diff --git a/go.mod b/go.mod index 7be15e192e7f..442fece2559a 100644 --- a/go.mod +++ b/go.mod @@ -219,7 +219,7 @@ require ( github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/pkg/profile v1.3.0 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/pquerna/cachecontrol v0.1.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect @@ -337,3 +337,11 @@ replace ( k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20240723170835-32f817d75efe k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20240723170835-32f817d75efe ) + +replace github.com/openshift/api => github.com/atiratree/api v0.0.0-20240830152941-34de2c1ab9d8 + +replace github.com/openshift/client-go => github.com/atiratree/client-go v0.0.0-20240830171345-d8eefb9e13fa + +replace github.com/openshift/library-go => github.com/atiratree/library-go v0.0.0-20240830172616-6ec6d5a91763 + +replace github.com/openshift/apiserver-library-go => github.com/atiratree/apiserver-library-go v0.0.0-20240902141710-d46ab0ce0d50 diff --git a/go.sum b/go.sum index cf1151aa9dd3..c29a4016f3f6 100644 --- a/go.sum +++ b/go.sum @@ -158,6 +158,14 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/atiratree/api v0.0.0-20240830152941-34de2c1ab9d8 h1:ohLwkFqcXwMbLjVu2b1Gi7ZiW9J1Fu92EycreteaFDY= +github.com/atiratree/api v0.0.0-20240830152941-34de2c1ab9d8/go.mod h1:OOh6Qopf21pSzqNVCB5gomomBXb8o5sGKZxG2KNpaXM= +github.com/atiratree/apiserver-library-go v0.0.0-20240902141710-d46ab0ce0d50 h1:mv7ZCqbPyReQxr5O6OHQ1usTKWLrKQAMYS2a3OQQPYo= +github.com/atiratree/apiserver-library-go v0.0.0-20240902141710-d46ab0ce0d50/go.mod h1:uaJiXph98hEOihMvogZBXmrKZ+oRAA7n3H9e0n9/XqQ= +github.com/atiratree/client-go v0.0.0-20240830171345-d8eefb9e13fa h1:0k9FkYAyZkLyp7ZYwtkPzKbJorFSNQYH+Igr2305bNE= +github.com/atiratree/client-go v0.0.0-20240830171345-d8eefb9e13fa/go.mod h1:KaSJuXRenRK3Qyry69jD84cHDqMl9Dh59yXtQ/Uz8Ec= +github.com/atiratree/library-go v0.0.0-20240830172616-6ec6d5a91763 h1:uhlaZfH2sfPyAp28LButF8BjLJkg7QtvNY0bsfA/xQI= +github.com/atiratree/library-go v0.0.0-20240830172616-6ec6d5a91763/go.mod h1:GKGiKq60kYi8JjXnN7J/mzqhIRcoG3ao65SIjnZm6AY= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -662,14 +670,8 @@ github.com/opencontainers/runtime-spec v1.0.3-0.20220909204839-494a5a6aca78 h1:R github.com/opencontainers/runtime-spec v1.0.3-0.20220909204839-494a5a6aca78/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/openshift/api v0.0.0-20240704102751-33ed71ab039f h1:8qy74aofCvUwCdPafxgdWFsd3oCoMXhjaaCsXaWNCGM= -github.com/openshift/api v0.0.0-20240704102751-33ed71ab039f/go.mod h1:OOh6Qopf21pSzqNVCB5gomomBXb8o5sGKZxG2KNpaXM= -github.com/openshift/apiserver-library-go v0.0.0-20240716092710-e88385a79b17 h1:lJ0jen15LqSgZkFQLPPkgDRevNxc8B/Z5/vgZ2LoZ3A= -github.com/openshift/apiserver-library-go v0.0.0-20240716092710-e88385a79b17/go.mod h1:DDVeKBhMfq0TwM4p90dCGz80UeUKPIOCXNBNj3bEXtU= github.com/openshift/build-machinery-go v0.0.0-20240613134303-8359781da660 h1:F0zE2bmdVvaEd18VXuGYQdJJ1FYJu4MIDW9PYZWc9No= github.com/openshift/build-machinery-go v0.0.0-20240613134303-8359781da660/go.mod h1:8jcm8UPtg2mCAsxfqKil1xrmRMI3a+XU2TZ9fF8A7TE= -github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87 h1:JtLhaGpSEconE+1IKmIgCOof/Len5ceG6H1pk43yv5U= -github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87/go.mod h1:3IPD4U0qyovZS4EFady2kqY32m8lGcbs/Wx+yprg9z8= github.com/openshift/cluster-network-operator v0.0.0-20240708200319-1cd8678b38fb h1:Dr0dbSQTAU9UaoAvimGjR+fsvwx2twJ5KR0s/jyAz88= github.com/openshift/cluster-network-operator v0.0.0-20240708200319-1cd8678b38fb/go.mod h1:LnhqxbWhAnhPwilJ4yX1/ly7wCMCYJKkaiSJQSh+Wjg= github.com/openshift/kubernetes v1.30.1-0.20240723170835-32f817d75efe h1:wyndN7pTLG5E9l6cOUc2IaYMJmlin50bp9qdIkJbuVg= @@ -720,8 +722,6 @@ github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0 github.com/openshift/kubernetes/staging/src/k8s.io/pod-security-admission v0.0.0-20240723170835-32f817d75efe/go.mod h1:jF2UfCrVeEWQ1IS0JOCvmMtEIJSQDOd2rgwbK7OOHBA= github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20240723170835-32f817d75efe h1:CXbcJf1uFisd3DvKEBsTNKUhSdhjF7RdPAKDBlD/YC4= github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20240723170835-32f817d75efe/go.mod h1:fSQXzP6IN17btnXiZW0U1mijrodyagZGECe6WsnpWLg= -github.com/openshift/library-go v0.0.0-20240709182732-b94141242b0c h1:J79MQ2jYap7l9ugCosp73mIcb6PNcXeczINlyfGC7XA= -github.com/openshift/library-go v0.0.0-20240709182732-b94141242b0c/go.mod h1:PdASVamWinll2BPxiUpXajTwZxV8A1pQbWEsCN1od7I= github.com/openshift/onsi-ginkgo/v2 v2.6.1-0.20240314173009-2cd07f4ca53d h1:GDn4rF5hmB+d0tnFcPQhPy1YTooJH6U+HeYYdyjktmI= github.com/openshift/onsi-ginkgo/v2 v2.6.1-0.20240314173009-2cd07f4ca53d/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= @@ -744,11 +744,14 @@ github.com/pkg/profile v1.3.0 h1:OQIvuDgm00gWVWGTf4m4mCt6W1/0YqU7Ntg0mySWgaI= github.com/pkg/profile v1.3.0/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.1.0 h1:yJMy84ti9h/+OEWa752kBTKv4XC30OtVVHYv/8cTqKc= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.74.0 h1:AHzMWDxNiAVscJL6+4wkvFRTpMnJqiaZFEKA/osaBXE= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.74.0/go.mod h1:wAR5JopumPtAZnu0Cjv2PSqV4p4QB09LMhc6fZZTXuA= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= diff --git a/test/extended/authorization/authorization.go b/test/extended/authorization/authorization.go index da1268bfc57b..c1a143ff1e2a 100644 --- a/test/extended/authorization/authorization.go +++ b/test/extended/authorization/authorization.go @@ -849,8 +849,8 @@ func (test subjectAccessReviewTest) run(t g.GinkgoTInterface) { var testNS string if test.localReview != nil { switch { - case len(test.localReview.Namespace) > 0: - testNS = test.localReview.Namespace + case len(test.localReview.Action.Namespace) > 0: + testNS = test.localReview.Action.Namespace case len(test.response.Namespace) > 0: testNS = test.response.Namespace case len(test.kubeNamespace) > 0: diff --git a/vendor/github.com/openshift/api/Dockerfile.rhel8 b/vendor/github.com/openshift/api/Dockerfile.ocp similarity index 100% rename from vendor/github.com/openshift/api/Dockerfile.rhel8 rename to vendor/github.com/openshift/api/Dockerfile.ocp diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 7aa6b9bde45a..5e6a6b1312ee 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -27,9 +27,11 @@ test-unit: ################################################################################## # Ensure update-scripts are run before crd-gen so updates to Godoc are included in CRDs. +# Run update-payload-crds after update-codegen-crds to copy any newly created crds .PHONY: update-codegen-crds update-codegen-crds: update-scripts hack/update-codegen-crds.sh + hack/update-payload-crds.sh ##################### # @@ -79,7 +81,7 @@ verify-%: ################################################################################################ .PHONY: update-scripts -update-scripts: update-compatibility update-openapi update-deepcopy update-protobuf update-swagger-docs tests-vendor update-prerelease-lifecycle-gen update-payload-crds update-payload-featuregates +update-scripts: update-compatibility update-openapi update-deepcopy update-protobuf update-swagger-docs tests-vendor update-prerelease-lifecycle-gen update-payload-featuregates .PHONY: update-compatibility update-compatibility: diff --git a/vendor/github.com/openshift/api/README.md b/vendor/github.com/openshift/api/README.md index 2054ba8151d6..655486527c07 100644 --- a/vendor/github.com/openshift/api/README.md +++ b/vendor/github.com/openshift/api/README.md @@ -62,7 +62,7 @@ route/ tests/ routes.route.openshift.io/ AAA_ungated.yaml - ExternalRouteCertificate.yaml + RouteExternalCertificate.yaml ``` Here's an `AAA_ungated.yaml` example: ```yaml @@ -72,12 +72,12 @@ crdName: routes.route.openshift.io tests: ``` -Here's an `ExternalRouteCertificate.yaml` example: +Here's an `RouteExternalCertificate.yaml` example: ```yaml apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this. name: Route crdName: routes.route.openshift.io -featureGate: ExternalRouteCertificate +featureGate: RouteExternalCertificate tests: ``` diff --git a/vendor/github.com/openshift/api/authorization/v1/generated.pb.go b/vendor/github.com/openshift/api/authorization/v1/generated.pb.go index 4a38ab6f76c6..c52cebf07ac0 100644 --- a/vendor/github.com/openshift/api/authorization/v1/generated.pb.go +++ b/vendor/github.com/openshift/api/authorization/v1/generated.pb.go @@ -1053,121 +1053,123 @@ func init() { } var fileDescriptor_39b89822f939ca46 = []byte{ - // 1821 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x19, 0xcd, 0x6f, 0x1b, 0x59, - 0x3d, 0xcf, 0x76, 0x1c, 0xfb, 0xe7, 0x26, 0xce, 0xbe, 0x66, 0xdb, 0x69, 0xa0, 0xb6, 0x35, 0x20, - 0x48, 0x05, 0x3b, 0x26, 0x01, 0x4a, 0xdb, 0x15, 0x5a, 0xd9, 0xdd, 0xa8, 0x8a, 0x54, 0x9a, 0xec, - 0x0b, 0xbb, 0x5a, 0x2d, 0x1f, 0x62, 0x3c, 0x79, 0xb1, 0x87, 0x8c, 0x67, 0xac, 0x79, 0xe3, 0x94, - 0x82, 0x90, 0x0a, 0x12, 0x07, 0x2e, 0x68, 0x2f, 0x20, 0x8e, 0x20, 0xfe, 0x00, 0xc4, 0x05, 0x09, - 0x24, 0x38, 0x71, 0xe8, 0x81, 0x43, 0x25, 0x2e, 0x15, 0x42, 0x86, 0xba, 0x88, 0x03, 0x07, 0xfe, - 0x06, 0xf4, 0xde, 0xbc, 0xf1, 0x7c, 0x78, 0xac, 0x78, 0x92, 0x26, 0x82, 0x55, 0x6f, 0x9e, 0xf7, - 0xfb, 0xfe, 0x7c, 0xbf, 0xdf, 0x33, 0xdc, 0xee, 0x9a, 0x5e, 0x6f, 0xd8, 0xd1, 0x0c, 0xa7, 0xdf, - 0x74, 0x06, 0xd4, 0x66, 0x3d, 0xf3, 0xd0, 0x6b, 0xea, 0x03, 0xb3, 0xa9, 0x0f, 0xbd, 0x9e, 0xe3, - 0x9a, 0xdf, 0xd5, 0x3d, 0xd3, 0xb1, 0x9b, 0xc7, 0x9b, 0xcd, 0x2e, 0xb5, 0xa9, 0xab, 0x7b, 0xf4, - 0x40, 0x1b, 0xb8, 0x8e, 0xe7, 0xe0, 0x1b, 0x21, 0xa9, 0x36, 0x21, 0xd5, 0xf4, 0x81, 0xa9, 0xc5, - 0x48, 0xb5, 0xe3, 0xcd, 0xf5, 0x37, 0x22, 0x52, 0xba, 0x4e, 0xd7, 0x69, 0x0a, 0x0e, 0x9d, 0xe1, - 0xa1, 0xf8, 0x12, 0x1f, 0xe2, 0x97, 0xcf, 0x79, 0x5d, 0x3d, 0xba, 0xc5, 0x34, 0xd3, 0x11, 0x6a, - 0x18, 0x8e, 0x4b, 0x53, 0xa4, 0xc7, 0x70, 0xdc, 0x8e, 0x6e, 0xa4, 0xe1, 0x7c, 0x21, 0xc4, 0xe9, - 0xeb, 0x46, 0xcf, 0xb4, 0xa9, 0xfb, 0xa8, 0x39, 0x38, 0xea, 0xf2, 0x03, 0xd6, 0xec, 0x53, 0x4f, - 0x4f, 0xa3, 0x6a, 0xce, 0xa2, 0x72, 0x87, 0xb6, 0x67, 0xf6, 0xe9, 0x14, 0xc1, 0xcd, 0x93, 0x08, - 0x98, 0xd1, 0xa3, 0x7d, 0x3d, 0x49, 0xa7, 0xfe, 0xa0, 0x00, 0xc5, 0x96, 0xc1, 0x7d, 0x84, 0x9b, - 0x50, 0xb6, 0xf5, 0x3e, 0x65, 0x03, 0xdd, 0xa0, 0x0a, 0x6a, 0xa0, 0x8d, 0x72, 0xfb, 0xb5, 0x27, - 0xa3, 0xfa, 0xc2, 0x78, 0x54, 0x2f, 0x3f, 0x08, 0x00, 0x24, 0xc4, 0xc1, 0x0d, 0x28, 0x1c, 0x53, - 0xb7, 0xa3, 0xe4, 0x04, 0xee, 0x25, 0x89, 0x5b, 0x78, 0x8f, 0xba, 0x1d, 0x22, 0x20, 0xf8, 0x36, - 0xac, 0xba, 0x94, 0x39, 0x43, 0xd7, 0xa0, 0xad, 0xbd, 0x9d, 0x7b, 0xae, 0x33, 0x1c, 0x28, 0x79, - 0x81, 0xbd, 0x2c, 0xb1, 0x17, 0xc5, 0x21, 0x99, 0x42, 0xc3, 0x6f, 0x01, 0x8e, 0x9c, 0xbd, 0x47, - 0x5d, 0x66, 0x3a, 0xb6, 0x52, 0x10, 0xc4, 0x55, 0x49, 0xbc, 0x24, 0x8f, 0x49, 0x0a, 0x2a, 0xfe, - 0x2c, 0x94, 0x82, 0x53, 0x65, 0x51, 0x90, 0xad, 0x4a, 0xb2, 0x12, 0x91, 0xe7, 0x64, 0x82, 0x81, - 0x6f, 0xc1, 0xa5, 0xe0, 0x37, 0xb7, 0x55, 0x29, 0x0a, 0x8a, 0x35, 0x49, 0x71, 0x89, 0x44, 0x60, - 0x24, 0x86, 0xc9, 0xbd, 0x30, 0xd0, 0xbd, 0x9e, 0x52, 0x8a, 0x7b, 0x61, 0x4f, 0xf7, 0x7a, 0x44, - 0x40, 0xf0, 0xdb, 0xb0, 0x6a, 0xb2, 0x07, 0x8e, 0x1d, 0x30, 0x79, 0x97, 0xdc, 0x57, 0xca, 0x0d, - 0xb4, 0x51, 0x6a, 0x2b, 0x12, 0x7b, 0x75, 0x27, 0x01, 0x27, 0x53, 0x14, 0xf8, 0x7d, 0x58, 0x32, - 0x1c, 0xdb, 0xa3, 0xb6, 0xa7, 0x2c, 0x35, 0xd0, 0x46, 0x65, 0xeb, 0x0d, 0xcd, 0x8f, 0xb9, 0x16, - 0x8d, 0xb9, 0x36, 0x38, 0xea, 0x6a, 0x32, 0xe6, 0x1a, 0xd1, 0x1f, 0x6e, 0x7f, 0xc7, 0xa3, 0x36, - 0xf7, 0x47, 0xe8, 0xb4, 0xbb, 0x3e, 0x17, 0x12, 0xb0, 0x53, 0x7f, 0x9d, 0x83, 0xca, 0x5d, 0x6b, - 0xc8, 0x3c, 0xea, 0x12, 0xc7, 0xa2, 0xf8, 0x5b, 0x50, 0xe2, 0x79, 0x79, 0xa0, 0x7b, 0xba, 0xc8, - 0x83, 0xca, 0xd6, 0xe7, 0x66, 0x8a, 0xe2, 0x59, 0xac, 0x71, 0x6c, 0xed, 0x78, 0x53, 0xdb, 0xed, - 0x7c, 0x9b, 0x1a, 0xde, 0x57, 0xa8, 0xa7, 0xb7, 0xb1, 0x94, 0x06, 0xe1, 0x19, 0x99, 0x70, 0xc5, - 0x1f, 0xc0, 0xa2, 0x3b, 0xb4, 0x28, 0x53, 0x72, 0x8d, 0xfc, 0x46, 0x65, 0xeb, 0x8b, 0xda, 0xdc, - 0x65, 0xac, 0xed, 0x39, 0x96, 0x69, 0x3c, 0x22, 0x43, 0x8b, 0x86, 0x39, 0xc4, 0xbf, 0x18, 0xf1, - 0x59, 0xe2, 0x0e, 0x54, 0xf5, 0x6e, 0xd7, 0xa5, 0x5d, 0x41, 0xc2, 0x41, 0x22, 0xe5, 0x2a, 0x5b, - 0x9f, 0x88, 0x18, 0xa1, 0xf1, 0x72, 0xe5, 0xec, 0x5a, 0x71, 0xd4, 0xf6, 0xe5, 0xf1, 0xa8, 0x5e, - 0x4d, 0x1c, 0x92, 0x24, 0x43, 0xf5, 0xdf, 0x79, 0xc0, 0x11, 0x8f, 0xb5, 0x4d, 0xfb, 0xc0, 0xb4, - 0xbb, 0x17, 0xe0, 0x38, 0x0a, 0xe5, 0x21, 0xa3, 0xae, 0x28, 0x47, 0x51, 0x77, 0x95, 0xad, 0x5b, - 0x19, 0x9c, 0xb7, 0x3b, 0xe0, 0xbf, 0x74, 0x4b, 0xd0, 0xb7, 0x97, 0x79, 0x65, 0xbf, 0x1b, 0xb0, - 0x23, 0x21, 0x67, 0xdc, 0x03, 0xe8, 0xf2, 0x2a, 0xf4, 0xe5, 0xe4, 0xcf, 0x28, 0x67, 0x85, 0x9b, - 0x73, 0x6f, 0xc2, 0x8f, 0x44, 0x78, 0xe3, 0x77, 0xa0, 0xc4, 0x86, 0xc2, 0x52, 0xa6, 0x14, 0x44, - 0x32, 0xc4, 0xc2, 0xc4, 0x3b, 0x6f, 0xe8, 0x20, 0x42, 0x0f, 0xa9, 0x4b, 0x6d, 0x83, 0x86, 0xa5, - 0xbc, 0x2f, 0x89, 0xc9, 0x84, 0x0d, 0x7e, 0x00, 0x4b, 0xae, 0x63, 0x51, 0x42, 0x0f, 0x45, 0xdd, - 0xcf, 0xc9, 0x71, 0x52, 0x1e, 0xc4, 0xa7, 0x25, 0x01, 0x13, 0xf5, 0xaf, 0x08, 0xae, 0x4c, 0x07, - 0xfb, 0xbe, 0xc9, 0x3c, 0xfc, 0xf5, 0xa9, 0x80, 0x6b, 0xf3, 0x05, 0x9c, 0x53, 0x8b, 0x70, 0x4f, - 0x0c, 0x09, 0x4e, 0x22, 0xc1, 0xee, 0xc0, 0xa2, 0xe9, 0xd1, 0x7e, 0x50, 0x25, 0x5f, 0xce, 0x10, - 0x80, 0x69, 0x7d, 0xc3, 0x6a, 0xd9, 0xe1, 0x3c, 0x89, 0xcf, 0x5a, 0xfd, 0x33, 0x82, 0x6a, 0x04, - 0xf9, 0x02, 0xac, 0xfa, 0x5a, 0xdc, 0xaa, 0x9b, 0xa7, 0xb4, 0x2a, 0xdd, 0x9c, 0x9f, 0x21, 0x58, - 0xf5, 0x6f, 0x14, 0xca, 0x3c, 0xd7, 0xf4, 0x2f, 0x36, 0x15, 0x8a, 0x22, 0xe3, 0x98, 0x82, 0x1a, - 0xf9, 0x8d, 0x72, 0x1b, 0xc6, 0xa3, 0x7a, 0x51, 0x60, 0x31, 0x22, 0x21, 0xf8, 0x9b, 0x50, 0xb4, - 0xf4, 0x0e, 0xb5, 0x02, 0xb5, 0x3e, 0x3f, 0xa7, 0xc5, 0x9c, 0x66, 0x9f, 0x5a, 0xd4, 0xf0, 0x1c, - 0x37, 0xbc, 0x2e, 0x83, 0x13, 0x46, 0x24, 0x57, 0xb5, 0x0e, 0xd7, 0x77, 0xd8, 0x1e, 0x75, 0x19, - 0x2f, 0x0b, 0x99, 0xb4, 0x2d, 0xc3, 0xa0, 0x8c, 0x11, 0x7a, 0x6c, 0xd2, 0x87, 0xaa, 0x05, 0xd7, - 0xee, 0x3b, 0x86, 0x6e, 0x05, 0x2d, 0x3f, 0x0a, 0xc4, 0xbb, 0xc1, 0x25, 0x2d, 0xe3, 0xb1, 0x99, - 0xc1, 0x69, 0x3e, 0x61, 0xbb, 0xc0, 0x75, 0x23, 0x92, 0x8d, 0xfa, 0xd3, 0x1c, 0x28, 0x42, 0x5c, - 0x8a, 0x2a, 0x2f, 0x5d, 0x1a, 0xbf, 0x22, 0x79, 0x6f, 0x49, 0x0e, 0x0a, 0xbc, 0xf5, 0x10, 0x01, - 0xc1, 0x9f, 0x9e, 0x84, 0x28, 0x2f, 0x42, 0x54, 0x1d, 0x8f, 0xea, 0x15, 0x3f, 0x44, 0xfb, 0x96, - 0x69, 0xd0, 0x49, 0x9c, 0xbe, 0x01, 0x45, 0x66, 0x38, 0x03, 0xca, 0xc4, 0x28, 0x50, 0xd9, 0xba, - 0x7d, 0x8a, 0xae, 0xb4, 0x2f, 0x18, 0xf8, 0x69, 0xe0, 0xff, 0x26, 0x92, 0xa9, 0xfa, 0x13, 0x04, - 0xab, 0xbc, 0x31, 0x1d, 0x44, 0xef, 0xc3, 0x06, 0x14, 0xf8, 0xd0, 0x23, 0x67, 0xa2, 0x89, 0xfa, - 0x62, 0x16, 0x10, 0x10, 0xfc, 0x3e, 0x14, 0x78, 0xb7, 0x90, 0x1d, 0xf9, 0xb4, 0x29, 0x3d, 0xe1, - 0x2c, 0x5a, 0x90, 0xe0, 0xa8, 0xfe, 0x06, 0xc1, 0xd5, 0xa4, 0x42, 0xc1, 0x75, 0x73, 0xb2, 0x5e, - 0x1e, 0x54, 0xdc, 0x90, 0x40, 0xaa, 0x77, 0xc6, 0x3e, 0x72, 0x59, 0xca, 0xa9, 0x44, 0x0e, 0x49, - 0x54, 0x8c, 0xfa, 0x18, 0x81, 0x18, 0x18, 0x0f, 0xe6, 0xf4, 0xde, 0x3b, 0x31, 0xef, 0x35, 0x33, - 0xa8, 0x37, 0xd3, 0x6d, 0xbf, 0x0a, 0xe2, 0x98, 0xcd, 0x5f, 0xfd, 0x34, 0x7f, 0xdd, 0xcc, 0xaa, - 0xd0, 0xdc, 0x8e, 0xba, 0x03, 0xcb, 0xb1, 0x9b, 0x12, 0xd7, 0x83, 0xde, 0xe8, 0x37, 0xaa, 0x72, - 0xb2, 