diff --git a/go.mod b/go.mod
index 1add86fdde..d7027dc270 100644
--- a/go.mod
+++ b/go.mod
@@ -35,7 +35,7 @@ require (
github.com/moby/term v0.5.0
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.1.0
- github.com/openshift/api v0.0.0-20240529192326-16d44e6d3e7d
+ github.com/openshift/api v0.0.0-20240912201240-0a8800162826
github.com/openshift/build-machinery-go v0.0.0-20240419090851-af9c868bcf52
github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87
github.com/openshift/library-go v0.0.0-20240528110646-354b673304be
diff --git a/go.sum b/go.sum
index 31a34dff68..f1f6d5c54f 100644
--- a/go.sum
+++ b/go.sum
@@ -488,8 +488,8 @@ github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE
github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU=
github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec=
-github.com/openshift/api v0.0.0-20240529192326-16d44e6d3e7d h1:MVt1daCTh1h0FEQweeaEgDRW4wiNbqDX8NzfGKZIAJc=
-github.com/openshift/api v0.0.0-20240529192326-16d44e6d3e7d/go.mod h1:OOh6Qopf21pSzqNVCB5gomomBXb8o5sGKZxG2KNpaXM=
+github.com/openshift/api v0.0.0-20240912201240-0a8800162826 h1:A8D9SN/hJUwAbdO0rPCVTqmuBOctdgurr53gK701SYo=
+github.com/openshift/api v0.0.0-20240912201240-0a8800162826/go.mod h1:OOh6Qopf21pSzqNVCB5gomomBXb8o5sGKZxG2KNpaXM=
github.com/openshift/build-machinery-go v0.0.0-20240419090851-af9c868bcf52 h1:bqBwrXG7sbJUqP1Og1bR8FvVh7qb7CrMgy9saKmOZFs=
github.com/openshift/build-machinery-go v0.0.0-20240419090851-af9c868bcf52/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE=
github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87 h1:JtLhaGpSEconE+1IKmIgCOof/Len5ceG6H1pk43yv5U=
diff --git a/vendor/github.com/openshift/api/Dockerfile.rhel8 b/vendor/github.com/openshift/api/Dockerfile.ocp
similarity index 94%
rename from vendor/github.com/openshift/api/Dockerfile.rhel8
rename to vendor/github.com/openshift/api/Dockerfile.ocp
index d4f61d8787..5f5afabb13 100644
--- a/vendor/github.com/openshift/api/Dockerfile.rhel8
+++ b/vendor/github.com/openshift/api/Dockerfile.ocp
@@ -4,7 +4,7 @@ COPY . .
ENV GO_PACKAGE github.com/openshift/api
RUN make build --warn-undefined-variables
-FROM registry.ci.openshift.org/ocp/4.16:base-rhel9
+FROM registry.ci.openshift.org/ocp/4.17:base-rhel9
# copy the built binaries to /usr/bin
COPY --from=builder /go/src/github.com/openshift/api/render /usr/bin/
diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile
index 7aa6b9bde4..5e6a6b1312 100644
--- a/vendor/github.com/openshift/api/Makefile
+++ b/vendor/github.com/openshift/api/Makefile
@@ -27,9 +27,11 @@ test-unit:
##################################################################################
# Ensure update-scripts are run before crd-gen so updates to Godoc are included in CRDs.
+# Run update-payload-crds after update-codegen-crds to copy any newly created crds
.PHONY: update-codegen-crds
update-codegen-crds: update-scripts
hack/update-codegen-crds.sh
+ hack/update-payload-crds.sh
#####################
#
@@ -79,7 +81,7 @@ verify-%:
################################################################################################
.PHONY: update-scripts
-update-scripts: update-compatibility update-openapi update-deepcopy update-protobuf update-swagger-docs tests-vendor update-prerelease-lifecycle-gen update-payload-crds update-payload-featuregates
+update-scripts: update-compatibility update-openapi update-deepcopy update-protobuf update-swagger-docs tests-vendor update-prerelease-lifecycle-gen update-payload-featuregates
.PHONY: update-compatibility
update-compatibility:
diff --git a/vendor/github.com/openshift/api/README.md b/vendor/github.com/openshift/api/README.md
index 2054ba8151..655486527c 100644
--- a/vendor/github.com/openshift/api/README.md
+++ b/vendor/github.com/openshift/api/README.md
@@ -62,7 +62,7 @@ route/
tests/
routes.route.openshift.io/
AAA_ungated.yaml
- ExternalRouteCertificate.yaml
+ RouteExternalCertificate.yaml
```
Here's an `AAA_ungated.yaml` example:
```yaml
@@ -72,12 +72,12 @@ crdName: routes.route.openshift.io
tests:
```
-Here's an `ExternalRouteCertificate.yaml` example:
+Here's an `RouteExternalCertificate.yaml` example:
```yaml
apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this.
name: Route
crdName: routes.route.openshift.io
-featureGate: ExternalRouteCertificate
+featureGate: RouteExternalCertificate
tests:
```
diff --git a/vendor/github.com/openshift/api/config/v1/types.go b/vendor/github.com/openshift/api/config/v1/types.go
index 6fb1b9adc9..d4d09e7fee 100644
--- a/vendor/github.com/openshift/api/config/v1/types.go
+++ b/vendor/github.com/openshift/api/config/v1/types.go
@@ -401,7 +401,7 @@ const (
// IBMCloudServiceName contains a value specifying the name of an IBM Cloud Service,
// which are used by MAPI, CIRO, CIO, Installer, etc.
-// +kubebuilder:validation:Enum=CIS;COS;DNSServices;GlobalSearch;GlobalTagging;HyperProtect;IAM;KeyProtect;ResourceController;ResourceManager;VPC
+// +kubebuilder:validation:Enum=CIS;COS;COSConfig;DNSServices;GlobalCatalog;GlobalSearch;GlobalTagging;HyperProtect;IAM;KeyProtect;ResourceController;ResourceManager;VPC
type IBMCloudServiceName string
const (
@@ -409,8 +409,12 @@ const (
IBMCloudServiceCIS IBMCloudServiceName = "CIS"
// IBMCloudServiceCOS is the name for IBM Cloud COS.
IBMCloudServiceCOS IBMCloudServiceName = "COS"
+ // IBMCloudServiceCOSConfig is the name for IBM Cloud COS Config service.
+ IBMCloudServiceCOSConfig IBMCloudServiceName = "COSConfig"
// IBMCloudServiceDNSServices is the name for IBM Cloud DNS Services.
IBMCloudServiceDNSServices IBMCloudServiceName = "DNSServices"
+ // IBMCloudServiceGlobalCatalog is the name for IBM Cloud Global Catalog service.
+ IBMCloudServiceGlobalCatalog IBMCloudServiceName = "GlobalCatalog"
// IBMCloudServiceGlobalSearch is the name for IBM Cloud Global Search.
IBMCloudServiceGlobalSearch IBMCloudServiceName = "GlobalSearch"
// IBMCloudServiceGlobalTagging is the name for IBM Cloud Global Tagging.
diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go
index 2b8c302134..915ea917f4 100644
--- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go
+++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go
@@ -18,7 +18,6 @@ import (
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:resource:path=clusterversions,scope=Cluster
-// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'baremetal' in self.spec.capabilities.additionalEnabledCapabilities ? 'MachineAPI' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'MachineAPI' in self.status.capabilities.enabledCapabilities) : true",message="the `baremetal` capability requires the `MachineAPI` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `MachineAPI` capability"
// +kubebuilder:validation:XValidation:rule="has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities) && self.spec.capabilities.baselineCapabilitySet == 'None' && 'marketplace' in self.spec.capabilities.additionalEnabledCapabilities ? 'OperatorLifecycleManager' in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status) && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities) && 'OperatorLifecycleManager' in self.status.capabilities.enabledCapabilities) : true",message="the `marketplace` capability requires the `OperatorLifecycleManager` capability, which is neither explicitly or implicitly enabled in this cluster, please enable the `OperatorLifecycleManager` capability"
// +kubebuilder:printcolumn:name=Version,JSONPath=.status.history[?(@.state=="Completed")].version,type=string
// +kubebuilder:printcolumn:name=Available,JSONPath=.status.conditions[?(@.type=="Available")].status,type=string
@@ -429,7 +428,7 @@ var KnownClusterVersionCapabilities = []ClusterVersionCapability{
}
// ClusterVersionCapabilitySet defines sets of cluster version capabilities.
-// +kubebuilder:validation:Enum=None;v4.11;v4.12;v4.13;v4.14;v4.15;v4.16;vCurrent
+// +kubebuilder:validation:Enum=None;v4.11;v4.12;v4.13;v4.14;v4.15;v4.16;v4.17;vCurrent
type ClusterVersionCapabilitySet string
const (
@@ -473,6 +472,12 @@ const (
// version of OpenShift is installed.
ClusterVersionCapabilitySet4_16 ClusterVersionCapabilitySet = "v4.16"
+ // ClusterVersionCapabilitySet4_17 is the recommended set of
+ // optional capabilities to enable for the 4.17 version of
+ // OpenShift. This list will remain the same no matter which
+ // version of OpenShift is installed.
+ ClusterVersionCapabilitySet4_17 ClusterVersionCapabilitySet = "v4.17"
+
// ClusterVersionCapabilitySetCurrent is the recommended set
// of optional capabilities to enable for the cluster's
// current version of OpenShift.
@@ -557,6 +562,24 @@ var ClusterVersionCapabilitySets = map[ClusterVersionCapabilitySet][]ClusterVers
ClusterVersionCapabilityIngress,
ClusterVersionCapabilityCloudControllerManager,
},
+ ClusterVersionCapabilitySet4_17: {
+ ClusterVersionCapabilityBaremetal,
+ ClusterVersionCapabilityConsole,
+ ClusterVersionCapabilityInsights,
+ ClusterVersionCapabilityMarketplace,
+ ClusterVersionCapabilityStorage,
+ ClusterVersionCapabilityOpenShiftSamples,
+ ClusterVersionCapabilityCSISnapshot,
+ ClusterVersionCapabilityNodeTuning,
+ ClusterVersionCapabilityMachineAPI,
+ ClusterVersionCapabilityBuild,
+ ClusterVersionCapabilityDeploymentConfig,
+ ClusterVersionCapabilityImageRegistry,
+ ClusterVersionCapabilityOperatorLifecycleManager,
+ ClusterVersionCapabilityCloudCredential,
+ ClusterVersionCapabilityIngress,
+ ClusterVersionCapabilityCloudControllerManager,
+ },
ClusterVersionCapabilitySetCurrent: {
ClusterVersionCapabilityBaremetal,
ClusterVersionCapabilityConsole,
diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go
index 2769ba35aa..88d94ac527 100644
--- a/vendor/github.com/openshift/api/config/v1/types_feature.go
+++ b/vendor/github.com/openshift/api/config/v1/types_feature.go
@@ -28,6 +28,7 @@ type FeatureGate struct {
// spec holds user settable values for configuration
// +kubebuilder:validation:Required
// +required
+ // +kubebuilder:validation:XValidation:rule="has(oldSelf.featureSet) ? has(self.featureSet) : true",message=".spec.featureSet cannot be removed"
Spec FeatureGateSpec `json:"spec"`
// status holds observed values from the cluster. They may not be overridden.
// +optional
@@ -67,6 +68,7 @@ type FeatureGateSelection struct {
// Turning on or off features may cause irreversible changes in your cluster which cannot be undone.
// +unionDiscriminator
// +optional
+ // +kubebuilder:validation:Enum=CustomNoUpgrade;DevPreviewNoUpgrade;TechPreviewNoUpgrade;""
// +kubebuilder:validation:XValidation:rule="oldSelf == 'CustomNoUpgrade' ? self == 'CustomNoUpgrade' : true",message="CustomNoUpgrade may not be changed"
// +kubebuilder:validation:XValidation:rule="oldSelf == 'TechPreviewNoUpgrade' ? self == 'TechPreviewNoUpgrade' : true",message="TechPreviewNoUpgrade may not be changed"
// +kubebuilder:validation:XValidation:rule="oldSelf == 'DevPreviewNoUpgrade' ? self == 'DevPreviewNoUpgrade' : true",message="DevPreviewNoUpgrade may not be changed"
diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go
index 8e50008eaa..e5ff5fc619 100644
--- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go
+++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go
@@ -1473,7 +1473,7 @@ type VSpherePlatformStatus struct {
// override existing defaults of IBM Cloud Services.
type IBMCloudServiceEndpoint struct {
// name is the name of the IBM Cloud service.
- // Possible values are: CIS, COS, DNSServices, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC.
+ // Possible values are: CIS, COS, COSConfig, DNSServices, GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC.
// For example, the IBM Cloud Private IAM service could be configured with the
// service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com`
// Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured
diff --git a/vendor/github.com/openshift/api/config/v1/types_network.go b/vendor/github.com/openshift/api/config/v1/types_network.go
index 211d5c0886..1eeae69dac 100644
--- a/vendor/github.com/openshift/api/config/v1/types_network.go
+++ b/vendor/github.com/openshift/api/config/v1/types_network.go
@@ -55,11 +55,11 @@ type NetworkSpec struct {
// +listType=atomic
ServiceNetwork []string `json:"serviceNetwork"`
- // NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN).
+ // NetworkType is the plugin that is to be deployed (e.g. OVNKubernetes).
// This should match a value that the cluster-network-operator understands,
// or else no networking will be installed.
// Currently supported values are:
- // - OpenShiftSDN
+ // - OVNKubernetes
// This field is immutable after installation.
NetworkType string `json:"networkType"`
@@ -101,7 +101,7 @@ type NetworkStatus struct {
// +listType=atomic
ServiceNetwork []string `json:"serviceNetwork,omitempty"`
- // NetworkType is the plugin that is deployed (e.g. OpenShiftSDN).
+ // NetworkType is the plugin that is deployed (e.g. OVNKubernetes).
NetworkType string `json:"networkType,omitempty"`
// ClusterNetworkMTU is the MTU for inter-pod networking.
@@ -111,15 +111,12 @@ type NetworkStatus struct {
Migration *NetworkMigration `json:"migration,omitempty"`
// conditions represents the observations of a network.config current state.
- // Known .status.conditions.type are: "NetworkTypeMigrationInProgress", "NetworkTypeMigrationMTUReady",
- // "NetworkTypeMigrationTargetCNIAvailable", "NetworkTypeMigrationTargetCNIInUse",
- // "NetworkTypeMigrationOriginalCNIPurged" and "NetworkDiagnosticsAvailable"
+ // Known .status.conditions.type are: "NetworkDiagnosticsAvailable"
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
// +listType=map
// +listMapKey=type
- // +openshift:enable:FeatureGate=NetworkLiveMigration
// +openshift:enable:FeatureGate=NetworkDiagnosticsConfig
Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
}
@@ -186,15 +183,15 @@ type NetworkList struct {
Items []Network `json:"items"`
}
-// NetworkMigration represents the cluster network configuration.
+// NetworkMigration represents the network migration status.
type NetworkMigration struct {
- // NetworkType is the target plugin that is to be deployed.
- // Currently supported values are: OpenShiftSDN, OVNKubernetes
- // +kubebuilder:validation:Enum={"OpenShiftSDN","OVNKubernetes"}
+ // NetworkType is the target plugin that is being deployed.
+ // DEPRECATED: network type migration is no longer supported,
+ // so this should always be unset.
// +optional
NetworkType string `json:"networkType,omitempty"`
- // MTU contains the MTU migration configuration.
+ // MTU is the MTU configuration that is being deployed.
