg/genericclioptions k8s.io/cli-runtime/pkg/printers k8s.io/cli-runtime/pkg/resource -# k8s.io/client-go v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/client-go v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1 @@ -839,7 +839,7 @@ k8s.io/client-go/util/homedir k8s.io/client-go/util/jsonpath k8s.io/client-go/util/keyutil k8s.io/client-go/util/workqueue -# k8s.io/component-base v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/component-base v0.26.1 => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/component-base/cli k8s.io/component-base/cli/flag @@ -875,7 +875,7 @@ k8s.io/kube-openapi/pkg/spec3 k8s.io/kube-openapi/pkg/util/proto k8s.io/kube-openapi/pkg/util/proto/validation k8s.io/kube-openapi/pkg/validation/spec -# k8s.io/kubectl v0.25.2 => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/kubectl v0.25.2 => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 ## explicit; go 1.19 k8s.io/kubectl/pkg/cmd/util k8s.io/kubectl/pkg/scheme @@ -1002,32 +1002,32 @@ sigs.k8s.io/yaml # go.etcd.io/etcd/pkg/v3 => github.com/openshift/etcd/pkg/v3 v3.5.1-0.20230125165349-13c18c444a8c # go.etcd.io/etcd/raft/v3 => github.com/openshift/etcd/raft/v3 v3.5.1-0.20230125165349-13c18c444a8c # go.etcd.io/etcd/server/v3 => github.com/openshift/etcd/server/v3 v3.5.1-0.20230125165349-13c18c444a8c -# k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230203160803-9eb81c20e0fd -# k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230203160803-9eb81c20e0fd +# k8s.io/api => github.com/openshift/kubernetes/staging/src/k8s.io/api v0.0.0-20230207121132-149fe529fd78 +# k8s.io/apiextensions-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20230207121132-149fe529fd78 +# k8s.io/apimachinery => github.com/openshift/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20230207121132-149fe529fd78 +# k8s.io/apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cli-runtime => github.com/openshift/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20230207121132-149fe529fd78 +# k8s.io/client-go => github.com/openshift/kubernetes/staging/src/k8s.io/client-go v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cloud-provider => github.com/openshift/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cluster-bootstrap => github.com/openshift/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20230207121132-149fe529fd78 +# k8s.io/code-generator => github.com/openshift/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20230207121132-149fe529fd78 +# k8s.io/component-base => github.com/openshift/kubernetes/staging/src/k8s.io/component-base v0.0.0-20230207121132-149fe529fd78 +# k8s.io/component-helpers => github.com/openshift/kubernetes/staging/src/k8s.io/component-helpers v0.0.0-20230207121132-149fe529fd78 +# k8s.io/controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/controller-manager v0.0.0-20230207121132-149fe529fd78 +# k8s.io/cri-api => github.com/openshift/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20230207121132-149fe529fd78 +# k8s.io/csi-translation-lib => github.com/openshift/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20230207121132-149fe529fd78 +# k8s.io/dynamic-resource-allocation => github.com/openshift/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kms => github.com/openshift/kubernetes/staging/src/k8s.io/kms v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-aggregator => github.com/openshift/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-controller-manager => github.com/openshift/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-proxy => github.com/openshift/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kube-scheduler => github.com/openshift/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kubectl => github.com/openshift/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20230207121132-149fe529fd78 +# k8s.io/kubelet => github.com/openshift/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20230207121132-149fe529fd78 +# k8s.io/legacy-cloud-providers => github.com/openshift/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20230207121132-149fe529fd78 +# k8s.io/metrics => github.com/openshift/kubernetes/staging/src/k8s.io/metrics v0.0.0-20230207121132-149fe529fd78 +# k8s.io/mount-utils => github.com/openshift/kubernetes/staging/src/k8s.io/mount-utils v0.0.0-20230207121132-149fe529fd78 +# k8s.io/pod-security-admission => github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20230207121132-149fe529fd78 +# k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20230207121132-149fe529fd78 +# k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20230207121132-149fe529fd78 +# k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20230207121132-149fe529fd78 From b698fb6290f4ff09118c8e89945977bbe2d2d140 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:07 +0100 Subject: [PATCH 14/16] update component images --- packaging/crio.conf.d/microshift_amd64.conf | 2 +- packaging/crio.conf.d/microshift_arm64.conf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/crio.conf.d/microshift_amd64.conf b/packaging/crio.conf.d/microshift_amd64.conf index 072d8e7d9f..69d73001eb 100644 --- a/packaging/crio.conf.d/microshift_amd64.conf +++ b/packaging/crio.conf.d/microshift_amd64.conf @@ -15,4 +15,4 @@ plugin_dirs = [ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3e7bbc5e71123aaa1c0f30197d61921306833eb6149ad874e41e09e76a50f451" +pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:669a34ecb28ab5e515ad5e19bb53132eb54588af7282a33d5f54c6112ad42feb" diff --git a/packaging/crio.conf.d/microshift_arm64.conf b/packaging/crio.conf.d/microshift_arm64.conf