0xbf, 0xdd, 0x29, 0xfd, 0xfc, 0x17, 0xf5, 0x85, 0xc7, 0x7f, 0x6b, 0x2c, 0xa8, 0x6f, 0xc2, - 0x4a, 0x3c, 0x9f, 0xb3, 0x10, 0xff, 0x38, 0x0f, 0x10, 0x0e, 0x52, 0x9c, 0x92, 0x8f, 0xeb, 0x31, - 0x4a, 0x3e, 0xc5, 0x33, 0xe2, 0x9f, 0xe3, 0x1f, 0x22, 0x78, 0x5d, 0xf7, 0x3c, 0xd7, 0xec, 0x0c, - 0x3d, 0x1a, 0x69, 0xad, 0xc1, 0x0c, 0x92, 0x71, 0x14, 0xbd, 0x2e, 0x3d, 0xf3, 0x7a, 0x2b, 0x8d, - 0x27, 0x49, 0x17, 0x85, 0x3f, 0x03, 0x65, 0x7d, 0x60, 0xde, 0x8b, 0xb6, 0x09, 0x31, 0xc1, 0x04, - 0x2b, 0x03, 0x23, 0x21, 0x9c, 0x23, 0x07, 0x53, 0xba, 0x3f, 0x58, 0x48, 0xe4, 0xa0, 0xbd, 0x32, - 0x12, 0xc2, 0xf1, 0x97, 0x60, 0x39, 0x3a, 0xd2, 0x33, 0x65, 0x51, 0x10, 0xbc, 0x36, 0x1e, 0xd5, - 0x97, 0xa3, 0x93, 0x3f, 0x23, 0x71, 0x3c, 0xdc, 0x86, 0xaa, 0x1d, 0x9b, 0xd2, 0x99, 0x52, 0x14, - 0xa4, 0xca, 0x78, 0x54, 0x5f, 0x8b, 0x0f, 0xf0, 0xb2, 0x91, 0x25, 0x09, 0xd4, 0x2e, 0xac, 0x5d, - 0x4c, 0xcf, 0xff, 0x3b, 0x82, 0x8f, 0xa7, 0x49, 0x22, 0x94, 0x0d, 0x1c, 0x9b, 0xd1, 0xec, 0x0b, - 0xe0, 0x27, 0x61, 0x91, 0x77, 0x6f, 0xff, 0xce, 0x2c, 0xfb, 0x73, 0x1e, 0x6f, 0xea, 0xd2, 0x54, - 0x1f, 0x38, 0x7f, 0x6f, 0x7f, 0x0b, 0x56, 0xe8, 0xb1, 0x6e, 0x0d, 0xb9, 0xb6, 0xdb, 0xae, 0xeb, - 0xb8, 0x72, 0xdd, 0xbb, 0x2a, 0x95, 0xa8, 0x6e, 0x73, 0xa8, 0x3e, 0x01, 0x93, 0x04, 0xba, 0xfa, - 0x27, 0x04, 0x85, 0xff, 0xff, 0x0d, 0x46, 0x7d, 0x91, 0x87, 0xca, 0xab, 0xb5, 0xe2, 0xa3, 0xbe, - 0x56, 0xf0, 0xc9, 0xfb, 0x62, 0xf7, 0x89, 0x33, 0x4c, 0xde, 0x27, 0x2f, 0x12, 0x2f, 0x10, 0x5c, - 0x89, 0x5e, 0x74, 0x91, 0xf9, 0xfb, 0xfc, 0xf3, 0xb7, 0x0b, 0x05, 0x36, 0xa0, 0x86, 0x4c, 0xdd, - 0xed, 0xd3, 0x19, 0x16, 0x51, 0x79, 0x7f, 0x40, 0x8d, 0x70, 0x40, 0xe0, 0x5f, 0x44, 0x08, 0x50, - 0xc7, 0x08, 0xd6, 0xd3, 0x49, 0x2e, 0x20, 0x7e, 0x87, 0xf1, 0xf8, 0xb5, 0xce, 0x6c, 0xe6, 0x8c, - 0x50, 0xfe, 0x3e, 0x3f, 0xcb, 0x48, 0xee, 0x09, 0xfc, 0x08, 0xaa, 0xbc, 0xa4, 0xdd, 0xf0, 0x58, - 0xda, 0x7a, 0x27, 0x83, 0x42, 0x62, 0xf6, 0x8f, 0x68, 0x22, 0xde, 0x5d, 0x12, 0x87, 0x24, 0x29, - 0x07, 0x7f, 0x1f, 0x56, 0x45, 0x91, 0x47, 0x65, 0xfb, 0x31, 0x7f, 0x33, 0x83, 0xec, 0xe4, 0x82, - 0xd8, 0x5e, 0x1b, 0x8f, 0xea, 0x53, 0x6b, 0x23, 0x99, 0x12, 0x85, 0x7f, 0x89, 0xe0, 0x1a, 0xa3, - 0xee, 0xb1, 0x69, 0x50, 0xdd, 0x30, 0x9c, 0xa1, 0xed, 0x45, 0x15, 0xf1, 0xfb, 0xd9, 0xdb, 0x19, - 0x14, 0xd9, 0xf7, 0x79, 0xb5, 0x7c, 0x5e, 0x51, 0x8d, 0xae, 0x8f, 0x47, 0xf5, 0x6b, 0x33, 0xc1, - 0x64, 0xb6, 0x16, 0xea, 0x1f, 0x11, 0x94, 0x2e, 0x68, 0x93, 0xff, 0x6a, 0x3c, 0x1f, 0x33, 0x0f, - 0xee, 0xe9, 0xd9, 0xf7, 0x1f, 0x04, 0x57, 0xf6, 0xa9, 0x75, 0x28, 0x5b, 0xb0, 0x7f, 0x33, 0xfa, - 0x23, 0x51, 0x50, 0xe6, 0x28, 0x73, 0x99, 0xa7, 0x33, 0x9c, 0x55, 0xe6, 0xf8, 0x08, 0x8a, 0xcc, - 0xd3, 0xbd, 0x61, 0x70, 0x19, 0xde, 0xcd, 0x22, 0x6a, 0x5a, 0x8c, 0x60, 0xd5, 0x5e, 0x91, 0x82, - 0x8a, 0xfe, 0x37, 0x91, 0x22, 0xd4, 0xef, 0xc1, 0xfa, 0x6c, 0xf5, 0x22, 0x0b, 0x2f, 0x3a, 0x8f, - 0x85, 0xd7, 0x82, 0xab, 0xc9, 0x34, 0x93, 0x57, 0xd7, 0x1c, 0xeb, 0x52, 0x6c, 0x60, 0xcc, 0x9d, - 0x3c, 0x30, 0xaa, 0x7f, 0x41, 0x30, 0x3b, 0xab, 0xf1, 0x8f, 0x10, 0x54, 0xe3, 0x89, 0xed, 0x6f, - 0x24, 0x95, 0xad, 0xf6, 0x19, 0x8a, 0x2a, 0xb8, 0x89, 0x27, 0x53, 0x64, 0x1c, 0x81, 0x91, 0xa4, - 0x4c, 0xac, 0x01, 0x4c, 0x54, 0x8e, 0xcd, 0xb6, 0x13, 0x9b, 0x18, 0x89, 0x60, 0xa8, 0x1f, 0xe6, - 0xe0, 0xf2, 0xab, 0x77, 0x94, 0x58, 0x5a, 0xfd, 0x13, 0xc1, 0xc7, 0x52, 0x5c, 0x72, 0xfa, 0x55, - 0xe3, 0x06, 0x2c, 0xe9, 0x96, 0xe5, 0x3c, 0xa4, 0x07, 0xc2, 0xfa, 0x52, 0x38, 0x58, 0xb5, 0xfc, - 0x63, 0x12, 0xc0, 0xf1, 0xa7, 0xa0, 0xe8, 0x52, 0x9d, 0xc9, 0x8e, 0x5c, 0x0e, 0xeb, 0x8e, 0x88, - 0x53, 0x22, 0xa1, 0xb8, 0x05, 0x55, 0x1a, 0x5f, 0x28, 0x4e, 0xda, 0x37, 0x92, 0xf8, 0xea, 0xbf, - 0x10, 0xe0, 0x94, 0x3e, 0x65, 0xc4, 0xfa, 0x54, 0xeb, 0x6c, 0xcd, 0xe3, 0x7f, 0xa2, 0x47, 0xfd, - 0x81, 0x37, 0xe5, 0xf4, 0x06, 0x15, 0x24, 0x25, 0x9a, 0x99, 0x94, 0xe1, 0xfb, 0x6b, 0x6e, 0xe6, - 0xfb, 0x6b, 0x98, 0x8f, 0xf9, 0xf3, 0xc8, 0xc7, 0xdf, 0x21, 0x50, 0x66, 0x19, 0x1d, 0xee, 0x72, - 0xe8, 0xe5, 0xff, 0x1b, 0x95, 0x92, 0x64, 0xb9, 0x8c, 0x49, 0xf6, 0x5b, 0x04, 0xc9, 0xc9, 0x08, - 0xd7, 0x83, 0xcd, 0x3b, 0xf2, 0x62, 0x23, 0x36, 0xef, 0x60, 0xe9, 0x9e, 0xc7, 0xe7, 0xe1, 0x9b, - 0x77, 0xfe, 0x3c, 0xde, 0xbc, 0xdb, 0xbb, 0x4f, 0x9e, 0xd7, 0x16, 0x9e, 0x3e, 0xaf, 0x2d, 0x3c, - 0x7b, 0x5e, 0x5b, 0x78, 0x3c, 0xae, 0xa1, 0x27, 0xe3, 0x1a, 0x7a, 0x3a, 0xae, 0xa1, 0x67, 0xe3, - 0x1a, 0xfa, 0xc7, 0xb8, 0x86, 0x3e, 0x7c, 0x51, 0x5b, 0xf8, 0xe0, 0xc6, 0xdc, 0xff, 0xfe, 0xff, - 0x37, 0x00, 0x00, 0xff, 0xff, 0xac, 0xa0, 0x30, 0xab, 0x29, 0x20, 0x00, 0x00, + // 1841 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x1a, 0xcd, 0x6f, 0x1b, 0x4b, + 0x3d, 0x63, 0x3b, 0x8e, 0xfd, 0x73, 0x13, 0xe7, 0x4d, 0xf3, 0xd2, 0x6d, 0xa0, 0xb6, 0xb5, 0x20, + 0x48, 0x05, 0x6f, 0x4d, 0x02, 0x94, 0xb6, 0x4f, 0xe8, 0xc9, 0xee, 0x8b, 0xaa, 0x48, 0xa5, 0xc9, + 0x9b, 0xf0, 0x9e, 0xaa, 0xf2, 0x21, 0xd6, 0x9b, 0x89, 0xbd, 0x64, 0xbd, 0x6b, 0xed, 0xac, 0x53, + 0x0a, 0x42, 0x2a, 0x48, 0x1c, 0xb8, 0x20, 0x4e, 0x88, 0x23, 0x88, 0x3f, 0x00, 0x71, 0x41, 0x02, + 0x09, 0x4e, 0x1c, 0x82, 0x84, 0x50, 0x25, 0x2e, 0x15, 0x42, 0x86, 0xba, 0x9c, 0x38, 0x72, 0xe1, + 0x8a, 0x66, 0x76, 0xd6, 0xfb, 0x61, 0x5b, 0xf1, 0x26, 0x24, 0xbc, 0x56, 0xbd, 0x79, 0xe7, 0xf7, + 0xfd, 0x9b, 0xdf, 0xe7, 0x24, 0x70, 0xab, 0x6d, 0x7a, 0x9d, 0x7e, 0x4b, 0x33, 0x9c, 0x6e, 0xdd, + 0xe9, 0x51, 0x9b, 0x75, 0xcc, 0x03, 0xaf, 0xae, 0xf7, 0xcc, 0xba, 0xde, 0xf7, 0x3a, 0x8e, 0x6b, + 0x7e, 0x5b, 0xf7, 0x4c, 0xc7, 0xae, 0x1f, 0x6d, 0xd4, 0xdb, 0xd4, 0xa6, 0xae, 0xee, 0xd1, 0x7d, + 0xad, 0xe7, 0x3a, 0x9e, 0x83, 0xaf, 0x87, 0xa4, 0xda, 0x88, 0x54, 0xd3, 0x7b, 0xa6, 0x16, 0x23, + 0xd5, 0x8e, 0x36, 0xd6, 0xde, 0x8a, 0x48, 0x69, 0x3b, 0x6d, 0xa7, 0x2e, 0x38, 0xb4, 0xfa, 0x07, + 0xe2, 0x4b, 0x7c, 0x88, 0x5f, 0x3e, 0xe7, 0x35, 0xf5, 0xf0, 0x26, 0xd3, 0x4c, 0x47, 0xa8, 0x61, + 0x38, 0x2e, 0x9d, 0x20, 0x3d, 0x86, 0xe3, 0xb6, 0x74, 0x63, 0x12, 0xce, 0xe7, 0x42, 0x9c, 0xae, + 0x6e, 0x74, 0x4c, 0x9b, 0xba, 0x8f, 0xeb, 0xbd, 0xc3, 0x36, 0x3f, 0x60, 0xf5, 0x2e, 0xf5, 0xf4, + 0x49, 0x54, 0xf5, 0x69, 0x54, 0x6e, 0xdf, 0xf6, 0xcc, 0x2e, 0x1d, 0x23, 0xb8, 0x71, 0x12, 0x01, + 0x33, 0x3a, 0xb4, 0xab, 0x27, 0xe9, 0xd4, 0xef, 0xe5, 0x20, 0xdf, 0x30, 0xb8, 0x8f, 0x70, 0x1d, + 0x8a, 0xb6, 0xde, 0xa5, 0xac, 0xa7, 0x1b, 0x54, 0x41, 0x35, 0xb4, 0x5e, 0x6c, 0xbe, 0x71, 0x3c, + 0xa8, 0xce, 0x0d, 0x07, 0xd5, 0xe2, 0xfd, 0x00, 0x40, 0x42, 0x1c, 0x5c, 0x83, 0xdc, 0x11, 0x75, + 0x5b, 0x4a, 0x46, 0xe0, 0x5e, 0x92, 0xb8, 0xb9, 0x0f, 0xa8, 0xdb, 0x22, 0x02, 0x82, 0x6f, 0xc1, + 0xb2, 0x4b, 0x99, 0xd3, 0x77, 0x0d, 0xda, 0xd8, 0xdd, 0xbe, 0xeb, 0x3a, 0xfd, 0x9e, 0x92, 0x15, + 0xd8, 0x8b, 0x12, 0x7b, 0x5e, 0x1c, 0x92, 0x31, 0x34, 0xfc, 0x0e, 0xe0, 0xc8, 0xd9, 0x07, 0xd4, + 0x65, 0xa6, 0x63, 0x2b, 0x39, 0x41, 0x5c, 0x96, 0xc4, 0x0b, 0xf2, 0x98, 0x4c, 0x40, 0xc5, 0x9f, + 0x86, 0x42, 0x70, 0xaa, 0xcc, 0x0b, 0xb2, 0x65, 0x49, 0x56, 0x20, 0xf2, 0x9c, 0x8c, 0x30, 0xf0, + 0x4d, 0xb8, 0x14, 0xfc, 0xe6, 0xb6, 0x2a, 0x79, 0x41, 0xb1, 0x22, 0x29, 0x2e, 0x91, 0x08, 0x8c, + 0xc4, 0x30, 0xb9, 0x17, 0x7a, 0xba, 0xd7, 0x51, 0x0a, 0x71, 0x2f, 0xec, 0xea, 0x5e, 0x87, 0x08, + 0x08, 0x7e, 0x17, 0x96, 0x4d, 0x76, 0xdf, 0xb1, 0x03, 0x26, 0xef, 0x93, 0x7b, 0x4a, 0xb1, 0x86, + 0xd6, 0x0b, 0x4d, 0x45, 0x62, 0x2f, 0x6f, 0x27, 0xe0, 0x64, 0x8c, 0x02, 0x3f, 0x80, 0x05, 0xc3, + 0xb1, 0x3d, 0x6a, 0x7b, 0xca, 0x42, 0x0d, 0xad, 0x97, 0x36, 0xdf, 0xd2, 0xfc, 0x3b, 0xd7, 0xa2, + 0x77, 0xae, 0xf5, 0x0e, 0xdb, 0x9a, 0xbc, 0x73, 0x8d, 0xe8, 0x8f, 0xb6, 0xbe, 0xe5, 0x51, 0x9b, + 0xfb, 0x23, 0x74, 0xda, 0x1d, 0x9f, 0x0b, 0x09, 0xd8, 0xa9, 0xbf, 0xcc, 0x40, 0xe9, 0x8e, 0xd5, + 0x67, 0x1e, 0x75, 0x89, 0x63, 0x51, 0xfc, 0x0d, 0x28, 0xf0, 0xb8, 0xdc, 0xd7, 