// +optional
MTU *MTUMigration `json:"mtu,omitempty"`
}
diff --git a/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go b/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go
index c5dea1a032..b18ef647c2 100644
--- a/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go
+++ b/vendor/github.com/openshift/api/config/v1/types_tlssecurityprofile.go
@@ -211,6 +211,7 @@ type TLSProfileSpec struct {
// ciphers:
// - DES-CBC3-SHA
//
+ // +listType=atomic
Ciphers []string `json:"ciphers"`
// minTLSVersion is used to specify the minimal version of the TLS protocol
// that is negotiated during the TLS handshake. For example, to use TLS
diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml
index ddc7594f75..88ffbaf0a7 100644
--- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -359,7 +359,6 @@ networks.config.openshift.io:
Category: ""
FeatureGates:
- NetworkDiagnosticsConfig
- - NetworkLiveMigration
FilenameOperatorName: config-operator
FilenameOperatorOrdering: "01"
FilenameRunLevel: "0000_10"
diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go
index fcb4fb9a42..52c4b72f4c 100644
--- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go
@@ -1439,7 +1439,7 @@ func (IBMCloudPlatformStatus) SwaggerDoc() map[string]string {
var map_IBMCloudServiceEndpoint = map[string]string{
"": "IBMCloudServiceEndpoint stores the configuration of a custom url to override existing defaults of IBM Cloud Services.",
- "name": "name is the name of the IBM Cloud service. Possible values are: CIS, COS, DNSServices, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. For example, the IBM Cloud Private IAM service could be configured with the service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com`",
+ "name": "name is the name of the IBM Cloud service. Possible values are: CIS, COS, COSConfig, DNSServices, GlobalCatalog, GlobalSearch, GlobalTagging, HyperProtect, IAM, KeyProtect, ResourceController, ResourceManager, or VPC. For example, the IBM Cloud Private IAM service could be configured with the service `name` of `IAM` and `url` of `https://private.iam.cloud.ibm.com` Whereas the IBM Cloud Private VPC service for US South (Dallas) could be configured with the service `name` of `VPC` and `url` of `https://us.south.private.iaas.cloud.ibm.com`",
"url": "url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty.",
}
@@ -2027,9 +2027,9 @@ func (NetworkList) SwaggerDoc() map[string]string {
}
var map_NetworkMigration = map[string]string{
- "": "NetworkMigration represents the cluster network configuration.",
- "networkType": "NetworkType is the target plugin that is to be deployed. Currently supported values are: OpenShiftSDN, OVNKubernetes",
- "mtu": "MTU contains the MTU migration configuration.",
+ "": "NetworkMigration represents the network migration status.",
+ "networkType": "NetworkType is the target plugin that is being deployed. DEPRECATED: network type migration is no longer supported, so this should always be unset.",
+ "mtu": "MTU is the MTU configuration that is being deployed.",
}
func (NetworkMigration) SwaggerDoc() map[string]string {
@@ -2040,7 +2040,7 @@ var map_NetworkSpec = map[string]string{
"": "NetworkSpec is the desired network configuration. As a general rule, this SHOULD NOT be read directly. Instead, you should consume the NetworkStatus, as it indicates the currently deployed configuration. Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each.",
"clusterNetwork": "IP address pool to use for pod IPs. This field is immutable after installation.",
"serviceNetwork": "IP address pool for services. Currently, we only support a single entry here. This field is immutable after installation.",
- "networkType": "NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OpenShiftSDN This field is immutable after installation.",
+ "networkType": "NetworkType is the plugin that is to be deployed (e.g. OVNKubernetes). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OVNKubernetes This field is immutable after installation.",
"externalIP": "externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set.",
"serviceNodePortRange": "The port range allowed for Services of type NodePort. If not specified, the default of 30000-32767 will be used. Such Services without a NodePort specified will have one automatically allocated from this range. This parameter can be updated after the cluster is installed.",
"networkDiagnostics": "networkDiagnostics defines network diagnostics configuration.\n\nTakes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. If networkDiagnostics is not specified or is empty, and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, the network diagnostics feature will be disabled.",
@@ -2054,10 +2054,10 @@ var map_NetworkStatus = map[string]string{
"": "NetworkStatus is the current network configuration.",
"clusterNetwork": "IP address pool to use for pod IPs.",
"serviceNetwork": "IP address pool for services. Currently, we only support a single entry here.",
- "networkType": "NetworkType is the plugin that is deployed (e.g. OpenShiftSDN).",
+ "networkType": "NetworkType is the plugin that is deployed (e.g. OVNKubernetes).",
"clusterNetworkMTU": "ClusterNetworkMTU is the MTU for inter-pod networking.",
"migration": "Migration contains the cluster network migration configuration.",
- "conditions": "conditions represents the observations of a network.config current state. Known .status.conditions.type are: \"NetworkTypeMigrationInProgress\", \"NetworkTypeMigrationMTUReady\", \"NetworkTypeMigrationTargetCNIAvailable\", \"NetworkTypeMigrationTargetCNIInUse\", \"NetworkTypeMigrationOriginalCNIPurged\" and \"NetworkDiagnosticsAvailable\"",
+ "conditions": "conditions represents the observations of a network.config current state. Known .status.conditions.type are: \"NetworkDiagnosticsAvailable\"",
}
func (NetworkStatus) SwaggerDoc() map[string]string {
diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go
index c503fdeab6..e3670f03e8 100644
--- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go
+++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go
@@ -14,7 +14,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
// +kubebuilder:subresource:status
// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457
// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01
-// +openshift:enable:FeatureGate=ImagePolicy
+// +openshift:enable:FeatureGate=SigstoreImageVerification
// +openshift:compatibility-gen:level=4
type ClusterImagePolicy struct {
metav1.TypeMeta `json:",inline"`
@@ -38,8 +38,9 @@ type ClusterImagePolicySpec struct {
// More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository
// namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number).
// Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not.
- // Please be aware that the scopes should not be nested under the repositories of OpenShift Container Platform images.
- // If configured, the policies for OpenShift Container Platform repositories will not be in effect.
+ // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored.
+ // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories
+ // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation.
// For additional details about the format, please refer to the document explaining the docker transport field,
// which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker
// +kubebuilder:validation:Required
diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go
index 247bab2184..7031110ff1 100644
--- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go
+++ b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go
@@ -13,7 +13,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
// +kubebuilder:subresource:status
// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457
// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01
-// +openshift:enable:FeatureGate=ImagePolicy
+// +openshift:enable:FeatureGate=SigstoreImageVerification
// +openshift:compatibility-gen:level=4
type ImagePolicy struct {
metav1.TypeMeta `json:",inline"`
@@ -37,8 +37,9 @@ type ImagePolicySpec struct {
// More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository
// namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number).
// Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not.
- // Please be aware that the scopes should not be nested under the repositories of OpenShift Container Platform images.
- // If configured, the policies for OpenShift Container Platform repositories will not be in effect.
+ // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored.
+ // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories
+ // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation.
// For additional details about the format, please refer to the document explaining the docker transport field,
// which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker
// +kubebuilder:validation:Required
diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml
index 9b5744d4a0..393365b41c 100644
--- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml
@@ -28,7 +28,7 @@ clusterimagepolicies.config.openshift.io:
Capability: ""
Category: ""
FeatureGates:
- - ImagePolicy
+ - SigstoreImageVerification
FilenameOperatorName: config-operator
FilenameOperatorOrdering: "01"
FilenameRunLevel: "0000_10"
@@ -41,7 +41,7 @@ clusterimagepolicies.config.openshift.io:
Scope: Cluster
ShortNames: null
TopLevelFeatureGates:
- - ImagePolicy
+ - SigstoreImageVerification
Version: v1alpha1
imagepolicies.config.openshift.io:
@@ -51,7 +51,7 @@ imagepolicies.config.openshift.io:
Capability: ""
Category: ""
FeatureGates:
- - ImagePolicy
+ - SigstoreImageVerification
FilenameOperatorName: config-operator
FilenameOperatorOrdering: "01"
FilenameRunLevel: "0000_10"
@@ -64,7 +64,7 @@ imagepolicies.config.openshift.io:
Scope: Namespaced
ShortNames: null
TopLevelFeatureGates:
- - ImagePolicy
+ - SigstoreImageVerification
Version: v1alpha1
insightsdatagathers.config.openshift.io:
diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go
index efaac4fa2a..9da086efc5 100644
--- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go
@@ -102,7 +102,7 @@ func (ClusterImagePolicyList) SwaggerDoc() map[string]string {
var map_ClusterImagePolicySpec = map[string]string{
"": "CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource.",
- "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. Please be aware that the scopes should not be nested under the repositories of OpenShift Container Platform images. If configured, the policies for OpenShift Container Platform repositories will not be in effect. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker",
+ "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker",
"policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.",
}
@@ -151,7 +151,7 @@ func (ImagePolicyList) SwaggerDoc() map[string]string {
var map_ImagePolicySpec = map[string]string{
"": "ImagePolicySpec is the specification of the ImagePolicy CRD.",
- "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. Please be aware that the scopes should not be nested under the repositories of OpenShift Container Platform images. If configured, the policies for OpenShift Container Platform repositories will not be in effect. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker",
+ "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker",
"policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.",
}
diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md
index e7848c6303..788990736d 100644
--- a/vendor/github.com/openshift/api/features.md
+++ b/vendor/github.com/openshift/api/features.md
@@ -1,74 +1,86 @@
| FeatureGate | Default on Hypershift | Default on SelfManagedHA | DevPreviewNoUpgrade on Hypershift | DevPreviewNoUpgrade on SelfManagedHA | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA |
| ------ | --- | --- | --- | --- | --- | --- |
| ClusterAPIInstall| | | | | | |
-| ClusterAPIInstallAzure| | | | | | |
| ClusterAPIInstallIBMCloud| | | | | | |
| EventedPLEG| | | | | | |
| MachineAPIMigration| | | | | | |
| MachineAPIOperatorDisableMachineHealthCheckController| | | | | | |
+| MultiArchInstallAzure| | | | | | |
| GatewayAPI| | | Enabled | Enabled | | |
+| AdditionalRoutingCapabilities| | | Enabled | Enabled | Enabled | Enabled |
| AutomatedEtcdBackup| | | Enabled | Enabled | Enabled | Enabled |
+| BootcNodeManagement| | | Enabled | Enabled | Enabled | Enabled |
| CSIDriverSharedResource| | | Enabled | Enabled | Enabled | Enabled |
-| ChunkSizeMiB| | | Enabled | Enabled | Enabled | Enabled |
-| ClusterAPIInstallGCP| | | Enabled | Enabled | Enabled | Enabled |
-| ClusterAPIInstallPowerVS| | | Enabled | Enabled | Enabled | Enabled |
+| ClusterMonitoringConfig| | | Enabled | Enabled | Enabled | Enabled |
| DNSNameResolver| | | Enabled | Enabled | Enabled | Enabled |
| DynamicResourceAllocation| | | Enabled | Enabled | Enabled | Enabled |
| EtcdBackendQuota| | | Enabled | Enabled | Enabled | Enabled |
| Example| | | Enabled | Enabled | Enabled | Enabled |
-| ExternalRouteCertificate| | | Enabled | Enabled | Enabled | Enabled |
| GCPClusterHostedDNS| | | Enabled | Enabled | Enabled | Enabled |
-| GCPLabelsTags| | | Enabled | Enabled | Enabled | Enabled |
-| ImagePolicy| | | Enabled | Enabled | Enabled | Enabled |
| InsightsConfig| | | Enabled | Enabled | Enabled | Enabled |
| InsightsConfigAPI| | | Enabled | Enabled | Enabled | Enabled |
| InsightsOnDemandDataGather| | | Enabled | Enabled | Enabled | Enabled |
| InstallAlternateInfrastructureAWS| | | Enabled | Enabled | Enabled | Enabled |
| MachineAPIProviderOpenStack| | | Enabled | Enabled | Enabled | Enabled |
| MachineConfigNodes| | | Enabled | Enabled | Enabled | Enabled |
-| ManagedBootImages| | | Enabled | Enabled | Enabled | Enabled |
+| ManagedBootImagesAWS| | | Enabled | Enabled | Enabled | Enabled |
| MaxUnavailableStatefulSet| | | Enabled | Enabled | Enabled | Enabled |
| MetricsCollectionProfiles| | | Enabled | Enabled | Enabled | Enabled |
| MixedCPUsAllocation| | | Enabled | Enabled | Enabled | Enabled |
+| NetworkSegmentation| | | Enabled | Enabled | Enabled | Enabled |
| NewOLM| | | Enabled | Enabled | Enabled | Enabled |
-| NodeDisruptionPolicy| | | Enabled | Enabled | Enabled | Enabled |
| NodeSwap| | | Enabled | Enabled | Enabled | Enabled |
+| OVNObservability| | | Enabled | Enabled | Enabled | Enabled |
| OnClusterBuild| | | Enabled | Enabled | Enabled | Enabled |
+| OpenShiftPodSecurityAdmission| | | Enabled | Enabled | Enabled | Enabled |
+| PersistentIPsForVirtualization| | | Enabled | Enabled | Enabled | Enabled |
| PinnedImages| | | Enabled | Enabled | Enabled | Enabled |
| PlatformOperators| | | Enabled | Enabled | Enabled | Enabled |
+| ProcMountType| | | Enabled | Enabled | Enabled | Enabled |
+| RouteAdvertisements| | | Enabled | Enabled | Enabled | Enabled |
| RouteExternalCertificate| | | Enabled | Enabled | Enabled | Enabled |
| ServiceAccountTokenNodeBinding| | | Enabled | Enabled | Enabled | Enabled |
-| ServiceAccountTokenNodeBindingValidation| | | Enabled | Enabled | Enabled | Enabled |
-| ServiceAccountTokenPodNodeInfo| | | Enabled | Enabled | Enabled | Enabled |
| SignatureStores| | | Enabled | Enabled | Enabled | Enabled |
| SigstoreImageVerification| | | Enabled | Enabled | Enabled | Enabled |
| TranslateStreamCloseWebsocketRequests| | | Enabled | Enabled | Enabled | Enabled |
| UpgradeStatus| | | Enabled | Enabled | Enabled | Enabled |
+| UserNamespacesSupport| | | Enabled | Enabled | Enabled | Enabled |
| VSphereMultiVCenters| | | Enabled | Enabled | Enabled | Enabled |
| VolumeGroupSnapshot| | | Enabled | Enabled | Enabled | Enabled |
| ExternalOIDC| Enabled | | Enabled | Enabled | Enabled | Enabled |
+| AWSEFSDriverVolumeMetrics| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| AdminNetworkPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| AlibabaPlatform| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| BareMetalLoadBalancer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ChunkSizeMiB| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| CloudDualStackNodeIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ClusterAPIInstallAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ClusterAPIInstallGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallNutanix| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallOpenStack| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ClusterAPIInstallPowerVS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallVSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| DisableKubeletCloudCredentialProviders| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProvider| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProviderAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProviderExternal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| ExternalCloudProviderGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| GCPLabelsTags| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| HardwareSpeed| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| IngressControllerLBSubnetsAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| MetricsServer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| MultiArchInstallAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| MultiArchInstallGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| NetworkDiagnosticsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
-| OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| NodeDisruptionPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| PrivateHostedZoneAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
+| SetEIPForNLBIngressController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| VSphereControlPlaneMachineSet| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| VSphereDriverConfiguration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
| VSphereStaticIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled |
diff --git a/vendor/github.com/openshift/api/features/features.go b/vendor/github.com/openshift/api/features/features.go
index 95eff57746..829d8cf4f5 100644
--- a/vendor/github.com/openshift/api/features/features.go
+++ b/vendor/github.com/openshift/api/features/features.go
@@ -36,13 +36,6 @@ func AllFeatureSets() map[ClusterProfileName]map[configv1.FeatureSet]*FeatureGat
var (
allFeatureGates = map[ClusterProfileName]map[configv1.FeatureSet]*FeatureGateEnabledDisabled{}
- FeatureGateServiceAccountTokenNodeBindingValidation = newFeatureGate("ServiceAccountTokenNodeBindingValidation").
- reportProblemsToJiraComponent("apiserver-auth").
- contactPerson("stlaz").
- productScope(kubernetes).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
- mustRegister()
-
FeatureGateServiceAccountTokenNodeBinding = newFeatureGate("ServiceAccountTokenNodeBinding").
reportProblemsToJiraComponent("apiserver-auth").
contactPerson("stlaz").
@@ -50,13 +43,6 @@ var (
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
- FeatureGateServiceAccountTokenPodNodeInfo = newFeatureGate("ServiceAccountTokenPodNodeInfo").
- reportProblemsToJiraComponent("apiserver-auth").
- contactPerson("stlaz").
- productScope(kubernetes).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
- mustRegister()
-
FeatureGateValidatingAdmissionPolicy = newFeatureGate("ValidatingAdmissionPolicy").
reportProblemsToJiraComponent("kube-apiserver").
contactPerson("benluddy").
@@ -71,11 +57,18 @@ var (
enableIn(configv1.DevPreviewNoUpgrade).
mustRegister()
+ FeatureGateSetEIPForNLBIngressController = newFeatureGate("SetEIPForNLBIngressController").
+ reportProblemsToJiraComponent("Networking / router").
+ contactPerson("miheer").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission").
reportProblemsToJiraComponent("auth").
- contactPerson("stlaz").
+ contactPerson("ibihim").
productScope(ocpSpecific).
- enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateExternalCloudProvider = newFeatureGate("ExternalCloudProvider").
@@ -186,7 +179,7 @@ var (
reportProblemsToJiraComponent("Installer").
contactPerson("bhb").
productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateAlibabaPlatform = newFeatureGate("AlibabaPlatform").
@@ -231,6 +224,27 @@ var (
enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
+ FeatureGateNetworkSegmentation = newFeatureGate("NetworkSegmentation").
+ reportProblemsToJiraComponent("Networking/ovn-kubernetes").
+ contactPerson("tssurya").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAdditionalRoutingCapabilities = newFeatureGate("AdditionalRoutingCapabilities").
+ reportProblemsToJiraComponent("Networking/cluster-network-operator").
+ contactPerson("jcaamano").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateRouteAdvertisements = newFeatureGate("RouteAdvertisements").
+ reportProblemsToJiraComponent("Networking/ovn-kubernetes").
+ contactPerson("jcaamano").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
FeatureGateNetworkLiveMigration = newFeatureGate("NetworkLiveMigration").
reportProblemsToJiraComponent("Networking/ovn-kubernetes").
contactPerson("pliu").
@@ -245,6 +259,13 @@ var (
enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
+ FeatureGateOVNObservability = newFeatureGate("OVNObservability").
+ reportProblemsToJiraComponent("Networking").
+ contactPerson("npinaeva").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
FeatureGateHardwareSpeed = newFeatureGate("HardwareSpeed").
reportProblemsToJiraComponent("etcd").
contactPerson("hasbro17").
@@ -328,6 +349,13 @@ var (
mustRegister()
FeatureGateManagedBootImages = newFeatureGate("ManagedBootImages").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("djoshy").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateManagedBootImagesAWS = newFeatureGate("ManagedBootImagesAWS").
reportProblemsToJiraComponent("MachineConfigOperator").
contactPerson("djoshy").
productScope(ocpSpecific).