index fff90c3dfc..e9102f4697 100644 --- a/packaging/crio.conf.d/microshift_arm64.conf +++ b/packaging/crio.conf.d/microshift_arm64.conf @@ -15,4 +15,4 @@ plugin_dirs = [ # for community builds on top of OKD, this setting has no effect [crio.image] global_auth_file="/etc/crio/openshift-pull-secret" -pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:70768854bc132331a91fa03502b4d359ae367fd8ed70924869c3fa63a789cbf5" +pause_image = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fec9d55f90d23435514e8edb03521096e2b3f6e01f7b55c45a27c0835d5afe66" From 1426cbb91c01861280e50f58da4a0ab2d6b26ab2 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:10 +0100 Subject: [PATCH 15/16] update manifests --- assets/release/release-aarch64.json | 8 ++++---- assets/release/release-x86_64.json | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/assets/release/release-aarch64.json b/assets/release/release-aarch64.json index fa7b4ccb5f..ae1feba510 100644 --- a/assets/release/release-aarch64.json +++ b/assets/release/release-aarch64.json @@ -1,15 +1,15 @@ { "release": { - "base": "4.13.0-0.nightly-arm64-2023-02-08-182807" + "base": "4.13.0-0.nightly-arm64-2023-02-14-014641" }, "images": { "cli": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:a3f2aeab14f3819746aed14b508d78813a31be3f0fd1a4df5f1856c136509ebf", - "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:07beaae8b400588948e1ff17240ea33a18a90fdc57aa39ad44f7aa25062c35e3", + "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b724ceae9beb0c03742ae176a8e99d1c5c54ab8a3c74e96a5638ef4246269703", "haproxy-router": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:d591fd301c4af55e94e7ac63871c19feb8374428cc73607028fb08055626e2d1", "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:16ba7ebb0d6129fe158bd66da6255ae77c0fa28c7293673da696224cf1728597", "openssl": "registry.access.redhat.com/ubi8/openssl@sha256:9e743d947be073808f7f1750a791a3dbd81e694e37161e8c6c6057c2c342d671", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:dc719b31695a0cef47943d4b6eb56c93e97b2d6dbb251a7f2cefbe34da802c3d", - "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:70768854bc132331a91fa03502b4d359ae367fd8ed70924869c3fa63a789cbf5", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:797de281835093960d495bfe5b174add9defd33271e5dcb40ced9c36bff74bc2", + "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:fec9d55f90d23435514e8edb03521096e2b3f6e01f7b55c45a27c0835d5afe66", "service-ca-operator": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5c0ca408a898e6acbc649a0473b1ea83aa7dc5fed305a3562100734243a0c9e8", "topolvm_csi": "registry.redhat.io/lvms4/topolvm-rhel8@sha256:10bffded5317da9de6c45ba74f0bb10e0a08ddb2bfef23b11ac61287a37f10a1", "topolvm_csi_registrar": "registry.redhat.io/openshift4/ose-csi-node-driver-registrar@sha256:a4319ff7c736ca9fe20500dc3e5862d6bb446f2428ea2eadfb5f042195f4f860", diff --git a/assets/release/release-x86_64.json b/assets/release/release-x86_64.json index 5557874978..cec72ff829 100644 --- a/assets/release/release-x86_64.json +++ b/assets/release/release-x86_64.json @@ -1,15 +1,15 @@ { "release": { - "base": "4.13.0-0.nightly-2023-02-07-064924" + "base": "4.13.0-0.nightly-2023-02-13-194759" }, "images": { "cli": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:23a6b4c13b2610e9bed8205d59acea8a30e8503948633d7a02cc6a45e431b7d3", - "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:31b8a600e8388e9e87197639e73a49da0f06f75fe67e702c8681ac83538919ad", + "coredns": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4a3da42cc691d4d4fd293862a3036cd58a57001154468cd0b0a8a6e22aa9e5b7", "haproxy-router": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3ed079be59e5686a18e2a86e3f0e093a63f2ba0493c62e651e742130200bf887", "kube-rbac-proxy": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ec61024e2c37e5aba93593220b12ba91a3ba4f547b2562a36539ff1d9df74a23", "openssl": "registry.access.redhat.com/ubi8/openssl@sha256:9e743d947be073808f7f1750a791a3dbd81e694e37161e8c6c6057c2c342d671", - "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e21569ba6b2da124a92e516e50982d42c0942007dbe217570ee84ffcbca0cef0", - "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:3e7bbc5e71123aaa1c0f30197d61921306833eb6149ad874e41e09e76a50f451", + "ovn-kubernetes-microshift": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:8a7a419fee8663d69e992e930b32907766f869a9b294e9a009d54c5734e3f4ae", + "pod": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:669a34ecb28ab5e515ad5e19bb53132eb54588af7282a33d5f54c6112ad42feb", "service-ca-operator": "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:c14f0342eebce36041f0904e2a4bcccd933d51c036d9319caeb19e656cf0a350", "topolvm_csi": "registry.redhat.io/lvms4/topolvm-rhel8@sha256:10bffded5317da9de6c45ba74f0bb10e0a08ddb2bfef23b11ac61287a37f10a1", "topolvm_csi_registrar": "registry.redhat.io/openshift4/ose-csi-node-driver-registrar@sha256:a4319ff7c736ca9fe20500dc3e5862d6bb446f2428ea2eadfb5f042195f4f860", From 0cb9bcae6cc1647872192fc6457d2397775b7150 Mon Sep 17 00:00:00 2001 From: Patryk Matuszak <305846+pmtk@users.noreply.github.com> Date: Tue, 14 Feb 2023 09:18:10 +0100 Subject: [PATCH 16/16] update buildfiles --- Makefile.kube_git.var | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.kube_git.var b/Makefile.kube_git.var index c28cc7aa36..a8ef3e9265 100644 --- a/Makefile.kube_git.var +++ b/Makefile.kube_git.var @@ -1,5 +1,5 @@ KUBE_GIT_MAJOR=1 KUBE_GIT_MINOR=26 KUBE_GIT_VERSION=v1.26.0 -KUBE_GIT_COMMIT=9eb81c20e0fde9d068ed83e58c8fc870412958a9 +KUBE_GIT_COMMIT=149fe529fd7884d0799753f3ed54f2a89d8036d9 KUBE_GIT_TREE_STATE=clean