0x3d, 0x5d, 0xc4, + 0x41, 0x69, 0xf3, 0x33, 0x53, 0x45, 0xf1, 0x28, 0xd6, 0x38, 0xb6, 0x76, 0xb4, 0xa1, 0xed, 0xb4, + 0xbe, 0x49, 0x0d, 0xef, 0x4b, 0xd4, 0xd3, 0x9b, 0x58, 0x4a, 0x83, 0xf0, 0x8c, 0x8c, 0xb8, 0xe2, + 0x87, 0x30, 0xef, 0xf6, 0x2d, 0xca, 0x94, 0x4c, 0x2d, 0xbb, 0x5e, 0xda, 0xfc, 0xbc, 0x36, 0x73, + 0x1a, 0x6b, 0xbb, 0x8e, 0x65, 0x1a, 0x8f, 0x49, 0xdf, 0xa2, 0x61, 0x0c, 0xf1, 0x2f, 0x46, 0x7c, + 0x96, 0xb8, 0x05, 0x65, 0xbd, 0xdd, 0x76, 0x69, 0x5b, 0x90, 0x70, 0x90, 0x08, 0xb9, 0xd2, 0xe6, + 0xc7, 0x22, 0x46, 0x68, 0x3c, 0x5d, 0x39, 0xbb, 0x46, 0x1c, 0xb5, 0x79, 0x79, 0x38, 0xa8, 0x96, + 0x13, 0x87, 0x24, 0xc9, 0x50, 0xfd, 0x57, 0x16, 0x70, 0xc4, 0x63, 0x4d, 0xd3, 0xde, 0x37, 0xed, + 0xf6, 0x05, 0x38, 0x8e, 0x42, 0xb1, 0xcf, 0xa8, 0x2b, 0xd2, 0x51, 0xe4, 0x5d, 0x69, 0xf3, 0x66, + 0x0a, 0xe7, 0xed, 0xf4, 0xf8, 0x2f, 0xdd, 0x12, 0xf4, 0xcd, 0x45, 0x9e, 0xd9, 0xef, 0x07, 0xec, + 0x48, 0xc8, 0x19, 0x77, 0x00, 0xda, 0x3c, 0x0b, 0x7d, 0x39, 0xd9, 0x33, 0xca, 0x59, 0xe2, 0xe6, + 0xdc, 0x1d, 0xf1, 0x23, 0x11, 0xde, 0xf8, 0x3d, 0x28, 0xb0, 0xbe, 0xb0, 0x94, 0x29, 0x39, 0x11, + 0x0c, 0xb1, 0x6b, 0xe2, 0x95, 0x37, 0x74, 0x10, 0xa1, 0x07, 0xd4, 0xa5, 0xb6, 0x41, 0xc3, 0x54, + 0xde, 0x93, 0xc4, 0x64, 0xc4, 0x06, 0xdf, 0x87, 0x05, 0xd7, 0xb1, 0x28, 0xa1, 0x07, 0x22, 0xef, + 0x67, 0xe4, 0x38, 0x4a, 0x0f, 0xe2, 0xd3, 0x92, 0x80, 0x89, 0xfa, 0x57, 0x04, 0xab, 0xe3, 0x97, + 0x7d, 0xcf, 0x64, 0x1e, 0xfe, 0xea, 0xd8, 0x85, 0x6b, 0xb3, 0x5d, 0x38, 0xa7, 0x16, 0xd7, 0x3d, + 0x32, 0x24, 0x38, 0x89, 0x5c, 0x76, 0x0b, 0xe6, 0x4d, 0x8f, 0x76, 0x83, 0x2c, 0xf9, 0x62, 0x8a, + 0x0b, 0x18, 0xd7, 0x37, 0xcc, 0x96, 0x6d, 0xce, 0x93, 0xf8, 0xac, 0xd5, 0x3f, 0x21, 0x28, 0x47, + 0x90, 0x2f, 0xc0, 0xaa, 0xaf, 0xc4, 0xad, 0xba, 0x71, 0x4a, 0xab, 0x26, 0x9b, 0xf3, 0x13, 0x04, + 0xcb, 0x7e, 0x47, 0xa1, 0xcc, 0x73, 0x4d, 0xbf, 0xb1, 0xa9, 0x90, 0x17, 0x11, 0xc7, 0x14, 0x54, + 0xcb, 0xae, 0x17, 0x9b, 0x30, 0x1c, 0x54, 0xf3, 0x02, 0x8b, 0x11, 0x09, 0xc1, 0x5f, 0x87, 0xbc, + 0xa5, 0xb7, 0xa8, 0x15, 0xa8, 0xf5, 0xd9, 0x19, 0x2d, 0xe6, 0x34, 0x7b, 0xd4, 0xa2, 0x86, 0xe7, + 0xb8, 0x61, 0xbb, 0x0c, 0x4e, 0x18, 0x91, 0x5c, 0xd5, 0x2a, 0x5c, 0xdb, 0x66, 0xbb, 0xd4, 0x65, + 0x3c, 0x2d, 0x64, 0xd0, 0x36, 0x0c, 0x83, 0x32, 0x46, 0xe8, 0x91, 0x49, 0x1f, 0xa9, 0x7f, 0x46, + 0x70, 0xf5, 0x9e, 0x63, 0xe8, 0x56, 0x50, 0xf3, 0xa3, 0xd0, 0x58, 0x65, 0xc9, 0x9c, 0x4b, 0x65, + 0xd9, 0x09, 0xe6, 0x00, 0x79, 0xe5, 0x1b, 0x29, 0xee, 0xc5, 0x27, 0x6c, 0xe6, 0xb8, 0x00, 0x22, + 0xd9, 0xa8, 0xff, 0xc9, 0x80, 0x22, 0x0c, 0x9a, 0x60, 0x6d, 0xcc, 0x9e, 0xf9, 0x97, 0xc2, 0x1e, + 0xde, 0xe7, 0x79, 0x81, 0x4c, 0x4e, 0x3b, 0xbc, 0x7e, 0x12, 0x01, 0xc1, 0x9f, 0x1c, 0xc5, 0x59, + 0x56, 0xc4, 0x59, 0x79, 0x38, 0xa8, 0x96, 0xfc, 0x38, 0xdb, 0xb3, 0x4c, 0x83, 0x8e, 0x82, 0xed, + 0x6b, 0x90, 0x67, 0x86, 0xd3, 0xa3, 0x4c, 0xcc, 0x33, 0xa5, 0xcd, 0x5b, 0xa7, 0x28, 0xad, 0x7b, + 0x82, 0x81, 0x1f, 0xcb, 0xfe, 0x6f, 0x22, 0x99, 0xaa, 0x3f, 0x42, 0xb0, 0xcc, 0xab, 0xeb, 0x7e, + 0xb4, 0xa9, 0xd7, 0x20, 0xc7, 0x27, 0x37, 0x39, 0xd8, 0x8d, 0xd4, 0x17, 0x03, 0x8d, 0x80, 0xe0, + 0x07, 0x90, 0xe3, 0x25, 0x4f, 0xc6, 0xd7, 0x69, 0xf3, 0x72, 0xc4, 0x59, 0xd4, 0x51, 0xc1, 0x51, + 0xfd, 0x15, 0x82, 0x2b, 0x49, 0x85, 0x82, 0x9e, 0x79, 0xb2, 0x5e, 0x1e, 0x94, 0xdc, 0x90, 0x40, + 0xaa, 0x77, 0xc6, 0x62, 0x78, 0x59, 0xca, 0x29, 0x45, 0x0e, 0x49, 0x54, 0x8c, 0xfa, 0x04, 0x81, + 0x98, 0x7a, 0xf7, 0x67, 0xf4, 0xde, 0x7b, 0x31, 0xef, 0xd5, 0x53, 0xa8, 0x37, 0xd5, 0x6d, 0xbf, + 0x08, 0xee, 0x31, 0x9d, 0xbf, 0xba, 0x93, 0xfc, 0x75, 0x23, 0xad, 0x42, 0x33, 0x3b, 0xea, 0x36, + 0x2c, 0xc6, 0xda, 0x3d, 0xae, 0x06, 0x05, 0xde, 0xaf, 0xb6, 0xc5, 0x64, 0x91, 0xbe, 0x5d, 0xf8, + 0xe9, 0xcf, 0xaa, 0x73, 0x4f, 0xfe, 0x56, 0x9b, 0x53, 0xdf, 0x86, 0xa5, 0x78, 0x3c, 0xa7, 0x21, + 0xfe, 0x61, 0x16, 0x20, 0x9c, 0x06, 0x39, 0x25, 0xdf, 0x39, 0x62, 0x94, 0x7c, 0x15, 0x61, 0xc4, + 0x3f, 0xc7, 0xdf, 0x47, 0xf0, 0xa6, 0xee, 0x79, 0xae, 0xd9, 0xea, 0x7b, 0x34, 0xd2, 0x1f, 0x82, + 0x41, 0x2a, 0xe5, 0x3c, 0x7d, 0x4d, 0x7a, 0xe6, 0xcd, 0xc6, 0x24, 0x9e, 0x64, 0xb2, 0x28, 0xfc, + 0x29, 0x28, 0xea, 0x3d, 0xf3, 0x6e, 0xb4, 0x4c, 0x88, 0x31, 0x2c, 0xd8, 0x7b, 0x18, 0x09, 0xe1, + 0x1c, 0x39, 0x58, 0x35, 0xfc, 0xe9, 0x48, 0x22, 0x07, 0x2d, 0x82, 0x91, 0x10, 0x8e, 0xbf, 0x00, + 0x8b, 0xd1, 0xbd, 0x84, 0x29, 0xf3, 0x82, 0xe0, 0x8d, 0xe1, 0xa0, 0xba, 0x18, 0x5d, 0x5f, 0x18, + 0x89, 0xe3, 0xe1, 0x26, 0x94, 0xed, 0xd8, 0xaa, 0xc1, 0x94, 0xbc, 0x20, 0x55, 0x86, 0x83, 0xea, + 0x4a, 0x7c, 0x0b, 0x91, 0x85, 0x2c, 0x49, 0xa0, 0xfe, 0x11, 0xc1, 0xca, 0xab, 0xd2, 0xb8, 0xfe, + 0x8e, 0xe0, 0xa3, 0x93, 0x6c, 0x21, 0x94, 0xf5, 0x1c, 0x9b, 0xd1, 0xf4, 0x8b, 0xf2, 0xc7, 0x61, + 0x9e, 0x37, 0x08, 0x7f, 0xb6, 0x28, 0xfa, 0xf3, 0x30, 0xef, 0x1b, 0xd2, 0x9b, 0x3e, 0x70, 0xf6, + 0xf6, 0xf1, 0x0e, 0x2c, 0xd1, 0x23, 0xdd, 0xea, 0x73, 0x6d, 0xb7, 0x5c, 0xd7, 0x71, 0xe5, 0x5a, + 0x7c, 0x45, 0x2a, 0x51, 0xde, 0xe2, 0x50, 0x7d, 0x04, 0x26, 0x09, 0x74, 0xf5, 0x0f, 0x08, 0x72, + 0x2f, 0xff, 0xa6, 0xa7, 0xbe, 0xc8, 0x42, 0xe9, 0xf5, 0xfa, 0xf5, 0xaa, 0xaf, 0x5f, 0x7c, 0x43, + 0xb9, 0xd8, 0xbd, 0xeb, 0x0c, 0x1b, 0xca, 0xc9, 0x0b, 0xd7, 0x0b, 0x04, 0xab, 0xd1, 0x5e, 0x1a, + 0xd9, 0x53, 0xce, 0x3f, 0x7e, 0xdb, 0x90, 0x63, 0x3d, 0x6a, 0xc8, 0xd0, 0xdd, 0x3a, 0x9d, 0x61, + 0x11, 0x95, 0xf7, 0x7a, 0xd4, 0x08, 0x67, 0x10, 0xfe, 0x45, 0x84, 0x00, 0x75, 0x88, 0x60, 0x6d, + 0x32, 0xc9, 0x05, 0xdc, 0xdf, 0x41, 0xfc, 0xfe, 0x1a, 0x67, 0x36, 0x73, 0xca, 0x55, 0xfe, 0x36, + 0x3b, 0xcd, 0x48, 0xee, 0x09, 0xfc, 0x18, 0xca, 0x3c, 0xa5, 0xdd, 0xf0, 0x58, 0xda, 0x7a, 0x3b, + 0x85, 0x42, 0x62, 0xbd, 0x88, 0x68, 0x22, 0xde, 0xa7, 0x12, 0x87, 0x24, 0x29, 0x07, 0x7f, 0x17, + 0x96, 0x45, 0x92, 0x47, 0x65, 0xfb, 0x77, 0xfe, 0x76, 0x0a, 0xd9, 0xc9, 0x45, 0xba, 0xb9, 0x32, + 0x1c, 0x54, 0xc7, 0xd6, 0x6b, 0x32, 0x26, 0x0a, 0xff, 0x1c, 0xc1, 0x55, 0x46, 0xdd, 0x23, 0xd3, + 0xa0, 0xba, 0x61, 0x38, 0x7d, 0xdb, 0x8b, 0x2a, 0xe2, 0xd7, 0xb3, 0x77, 0x53, 0x28, 0xb2, 0xe7, + 0xf3, 0x6a, 0xf8, 0xbc, 0xa2, 0x1a, 0x5d, 0x1b, 0x0e, 0xaa, 0x57, 0xa7, 0x82, 0xc9, 0x74, 0x2d, + 0xd4, 0xdf, 0x23, 0x28, 0x5c, 0xd0, 0x8b, 0xc7, 0x97, 0xe3, 0xf1, 0x98, 0x7a, 0x37, 0x98, 0x1c, + 0x7d, 0x4f, 0x33, 0xb0, 0xba, 0x47, 0xad, 0x03, 0x59, 0x82, 0xfd, 0xce, 0x38, 0x3e, 0x74, 0x65, + 0xcf, 0xb5, 0x90, 0xa0, 0xd4, 0x85, 0x64, 0xb2, 0xca, 0xd3, 0x0a, 0x09, 0x3e, 0x84, 0x3c, 0xf3, + 0x74, 0xaf, 0x1f, 0xb4, 0xdb, 0x3b, 0x69, 0x44, 0x8d, 0x8b, 0x11, 0xac, 0x9a, 0x4b, 0x52, 0x50, + 0xde, 0xff, 0x26, 0x52, 0x84, 0xfa, 0x1d, 0x58, 0x9b, 0xae, 0x5e, 0x64, 0x6b, 0x47, 0xe7, 0xb1, + 0xb5, 0x5b, 0x70, 0x25, 0x19, 0xc8, 0xb2, 0x39, 0xce, 0xb0, 0xf3, 0xc5, 0x46, 0xd2, 0xcc, 0xc9, + 0x23, 0xa9, 0xfa, 0x17, 0x04, 0xd3, 0xf3, 0x06, 0xff, 0x00, 0x41, 0x39, 0x9e, 0x3a, 0xfe, 0x5a, + 0x55, 0xda, 0x6c, 0x9e, 0x21, 0x6d, 0x83, 0x5e, 0x3f, 0x9a, 0x53, 0xe3, 0x08, 0x8c, 0x24, 0x65, + 0x62, 0x0d, 0x60, 0xa4, 0x72, 0x6c, 0x7a, 0x1e, 0xd9, 0xc4, 0x48, 0x04, 0x43, 0xfd, 0x77, 0x06, + 0x2e, 0xbf, 0x7e, 0x6e, 0xba, 0xe0, 0xe7, 0xa6, 0x7f, 0x22, 0xf8, 0xc8, 0x04, 0xa7, 0x9f, 0x7e, + 0x5d, 0xba, 0x0e, 0x0b, 0xba, 0x65, 0x39, 0x8f, 0xe8, 0xbe, 0xb0, 0xbe, 0x10, 0x0e, 0x87, 0x0d, + 0xff, 0x98, 0x04, 0x70, 0xfc, 0x09, 0xc8, 0xbb, 0x54, 0x67, 0xb2, 0xab, 0x14, 0xc3, 0xcc, 0x26, + 0xe2, 0x94, 0x48, 0x28, 0x6e, 0x40, 0x99, 0xc6, 0x97, 0xa2, 0x93, 0x76, 0xa6, 0x24, 0xbe, 0x7a, + 0x9c, 0x01, 0xfc, 0x7f, 0xa9, 0xb5, 0x46, 0xac, 0xd6, 0x36, 0xce, 0x56, 0x00, 0x3f, 0x14, 0x75, + 0xf6, 0x77, 0x08, 0x56, 0xa7, 0x14, 0xd9, 0x20, 0xec, 0xd1, 0xd4, 0xb0, 0x0f, 0x5f, 0xf3, 0x33, + 0x53, 0x5f, 0xf3, 0xc3, 0x88, 0xcf, 0x9e, 0x47, 0xc4, 0xff, 0x06, 0x81, 0x32, 0xcd, 0xe8, 0x70, + 0xe3, 0x45, 0xff, 0xfb, 0xbf, 0x6d, 0x4e, 0x08, 0xe3, 0x4c, 0xca, 0x30, 0xfe, 0x35, 0x82, 0xe4, + 0xfc, 0x88, 0xab, 0xc1, 0xfb, 0x44, 0xe4, 0xe9, 0x4c, 0xbc, 0x4f, 0x04, 0x4f, 0x13, 0xb3, 0xf8, + 0x3c, 0xfc, 0x0b, 0x4a, 0xf6, 0x3c, 0xfe, 0x82, 0xd2, 0xdc, 0x39, 0x7e, 0x5e, 0x99, 0x7b, 0xfa, + 0xbc, 0x32, 0xf7, 0xec, 0x79, 0x65, 0xee, 0xc9, 0xb0, 0x82, 0x8e, 0x87, 0x15, 0xf4, 0x74, 0x58, + 0x41, 0xcf, 0x86, 0x15, 0xf4, 0x8f, 0x61, 0x05, 0xfd, 0xf8, 0x45, 0x65, 0xee, 0xe1, 0xf5, 0x99, + 0xff, 0x97, 0xe4, 0xbf, 0x01, 0x00, 0x00, 0xff, 0xff, 0xa0, 0x1c, 0xfa, 0x7f, 0x77, 0x22, 0x00, + 0x00, } func (m *Action) Marshal() (dAtA []byte, err error) { @@ -1569,6 +1571,16 @@ func (m *LocalResourceAccessReview) MarshalToSizedBuffer(dAtA []byte) (int, erro _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 { size, err := m.Action.