@@ -348,6 +376,13 @@ var (
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
+ FeatureGateBootcNodeManagement = newFeatureGate("BootcNodeManagement").
+ reportProblemsToJiraComponent("MachineConfigOperator").
+ contactPerson("inesqyx").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
FeatureGateSignatureStores = newFeatureGate("SignatureStores").
reportProblemsToJiraComponent("Cluster Version Operator").
contactPerson("lmohanty").
@@ -419,13 +454,6 @@ var (
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
- FeatureGateExternalRouteCertificate = newFeatureGate("ExternalRouteCertificate").
- reportProblemsToJiraComponent("network-edge").
- contactPerson("miciah").
- productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
- mustRegister()
-
FeatureGateInsightsOnDemandDataGather = newFeatureGate("InsightsOnDemandDataGather").
reportProblemsToJiraComponent("insights").
contactPerson("tremes").
@@ -447,18 +475,11 @@ var (
enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
- FeatureGateImagePolicy = newFeatureGate("ImagePolicy").
- reportProblemsToJiraComponent("node").
- contactPerson("rphillips").
- productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
- mustRegister()
-
FeatureGateNodeDisruptionPolicy = newFeatureGate("NodeDisruptionPolicy").
reportProblemsToJiraComponent("MachineConfigOperator").
contactPerson("jerzhang").
productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateMetricsCollectionProfiles = newFeatureGate("MetricsCollectionProfiles").
@@ -486,13 +507,14 @@ var (
reportProblemsToJiraComponent("Installer").
contactPerson("jhixson74").
productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateClusterAPIInstallGCP = newFeatureGate("ClusterAPIInstallGCP").
reportProblemsToJiraComponent("Installer").
contactPerson("bfournie").
productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateClusterAPIInstallIBMCloud = newFeatureGate("ClusterAPIInstallIBMCloud").
@@ -519,7 +541,7 @@ var (
reportProblemsToJiraComponent("Installer").
contactPerson("mjturek").
productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateClusterAPIInstallVSphere = newFeatureGate("ClusterAPIInstallVSphere").
@@ -533,7 +555,7 @@ var (
reportProblemsToJiraComponent("Image Registry").
contactPerson("flavianmissi").
productScope(ocpSpecific).
- enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
mustRegister()
FeatureGateMachineAPIMigration = newFeatureGate("MachineAPIMigration").
@@ -541,4 +563,66 @@ var (
contactPerson("jspeed").
productScope(ocpSpecific).
mustRegister()
+
+ FeatureGatePersistentIPsForVirtualization = newFeatureGate("PersistentIPsForVirtualization").
+ reportProblemsToJiraComponent("CNV Network").
+ contactPerson("mduarted").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateClusterMonitoringConfig = newFeatureGate("ClusterMonitoringConfig").
+ reportProblemsToJiraComponent("Monitoring").
+ contactPerson("marioferh").
+ productScope(ocpSpecific).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMultiArchInstallAWS = newFeatureGate("MultiArchInstallAWS").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateMultiArchInstallAzure = newFeatureGate("MultiArchInstallAzure").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ mustRegister()
+
+ FeatureGateMultiArchInstallGCP = newFeatureGate("MultiArchInstallGCP").
+ reportProblemsToJiraComponent("Installer").
+ contactPerson("r4f4").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateIngressControllerLBSubnetsAWS = newFeatureGate("IngressControllerLBSubnetsAWS").
+ reportProblemsToJiraComponent("Routing").
+ contactPerson("miciah").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateAWSEFSDriverVolumeMetrics = newFeatureGate("AWSEFSDriverVolumeMetrics").
+ reportProblemsToJiraComponent("Storage / Kubernetes External Components").
+ contactPerson("fbertina").
+ productScope(ocpSpecific).
+ enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateUserNamespacesSupport = newFeatureGate("UserNamespacesSupport").
+ reportProblemsToJiraComponent("Node").
+ contactPerson("haircommander").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
+ FeatureGateProcMountType = newFeatureGate("ProcMountType").
+ reportProblemsToJiraComponent("Node").
+ contactPerson("haircommander").
+ productScope(kubernetes).
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
)
diff --git a/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go b/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go
index 1370ebdd28..e5e0ae8305 100644
--- a/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go
+++ b/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go
@@ -78,6 +78,18 @@ type NutanixMachineProviderConfig struct {
// +optional
Categories []NutanixCategory `json:"categories"`
+ // gpus is a list of GPU devices to attach to the machine's VM.
+ // The GPU devices should already exist in Prism Central and associated with
+ // one of the Prism Element's hosts and available for the VM to attach (in "UNUSED" status).
+ // +listType=set
+ // +optional
+ GPUs []NutanixGPU `json:"gpus"`
+
+ // dataDisks holds information of the data disks to attach to the Machine's VM
+ // +listType=set
+ // +optional
+ DataDisks []NutanixVMDisk `json:"dataDisks"`
+
// userDataSecret is a local reference to a secret that contains the
// UserData to apply to the VM
UserDataSecret *corev1.LocalObjectReference `json:"userDataSecret,omitempty"`
@@ -154,6 +166,160 @@ type NutanixResourceIdentifier struct {
Name *string `json:"name,omitempty"`
}
+// NutanixGPUIdentifierType is an enumeration of different resource identifier types for GPU entities.
+// +kubebuilder:validation:Enum:=Name;DeviceID
+type NutanixGPUIdentifierType string
+
+const (
+ // NutanixGPUIdentifierName identifies a GPU by Name.
+ NutanixGPUIdentifierName NutanixGPUIdentifierType = "Name"
+
+ // NutanixGPUIdentifierDeviceID identifies a GPU by device ID.
+ NutanixGPUIdentifierDeviceID NutanixGPUIdentifierType = "DeviceID"
+)
+
+// NutanixGPU holds the identity of a Nutanix GPU resource in the Prism Central
+// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'DeviceID' ? has(self.deviceID) : !has(self.deviceID)",message="deviceID configuration is required when type is DeviceID, and forbidden otherwise"
+// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Name' ? has(self.name) : !has(self.name)",message="name configuration is required when type is Name, and forbidden otherwise"
+// +union
+type NutanixGPU struct {
+ // type is the identifier type of the GPU device.
+ // Valid values are Name and DeviceID.
+ // +unionDiscriminator
+ // +kubebuilder:validation:Required
+ Type NutanixGPUIdentifierType `json:"type"`
+
+ // deviceID is the GPU device ID with the integer value.
+ // +optional
+ // +unionMember
+ DeviceID *int32 `json:"deviceID,omitempty"`
+
+ // name is the GPU device name
+ // +optional
+ // +unionMember
+ Name *string `json:"name,omitempty"`
+}
+
+// NutanixDiskMode is an enumeration of different disk modes.
+// +kubebuilder:validation:Enum=Standard;Flash
+type NutanixDiskMode string
+
+const (
+ // NutanixDiskModeStandard represents the disk standard mode (not flash).
+ NutanixDiskModeStandard NutanixDiskMode = "Standard"
+
+ // NutanixDiskModeFlash represents the disk flash mode.
+ NutanixDiskModeFlash NutanixDiskMode = "Flash"
+)
+
+// NutanixStorageResourceIdentifier holds the identity of a Nutanix storage resource (storage_container, etc.)
+// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'uuid' ? has(self.uuid) : !has(self.uuid)",message="uuid configuration is required when type is uuid, and forbidden otherwise"
+// +union
+type NutanixStorageResourceIdentifier struct {
+ // type is the identifier type to use for this resource.
+ // The valid value is "uuid".
+ // +unionDiscriminator
+ // +kubebuilder:validation:Required
+ // +kubebuilder:validation:Enum:=uuid
+ Type NutanixIdentifierType `json:"type"`
+
+ // uuid is the UUID of the storage resource in the PC.
+ // +optional
+ // +unionMember
+ UUID *string `json:"uuid,omitempty"`
+}
+
+// NutanixVMStorageConfig specifies the storage configuration parameters for VM disks.
+type NutanixVMStorageConfig struct {
+ // diskMode specifies the disk mode.
+ // The valid values are Standard and Flash, and the default is Standard.
+ // +kubebuilder:default=Standard
+ DiskMode NutanixDiskMode `json:"diskMode"`
+
+ // storageContainer refers to the storage_container used by the VM disk.
+ // +optional
+ StorageContainer *NutanixStorageResourceIdentifier `json:"storageContainer"`
+}
+
+// NutanixDiskDeviceType is the VM disk device type.
+// +kubebuilder:validation:Enum=Disk;CDRom
+type NutanixDiskDeviceType string
+
+const (
+ // NutanixDiskDeviceTypeDisk represents the VM disk device type "Disk".
+ NutanixDiskDeviceTypeDisk NutanixDiskDeviceType = "Disk"
+
+ // NutanixDiskDeviceTypeCDROM represents the VM disk device type "CDRom".
+ NutanixDiskDeviceTypeCDROM NutanixDiskDeviceType = "CDRom"
+)
+
+// NutanixDiskAdapterType is an enumeration of different disk device adapter types.
+// +kubebuilder:validation:Enum:=SCSI;IDE;PCI;SATA;SPAPR
+type NutanixDiskAdapterType string
+
+const (
+ // NutanixDiskAdapterTypeSCSI represents the disk adapter type "SCSI".
+ NutanixDiskAdapterTypeSCSI NutanixDiskAdapterType = "SCSI"
+
+ // NutanixDiskAdapterTypeIDE represents the disk adapter type "IDE".
+ NutanixDiskAdapterTypeIDE NutanixDiskAdapterType = "IDE"
+
+ // NutanixDiskAdapterTypePCI represents the disk adapter type "PCI".
+ NutanixDiskAdapterTypePCI NutanixDiskAdapterType = "PCI"
+
+ // NutanixDiskAdapterTypeSATA represents the disk adapter type "SATA".
+ NutanixDiskAdapterTypeSATA NutanixDiskAdapterType = "SATA"
+
+ // NutanixDiskAdapterTypeSPAPR represents the disk adapter type "SPAPR".
+ NutanixDiskAdapterTypeSPAPR NutanixDiskAdapterType = "SPAPR"
+)
+
+// NutanixVMDiskDeviceProperties specifies the disk device properties.
+type NutanixVMDiskDeviceProperties struct {
+ // deviceType specifies the disk device type.
+ // The valid values are "Disk" and "CDRom", and the default is "Disk".
+ // +kubebuilder:default=Disk
+ // +kubebuilder:validation:Required
+ DeviceType NutanixDiskDeviceType `json:"deviceType"`
+
+ // adapterType is the adapter type of the disk address.
+ // If the deviceType is "Disk", the valid adapterType can be "SCSI", "IDE", "PCI", "SATA" or "SPAPR".
+ // If the deviceType is "CDRom", the valid adapterType can be "IDE" or "SATA".
+ // +kubebuilder:validation:Required
+ AdapterType NutanixDiskAdapterType `json:"adapterType,omitempty"`
+
+ // deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0.
+ // For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should
+ // start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0
+ // and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE,
+ // the deviceIndex should start from 1.
+ // +kubebuilder:default=0
+ // +kubebuilder:validation:Minimum=0
+ // +kubebuilder:validation:Required
+ DeviceIndex int32 `json:"deviceIndex,omitempty"`
+}
+
+// NutanixDataDisk specifies the VM data disk configuration parameters.
+type NutanixVMDisk struct {
+ // diskSize is size (in Quantity format) of the disk attached to the VM.
+ // See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation.
+ // The minimum diskSize is 1GB.
+ // +kubebuilder:validation:Required
+ DiskSize resource.Quantity `json:"diskSize"`
+
+ // deviceProperties are the properties of the disk device.
+ // +optional
+ DeviceProperties *NutanixVMDiskDeviceProperties `json:"deviceProperties,omitempty"`
+
+ // storageConfig are the storage configuration parameters of the VM disks.
+ // +optional
+ StorageConfig *NutanixVMStorageConfig `json:"storageConfig,omitempty"`
+
+ // dataSource refers to a data source image for the VM disk.
+ // +optional
+ DataSource *NutanixResourceIdentifier `json:"dataSource,omitempty"`
+}
+
// NutanixMachineProviderStatus is the type that will be embedded in a Machine.Status.ProviderStatus field.
// It contains nutanix-specific status information.
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
diff --git a/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go
index ffd8e951f2..f30514381b 100644
--- a/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go
+++ b/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go
@@ -624,6 +624,32 @@ func (in *NutanixFailureDomainReference) DeepCopy() *NutanixFailureDomainReferen
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NutanixGPU) DeepCopyInto(out *NutanixGPU) {
+ *out = *in
+ if in.DeviceID != nil {
+ in, out := &in.DeviceID, &out.DeviceID
+ *out = new(int32)
+ **out = **in
+ }
+ if in.Name != nil {
+ in, out := &in.Name, &out.Name
+ *out = new(string)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixGPU.
+func (in *NutanixGPU) DeepCopy() *NutanixGPU {
+ if in == nil {
+ return nil
+ }
+ out := new(NutanixGPU)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NutanixMachineProviderConfig) DeepCopyInto(out *NutanixMachineProviderConfig) {
*out = *in
@@ -646,6 +672,20 @@ func (in *NutanixMachineProviderConfig) DeepCopyInto(out *NutanixMachineProvider
*out = make([]NutanixCategory, len(*in))
copy(*out, *in)
}
+ if in.GPUs != nil {
+ in, out := &in.GPUs, &out.GPUs
+ *out = make([]NutanixGPU, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.DataDisks != nil {
+ in, out := &in.DataDisks, &out.DataDisks
+ *out = make([]NutanixVMDisk, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
if in.UserDataSecret != nil {
in, out := &in.UserDataSecret, &out.UserDataSecret
*out = new(corev1.LocalObjectReference)
@@ -745,6 +785,96 @@ func (in *NutanixResourceIdentifier) DeepCopy() *NutanixResourceIdentifier {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NutanixStorageResourceIdentifier) DeepCopyInto(out *NutanixStorageResourceIdentifier) {
+ *out = *in
+ if in.UUID != nil {
+ in, out := &in.UUID, &out.UUID
+ *out = new(string)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixStorageResourceIdentifier.
+func (in *NutanixStorageResourceIdentifier) DeepCopy() *NutanixStorageResourceIdentifier {
+ if in == nil {
+ return nil
+ }
+ out := new(NutanixStorageResourceIdentifier)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NutanixVMDisk) DeepCopyInto(out *NutanixVMDisk) {
+ *out = *in
+ out.DiskSize = in.DiskSize.DeepCopy()
+ if in.DeviceProperties != nil {
+ in, out := &in.DeviceProperties, &out.DeviceProperties
+ *out = new(NutanixVMDiskDeviceProperties)
+ **out = **in
+ }
+ if in.StorageConfig != nil {
+ in, out := &in.StorageConfig, &out.StorageConfig
+ *out = new(NutanixVMStorageConfig)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.DataSource != nil {
+ in, out := &in.DataSource, &out.DataSource
+ *out = new(NutanixResourceIdentifier)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixVMDisk.
+func (in *NutanixVMDisk) DeepCopy() *NutanixVMDisk {
+ if in == nil {
+ return nil
+ }
+ out := new(NutanixVMDisk)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NutanixVMDiskDeviceProperties) DeepCopyInto(out *NutanixVMDiskDeviceProperties) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixVMDiskDeviceProperties.
+func (in *NutanixVMDiskDeviceProperties) DeepCopy() *NutanixVMDiskDeviceProperties {
+ if in == nil {
+ return nil
+ }
+ out := new(NutanixVMDiskDeviceProperties)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NutanixVMStorageConfig) DeepCopyInto(out *NutanixVMStorageConfig) {
+ *out = *in
+ if in.StorageContainer != nil {
+ in, out := &in.StorageContainer, &out.StorageContainer
+ *out = new(NutanixStorageResourceIdentifier)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixVMStorageConfig.