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -1602,6 +1614,16 @@ func (m *LocalSubjectAccessReview) MarshalToSizedBuffer(dAtA []byte) (int, error _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x2a if m.Scopes != nil { { size, err := m.Scopes.MarshalToSizedBuffer(dAtA[:i]) @@ -1955,6 +1977,16 @@ func (m *ResourceAccessReview) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 { size, err := m.Action.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -2410,6 +2442,16 @@ func (m *SelfSubjectRulesReview) MarshalToSizedBuffer(dAtA []byte) (int, error) _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a { size, err := m.Status.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -2567,6 +2609,16 @@ func (m *SubjectAccessReview) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x2a if m.Scopes != nil { { size, err := m.Scopes.MarshalToSizedBuffer(dAtA[:i]) @@ -2672,6 +2724,16 @@ func (m *SubjectRulesReview) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a { size, err := m.Status.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -2998,6 +3060,8 @@ func (m *LocalResourceAccessReview) Size() (n int) { _ = l l = m.Action.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -3021,6 +3085,8 @@ func (m *LocalSubjectAccessReview) Size() (n int) { l = m.Scopes.Size() n += 1 + l + sovGenerated(uint64(l)) } + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -3155,6 +3221,8 @@ func (m *ResourceAccessReview) Size() (n int) { _ = l l = m.Action.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -3322,6 +3390,8 @@ func (m *SelfSubjectRulesReview) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) l = m.Status.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -3392,6 +3462,8 @@ func (m *SubjectAccessReview) Size() (n int) { l = m.Scopes.Size() n += 1 + l + sovGenerated(uint64(l)) } + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -3421,6 +3493,8 @@ func (m *SubjectRulesReview) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) l = m.Status.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -3612,6 +3686,7 @@ func (this *LocalResourceAccessReview) String() string { } s := strings.Join([]string{`&LocalResourceAccessReview{`, `Action:` + strings.Replace(strings.Replace(this.Action.String(), "Action", "Action", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -3625,6 +3700,7 @@ func (this *LocalSubjectAccessReview) String() string { `User:` + fmt.Sprintf("%v", this.User) + `,`, `GroupsSlice:` + fmt.Sprintf("%v", this.GroupsSlice) + `,`, `Scopes:` + strings.Replace(fmt.Sprintf("%v", this.Scopes), "OptionalScopes", "OptionalScopes", 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -3694,6 +3770,7 @@ func (this *ResourceAccessReview) String() string { } s := strings.Join([]string{`&ResourceAccessReview{`, `Action:` + strings.Replace(strings.Replace(this.Action.String(), "Action", "Action", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -3824,6 +3901,7 @@ func (this *SelfSubjectRulesReview) String() string { s := strings.Join([]string{`&SelfSubjectRulesReview{`, `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "SelfSubjectRulesReviewSpec", "SelfSubjectRulesReviewSpec", 1), `&`, ``, 1) + `,`, `Status:` + strings.Replace(strings.Replace(this.Status.String(), "SubjectRulesReviewStatus", "SubjectRulesReviewStatus", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -3874,6 +3952,7 @@ func (this *SubjectAccessReview) String() string { `User:` + fmt.Sprintf("%v", this.User) + `,`, `GroupsSlice:` + fmt.Sprintf("%v", this.GroupsSlice) + `,`, `Scopes:` + strings.Replace(fmt.Sprintf("%v", this.Scopes), "OptionalScopes", "OptionalScopes", 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -3898,6 +3977,7 @@ func (this *SubjectRulesReview) String() string { s := strings.Join([]string{`&SubjectRulesReview{`, `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "SubjectRulesReviewSpec", "SubjectRulesReviewSpec", 1), `&`, ``, 1) + `,`, `Status:` + strings.Replace(strings.Replace(this.Status.String(), "SubjectRulesReviewStatus", "SubjectRulesReviewStatus", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -5119,6 +5199,39 @@ func (m *LocalResourceAccessReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -5302,6 +5415,39 @@ func (m *LocalSubjectAccessReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -6252,6 +6398,39 @@ func (m *ResourceAccessReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -7510,6 +7689,39 @@ func (m *SelfSubjectRulesReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -8009,6 +8221,39 @@ func (m *SubjectAccessReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -8291,6 +8536,39 @@ func (m *SubjectRulesReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) diff --git a/vendor/github.com/openshift/api/authorization/v1/generated.proto b/vendor/github.com/openshift/api/authorization/v1/generated.proto index 774a96b82809..b8ba1d90683e 100644 --- a/vendor/github.com/openshift/api/authorization/v1/generated.proto +++ b/vendor/github.com/openshift/api/authorization/v1/generated.proto @@ -155,7 +155,11 @@ message IsPersonalSubjectAccessReview { // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message LocalResourceAccessReview { - // Action describes the action being tested. The Namespace element is FORCED to the current namespace. + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 2; + + // Action describes the action being tested. The Namespace element is FORCED to the current namespace. optional Action Action = 1; } @@ -164,6 +168,10 @@ message LocalResourceAccessReview { // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message LocalSubjectAccessReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 5; + // Action describes the action being tested. The Namespace element is FORCED to the current namespace. optional Action Action = 1; @@ -270,6 +278,10 @@ message PolicyRule { // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message ResourceAccessReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 2; + // Action describes the action being tested. optional Action Action = 1; } @@ -429,6 +441,10 @@ message RoleList { // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message SelfSubjectRulesReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 3; + // Spec adds information about how to conduct the check optional SelfSubjectRulesReviewSpec spec = 1; @@ -473,6 +489,10 @@ message ServiceAccountRestriction { // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message SubjectAccessReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 5; + // Action describes the action being tested. optional Action Action = 1; @@ -515,6 +535,10 @@ message SubjectAccessReviewResponse { // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=1 message SubjectRulesReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 