+func (in *NutanixVMStorageConfig) DeepCopy() *NutanixVMStorageConfig {
+ if in == nil {
+ return nil
+ }
+ out := new(NutanixVMStorageConfig)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OpenShiftMachineV1Beta1MachineTemplate) DeepCopyInto(out *OpenShiftMachineV1Beta1MachineTemplate) {
*out = *in
diff --git a/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go
index 44fed0c1e1..32b86a7e9b 100644
--- a/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go
@@ -325,6 +325,17 @@ func (NutanixCategory) SwaggerDoc() map[string]string {
return map_NutanixCategory
}
+var map_NutanixGPU = map[string]string{
+ "": "NutanixGPU holds the identity of a Nutanix GPU resource in the Prism Central",
+ "type": "type is the identifier type of the GPU device. Valid values are Name and DeviceID.",
+ "deviceID": "deviceID is the GPU device ID with the integer value.",
+ "name": "name is the GPU device name",
+}
+
+func (NutanixGPU) SwaggerDoc() map[string]string {
+ return map_NutanixGPU
+}
+
var map_NutanixMachineProviderConfig = map[string]string{
"": "NutanixMachineProviderConfig is the Schema for the nutanixmachineproviderconfigs API Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
"metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
@@ -338,6 +349,8 @@ var map_NutanixMachineProviderConfig = map[string]string{
"bootType": "bootType indicates the boot type (Legacy, UEFI or SecureBoot) the Machine's VM uses to boot. If this field is empty or omitted, the VM will use the default boot type \"Legacy\" to boot. \"SecureBoot\" depends on \"UEFI\" boot, i.e., enabling \"SecureBoot\" means that \"UEFI\" boot is also enabled.",
"project": "project optionally identifies a Prism project for the Machine's VM to associate with.",
"categories": "categories optionally adds one or more prism categories (each with key and value) for the Machine's VM to associate with. All the category key and value pairs specified must already exist in the prism central.",
+ "gpus": "gpus is a list of GPU devices to attach to the machine's VM. The GPU devices should already exist in Prism Central and associated with one of the Prism Element's hosts and available for the VM to attach (in \"UNUSED\" status).",
+ "dataDisks": "dataDisks holds information of the data disks to attach to the Machine's VM",
"userDataSecret": "userDataSecret is a local reference to a secret that contains the UserData to apply to the VM",
"credentialsSecret": "credentialsSecret is a local reference to a secret that contains the credentials data to access Nutanix PC client",
"failureDomain": "failureDomain refers to the name of the FailureDomain with which this Machine is associated. If this is configured, the Nutanix machine controller will use the prism_central endpoint and credentials defined in the referenced FailureDomain to communicate to the prism_central. It will also verify that the 'cluster' and subnets' configuration in the NutanixMachineProviderConfig is consistent with that in the referenced failureDomain.",
@@ -368,6 +381,49 @@ func (NutanixResourceIdentifier) SwaggerDoc() map[string]string {
return map_NutanixResourceIdentifier
}
+var map_NutanixStorageResourceIdentifier = map[string]string{
+ "": "NutanixStorageResourceIdentifier holds the identity of a Nutanix storage resource (storage_container, etc.)",
+ "type": "type is the identifier type to use for this resource. The valid value is \"uuid\".",
+ "uuid": "uuid is the UUID of the storage resource in the PC.",
+}
+
+func (NutanixStorageResourceIdentifier) SwaggerDoc() map[string]string {
+ return map_NutanixStorageResourceIdentifier
+}
+
+var map_NutanixVMDisk = map[string]string{
+ "": "NutanixDataDisk specifies the VM data disk configuration parameters.",
+ "diskSize": "diskSize is size (in Quantity format) of the disk attached to the VM. See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation. The minimum diskSize is 1GB.",
+ "deviceProperties": "deviceProperties are the properties of the disk device.",
+ "storageConfig": "storageConfig are the storage configuration parameters of the VM disks.",
+ "dataSource": "dataSource refers to a data source image for the VM disk.",
+}
+
+func (NutanixVMDisk) SwaggerDoc() map[string]string {
+ return map_NutanixVMDisk
+}
+
+var map_NutanixVMDiskDeviceProperties = map[string]string{
+ "": "NutanixVMDiskDeviceProperties specifies the disk device properties.",
+ "deviceType": "deviceType specifies the disk device type. The valid values are \"Disk\" and \"CDRom\", and the default is \"Disk\".",
+ "adapterType": "adapterType is the adapter type of the disk address. If the deviceType is \"Disk\", the valid adapterType can be \"SCSI\", \"IDE\", \"PCI\", \"SATA\" or \"SPAPR\". If the deviceType is \"CDRom\", the valid adapterType can be \"IDE\" or \"SATA\".",
+ "deviceIndex": "deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0. For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0 and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE, the deviceIndex should start from 1.",
+}
+
+func (NutanixVMDiskDeviceProperties) SwaggerDoc() map[string]string {
+ return map_NutanixVMDiskDeviceProperties
+}
+
+var map_NutanixVMStorageConfig = map[string]string{
+ "": "NutanixVMStorageConfig specifies the storage configuration parameters for VM disks.",
+ "diskMode": "diskMode specifies the disk mode. The valid values are Standard and Flash, and the default is Standard.",
+ "storageContainer": "storageContainer refers to the storage_container used by the VM disk.",
+}
+
+func (NutanixVMStorageConfig) SwaggerDoc() map[string]string {
+ return map_NutanixVMStorageConfig
+}
+
var map_LoadBalancerReference = map[string]string{
"": "LoadBalancerReference is a reference to a load balancer on IBM Cloud virtual private cloud(VPC).",
"name": "name of the LoadBalancer in IBM Cloud VPC. The name should be between 1 and 63 characters long and may consist of lowercase alphanumeric characters and hyphens only. The value must not end with a hyphen. It is a reference to existing LoadBalancer created by openshift installer component.",
diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go
index f3853579bd..66b76ec8f9 100644
--- a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go
+++ b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go
@@ -84,6 +84,13 @@ type AWSMachineProviderConfig struct {
// When omitted, no placement group is used when creating the EC2 instance.
// +optional
PlacementGroupName string `json:"placementGroupName,omitempty"`
+ // placementGroupPartition is the partition number within the placement group in which to launch the instance.
+ // This must be an integer value between 1 and 7. It is only valid if the placement group, referred in
+ // `PlacementGroupName` was created with strategy set to partition.
+ // +kubebuilder:validation:Minimum:=1
+ // +kubebuilder:validation:Maximum:=7
+ // +optional
+ PlacementGroupPartition *int32 `json:"placementGroupPartition,omitempty"`
}
// BlockDeviceMappingSpec describes a block device mapping
diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go
index e8488833e7..8e7810deb0 100644
--- a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go
+++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go
@@ -150,6 +150,11 @@ type MachineSetStatus struct {
// +optional
ErrorMessage *string `json:"errorMessage,omitempty"`
+ // Conditions defines the current state of the MachineSet
+ // +listType=map
+ // +listMapKey=type
+ Conditions []Condition `json:"conditions,omitempty"`
+
// authoritativeAPI is the API that is authoritative for this resource.
// Valid values are MachineAPI, ClusterAPI and Migrating.
// This value is updated by the migration controller to reflect the authoritative API.
diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go
index 3e9eebf6b7..d37ac11e6a 100644
--- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go
@@ -75,6 +75,11 @@ func (in *AWSMachineProviderConfig) DeepCopyInto(out *AWSMachineProviderConfig)
(*in).DeepCopyInto(*out)
}
out.MetadataServiceOptions = in.MetadataServiceOptions
+ if in.PlacementGroupPartition != nil {
+ in, out := &in.PlacementGroupPartition, &out.PlacementGroupPartition
+ *out = new(int32)
+ **out = **in
+ }
return
}
@@ -1265,6 +1270,13 @@ func (in *MachineSetStatus) DeepCopyInto(out *MachineSetStatus) {
*out = new(string)
**out = **in
}
+ if in.Conditions != nil {
+ in, out := &in.Conditions, &out.Conditions
+ *out = make([]Condition, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
return
}
diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go
index 55044bce3e..f2173537c9 100644
--- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go
@@ -12,25 +12,26 @@ package v1beta1
// AUTO-GENERATED FUNCTIONS START HERE
var map_AWSMachineProviderConfig = map[string]string{
- "": "AWSMachineProviderConfig is the Schema for the awsmachineproviderconfigs API Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).",
- "ami": "AMI is the reference to the AMI from which to create the machine instance.",
- "instanceType": "InstanceType is the type of instance to create. Example: m4.xlarge",
- "tags": "Tags is the set of tags to add to apply to an instance, in addition to the ones added by default by the actuator. These tags are additive. The actuator will ensure these tags are present, but will not remove any other tags that may exist on the instance.",
- "iamInstanceProfile": "IAMInstanceProfile is a reference to an IAM role to assign to the instance",
- "userDataSecret": "UserDataSecret contains a local reference to a secret that contains the UserData to apply to the instance",
- "credentialsSecret": "CredentialsSecret is a reference to the secret with AWS credentials. Otherwise, defaults to permissions provided by attached IAM role where the actuator is running.",
- "keyName": "KeyName is the name of the KeyPair to use for SSH",
- "deviceIndex": "DeviceIndex is the index of the device on the instance for the network interface attachment. Defaults to 0.",
- "publicIp": "PublicIP specifies whether the instance should get a public IP. If not present, it should use the default of its subnet.",
- "networkInterfaceType": "NetworkInterfaceType specifies the type of network interface to be used for the primary network interface. Valid values are \"ENA\", \"EFA\", and omitted, which means no opinion and the platform chooses a good default which may change over time. The current default value is \"ENA\". Please visit https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html to learn more about the AWS Elastic Fabric Adapter interface option.",
- "securityGroups": "SecurityGroups is an array of references to security groups that should be applied to the instance.",
- "subnet": "Subnet is a reference to the subnet to use for this instance",
- "placement": "Placement specifies where to create the instance in AWS",
- "loadBalancers": "LoadBalancers is the set of load balancers to which the new instance should be added once it is created.",
- "blockDevices": "BlockDevices is the set of block device mapping associated to this instance, block device without a name will be used as a root device and only one device without a name is allowed https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html",
- "spotMarketOptions": "SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.",
- "metadataServiceOptions": "MetadataServiceOptions allows users to configure instance metadata service interaction options. If nothing specified, default AWS IMDS settings will be applied. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html",
- "placementGroupName": "PlacementGroupName specifies the name of the placement group in which to launch the instance. The placement group must already be created and may use any placement strategy. When omitted, no placement group is used when creating the EC2 instance.",
+ "": "AWSMachineProviderConfig is the Schema for the awsmachineproviderconfigs API Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).",
+ "ami": "AMI is the reference to the AMI from which to create the machine instance.",
+ "instanceType": "InstanceType is the type of instance to create. Example: m4.xlarge",
+ "tags": "Tags is the set of tags to add to apply to an instance, in addition to the ones added by default by the actuator. These tags are additive. The actuator will ensure these tags are present, but will not remove any other tags that may exist on the instance.",
+ "iamInstanceProfile": "IAMInstanceProfile is a reference to an IAM role to assign to the instance",
+ "userDataSecret": "UserDataSecret contains a local reference to a secret that contains the UserData to apply to the instance",
+ "credentialsSecret": "CredentialsSecret is a reference to the secret with AWS credentials. Otherwise, defaults to permissions provided by attached IAM role where the actuator is running.",
+ "keyName": "KeyName is the name of the KeyPair to use for SSH",
+ "deviceIndex": "DeviceIndex is the index of the device on the instance for the network interface attachment. Defaults to 0.",
+ "publicIp": "PublicIP specifies whether the instance should get a public IP. If not present, it should use the default of its subnet.",
+ "networkInterfaceType": "NetworkInterfaceType specifies the type of network interface to be used for the primary network interface. Valid values are \"ENA\", \"EFA\", and omitted, which means no opinion and the platform chooses a good default which may change over time. The current default value is \"ENA\". Please visit https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html to learn more about the AWS Elastic Fabric Adapter interface option.",
+ "securityGroups": "SecurityGroups is an array of references to security groups that should be applied to the instance.",
+ "subnet": "Subnet is a reference to the subnet to use for this instance",
+ "placement": "Placement specifies where to create the instance in AWS",
+ "loadBalancers": "LoadBalancers is the set of load balancers to which the new instance should be added once it is created.",
+ "blockDevices": "BlockDevices is the set of block device mapping associated to this instance, block device without a name will be used as a root device and only one device without a name is allowed https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html",
+ "spotMarketOptions": "SpotMarketOptions allows users to configure instances to be run using AWS Spot instances.",
+ "metadataServiceOptions": "MetadataServiceOptions allows users to configure instance metadata service interaction options. If nothing specified, default AWS IMDS settings will be applied. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html",
+ "placementGroupName": "PlacementGroupName specifies the name of the placement group in which to launch the instance. The placement group must already be created and may use any placement strategy. When omitted, no placement group is used when creating the EC2 instance.",
+ "placementGroupPartition": "placementGroupPartition is the partition number within the placement group in which to launch the instance. This must be an integer value between 1 and 7. It is only valid if the placement group, referred in `PlacementGroupName` was created with strategy set to partition.",
}
func (AWSMachineProviderConfig) SwaggerDoc() map[string]string {
@@ -692,6 +693,7 @@ var map_MachineSetStatus = map[string]string{
"availableReplicas": "The number of available replicas (ready for at least minReadySeconds) for this MachineSet.",
"observedGeneration": "ObservedGeneration reflects the generation of the most recently observed MachineSet.",
"errorReason": "In the event that there is a terminal problem reconciling the replicas, both ErrorReason and ErrorMessage will be set. ErrorReason will be populated with a succinct value suitable for machine interpretation, while ErrorMessage will contain a more verbose string suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachineTemplate's spec or the configuration of the machine controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the machine controller, or the responsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines can be added as events to the MachineSet object and/or logged in the controller's output.",
+ "conditions": "Conditions defines the current state of the MachineSet",
"authoritativeAPI": "authoritativeAPI is the API that is authoritative for this resource. Valid values are MachineAPI, ClusterAPI and Migrating. This value is updated by the migration controller to reflect the authoritative API. Machine API and Cluster API controllers use this value to determine whether or not to reconcile the resource. When set to Migrating, the migration controller is currently performing the handover of authority from one API to the other.",
"synchronizedGeneration": "synchronizedGeneration is the generation of the authoritative resource that the non-authoritative resource is synchronised with. This field is set when the authoritative resource is updated and the sync controller has updated the non-authoritative resource to match.",
}
diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go
index b84910ad40..98b3c48f71 100644
--- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go
+++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go
@@ -13,12 +13,15 @@ import (
// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1596
// +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01
// +openshift:enable:FeatureGate=MachineConfigNodes
-// +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status
-// +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status
-// +kubebuilder:printcolumn:name="UpdateExecuted",type="string",JSONPath=.status.conditions[?(@.type=="UpdateExecuted")].status
-// +kubebuilder:printcolumn:name="UpdatePostActionComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePostActionComplete")].status
-// +kubebuilder:printcolumn:name="UpdateComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdateComplete")].status
-// +kubebuilder:printcolumn:name="Resumed",type="string",JSONPath=.status.conditions[?(@.type=="Resumed")].status
+// +kubebuilder:printcolumn:name="PoolName",type="string",JSONPath=.spec.pool.name,priority=0
+// +kubebuilder:printcolumn:name="DesiredConfig",type="string",JSONPath=.spec.configVersion.desired,priority=0
+// +kubebuilder:printcolumn:name="CurrentConfig",type="string",JSONPath=.status.configVersion.current,priority=0
+// +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status,priority=0
+// +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status,priority=1
+// +kubebuilder:printcolumn:name="UpdateExecuted",type="string",JSONPath=.status.conditions[?(@.type=="UpdateExecuted")].status,priority=1
+// +kubebuilder:printcolumn:name="UpdatePostActionComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePostActionComplete")].status,priority=1
+// +kubebuilder:printcolumn:name="UpdateComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdateComplete")].status,priority=1
+// +kubebuilder:printcolumn:name="Resumed",type="string",JSONPath=.status.conditions[?(@.type=="Resumed")].status,priority=1
// +kubebuilder:printcolumn:name="UpdateCompatible",type="string",JSONPath=.status.conditions[?(@.type=="UpdateCompatible")].status,priority=1
// +kubebuilder:printcolumn:name="UpdatedFilesAndOS",type="string",JSONPath=.status.conditions[?(@.type=="AppliedFilesAndOS")].status,priority=1
// +kubebuilder:printcolumn:name="CordonedNode",type="string",JSONPath=.status.conditions[?(@.type=="Cordoned")].status,priority=1
diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml
index 68c8828e55..ea7bbeeb54 100644
--- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml
@@ -16,23 +16,37 @@ machineconfignodes.machineconfiguration.openshift.io:
openshift.io/operator-managed: ""
PluralName: machineconfignodes
PrinterColumns:
+ - jsonPath: .spec.pool.name
+ name: PoolName
+ type: string
+ - jsonPath: .spec.configVersion.desired
+ name: DesiredConfig
+ type: string
+ - jsonPath: .status.configVersion.current
+ name: CurrentConfig
+ type: string
- jsonPath: .status.conditions[?(@.type=="Updated")].status
name: Updated
type: string
- jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status
name: UpdatePrepared
+ priority: 1
type: string
- jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status
name: UpdateExecuted
+ priority: 1
type: string
- jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status
name: UpdatePostActionComplete
+ priority: 1
type: string
- jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status
name: UpdateComplete
+ priority: 1
type: string
- jsonPath: .status.conditions[?(@.type=="Resumed")].status
name: Resumed
+ priority: 1
type: string
- jsonPath: .status.conditions[?(@.type=="UpdateCompatible")].status
name: UpdateCompatible
diff --git a/vendor/github.com/openshift/api/network/v1/generated.proto b/vendor/github.com/openshift/api/network/v1/generated.proto
index b7016bfb25..d2e75548bb 100644
--- a/vendor/github.com/openshift/api/network/v1/generated.proto
+++ b/vendor/github.com/openshift/api/network/v1/generated.proto
@@ -11,9 +11,9 @@ import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "github.com/openshift/api/network/v1";
-// ClusterNetwork describes the cluster network. There is normally only one object of this type,
-// named "default", which is created by the SDN network plugin based on the master configuration
-// when the cluster is brought up for the first time.
+// ClusterNetwork was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
@@ -91,11 +91,9 @@ message ClusterNetworkList {
repeated ClusterNetwork items = 2;
}
-// EgressNetworkPolicy describes the current egress network policy for a Namespace. When using
-// the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address
-// outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's
-// namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy
-// is present) then the traffic will be allowed by default.
+// EgressNetworkPolicy was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
@@ -154,8 +152,9 @@ message EgressNetworkPolicySpec {
repeated EgressNetworkPolicyRule egress = 1;
}
-// HostSubnet describes the container subnet network on a node. The HostSubnet object must have the
-// same name as the Node object it corresponds to.
+// HostSubnet was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
@@ -211,9 +210,9 @@ message HostSubnetList {
repeated HostSubnet items = 2;
}
-// NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant
-// plugin, every Namespace will have a corresponding NetNamespace object with the same name.
-// (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.)
+// NetNamespace was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
diff --git a/vendor/github.com/openshift/api/network/v1/types.go b/vendor/github.com/openshift/api/network/v1/types.go
index f39e786c20..89015cf6b1 100644
--- a/vendor/github.com/openshift/api/network/v1/types.go
+++ b/vendor/github.com/openshift/api/network/v1/types.go
@@ -12,9 +12,9 @@ const (
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// ClusterNetwork describes the cluster network. There is normally only one object of this type,
-// named "default", which is created by the SDN network plugin based on the master configuration
-// when the cluster is brought up for the first time.
+// ClusterNetwork was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
@@ -112,8 +112,9 @@ type HostSubnetEgressCIDR string
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// HostSubnet describes the container subnet network on a node. The HostSubnet object must have the
-// same name as the Node object it corresponds to.
+// HostSubnet was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
@@ -184,9 +185,9 @@ type NetNamespaceEgressIP string
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant
-// plugin, every Namespace will have a corresponding NetNamespace object with the same name.
-// (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.)
+// NetNamespace was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
@@ -274,11 +275,9 @@ type EgressNetworkPolicySpec struct {
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-// EgressNetworkPolicy describes the current egress network policy for a Namespace. When using
-// the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address
-// outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's
-// namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy
-// is present) then the traffic will be allowed by default.
+// EgressNetworkPolicy was used by OpenShift SDN.
+// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in
+// any way by OpenShift.
//
// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
// +kubebuilder:object:root=true
diff --git a/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go
index f92172acaf..743ddeab57 100644
--- a/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go
@@ -12,7 +12,7 @@ package v1
// AUTO-GENERATED FUNCTIONS START HERE
var map_ClusterNetwork = map[string]string{
- "": "ClusterNetwork describes the cluster network. There is normally only one object of this type, named \"default\", which is created by the SDN network plugin based on the master configuration when the cluster is brought up for the first time.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
+ "": "ClusterNetwork was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
"metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"network": "Network is a CIDR string specifying the global overlay network's L3 space",
"hostsubnetlength": "HostSubnetLength is the number of bits of network to allocate to each node. eg, 8 would mean that each node would have a /24 slice of the overlay network for its pods",
@@ -48,7 +48,7 @@ func (ClusterNetworkList) SwaggerDoc() map[string]string {
}
var map_EgressNetworkPolicy = map[string]string{
- "": "EgressNetworkPolicy describes the current egress network policy for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy is present) then the traffic will be allowed by default.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
+ "": "EgressNetworkPolicy was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
"metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"spec": "spec is the specification of the current egress network policy",
}
@@ -97,7 +97,7 @@ func (EgressNetworkPolicySpec) SwaggerDoc() map[string]string {
}
var map_HostSubnet = map[string]string{
- "": "HostSubnet describes the container subnet network on a node. The HostSubnet object must have the same name as the Node object it corresponds to.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
+ "": "HostSubnet was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
"metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"host": "Host is the name of the node. (This is the same as the object's name, but both fields must be set.)",
"hostIP": "HostIP is the IP address to be used as a VTEP by other nodes in the overlay network",
@@ -121,7 +121,7 @@ func (HostSubnetList) SwaggerDoc() map[string]string {
}
var map_NetNamespace = map[string]string{
- "": "NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant plugin, every Namespace will have a corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.)\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
+ "": "NetNamespace was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
"metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
"netname": "NetName is the name of the network namespace. (This is the same as the object's name, but both fields must be set.)",
"netid": "NetID is the network identifier of the network namespace assigned to each overlay network packet. This can be manipulated with the \"oc adm pod-network\" commands.",
diff --git a/vendor/github.com/openshift/api/operator/v1/types_console.go b/vendor/github.com/openshift/api/operator/v1/types_console.go
index 66e3798d92..74dd8f4b07 100644
--- a/vendor/github.com/openshift/api/operator/v1/types_console.go
+++ b/vendor/github.com/openshift/api/operator/v1/types_console.go
@@ -99,8 +99,60 @@ type StatuspageProvider struct {
PageID string `json:"pageID"`
}
+// ConsoleCapabilityName defines name of UI capability in the console UI.
+type ConsoleCapabilityName string
+
+const (
+ // lightspeedButton is the name for the Lightspeed button HTML element.
+ LightspeedButton ConsoleCapabilityName = "LightspeedButton"
+)
+
+// CapabilityState defines the state of the capability in the console UI.
+type CapabilityState string
+
+const (
+ // "Enabled" means that the capability will be rendered in the console UI.
+ CapabilityEnabled CapabilityState = "Enabled"
+ // "Disabled" means that the capability will not be rendered in the console UI.
+ CapabilityDisabled CapabilityState = "Disabled"
+)
+
+// CapabilityVisibility defines the criteria to enable/disable a capability.
+// +union
+type CapabilityVisibility struct {
+ // state defines if the capability is enabled or disabled in the console UI.
+ // Enabling the capability in the console UI is represented by the "Enabled" value.
+ // Disabling the capability in the console UI is represented by the "Disabled" value.
+ // +unionDiscriminator
+ // +kubebuilder:validation:Enum:="Enabled";"Disabled"
+ // +kubebuilder:validation:Required
+ State CapabilityState `json:"state"`
+}
+
+// Capabilities contains set of UI capabilities and their state in the console UI.
+type Capability struct {
+ // name is the unique name of a capability.
+ // Available capabilities are LightspeedButton.
+ // +kubebuilder:validation:Enum:="LightspeedButton";
+ // +kubebuilder:validation:Required
+ Name ConsoleCapabilityName `json:"name"`
+ // visibility defines the visibility state of the capability.
+ // +kubebuilder:validation:Required
+ Visibility CapabilityVisibility `json:"visibility"`
+}
+
// ConsoleCustomization defines a list of optional configuration for the console UI.
type ConsoleCustomization struct {
+ // capabilities defines an array of capabilities that can be interacted with in the console UI.
+ // Each capability defines a visual state that can be interacted with the console to render in the UI.
+ // Available capabilities are LightspeedButton.
+ // Each of the available capabilities may appear only once in the list.
+ // +kubebuilder:validation:MinItems=1
+ // +kubebuilder:validation:MaxItems=1
+ // +listType=map
+ // +listMapKey=name
+ // +optional
+ Capabilities []Capability `json:"capabilities,omitempty"`
// brand is the default branding of the web console which can be overridden by
// providing the brand field. There is a limited set of specific brand options.
// This field controls elements of the console such as the logo.
diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go
index 4fccecb9f6..0644b6a93c 100644
--- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go
+++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go
@@ -168,6 +168,65 @@ type AWSCSIDriverConfigSpec struct {
// +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)\/.*$`
// +optional
KMSKeyARN string `json:"kmsKeyARN,omitempty"`
+
+ // efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.
+ // +openshift:enable:FeatureGate=AWSEFSDriverVolumeMetrics
+ // +optional
+ EFSVolumeMetrics *AWSEFSVolumeMetrics `json:"efsVolumeMetrics,omitempty"`
+}
+
+// AWSEFSVolumeMetricsState defines the modes for collecting volume metrics in the AWS EFS CSI Driver.
+// This can either enable recursive collection of volume metrics or disable metric collection entirely.
+// +kubebuilder:validation:Enum:="RecursiveWalk";"Disabled"
+type AWSEFSVolumeMetricsState string
+
+const (
+ // AWSEFSVolumeMetricsRecursiveWalk indicates that volume metrics collection in the AWS EFS CSI Driver
+ // is performed by recursively walking through the files in the volume.
+ AWSEFSVolumeMetricsRecursiveWalk AWSEFSVolumeMetricsState = "RecursiveWalk"
+
+ // AWSEFSVolumeMetricsDisabled indicates that volume metrics collection in the AWS EFS CSI Driver is disabled.
+ AWSEFSVolumeMetricsDisabled AWSEFSVolumeMetricsState = "Disabled"
+)
+
+// AWSEFSVolumeMetrics defines the configuration for volume metrics in the EFS CSI Driver.
+// +union
+type AWSEFSVolumeMetrics struct {
+ // state defines the state of metric collection in the AWS EFS CSI Driver.
+ // This field is required and must be set to one of the following values: Disabled or RecursiveWalk.
+ // Disabled means no metrics collection will be performed. This is the default value.
+ // RecursiveWalk means the AWS EFS CSI Driver will recursively scan volumes to collect metrics.
+ // This process may result in high CPU and memory usage, depending on the volume size.
+ // +unionDiscriminator
+ // +kubebuilder:validation:Required
+ State AWSEFSVolumeMetricsState `json:"state"`
+
+ // recursiveWalk provides additional configuration for collecting volume metrics in the AWS EFS CSI Driver
+ // when the state is set to RecursiveWalk.
+ // +unionMember
+ // +optional
+ RecursiveWalk *AWSEFSVolumeMetricsRecursiveWalkConfig `json:"recursiveWalk,omitempty"`
+}
+
+// AWSEFSVolumeMetricsRecursiveWalkConfig defines options for volume metrics in the EFS CSI Driver.
+type AWSEFSVolumeMetricsRecursiveWalkConfig struct {
+ // refreshPeriodMinutes specifies the frequency, in minutes, at which volume metrics are refreshed.
+ // When omitted, this means no opinion and the platform is left to choose a reasonable
+ // default, which is subject to change over time. The current default is 240.
+ // The valid range is from 1 to 43200 minutes (30 days).
+ // +kubebuilder:validation:Minimum=1
+ // +kubebuilder:validation:Maximum=43200
+ // +optional
+ RefreshPeriodMinutes int32 `json:"refreshPeriodMinutes,omitempty"`
+
+ // fsRateLimit defines the rate limit, in goroutines per file system, for processing volume metrics.
+ // When omitted, this means no opinion and the platform is left to choose a reasonable
+ // default, which is subject to change over time. The current default is 5.
+ // The valid range is from 1 to 100 goroutines.
+ // +kubebuilder:validation:Minimum=1
+ // +kubebuilder:validation:Maximum=100
+ // +optional
+ FSRateLimit int32 `json:"fsRateLimit,omitempty"`
}
// AzureDiskEncryptionSet defines the configuration for a disk encryption set.
diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go
index 64419ddfc0..51970cea99 100644
--- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go
+++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go
@@ -342,6 +342,7 @@ type NodePlacement struct {
// See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
//
// +optional
+ // +listType=atomic
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
}
@@ -390,6 +391,7 @@ var (
type CIDR string
// LoadBalancerStrategy holds parameters for a load balancer.
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule="!has(self.scope) || self.scope != 'Internal' || !has(self.providerParameters) || !has(self.providerParameters.aws) || !has(self.providerParameters.aws.networkLoadBalancer) || !has(self.providerParameters.aws.networkLoadBalancer.eipAllocations)",message="eipAllocations are forbidden when the scope is Internal."
type LoadBalancerStrategy struct {
// scope indicates the scope at which the load balancer is exposed.
// Possible values are "External" and "Internal".
@@ -413,6 +415,7 @@ type LoadBalancerStrategy struct {
//
// +nullable
// +optional
+ // +listType=atomic
AllowedSourceRanges []CIDR `json:"allowedSourceRanges,omitempty"`
// providerParameters holds desired load balancer information specific to
@@ -556,6 +559,52 @@ const (
AWSNetworkLoadBalancer AWSLoadBalancerType = "NLB"
)
+// AWSSubnets contains a list of references to AWS subnets by
+// ID or name.
+// +kubebuilder:validation:XValidation:rule=`has(self.ids) && has(self.names) ? size(self.ids + self.names) <= 10 : true`,message="the total number of subnets cannot exceed 10"
+// +kubebuilder:validation:XValidation:rule=`has(self.ids) && self.ids.size() > 0 || has(self.names) && self.names.size() > 0`,message="must specify at least 1 subnet name or id"
+type AWSSubnets struct {
+ // ids specifies a list of AWS subnets by subnet ID.
+ // Subnet IDs must start with "subnet-", consist only
+ // of alphanumeric characters, must be exactly 24
+ // characters long, must be unique, and the total
+ // number of subnets specified by ids and names
+ // must not exceed 10.
+ //
+ // +optional
+ // +listType=atomic
+ // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="subnet ids cannot contain duplicates"
+ // + Note: Though it may seem redundant, MaxItems is necessary to prevent exceeding of the cost budget for the validation rules.
+ // +kubebuilder:validation:MaxItems=10
+ IDs []AWSSubnetID `json:"ids,omitempty"`
+
+ // names specifies a list of AWS subnets by subnet name.
+ // Subnet names must not start with "subnet-", must not
+ // include commas, must be under 256 characters in length,
+ // must be unique, and the total number of subnets
+ // specified by ids and names must not exceed 10.
+ //
+ // +optional
+ // +listType=atomic
+ // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="subnet names cannot contain duplicates"
+ // + Note: Though it may seem redundant, MaxItems is necessary to prevent exceeding of the cost budget for the validation rules.
+ // +kubebuilder:validation:MaxItems=10
+ Names []AWSSubnetName `json:"names,omitempty"`
+}
+
+// AWSSubnetID is a reference to an AWS subnet ID.
+// +kubebuilder:validation:MinLength=24
+// +kubebuilder:validation:MaxLength=24
+// +kubebuilder:validation:Pattern=`^subnet-[0-9A-Za-z]+$`
+type AWSSubnetID string
+
+// AWSSubnetName is a reference to an AWS subnet name.
+// +kubebuilder:validation:MinLength=1
+// +kubebuilder:validation:MaxLength=256
+// +kubebuilder:validation:XValidation:rule=`!self.contains(',')`,message="subnet name cannot contain a comma"
+// +kubebuilder:validation:XValidation:rule=`!self.startsWith('subnet-')`,message="subnet name cannot start with 'subnet-'"
+type AWSSubnetName string
+
// GCPLoadBalancerParameters provides configuration settings that are
// specific to GCP load balancers.
type GCPLoadBalancerParameters struct {
@@ -630,13 +679,89 @@ type AWSClassicLoadBalancerParameters struct {
// +kubebuilder:validation:Format=duration
// +optional
ConnectionIdleTimeout metav1.Duration `json:"connectionIdleTimeout,omitempty"`
+
+ // subnets specifies the subnets to which the load balancer will
+ // attach. The subnets may be specified by either their
+ // ID or name. The total number of subnets is limited to 10.
+ //
+ // In order for the load balancer to be provisioned with subnets,
+ // each subnet must exist, each subnet must be from a different
+ // availability zone, and the load balancer service must be
+ // recreated to pick up new values.
+ //
+ // When omitted from the spec, the subnets will be auto-discovered
+ // for each availability zone. Auto-discovered subnets are not reported
+ // in the status of the IngressController object.
+ //
+ // +optional
+ // +openshift:enable:FeatureGate=IngressControllerLBSubnetsAWS
+ Subnets *AWSSubnets `json:"subnets,omitempty"`
}
// AWSNetworkLoadBalancerParameters holds configuration parameters for an
-// AWS Network load balancer.
+// AWS Network load balancer. For Example: Setting AWS EIPs https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule=`has(self.subnets) && has(self.subnets.ids) && has(self.subnets.names) && has(self.eipAllocations) ? size(self.subnets.ids + self.subnets.names) == size(self.eipAllocations) : true`,message="number of subnets must be equal to number of eipAllocations"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule=`has(self.subnets) && has(self.subnets.ids) && !has(self.subnets.names) && has(self.eipAllocations) ? size(self.subnets.ids) == size(self.eipAllocations) : true`,message="number of subnets must be equal to number of eipAllocations"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule=`has(self.subnets) && has(self.subnets.names) && !has(self.subnets.ids) && has(self.eipAllocations) ? size(self.subnets.names) == size(self.eipAllocations) : true`,message="number of subnets must be equal to number of eipAllocations"
type AWSNetworkLoadBalancerParameters struct {
+ // subnets specifies the subnets to which the load balancer will
+ // attach. The subnets may be specified by either their
+ // ID or name. The total number of subnets is limited to 10.
+ //
+ // In order for the load balancer to be provisioned with subnets,
+ // each subnet must exist, each subnet must be from a different
+ // availability zone, and the load balancer service must be
+ // recreated to pick up new values.
+ //
+ // When omitted from the spec, the subnets will be auto-discovered
+ // for each availability zone. Auto-discovered subnets are not reported
+ // in the status of the IngressController object.
+ //
+ // +optional
+ // +openshift:enable:FeatureGate=IngressControllerLBSubnetsAWS
+ Subnets *AWSSubnets `json:"subnets,omitempty"`
+
+ // eipAllocations is a list of IDs for Elastic IP (EIP) addresses that
+ // are assigned to the Network Load Balancer.
+ // The following restrictions apply:
+ //
+ // eipAllocations can only be used with external scope, not internal.
+ // An EIP can be allocated to only a single IngressController.
+ // The number of EIP allocations must match the number of subnets that are used for the load balancer.
+ // Each EIP allocation must be unique.
+ // A maximum of 10 EIP allocations are permitted.