3; + // Spec adds information about how to conduct the check optional SubjectRulesReviewSpec spec = 1; diff --git a/vendor/github.com/openshift/api/authorization/v1/types.go b/vendor/github.com/openshift/api/authorization/v1/types.go index e26eaeb15c56..e8dd0c29fa32 100644 --- a/vendor/github.com/openshift/api/authorization/v1/types.go +++ b/vendor/github.com/openshift/api/authorization/v1/types.go @@ -154,6 +154,10 @@ type NamedRoleBinding struct { type SelfSubjectRulesReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,3,opt,name=metadata"` + // Spec adds information about how to conduct the check Spec SelfSubjectRulesReviewSpec `json:"spec" protobuf:"bytes,1,opt,name=spec"` @@ -180,6 +184,10 @@ type SelfSubjectRulesReviewSpec struct { type SubjectRulesReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,3,opt,name=metadata"` + // Spec adds information about how to conduct the check Spec SubjectRulesReviewSpec `json:"spec" protobuf:"bytes,1,opt,name=spec"` @@ -232,7 +240,7 @@ type ResourceAccessReviewResponse struct { // +genclient // +genclient:nonNamespaced -// +genclient:skipVerbs=apply,get,list,create,update,patch,delete,deleteCollection,watch +// +genclient:skipVerbs=apply,applyStatus,get,list,create,update,updateStatus,patch,delete,deleteCollection,watch // +genclient:method=Create,verb=create,result=ResourceAccessReviewResponse // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -244,6 +252,10 @@ type ResourceAccessReviewResponse struct { type ResourceAccessReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,2,opt,name=metadata"` + // Action describes the action being tested. Action `json:",inline" protobuf:"bytes,1,opt,name=Action"` } @@ -280,7 +292,7 @@ func (t OptionalScopes) String() string { // +genclient // +genclient:nonNamespaced -// +genclient:skipVerbs=apply,get,list,create,update,patch,delete,deleteCollection,watch +// +genclient:skipVerbs=apply,applyStatus,get,list,create,update,updateStatus,patch,delete,deleteCollection,watch // +genclient:method=Create,verb=create,result=SubjectAccessReviewResponse // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -291,6 +303,10 @@ func (t OptionalScopes) String() string { type SubjectAccessReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,5,opt,name=metadata"` + // Action describes the action being tested. Action `json:",inline" protobuf:"bytes,1,opt,name=Action"` // User is optional. If both User and Groups are empty, the current authenticated user is used. @@ -306,7 +322,7 @@ type SubjectAccessReview struct { } // +genclient -// +genclient:skipVerbs=apply,get,list,create,update,patch,delete,deleteCollection,watch +// +genclient:skipVerbs=apply,applyStatus,get,list,create,update,updateStatus,patch,delete,deleteCollection,watch // +genclient:method=Create,verb=create,result=ResourceAccessReviewResponse // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -317,12 +333,16 @@ type SubjectAccessReview struct { type LocalResourceAccessReview struct { metav1.TypeMeta `json:",inline"` - // Action describes the action being tested. The Namespace element is FORCED to the current namespace. + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,2,opt,name=metadata"` + + // Action describes the action being tested. The Namespace element is FORCED to the current namespace. Action `json:",inline" protobuf:"bytes,1,opt,name=Action"` } // +genclient -// +genclient:skipVerbs=apply,get,list,create,update,patch,delete,deleteCollection,watch +// +genclient:skipVerbs=apply,applyStatus,get,list,create,update,updateStatus,patch,delete,deleteCollection,watch // +genclient:method=Create,verb=create,result=SubjectAccessReviewResponse // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -333,6 +353,10 @@ type LocalResourceAccessReview struct { type LocalSubjectAccessReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,5,opt,name=metadata"` + // Action describes the action being tested. The Namespace element is FORCED to the current namespace. Action `json:",inline" protobuf:"bytes,1,opt,name=Action"` // User is optional. If both User and Groups are empty, the current authenticated user is used. diff --git a/vendor/github.com/openshift/api/authorization/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/authorization/v1/zz_generated.deepcopy.go index 1214fc02bfc2..9b7d44f3b2fb 100644 --- a/vendor/github.com/openshift/api/authorization/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/authorization/v1/zz_generated.deepcopy.go @@ -232,6 +232,7 @@ func (in *IsPersonalSubjectAccessReview) DeepCopyObject() runtime.Object { func (in *LocalResourceAccessReview) DeepCopyInto(out *LocalResourceAccessReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Action.DeepCopyInto(&out.Action) return } @@ -258,6 +259,7 @@ func (in *LocalResourceAccessReview) DeepCopyObject() runtime.Object { func (in *LocalSubjectAccessReview) DeepCopyInto(out *LocalSubjectAccessReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Action.DeepCopyInto(&out.Action) if in.GroupsSlice != nil { in, out := &in.GroupsSlice, &out.GroupsSlice @@ -444,6 +446,7 @@ func (in *PolicyRule) DeepCopy() *PolicyRule { func (in *ResourceAccessReview) DeepCopyInto(out *ResourceAccessReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Action.DeepCopyInto(&out.Action) return } @@ -737,6 +740,7 @@ func (in *RoleList) DeepCopyObject() runtime.Object { func (in *SelfSubjectRulesReview) DeepCopyInto(out *SelfSubjectRulesReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) return @@ -827,6 +831,7 @@ func (in *ServiceAccountRestriction) DeepCopy() *ServiceAccountRestriction { func (in *SubjectAccessReview) DeepCopyInto(out *SubjectAccessReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Action.DeepCopyInto(&out.Action) if in.GroupsSlice != nil { in, out := &in.GroupsSlice, &out.GroupsSlice @@ -888,6 +893,7 @@ func (in *SubjectAccessReviewResponse) DeepCopyObject() runtime.Object { func (in *SubjectRulesReview) DeepCopyInto(out *SubjectRulesReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) return diff --git a/vendor/github.com/openshift/api/authorization/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/authorization/v1/zz_generated.swagger_doc_generated.go index 34777dc958ff..a8f9b374e2bb 100644 --- a/vendor/github.com/openshift/api/authorization/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/authorization/v1/zz_generated.swagger_doc_generated.go @@ -91,7 +91,8 @@ func (IsPersonalSubjectAccessReview) SwaggerDoc() map[string]string { } var map_LocalResourceAccessReview = map[string]string{ - "": "LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "": "LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", } func (LocalResourceAccessReview) SwaggerDoc() map[string]string { @@ -99,10 +100,11 @@ func (LocalResourceAccessReview) SwaggerDoc() map[string]string { } var map_LocalSubjectAccessReview = map[string]string{ - "": "LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "user": "User is optional. If both User and Groups are empty, the current authenticated user is used.", - "groups": "Groups is optional. Groups is the list of groups to which the User belongs.", - "scopes": "Scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", + "": "LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "user": "User is optional. If both User and Groups are empty, the current authenticated user is used.", + "groups": "Groups is optional. Groups is the list of groups to which the User belongs.", + "scopes": "Scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", } func (LocalSubjectAccessReview) SwaggerDoc() map[string]string { @@ -164,7 +166,8 @@ func (PolicyRule) SwaggerDoc() map[string]string { } var map_ResourceAccessReview = map[string]string{ - "": "ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "": "ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", } func (ResourceAccessReview) SwaggerDoc() map[string]string { @@ -258,9 +261,10 @@ func (RoleList) SwaggerDoc() map[string]string { } var map_SelfSubjectRulesReview = map[string]string{ - "": "SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "spec": "Spec adds information about how to conduct the check", - "status": "Status is completed by the server to tell which permissions you have", + "": "SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "Spec adds information about how to conduct the check", + "status": "Status is completed by the server to tell which permissions you have", } func (SelfSubjectRulesReview) SwaggerDoc() map[string]string { @@ -297,10 +301,11 @@ func (ServiceAccountRestriction) SwaggerDoc() map[string]string { } var map_SubjectAccessReview = map[string]string{ - "": "SubjectAccessReview is an object for requesting information about whether a user or group can perform an action\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "user": "User is optional. If both User and Groups are empty, the current authenticated user is used.", - "groups": "GroupsSlice is optional. Groups is the list of groups to which the User belongs.", - "scopes": "Scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", + "": "SubjectAccessReview is an object for requesting information about whether a user or group can perform an action\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "user": "User is optional. If both User and Groups are empty, the current authenticated user is used.", + "groups": "GroupsSlice is optional. Groups is the list of groups to which the User belongs.", + "scopes": "Scopes to use for the evaluation. Empty means \"use the unscoped (full) permissions of the user/groups\". Nil for a self-SAR, means \"use the scopes on this request\". Nil for a regular SAR, means the same as empty.", } func (SubjectAccessReview) SwaggerDoc() map[string]string { @@ -320,9 +325,10 @@ func (SubjectAccessReviewResponse) SwaggerDoc() map[string]string { } var map_SubjectRulesReview = map[string]string{ - "": "SubjectRulesReview is a resource you can create to determine which actions another user can perform in a namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", - "spec": "Spec adds information about how to conduct the check", - "status": "Status is completed by the server to tell which permissions you have", + "": "SubjectRulesReview is a resource you can create to determine which actions another user can perform in a namespace\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "Spec adds information about how to conduct the check", + "status": "Status is completed by the server to tell which permissions you have", } func (SubjectRulesReview) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/config/v1/types_feature.go b/vendor/github.com/openshift/api/config/v1/types_feature.go index 99d99f5b5f19..88d94ac5276c 100644 --- a/vendor/github.com/openshift/api/config/v1/types_feature.go +++ b/vendor/github.com/openshift/api/config/v1/types_feature.go @@ -68,6 +68,7 @@ type FeatureGateSelection struct { // Turning on or off features may cause irreversible changes in your cluster which cannot be undone. // +unionDiscriminator // +optional + // +kubebuilder:validation:Enum=CustomNoUpgrade;DevPreviewNoUpgrade;TechPreviewNoUpgrade;"" // +kubebuilder:validation:XValidation:rule="oldSelf == 'CustomNoUpgrade' ? self == 'CustomNoUpgrade' : true",message="CustomNoUpgrade may not be changed" // +kubebuilder:validation:XValidation:rule="oldSelf == 'TechPreviewNoUpgrade' ? self == 'TechPreviewNoUpgrade' : true",message="TechPreviewNoUpgrade may not be changed" // +kubebuilder:validation:XValidation:rule="oldSelf == 'DevPreviewNoUpgrade' ? self == 'DevPreviewNoUpgrade' : true",message="DevPreviewNoUpgrade may not be changed" diff --git a/vendor/github.com/openshift/api/config/v1/types_image.go b/vendor/github.com/openshift/api/config/v1/types_image.go index a344086c07b3..d3c694a56f3c 100644 --- a/vendor/github.com/openshift/api/config/v1/types_image.go +++ b/vendor/github.com/openshift/api/config/v1/types_image.go @@ -37,6 +37,23 @@ type Image struct { Status ImageStatus `json:"status"` } +// ImportModeType describes how to import an image manifest. +// +enum +// +kubebuilder:validation:Enum:="";Legacy;PreserveOriginal +type ImportModeType string + +const ( + // ImportModeLegacy indicates that the legacy behaviour should be used. + // For manifest lists, the legacy behaviour will discard the manifest list and import a single + // sub-manifest. In this case, the platform is chosen in the following order of priority: + // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. + // This mode is the default. + ImportModeLegacy ImportModeType = "Legacy" + // ImportModePreserveOriginal indicates that the original manifest will be preserved. + // For manifest lists, the manifest list and all its sub-manifests will be imported. + ImportModePreserveOriginal ImportModeType = "PreserveOriginal" +) + type ImageSpec struct { // allowedRegistriesForImport limits the container image registries that normal users may import // images from. Set this list to the registries that you trust to contain valid Docker @@ -45,6 +62,7 @@ type ImageSpec struct { // this policy - typically only administrators or system integrations will have those // permissions. // +optional + // +listType=atomic AllowedRegistriesForImport []RegistryLocation `json:"allowedRegistriesForImport,omitempty"` // externalRegistryHostnames provides the hostnames for the default external image @@ -52,6 +70,7 @@ type ImageSpec struct { // is exposed externally. The first value is used in 'publicDockerImageRepository' // field in ImageStreams. The value must be in "hostname[:port]" format. // +optional + // +listType=atomic ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` // additionalTrustedCA is a reference to a ConfigMap containing additional CAs that @@ -67,6 +86,21 @@ type ImageSpec struct { // internal cluster registry. // +optional RegistrySources RegistrySources `json:"registrySources"` + + // imageStreamImportMode controls the import mode behaviour of imagestreams. + // It can be set to `Legacy` or `PreserveOriginal` or the empty string. If this value + // is specified, this setting is applied to all newly created imagestreams which do not have the + // value set. `Legacy` indicates that the legacy behaviour should be used. + // For manifest lists, the legacy behaviour will discard the manifest list and import a single + // sub-manifest. In this case, the platform is chosen in the following order of priority: + // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. + // `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, + // the manifest list and all its sub-manifests will be imported. When empty, the behaviour will be + // decided based on the payload type advertised by the ClusterVersion status, i.e single arch payload + // implies the import mode is Legacy and multi payload implies PreserveOriginal. + // +openshift:enable:FeatureGate=ImageStreamImportMode + // +optional + ImageStreamImportMode ImportModeType `json:"imageStreamImportMode"` } type ImageStatus struct { @@ -82,7 +116,22 @@ type ImageStatus struct { // is exposed externally. The first value is used in 'publicDockerImageRepository' // field in