+ //
+ // See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html for general
+ // information about configuration, characteristics, and limitations of Elastic IP addresses.
+ //
+ // +openshift:enable:FeatureGate=SetEIPForNLBIngressController
+ // +optional
+ // +listType=atomic
+ // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="eipAllocations cannot contain duplicates"
+ // +kubebuilder:validation:MaxItems=10
+ EIPAllocations []EIPAllocation `json:"eipAllocations"`
}
+// EIPAllocation is an ID for an Elastic IP (EIP) address that can be allocated to an ELB in the AWS environment.
+// Values must begin with `eipalloc-` followed by exactly 17 hexadecimal (`[0-9a-fA-F]`) characters.
+// + Explanation of the regex `^eipalloc-[0-9a-fA-F]{17}$` for validating value of the EIPAllocation:
+// + ^eipalloc- ensures the string starts with "eipalloc-".
+// + [0-9a-fA-F]{17} matches exactly 17 hexadecimal characters (0-9, a-f, A-F).
+// + $ ensures the string ends after the 17 hexadecimal characters.
+// + Example of Valid and Invalid values:
+// + eipalloc-1234567890abcdef1 is valid.
+// + eipalloc-1234567890abcde is not valid (too short).
+// + eipalloc-1234567890abcdefg is not valid (contains a non-hex character 'g').
+// + Max length is calculated as follows:
+// + eipalloc- = 9 chars and 17 hexadecimal chars after `-`
+// + So, total is 17 + 9 = 26 chars required for value of an EIPAllocation.
+//
+// +kubebuilder:validation:MinLength=26
+// +kubebuilder:validation:MaxLength=26
+// +kubebuilder:validation:XValidation:rule=`self.startsWith('eipalloc-')`,message="eipAllocations should start with 'eipalloc-'"
+// +kubebuilder:validation:XValidation:rule=`self.split("-", 2)[1].matches('[0-9a-fA-F]{17}$')`,message="eipAllocations must be 'eipalloc-' followed by exactly 17 hexadecimal characters (0-9, a-f, A-F)"
+type EIPAllocation string
+
// HostNetworkStrategy holds parameters for the HostNetwork endpoint publishing
// strategy.
type HostNetworkStrategy struct {
@@ -1129,6 +1254,7 @@ type IngressControllerCaptureHTTPHeaders struct {
//
// +nullable
// +optional
+ // +listType=atomic
Request []IngressControllerCaptureHTTPHeader `json:"request,omitempty"`
// response specifies which HTTP response headers to capture.
@@ -1137,6 +1263,7 @@ type IngressControllerCaptureHTTPHeaders struct {
//
// +nullable
// +optional
+ // +listType=atomic
Response []IngressControllerCaptureHTTPHeader `json:"response,omitempty"`
}
@@ -1263,6 +1390,7 @@ type AccessLogging struct {
// +nullable
// +optional
// +kubebuilder:validation:MaxItems=1
+ // +listType=atomic
HTTPCaptureCookies []IngressControllerCaptureHTTPCookie `json:"httpCaptureCookies,omitempty"`
// logEmptyRequests specifies how connections on which no request is
@@ -1402,6 +1530,7 @@ type IngressControllerHTTPHeaders struct {
//
// +nullable
// +optional
+ // +listType=atomic
HeaderNameCaseAdjustments []IngressControllerHTTPHeaderNameCaseAdjustment `json:"headerNameCaseAdjustments,omitempty"`
// actions specifies options for modifying headers and their values.
@@ -1865,6 +1994,8 @@ type IngressControllerStatus struct {
// * DNS is managed.
// * DNS records have been successfully created.
// - False if any of those conditions are unsatisfied.
+ // +listType=map
+ // +listMapKey=type
Conditions []OperatorCondition `json:"conditions,omitempty"`
// tlsProfile is the TLS connection configuration that is in effect.
diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go
index 35bb5ada36..afe773192a 100644
--- a/vendor/github.com/openshift/api/operator/v1/types_network.go
+++ b/vendor/github.com/openshift/api/operator/v1/types_network.go
@@ -53,17 +53,20 @@ type NetworkList struct {
// NetworkSpec is the top-level network configuration object.
// +kubebuilder:validation:XValidation:rule="!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Restricted' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Global'",message="invalid value for IPForwarding, valid values are 'Restricted' or 'Global'"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=AdditionalRoutingCapabilities,rule="(has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != 'Enabled'",message="Route advertisements cannot be Enabled if 'FRR' routing capability provider is not available"
type NetworkSpec struct {
OperatorSpec `json:",inline"`
// clusterNetwork is the IP address pool to use for pod IPs.
- // Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks.
+ // Some network providers support multiple ClusterNetworks.
// Others only support one. This is equivalent to the cluster-cidr.
+ // +listType=atomic
ClusterNetwork []ClusterNetworkEntry `json:"clusterNetwork"`
// serviceNetwork is the ip address pool to use for Service IPs
// Currently, all existing network providers only support a single value
// here, but this is an array to allow for growth.
+ // +listType=atomic
ServiceNetwork []string `json:"serviceNetwork"`
// defaultNetwork is the "default" network that all pods will receive
@@ -71,6 +74,8 @@ type NetworkSpec struct {
// additionalNetworks is a list of extra networks to make available to pods
// when multiple networks are enabled.
+ // +listType=map
+ // +listMapKey=name
AdditionalNetworks []AdditionalNetworkDefinition `json:"additionalNetworks,omitempty"`
// disableMultiNetwork specifies whether or not multiple pod network
@@ -91,8 +96,8 @@ type NetworkSpec struct {
// deployKubeProxy specifies whether or not a standalone kube-proxy should
// be deployed by the operator. Some network providers include kube-proxy
// or similar functionality. If unset, the plugin will attempt to select
- // the correct value, which is false when OpenShift SDN and ovn-kubernetes are
- // used and true otherwise.
+ // the correct value, which is false when ovn-kubernetes is used and true
+ // otherwise.
// +optional
DeployKubeProxy *bool `json:"deployKubeProxy,omitempty"`
@@ -104,9 +109,9 @@ type NetworkSpec struct {
// +kubebuilder:default:=false
DisableNetworkDiagnostics bool `json:"disableNetworkDiagnostics"`
- // kubeProxyConfig lets us configure desired proxy configuration.
- // If not specified, sensible defaults will be chosen by OpenShift directly.
- // Not consumed by all network providers - currently only openshift-sdn.
+ // kubeProxyConfig lets us configure desired proxy configuration, if
+ // deployKubeProxy is true. If not specified, sensible defaults will be chosen by
+ // OpenShift directly.
KubeProxyConfig *ProxyConfig `json:"kubeProxyConfig,omitempty"`
// exportNetworkFlows enables and configures the export of network flow metadata from the pod network
@@ -115,79 +120,91 @@ type NetworkSpec struct {
// +optional
ExportNetworkFlows *ExportNetworkFlows `json:"exportNetworkFlows,omitempty"`
- // migration enables and configures the cluster network migration. The
- // migration procedure allows to change the network type and the MTU.
+ // migration enables and configures cluster network migration, for network changes
+ // that cannot be made instantly.
// +optional
Migration *NetworkMigration `json:"migration,omitempty"`
+
+ // additionalRoutingCapabilities describes components and relevant
+ // configuration providing additional routing capabilities. When set, it
+ // enables such components and the usage of the routing capabilities they
+ // provide for the machine network. Upstream operators, like MetalLB
+ // operator, requiring these capabilities may rely on, or automatically set
+ // this attribute. Network plugins may leverage advanced routing
+ // capabilities acquired through the enablement of these components but may
+ // require specific configuration on their side to do so; refer to their
+ // respective documentation and configuration options.
+ // +openshift:enable:FeatureGate=AdditionalRoutingCapabilities
+ // +optional
+ AdditionalRoutingCapabilities *AdditionalRoutingCapabilities `json:"additionalRoutingCapabilities,omitempty"`
}
// NetworkMigrationMode is an enumeration of the possible mode of the network migration
// Valid values are "Live", "Offline" and omitted.
+// DEPRECATED: network type migration is no longer supported.
// +kubebuilder:validation:Enum:=Live;Offline;""
type NetworkMigrationMode string
const (
// A "Live" migration operation will not cause service interruption by migrating the CNI of each node one by one. The cluster network will work as normal during the network migration.
+ // DEPRECATED: network type migration is no longer supported.
LiveNetworkMigrationMode NetworkMigrationMode = "Live"
// An "Offline" migration operation will cause service interruption. During an "Offline" migration, two rounds of node reboots are required. The cluster network will be malfunctioning during the network migration.
+ // DEPRECATED: network type migration is no longer supported.
OfflineNetworkMigrationMode NetworkMigrationMode = "Offline"
)
-// NetworkMigration represents the cluster network configuration.
+// NetworkMigration represents the cluster network migration configuration.
// +openshift:validation:FeatureGateAwareXValidation:featureGate=NetworkLiveMigration,rule="!has(self.mtu) || !has(self.networkType) || self.networkType == \"\" || has(self.mode) && self.mode == 'Live'",message="networkType migration in mode other than 'Live' may not be configured at the same time as mtu migration"
type NetworkMigration struct {
- // networkType is the target type of network migration. Set this to the
- // target network type to allow changing the default network. If unset, the
- // operation of changing cluster default network plugin will be rejected.
- // The supported values are OpenShiftSDN, OVNKubernetes
- // +optional
- NetworkType string `json:"networkType,omitempty"`
-
// mtu contains the MTU migration configuration. Set this to allow changing
// the MTU values for the default network. If unset, the operation of
// changing the MTU for the default network will be rejected.
// +optional
MTU *MTUMigration `json:"mtu,omitempty"`
- // features contains the features migration configuration. Set this to migrate
- // feature configuration when changing the cluster default network provider.
- // if unset, the default operation is to migrate all the configuration of
- // supported features.
+ // networkType was previously used when changing the default network type.
+ // DEPRECATED: network type migration is no longer supported, and setting
+ // this to a non-empty value will result in the network operator rejecting
+ // the configuration.
+ // +optional
+ NetworkType string `json:"networkType,omitempty"`
+
+ // features was previously used to configure which network plugin features
+ // would be migrated in a network type migration.
+ // DEPRECATED: network type migration is no longer supported, and setting
+ // this to a non-empty value will result in the network operator rejecting
+ // the configuration.
// +optional
Features *FeaturesMigration `json:"features,omitempty"`
- // mode indicates the mode of network migration.
- // The supported values are "Live", "Offline" and omitted.
- // A "Live" migration operation will not cause service interruption by migrating the CNI of each node one by one. The cluster network will work as normal during the network migration.
- // An "Offline" migration operation will cause service interruption. During an "Offline" migration, two rounds of node reboots are required. The cluster network will be malfunctioning during the network migration.
- // When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time.
- // The current default value is "Offline".
+ // mode indicates the mode of network type migration.
+ // DEPRECATED: network type migration is no longer supported, and setting
+ // this to a non-empty value will result in the network operator rejecting
+ // the configuration.
// +optional
- Mode NetworkMigrationMode `json:"mode"`
+ Mode NetworkMigrationMode `json:"mode,omitempty"`
}
type FeaturesMigration struct {
- // egressIP specifies whether or not the Egress IP configuration is migrated
- // automatically when changing the cluster default network provider.
- // If unset, this property defaults to 'true' and Egress IP configure is migrated.
+ // egressIP specified whether or not the Egress IP configuration was migrated.
+ // DEPRECATED: network type migration is no longer supported.
// +optional
// +kubebuilder:default:=true
EgressIP bool `json:"egressIP,omitempty"`
- // egressFirewall specifies whether or not the Egress Firewall configuration is migrated
- // automatically when changing the cluster default network provider.
- // If unset, this property defaults to 'true' and Egress Firewall configure is migrated.
+ // egressFirewall specified whether or not the Egress Firewall configuration was migrated.
+ // DEPRECATED: network type migration is no longer supported.
// +optional
// +kubebuilder:default:=true
EgressFirewall bool `json:"egressFirewall,omitempty"`
- // multicast specifies whether or not the multicast configuration is migrated
- // automatically when changing the cluster default network provider.
- // If unset, this property defaults to 'true' and multicast configure is migrated.
+ // multicast specified whether or not the multicast configuration was migrated.
+ // DEPRECATED: network type migration is no longer supported.
// +optional
// +kubebuilder:default:=true
Multicast bool `json:"multicast,omitempty"`
}
-// MTUMigration MTU contains infomation about MTU migration.
+// MTUMigration contains infomation about MTU migration.
type MTUMigration struct {
// network contains information about MTU migration for the default network.
// Migrations are only allowed to MTU values lower than the machine's uplink
@@ -232,7 +249,8 @@ type DefaultNetworkDefinition struct {
// All NetworkTypes are supported except for NetworkTypeRaw
Type NetworkType `json:"type"`
- // openShiftSDNConfig configures the openshift-sdn plugin
+ // openShiftSDNConfig was previously used to configure the openshift-sdn plugin.
+ // DEPRECATED: OpenShift SDN is no longer supported.
// +optional
OpenShiftSDNConfig *OpenShiftSDNConfig `json:"openshiftSDNConfig,omitempty"`
@@ -287,12 +305,14 @@ type StaticIPAMRoutes struct {
type StaticIPAMDNS struct {
// Nameservers points DNS servers for IP lookup
// +optional
+ // +listType=atomic
Nameservers []string `json:"nameservers,omitempty"`
// Domain configures the domainname the local domain used for short hostname lookups
// +optional
Domain string `json:"domain,omitempty"`
// Search configures priority ordered search domains for short hostname lookups
// +optional
+ // +listType=atomic
Search []string `json:"search,omitempty"`
}
@@ -300,9 +320,11 @@ type StaticIPAMDNS struct {
type StaticIPAMConfig struct {
// Addresses configures IP address for the interface
// +optional
+ // +listType=atomic
Addresses []StaticIPAMAddresses `json:"addresses,omitempty"`
// Routes configures IP routes for the interface
// +optional
+ // +listType=atomic
Routes []StaticIPAMRoutes `json:"routes,omitempty"`
// DNS configures DNS for the interface
// +optional
@@ -330,6 +352,7 @@ type AdditionalNetworkDefinition struct {
// name is the name of the network. This will be populated in the resulting CRD
// This must be unique.
+ // +kubebuilder:validation:Required
Name string `json:"name"`
// namespace is the namespace of the network. This will be populated in the resulting CRD
@@ -345,7 +368,7 @@ type AdditionalNetworkDefinition struct {
SimpleMacvlanConfig *SimpleMacvlanConfig `json:"simpleMacvlanConfig,omitempty"`
}
-// OpenShiftSDNConfig configures the three openshift-sdn plugins
+// OpenShiftSDNConfig was used to configure the OpenShift SDN plugin. It is no longer used.
type OpenShiftSDNConfig struct {
// mode is one of "Multitenant", "Subnet", or "NetworkPolicy"
Mode SDNMode `json:"mode"`
@@ -364,7 +387,6 @@ type OpenShiftSDNConfig struct {
// useExternalOpenvswitch used to control whether the operator would deploy an OVS
// DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always
// run as a system service, and this flag is ignored.
- // DEPRECATED: non-functional as of 4.6
// +optional
UseExternalOpenvswitch *bool `json:"useExternalOpenvswitch,omitempty"`
@@ -433,6 +455,19 @@ type OVNKubernetesConfig struct {
// fields within ipv4 for details of default values.
// +optional
IPv6 *IPv6OVNKubernetesConfig `json:"ipv6,omitempty"`
+
+ // routeAdvertisements determines if the functionality to advertise cluster
+ // network routes through a dynamic routing protocol, such as BGP, is
+ // enabled or not. This functionality is configured through the
+ // ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing
+ // capability provider to be enabled as an additional routing capability.
+ // Allowed values are "Enabled", "Disabled" and ommited. When omitted, this
+ // means the user has no opinion and the platform is left to choose
+ // reasonable defaults. These defaults are subject to change over time. The
+ // current default is "Disabled".
+ // +openshift:enable:FeatureGate=RouteAdvertisements
+ // +optional
+ RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"`
}
type IPv4OVNKubernetesConfig struct {
@@ -505,6 +540,7 @@ type IPv6OVNKubernetesConfig struct {
type HybridOverlayConfig struct {
// HybridClusterNetwork defines a network space given to nodes on an additional overlay network.
+ // +listType=atomic
HybridClusterNetwork []ClusterNetworkEntry `json:"hybridClusterNetwork"`
// HybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network.
// Default is 4789
@@ -617,6 +653,7 @@ type NetFlowConfig struct {
// It is a list of strings formatted as ip:port with a maximum of ten items
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=10
+ // +listType=atomic
Collectors []IPPort `json:"collectors,omitempty"`
}
@@ -624,6 +661,7 @@ type SFlowConfig struct {
// sFlowCollectors is list of strings formatted as ip:port with a maximum of ten items
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=10
+ // +listType=atomic
Collectors []IPPort `json:"collectors,omitempty"`
}
@@ -631,6 +669,7 @@ type IPFIXConfig struct {
// ipfixCollectors is list of strings formatted as ip:port with a maximum of ten items
// +kubebuilder:validation:MinItems=1
// +kubebuilder:validation:MaxItems=10
+ // +listType=atomic
Collectors []IPPort `json:"collectors,omitempty"`
}
@@ -684,6 +723,7 @@ type PolicyAuditConfig struct {
type NetworkType string
// ProxyArgumentList is a list of arguments to pass to the kubeproxy process
+// +listType=atomic
type ProxyArgumentList []string
// ProxyConfig defines the configuration knobs for kubeproxy
@@ -719,11 +759,11 @@ type EgressIPConfig struct {
}
const (
- // NetworkTypeOpenShiftSDN means the openshift-sdn plugin will be configured
+ // NetworkTypeOpenShiftSDN means the openshift-sdn plugin will be configured.
+ // DEPRECATED: OpenShift SDN is no longer supported
NetworkTypeOpenShiftSDN NetworkType = "OpenShiftSDN"
- // NetworkTypeOVNKubernetes means the ovn-kubernetes project will be configured.
- // This is currently not implemented.
+ // NetworkTypeOVNKubernetes means the ovn-kubernetes plugin will be configured.
NetworkTypeOVNKubernetes NetworkType = "OVNKubernetes"
// NetworkTypeRaw
@@ -733,19 +773,23 @@ const (
NetworkTypeSimpleMacvlan NetworkType = "SimpleMacvlan"
)
-// SDNMode is the Mode the openshift-sdn plugin is in
+// SDNMode is the Mode the openshift-sdn plugin is in.
+// DEPRECATED: OpenShift SDN is no longer supported
type SDNMode string
const (
// SDNModeSubnet is a simple mode that offers no isolation between pods
+ // DEPRECATED: OpenShift SDN is no longer supported
SDNModeSubnet SDNMode = "Subnet"
// SDNModeMultitenant is a special "multitenant" mode that offers limited
// isolation configuration between namespaces
+ // DEPRECATED: OpenShift SDN is no longer supported
SDNModeMultitenant SDNMode = "Multitenant"
// SDNModeNetworkPolicy is a full NetworkPolicy implementation that allows
// for sophisticated network isolation and segmenting. This is the default.
+ // DEPRECATED: OpenShift SDN is no longer supported
SDNModeNetworkPolicy SDNMode = "NetworkPolicy"
)
@@ -788,3 +832,38 @@ const (
// between pods on the cluster network.
IPsecModeFull IPsecMode = "Full"
)
+
+// +kubebuilder:validation:Enum:="";"Enabled";"Disabled"
+type RouteAdvertisementsEnablement string
+
+var (
+ // RouteAdvertisementsEnabled enables route advertisements for ovn-kubernetes
+ RouteAdvertisementsEnabled RouteAdvertisementsEnablement = "Enabled"
+ // RouteAdvertisementsDisabled disables route advertisements for ovn-kubernetes
+ RouteAdvertisementsDisabled RouteAdvertisementsEnablement = "Disabled"
+)
+
+// RoutingCapabilitiesProvider is a component providing routing capabilities.
+// +kubebuilder:validation:Enum=FRR
+type RoutingCapabilitiesProvider string
+
+const (
+ // RoutingCapabilitiesProviderFRR determines FRR is providing advanced
+ // routing capabilities.
+ RoutingCapabilitiesProviderFRR RoutingCapabilitiesProvider = "FRR"
+)
+
+// AdditionalRoutingCapabilities describes components and relevant configuration providing
+// advanced routing capabilities.
+type AdditionalRoutingCapabilities struct {
+ // providers is a set of enabled components that provide additional routing
+ // capabilities. Entries on this list must be unique. The only valid value
+ // is currrently "FRR" which provides FRR routing capabilities through the
+ // deployment of FRR.
+ // +listType=atomic
+ // +kubebuilder:validation:Required
+ // +kubebuilder:validation:MinItems=1
+ // +kubebuilder:validation:MaxItems=1
+ // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))"
+ Providers []RoutingCapabilitiesProvider `json:"providers"`
+}
diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go
index da3ce4e107..fc6b94ceb2 100644
--- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go
+++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go
@@ -16,6 +16,11 @@ import (
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AWSCSIDriverConfigSpec) DeepCopyInto(out *AWSCSIDriverConfigSpec) {
*out = *in
+ if in.EFSVolumeMetrics != nil {
+ in, out := &in.EFSVolumeMetrics, &out.EFSVolumeMetrics
+ *out = new(AWSEFSVolumeMetrics)
+ (*in).DeepCopyInto(*out)
+ }
return
}
@@ -33,6 +38,11 @@ func (in *AWSCSIDriverConfigSpec) DeepCopy() *AWSCSIDriverConfigSpec {
func (in *AWSClassicLoadBalancerParameters) DeepCopyInto(out *AWSClassicLoadBalancerParameters) {
*out = *in
out.ConnectionIdleTimeout = in.ConnectionIdleTimeout
+ if in.Subnets != nil {
+ in, out := &in.Subnets, &out.Subnets
+ *out = new(AWSSubnets)
+ (*in).DeepCopyInto(*out)
+ }
return
}
@@ -46,18 +56,55 @@ func (in *AWSClassicLoadBalancerParameters) DeepCopy() *AWSClassicLoadBalancerPa
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AWSEFSVolumeMetrics) DeepCopyInto(out *AWSEFSVolumeMetrics) {
+ *out = *in
+ if in.RecursiveWalk != nil {
+ in, out := &in.RecursiveWalk, &out.RecursiveWalk
+ *out = new(AWSEFSVolumeMetricsRecursiveWalkConfig)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEFSVolumeMetrics.
+func (in *AWSEFSVolumeMetrics) DeepCopy() *AWSEFSVolumeMetrics {
+ if in == nil {
+ return nil
+ }
+ out := new(AWSEFSVolumeMetrics)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AWSEFSVolumeMetricsRecursiveWalkConfig) DeepCopyInto(out *AWSEFSVolumeMetricsRecursiveWalkConfig) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEFSVolumeMetricsRecursiveWalkConfig.
+func (in *AWSEFSVolumeMetricsRecursiveWalkConfig) DeepCopy() *AWSEFSVolumeMetricsRecursiveWalkConfig {
+ if in == nil {
+ return nil
+ }
+ out := new(AWSEFSVolumeMetricsRecursiveWalkConfig)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AWSLoadBalancerParameters) DeepCopyInto(out *AWSLoadBalancerParameters) {
*out = *in
if in.ClassicLoadBalancerParameters != nil {
in, out := &in.ClassicLoadBalancerParameters, &out.ClassicLoadBalancerParameters
*out = new(AWSClassicLoadBalancerParameters)
- **out = **in
+ (*in).DeepCopyInto(*out)
}
if in.NetworkLoadBalancerParameters != nil {
in, out := &in.NetworkLoadBalancerParameters, &out.NetworkLoadBalancerParameters
*out = new(AWSNetworkLoadBalancerParameters)
- **out = **in
+ (*in).DeepCopyInto(*out)
}
return
}
@@ -75,6 +122,16 @@ func (in *AWSLoadBalancerParameters) DeepCopy() *AWSLoadBalancerParameters {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AWSNetworkLoadBalancerParameters) DeepCopyInto(out *AWSNetworkLoadBalancerParameters) {
*out = *in
+ if in.Subnets != nil {
+ in, out := &in.Subnets, &out.Subnets
+ *out = new(AWSSubnets)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.EIPAllocations != nil {
+ in, out := &in.EIPAllocations, &out.EIPAllocations
+ *out = make([]EIPAllocation, len(*in))
+ copy(*out, *in)
+ }
return
}
@@ -88,6 +145,32 @@ func (in *AWSNetworkLoadBalancerParameters) DeepCopy() *AWSNetworkLoadBalancerPa
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AWSSubnets) DeepCopyInto(out *AWSSubnets) {
+ *out = *in
+ if in.IDs != nil {
+ in, out := &in.IDs, &out.IDs
+ *out = make([]AWSSubnetID, len(*in))
+ copy(*out, *in)
+ }
+ if in.Names != nil {
+ in, out := &in.Names, &out.Names
+ *out = make([]AWSSubnetName, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSSubnets.
+func (in *AWSSubnets) DeepCopy() *AWSSubnets {
+ if in == nil {
+ return nil
+ }
+ out := new(AWSSubnets)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AccessLogging) DeepCopyInto(out *AccessLogging) {
*out = *in
@@ -153,6 +236,27 @@ func (in *AdditionalNetworkDefinition) DeepCopy() *AdditionalNetworkDefinition {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AdditionalRoutingCapabilities) DeepCopyInto(out *AdditionalRoutingCapabilities) {
+ *out = *in
+ if in.Providers != nil {
+ in, out := &in.Providers, &out.Providers
+ *out = make([]RoutingCapabilitiesProvider, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalRoutingCapabilities.
+func (in *AdditionalRoutingCapabilities) DeepCopy() *AdditionalRoutingCapabilities {
+ if in == nil {
+ return nil
+ }
+ out := new(AdditionalRoutingCapabilities)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Authentication) DeepCopyInto(out *Authentication) {
*out = *in
@@ -292,7 +396,7 @@ func (in *CSIDriverConfigSpec) DeepCopyInto(out *CSIDriverConfigSpec) {
if in.AWS != nil {
in, out := &in.AWS, &out.AWS
*out = new(AWSCSIDriverConfigSpec)
- **out = **in
+ (*in).DeepCopyInto(*out)
}
if in.Azure != nil {
in, out := &in.Azure, &out.Azure
@@ -422,6 +526,39 @@ func (in *CSISnapshotControllerStatus) DeepCopy() *CSISnapshotControllerStatus {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Capability) DeepCopyInto(out *Capability) {
+ *out = *in
+ out.Visibility = in.Visibility
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Capability.
+func (in *Capability) DeepCopy() *Capability {
+ if in == nil {
+ return nil
+ }
+ out := new(Capability)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CapabilityVisibility) DeepCopyInto(out *CapabilityVisibility) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapabilityVisibility.
+func (in *CapabilityVisibility) DeepCopy() *CapabilityVisibility {
+ if in == nil {
+ return nil
+ }
+ out := new(CapabilityVisibility)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClientTLS) DeepCopyInto(out *ClientTLS) {
*out = *in
@@ -794,6 +931,11 @@ func (in *ConsoleConfigRoute) DeepCopy() *ConsoleConfigRoute {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ConsoleCustomization) DeepCopyInto(out *ConsoleCustomization) {
*out = *in
+ if in.Capabilities != nil {
+ in, out := &in.Capabilities, &out.Capabilities
+ *out = make([]Capability, len(*in))
+ copy(*out, *in)
+ }
out.CustomLogoFile = in.CustomLogoFile
in.DeveloperCatalog.DeepCopyInto(&out.DeveloperCatalog)
in.ProjectAccess.DeepCopyInto(&out.ProjectAccess)
@@ -3303,6 +3445,11 @@ func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) {
*out = new(NetworkMigration)
(*in).DeepCopyInto(*out)
}
+ if in.AdditionalRoutingCapabilities != nil {
+ in, out := &in.AdditionalRoutingCapabilities, &out.AdditionalRoutingCapabilities
+ *out = new(AdditionalRoutingCapabilities)
+ (*in).DeepCopyInto(*out)
+ }
return
}
diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml
index a8c2213cff..c152b0e84f 100644
--- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -69,6 +69,7 @@ clustercsidrivers.operator.openshift.io:
Capability: ""
Category: ""
FeatureGates:
+ - AWSEFSDriverVolumeMetrics
- VSphereDriverConfiguration
FilenameOperatorName: csi-driver
FilenameOperatorOrdering: "01"
@@ -176,7 +177,9 @@ ingresscontrollers.operator.openshift.io:
CRDName: ingresscontrollers.operator.openshift.io
Capability: Ingress
Category: ""
- FeatureGates: []
+ FeatureGates:
+ - IngressControllerLBSubnetsAWS
+ - SetEIPForNLBIngressController
FilenameOperatorName: ingress
FilenameOperatorOrdering: "00"
FilenameRunLevel: "0000_50"
@@ -326,7 +329,9 @@ networks.operator.openshift.io:
Capability: ""
Category: ""
FeatureGates:
+ - AdditionalRoutingCapabilities
- NetworkLiveMigration
+ - RouteAdvertisements
FilenameOperatorName: network
FilenameOperatorOrdering: "01"
FilenameRunLevel: "0000_70"
diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go
index 1b8b18e3f5..584ac52bcc 100644
--- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go
+++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go
@@ -205,6 +205,25 @@ func (AddPage) SwaggerDoc() map[string]string {
return map_AddPage
}
+var map_Capability = map[string]string{
+ "": "Capabilities contains set of UI capabilities and their state in the console UI.",
+ "name": "name is the unique name of a capability. Available capabilities are LightspeedButton.",
+ "visibility": "visibility defines the visibility state of the capability.",
+}
+
+func (Capability) SwaggerDoc() map[string]string {
+ return map_Capability
+}
+
+var map_CapabilityVisibility = map[string]string{
+ "": "CapabilityVisibility defines the criteria to enable/disable a capability.",
+ "state": "state defines if the capability is enabled or disabled in the console UI. Enabling the capability in the console UI is represented by the \"Enabled\" value. Disabling the capability in the console UI is represented by the \"Disabled\" value.",
+}
+
+func (CapabilityVisibility) SwaggerDoc() map[string]string {
+ return map_CapabilityVisibility
+}
+
var map_Console = map[string]string{
"": "Console provides a means to configure an operator to manage the console.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
"metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
@@ -226,6 +245,7 @@ func (ConsoleConfigRoute) SwaggerDoc() map[string]string {
var map_ConsoleCustomization = map[string]string{
"": "ConsoleCustomization defines a list of optional configuration for the console UI.",
+ "capabilities": "capabilities defines an array of capabilities that can be interacted with in the console UI. Each capability defines a visual state that can be interacted with the console to render in the UI. Available capabilities are LightspeedButton. Each of the available capabilities may appear only once in the list.",
"brand": "brand is the default branding of the web console which can be overridden by providing the brand field. There is a limited set of specific brand options. This field controls elements of the console such as the logo. Invalid value will prevent a console rollout.",
"documentationBaseURL": "documentationBaseURL links to external documentation are shown in various sections of the web console. Providing documentationBaseURL will override the default documentation URL. Invalid value will prevent a console rollout.",
"customProductName": "customProductName is the name that will be displayed in page titles, logo alt text, and the about dialog instead of the normal OpenShift product name.",
@@ -401,14 +421,35 @@ func (StatuspageProvider) SwaggerDoc() map[string]string {
}
var map_AWSCSIDriverConfigSpec = map[string]string{
- "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.",
- "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.",
+ "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.",
+ "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.",
+ "efsVolumeMetrics": "efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.",
}
func (AWSCSIDriverConfigSpec) SwaggerDoc() map[string]string {
return map_AWSCSIDriverConfigSpec
}
+var map_AWSEFSVolumeMetrics = map[string]string{
+ "": "AWSEFSVolumeMetrics defines the configuration for volume metrics in the EFS CSI Driver.",
+ "state": "state defines the state of metric collection in the AWS EFS CSI Driver. This field is required and must be set to one of the following values: Disabled or RecursiveWalk. Disabled means no metrics collection will be performed. This is the default value. RecursiveWalk means the AWS EFS CSI Driver will recursively scan volumes to collect metrics. This process may result in high CPU and memory usage, depending on the volume size.",
+ "recursiveWalk": "recursiveWalk provides additional configuration for collecting volume metrics in the AWS EFS CSI Driver when the state is set to RecursiveWalk.",
+}
+
+func (AWSEFSVolumeMetrics) SwaggerDoc() map[string]string {
+ return map_AWSEFSVolumeMetrics
+}
+
+var map_AWSEFSVolumeMetricsRecursiveWalkConfig = map[string]string{
+ "": "AWSEFSVolumeMetricsRecursiveWalkConfig defines options for volume metrics in the EFS CSI Driver.",
+ "refreshPeriodMinutes": "refreshPeriodMinutes specifies the frequency, in minutes, at which volume metrics are refreshed. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is 240. The valid range is from 1 to 43200 minutes (30 days).",
+ "fsRateLimit": "fsRateLimit defines the rate limit, in goroutines per file system, for processing volume metrics. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is 5. The valid range is from 1 to 100 goroutines.",
+}
+
+func (AWSEFSVolumeMetricsRecursiveWalkConfig) SwaggerDoc() map[string]string {
+ return map_AWSEFSVolumeMetricsRecursiveWalkConfig
+}
+
var map_AzureCSIDriverConfigSpec = map[string]string{
"": "AzureCSIDriverConfigSpec defines properties that can be configured for the Azure CSI driver.",
"diskEncryptionSet": "diskEncryptionSet sets the cluster default storage class to encrypt volumes with a customer-managed encryption set, rather than the default platform-managed keys.",
@@ -722,6 +763,7 @@ func (EtcdSpec) SwaggerDoc() map[string]string {
var map_AWSClassicLoadBalancerParameters = map[string]string{
"": "AWSClassicLoadBalancerParameters holds configuration parameters for an AWS Classic load balancer.",
"connectionIdleTimeout": "connectionIdleTimeout specifies the maximum time period that a connection may be idle before the load balancer closes the connection. The value must be parseable as a time duration value; see . A nil or zero value means no opinion, in which case a default value is used. The default value for this field is 60s. This default is subject to change.",
+ "subnets": "subnets specifies the subnets to which the load balancer will attach. The subnets may be specified by either their ID or name. The total number of subnets is limited to 10.\n\nIn order for the load balancer to be provisioned with subnets, each subnet must exist, each subnet must be from a different availability zone, and the load balancer service must be recreated to pick up new values.\n\nWhen omitted from the spec, the subnets will be auto-discovered for each availability zone. Auto-discovered subnets are not reported in the status of the IngressController object.",
}
func (AWSClassicLoadBalancerParameters) SwaggerDoc() map[string]string {
@@ -740,13 +782,25 @@ func (AWSLoadBalancerParameters) SwaggerDoc() map[string]string {
}
var map_AWSNetworkLoadBalancerParameters = map[string]string{
- "": "AWSNetworkLoadBalancerParameters holds configuration parameters for an AWS Network load balancer.",
+ "": "AWSNetworkLoadBalancerParameters holds configuration parameters for an AWS Network load balancer. For Example: Setting AWS EIPs https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html",
+ "subnets": "subnets specifies the subnets to which the load balancer will attach. The subnets may be specified by either their ID or name. The total number of subnets is limited to 10.\n\nIn order for the load balancer to be provisioned with subnets, each subnet must exist, each subnet must be from a different availability zone, and the load balancer service must be recreated to pick up new values.\n\nWhen omitted from the spec, the subnets will be auto-discovered for each availability zone. Auto-discovered subnets are not reported in the status of the IngressController object.",
+ "eipAllocations": "eipAllocations is a list of IDs for Elastic IP (EIP) addresses that are assigned to the Network Load Balancer. The following restrictions apply:\n\neipAllocations can only be used with external scope, not internal. An EIP can be allocated to only a single IngressController. The number of EIP allocations must match the number of subnets that are used for the load balancer. Each EIP allocation must be unique. A maximum of 10 EIP allocations are permitted.\n\nSee https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html for general information about configuration, characteristics, and limitations of Elastic IP addresses.",
}
func (AWSNetworkLoadBalancerParameters) SwaggerDoc() map[string]string {
return map_AWSNetworkLoadBalancerParameters
}
+var map_AWSSubnets = map[string]string{
+ "": "AWSSubnets contains a list of references to AWS subnets by ID or name.",
+ "ids": "ids specifies a list of AWS subnets by subnet ID. Subnet IDs must start with \"subnet-\", consist only of alphanumeric characters, must be exactly 24 characters long, must be unique, and the total number of subnets specified by ids and names must not exceed 10.",
+ "names": "names specifies a list of AWS subnets by subnet name. Subnet names must not start with \"subnet-\", must not include commas, must be under 256 characters in length, must be unique, and the total number of subnets specified by ids and names must not exceed 10.",
+}
+
+func (AWSSubnets) SwaggerDoc() map[string]string {
+ return map_AWSSubnets
+}
+
var map_AccessLogging = map[string]string{
"": "AccessLogging describes how client requests should be logged.",
"destination": "destination is where access logs go.",
@@ -1485,6 +1539,15 @@ func (AdditionalNetworkDefinition) SwaggerDoc() map[string]string {
return map_AdditionalNetworkDefinition
}
+var map_AdditionalRoutingCapabilities = map[string]string{
+ "": "AdditionalRoutingCapabilities describes components and relevant configuration providing advanced routing capabilities.",
+ "providers": "providers is a set of enabled components that provide additional routing capabilities. Entries on this list must be unique. The only valid value is currrently \"FRR\" which provides FRR routing capabilities through the deployment of FRR.",
+}
+
+func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string {
+ return map_AdditionalRoutingCapabilities
+}
+
var map_ClusterNetworkEntry = map[string]string{
"": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks",
}
@@ -1496,7 +1559,7 @@ func (ClusterNetworkEntry) SwaggerDoc() map[string]string {
var map_DefaultNetworkDefinition = map[string]string{
"": "DefaultNetworkDefinition represents a single network plugin's configuration. type must be specified, along with exactly one \"Config\" that matches the type.",
"type": "type is the type of network All NetworkTypes are supported except for NetworkTypeRaw",
- "openshiftSDNConfig": "openShiftSDNConfig configures the openshift-sdn plugin",
+ "openshiftSDNConfig": "openShiftSDNConfig was previously used to configure the openshift-sdn plugin. DEPRECATED: OpenShift SDN is no longer supported.",
"ovnKubernetesConfig": "ovnKubernetesConfig configures the ovn-kubernetes plugin.",
}
@@ -1524,9 +1587,9 @@ func (ExportNetworkFlows) SwaggerDoc() map[string]string {
}
var map_FeaturesMigration = map[string]string{
- "egressIP": "egressIP specifies whether or not the Egress IP configuration is migrated automatically when changing the cluster default network provider. If unset, this property defaults to 'true' and Egress IP configure is migrated.",
- "egressFirewall": "egressFirewall specifies whether or not the Egress Firewall configuration is migrated automatically when changing the cluster default network provider. If unset, this property defaults to 'true' and Egress Firewall configure is migrated.",
- "multicast": "multicast specifies whether or not the multicast configuration is migrated automatically when changing the cluster default network provider. If unset, this property defaults to 'true' and multicast configure is migrated.",
+ "egressIP": "egressIP specified whether or not the Egress IP configuration was migrated. DEPRECATED: network type migration is no longer supported.",
+ "egressFirewall": "egressFirewall specified whether or not the Egress Firewall configuration was migrated. DEPRECATED: network type migration is no longer supported.",
+ "multicast": "multicast specified whether or not the multicast configuration was migrated. DEPRECATED: network type migration is no longer supported.",
}
func (FeaturesMigration) SwaggerDoc() map[string]string {
@@ -1617,7 +1680,7 @@ func (IPv6OVNKubernetesConfig) SwaggerDoc() map[string]string {
}
var map_MTUMigration = map[string]string{
- "": "MTUMigration MTU contains infomation about MTU migration.",
+ "": "MTUMigration contains infomation about MTU migration.",
"network": "network contains information about MTU migration for the default network. Migrations are only allowed to MTU values lower than the machine's uplink MTU by the minimum appropriate offset.",
"machine": "machine contains MTU migration configuration for the machine's uplink. Needs to be migrated along with the default network MTU unless the current uplink MTU already accommodates the default network MTU.",
}
@@ -1663,11 +1726,11 @@ func (NetworkList) SwaggerDoc() map[string]string {
}
var map_NetworkMigration = map[string]string{
- "": "NetworkMigration represents the cluster network configuration.",
- "networkType": "networkType is the target type of network migration. Set this to the target network type to allow changing the default network. If unset, the operation of changing cluster default network plugin will be rejected. The supported values are OpenShiftSDN, OVNKubernetes",
+ "": "NetworkMigration represents the cluster network migration configuration.",
"mtu": "mtu contains the MTU migration configuration. Set this to allow changing the MTU values for the default network. If unset, the operation of changing the MTU for the default network will be rejected.",
- "features": "features contains the features migration configuration. Set this to migrate feature configuration when changing the cluster default network provider. if unset, the default operation is to migrate all the configuration of supported features.",
- "mode": "mode indicates the mode of network migration. The supported values are \"Live\", \"Offline\" and omitted. A \"Live\" migration operation will not cause service interruption by migrating the CNI of each node one by one. The cluster network will work as normal during the network migration. An \"Offline\" migration operation will cause service interruption. During an \"Offline\" migration, two rounds of node reboots are required. The cluster network will be malfunctioning during the network migration. When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. The current default value is \"Offline\".",
+ "networkType": "networkType was previously used when changing the default network type. DEPRECATED: network type migration is no longer supported, and setting this to a non-empty value will result in the network operator rejecting the configuration.",
+ "features": "features was previously used to configure which network plugin features would be migrated in a network type migration. DEPRECATED: network type migration is no longer supported, and setting this to a non-empty value will result in the network operator rejecting the configuration.",
+ "mode": "mode indicates the mode of network type migration. DEPRECATED: network type migration is no longer supported, and setting this to a non-empty value will result in the network operator rejecting the configuration.",
}
func (NetworkMigration) SwaggerDoc() map[string]string {
@@ -1675,18 +1738,19 @@ func (NetworkMigration) SwaggerDoc() map[string]string {
}
var map_NetworkSpec = map[string]string{
- "": "NetworkSpec is the top-level network configuration object.",
- "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.",
- "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.",
- "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive",
- "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.",
- "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.",
- "useMultiNetworkPolicy": "useMultiNetworkPolicy enables a controller which allows for MultiNetworkPolicy objects to be used on additional networks as created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy objects, but NetworkPolicy objects only apply to the primary interface. With MultiNetworkPolicy, you can control the traffic that a pod can receive over the secondary interfaces. If unset, this property defaults to 'false' and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is 'true' then the value of this field is ignored.",
- "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.",
- "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.",
- "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.",
- "exportNetworkFlows": "exportNetworkFlows enables and configures the export of network flow metadata from the pod network by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. If unset, flows will not be exported to any collector.",
- "migration": "migration enables and configures the cluster network migration. The migration procedure allows to change the network type and the MTU.",
+ "": "NetworkSpec is the top-level network configuration object.",
+ "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.",
+ "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.",
+ "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive",
+ "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.",
+ "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.",
+ "useMultiNetworkPolicy": "useMultiNetworkPolicy enables a controller which allows for MultiNetworkPolicy objects to be used on additional networks as created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy objects, but NetworkPolicy objects only apply to the primary interface. With MultiNetworkPolicy, you can control the traffic that a pod can receive over the secondary interfaces. If unset, this property defaults to 'false' and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is 'true' then the value of this field is ignored.",
+ "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when ovn-kubernetes is used and true otherwise.",
+ "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.",
+ "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration, if deployKubeProxy is true. If not specified, sensible defaults will be chosen by OpenShift directly.",
+ "exportNetworkFlows": "exportNetworkFlows enables and configures the export of network flow metadata from the pod network by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. If unset, flows will not be exported to any collector.",
+ "migration": "migration enables and configures cluster network migration, for network changes that cannot be made instantly.",
+ "additionalRoutingCapabilities": "additionalRoutingCapabilities describes components and relevant configuration providing additional routing capabilities. When set, it enables such components and the usage of the routing capabilities they provide for the machine network. Upstream operators, like MetalLB operator, requiring these capabilities may rely on, or automatically set this attribute. Network plugins may leverage advanced routing capabilities acquired through the enablement of these components but may require specific configuration on their side to do so; refer to their respective documentation and configuration options.",
}
func (NetworkSpec) SwaggerDoc() map[string]string {
@@ -1714,6 +1778,7 @@ var map_OVNKubernetesConfig = map[string]string{
"egressIPConfig": "egressIPConfig holds the configuration for EgressIP options.",
"ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.",
"ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.",
+ "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".",
}
func (OVNKubernetesConfig) SwaggerDoc() map[string]string {
@@ -1721,11 +1786,11 @@ func (OVNKubernetesConfig) SwaggerDoc() map[string]string {
}
var map_OpenShiftSDNConfig = map[string]string{
- "": "OpenShiftSDNConfig configures the three openshift-sdn plugins",
+ "": "OpenShiftSDNConfig was used to configure the OpenShift SDN plugin. It is no longer used.",
"mode": "mode is one of \"Multitenant\", \"Subnet\", or \"NetworkPolicy\"",
"vxlanPort": "vxlanPort is the port to use for all vxlan packets. The default is 4789.",
"mtu": "mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. This must be 50 bytes smaller than the machine's uplink.",
- "useExternalOpenvswitch": "useExternalOpenvswitch used to control whether the operator would deploy an OVS DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always run as a system service, and this flag is ignored. DEPRECATED: non-functional as of 4.6",
+ "useExternalOpenvswitch": "useExternalOpenvswitch used to control whether the operator would deploy an OVS DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always run as a system service, and this flag is ignored.",
"enableUnidling": "enableUnidling controls whether or not the service proxy will support idling and unidling of services. By default, unidling is enabled.",
}
diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto
index 621bec09b0..82bf94d304 100644
--- a/vendor/github.com/openshift/api/route/v1/generated.proto
+++ b/vendor/github.com/openshift/api/route/v1/generated.proto
@@ -199,6 +199,8 @@ message RouteIngress {
optional string routerName = 2;
// Conditions is the state of the route, may be empty.
+ // +listType=map
+ // +listMapKey=type
repeated RouteIngressCondition conditions = 3;
// Wildcard policy is the wildcard policy that was allowed where this route is exposed.
@@ -331,6 +333,9 @@ message RouteSpec {
// Use the weight field in RouteTargetReference object to specify relative preference.
//
// +kubebuilder:validation:MaxItems=3
+ // +listType=map
+ // +listMapKey=name
+ // +listMapKey=kind
repeated RouteTargetReference alternateBackends = 4;
// If specified, the port to be used by the router. Most routers will use all
@@ -360,6 +365,7 @@ message RouteStatus {
// ingress describes the places where the route may be exposed. The list of
// ingress points may contain duplicate Host or RouterName values. Routes
// are considered live once they are `Ready`
+ // +listType=atomic
repeated RouteIngress ingress = 1;
}
@@ -404,7 +410,7 @@ message RouterShard {
// TLSConfig defines config used to secure a route and provide termination
//
// +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow"
-// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalRouteCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=RouteExternalCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
message TLSConfig {
// termination indicates termination type.
//
@@ -453,7 +459,7 @@ message TLSConfig {
// be present in the same namespace as that of the Route.
// Forbidden when `certificate` is set.
//
- // +openshift:enable:FeatureGate=ExternalRouteCertificate
+ // +openshift:enable:FeatureGate=RouteExternalCertificate
// +optional
optional LocalObjectReference externalCertificate = 7;
}
diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go
index fadc4b618b..9416199946 100644
--- a/vendor/github.com/openshift/api/route/v1/types.go
+++ b/vendor/github.com/openshift/api/route/v1/types.go
@@ -136,6 +136,9 @@ type RouteSpec struct {
// Use the weight field in RouteTargetReference object to specify relative preference.
//
// +kubebuilder:validation:MaxItems=3
+ // +listType=map
+ // +listMapKey=name
+ // +listMapKey=kind
AlternateBackends []RouteTargetReference `json:"alternateBackends,omitempty" protobuf:"bytes,4,rep,name=alternateBackends"`
// If specified, the port to be used by the router. Most routers will use all
@@ -350,6 +353,7 @@ type RouteStatus struct {
// ingress describes the places where the route may be exposed. The list of
// ingress points may contain duplicate Host or RouterName values. Routes
// are considered live once they are `Ready`
+ // +listType=atomic
Ingress []RouteIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"`
}
@@ -360,6 +364,8 @@ type RouteIngress struct {
// Name is a name chosen by the router to identify itself; this value is required
RouterName string `json:"routerName,omitempty" protobuf:"bytes,2,opt,name=routerName"`
// Conditions is the state of the route, may be empty.
+ // +listType=map
+ // +listMapKey=type
Conditions []RouteIngressCondition `json:"conditions,omitempty" protobuf:"bytes,3,rep,name=conditions"`
// Wildcard policy is the wildcard policy that was allowed where this route is exposed.
WildcardPolicy WildcardPolicyType `json:"wildcardPolicy,omitempty" protobuf:"bytes,4,opt,name=wildcardPolicy"`
@@ -415,7 +421,7 @@ type RouterShard struct {
// TLSConfig defines config used to secure a route and provide termination
//
// +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow"
-// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalRouteCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
+// +openshift:validation:FeatureGateAwareXValidation:featureGate=RouteExternalCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate"
type TLSConfig struct {
// termination indicates termination type.
//
@@ -464,7 +470,7 @@ type TLSConfig struct {
// be present in the same namespace as that of the Route.
// Forbidden when `certificate` is set.
//
- // +openshift:enable:FeatureGate=ExternalRouteCertificate
+ // +openshift:enable:FeatureGate=RouteExternalCertificate
// +optional
ExternalCertificate *LocalObjectReference `json:"externalCertificate,omitempty" protobuf:"bytes,7,opt,name=externalCertificate"`
}
diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml
index aced0855f4..0277ba2f32 100644
--- a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -5,7 +5,7 @@ routes.route.openshift.io:
Capability: ""
Category: ""
FeatureGates:
- - ExternalRouteCertificate
+ - RouteExternalCertificate
FilenameOperatorName: ""
FilenameOperatorOrdering: ""
FilenameRunLevel: ""
diff --git a/vendor/github.com/openshift/api/security/v1/consts.go b/vendor/github.com/openshift/api/security/v1/consts.go
index 3b686c31d6..7e8adf6e64 100644
--- a/vendor/github.com/openshift/api/security/v1/consts.go
+++ b/vendor/github.com/openshift/api/security/v1/consts.go
@@ -10,4 +10,7 @@ const (
// This annotation pins required SCCs for core OpenShift workloads to prevent preemption of custom SCCs.
// It is being used in the SCC admission plugin.
RequiredSCCAnnotation = "openshift.io/required-scc"
+
+ // MinimallySufficientPodSecurityStandard indicates the PodSecurityStandard that matched the SCCs available to the users of the namespace.
+ MinimallySufficientPodSecurityStandard = "security.openshift.io/MinimallySufficientPodSecurityStandard"
)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 8b3a126c55..5352d4d37a 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -586,7 +586,7 @@ github.com/opencontainers/runtime-spec/specs-go
## explicit; go 1.19
github.com/opencontainers/selinux/go-selinux
github.com/opencontainers/selinux/pkg/pwalkdir
-# github.com/openshift/api v0.0.0-20240529192326-16d44e6d3e7d
+# github.com/openshift/api v0.0.0-20240912201240-0a8800162826
## explicit; go 1.22.0
github.com/openshift/api
github.com/openshift/api/annotations