ImageStreams. The value must be in "hostname[:port]" format. // +optional + // +listType=atomic ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` + + // imageStreamImportMode controls the import mode behaviour of imagestreams. It can be + // `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used. + // For manifest lists, the legacy behaviour will discard the manifest list and import a single + // sub-manifest. In this case, the platform is chosen in the following order of priority: + // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. + // `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, + // the manifest list and all its sub-manifests will be imported. This value will be reconciled based + // on either the spec value or if no spec value is specified, the image registry operator would look + // at the ClusterVersion status to determine the payload type and set the import mode accordingly, + // i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal. + // +openshift:enable:FeatureGate=ImageStreamImportMode + // +optional + ImageStreamImportMode ImportModeType `json:"imageStreamImportMode,omitempty"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -116,16 +165,19 @@ type RegistryLocation struct { type RegistrySources struct { // insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. // +optional + // +listType=atomic InsecureRegistries []string `json:"insecureRegistries,omitempty"` // blockedRegistries cannot be used for image pull and push actions. All other registries are permitted. // // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional + // +listType=atomic BlockedRegistries []string `json:"blockedRegistries,omitempty"` // allowedRegistries are the only registries permitted for image pull and push actions. All other registries are denied. // // Only one of BlockedRegistries or AllowedRegistries may be set. // +optional + // +listType=atomic AllowedRegistries []string `json:"allowedRegistries,omitempty"` // containerRuntimeSearchRegistries are registries that will be searched when pulling images that do not have fully qualified // domains in their pull specs. Registries will be searched in the order provided in the list. diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index e5ff5fc619b2..737d1cb95f9b 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -269,6 +269,7 @@ type ExternalPlatformSpec struct { // PlatformSpec holds the desired state specific to the underlying infrastructure provider // of the current cluster. Since these are used at spec-level for the underlying cluster, it // is supposed that only one of the spec structs is set. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.vsphere) && has(self.vsphere) ? size(self.vsphere.vcenters) < 2 : true",message="vcenters can have at most 1 item when configured post-install" type PlatformSpec struct { // type is the underlying infrastructure provider for the cluster. This // value controls whether infrastructure automation such as service load @@ -1338,15 +1339,22 @@ type VSpherePlatformNodeNetworking struct { // use these fields for configuration. // +kubebuilder:validation:XValidation:rule="!has(oldSelf.apiServerInternalIPs) || has(self.apiServerInternalIPs)",message="apiServerInternalIPs list is required once set" // +kubebuilder:validation:XValidation:rule="!has(oldSelf.ingressIPs) || has(self.ingressIPs)",message="ingressIPs list is required once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.vcenters) && has(self.vcenters) ? size(self.vcenters) < 2 : true",message="vcenters can have at most 1 item when configured post-install" type VSpherePlatformSpec struct { // vcenters holds the connection details for services to communicate with vCenter. - // Currently, only a single vCenter is supported. + // Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. + // Once the cluster has been installed, you are unable to change the current number of defined + // vCenters except in the case where the cluster has been upgraded from a version of OpenShift + // where the vsphere platform spec was not present. You may make modifications to the existing + // vCenters that are defined in the vcenters list in order to match with any added or modified + // failure domains. // --- // + If VCenters is not defined use the existing cloud-config configmap defined // + in openshift-config. // +kubebuilder:validation:MinItems=0 // +openshift:validation:FeatureGateAwareMaxItems:featureGate="",maxItems=1 // +openshift:validation:FeatureGateAwareMaxItems:featureGate=VSphereMultiVCenters,maxItems=3 + // +kubebuilder:validation:XValidation:rule="size(self) != size(oldSelf) ? size(oldSelf) == 0 && size(self) < 2 : true",message="vcenters cannot be added or removed once set" // +listType=atomic // +optional VCenters []VSpherePlatformVCenterSpec `json:"vcenters,omitempty"` diff --git a/vendor/github.com/openshift/api/config/v1/types_network.go b/vendor/github.com/openshift/api/config/v1/types_network.go index 211d5c0886d5..1eeae69dac95 100644 --- a/vendor/github.com/openshift/api/config/v1/types_network.go +++ b/vendor/github.com/openshift/api/config/v1/types_network.go @@ -55,11 +55,11 @@ type NetworkSpec struct { // +listType=atomic ServiceNetwork []string `json:"serviceNetwork"` - // NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN). + // NetworkType is the plugin that is to be deployed (e.g. OVNKubernetes). // This should match a value that the cluster-network-operator understands, // or else no networking will be installed. // Currently supported values are: - // - OpenShiftSDN + // - OVNKubernetes // This field is immutable after installation. NetworkType string `json:"networkType"` @@ -101,7 +101,7 @@ type NetworkStatus struct { // +listType=atomic ServiceNetwork []string `json:"serviceNetwork,omitempty"` - // NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). + // NetworkType is the plugin that is deployed (e.g. OVNKubernetes). NetworkType string `json:"networkType,omitempty"` // ClusterNetworkMTU is the MTU for inter-pod networking. @@ -111,15 +111,12 @@ type NetworkStatus struct { Migration *NetworkMigration `json:"migration,omitempty"` // conditions represents the observations of a network.config current state. - // Known .status.conditions.type are: "NetworkTypeMigrationInProgress", "NetworkTypeMigrationMTUReady", - // "NetworkTypeMigrationTargetCNIAvailable", "NetworkTypeMigrationTargetCNIInUse", - // "NetworkTypeMigrationOriginalCNIPurged" and "NetworkDiagnosticsAvailable" + // Known .status.conditions.type are: "NetworkDiagnosticsAvailable" // +optional // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type - // +openshift:enable:FeatureGate=NetworkLiveMigration // +openshift:enable:FeatureGate=NetworkDiagnosticsConfig Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } @@ -186,15 +183,15 @@ type NetworkList struct { Items []Network `json:"items"` } -// NetworkMigration represents the cluster network configuration. +// NetworkMigration represents the network migration status. type NetworkMigration struct { - // NetworkType is the target plugin that is to be deployed. - // Currently supported values are: OpenShiftSDN, OVNKubernetes - // +kubebuilder:validation:Enum={"OpenShiftSDN","OVNKubernetes"} + // NetworkType is the target plugin that is being deployed. + // DEPRECATED: network type migration is no longer supported, + // so this should always be unset. // +optional NetworkType string `json:"networkType,omitempty"` - // MTU contains the MTU migration configuration. + // MTU is the MTU configuration that is being deployed. // +optional MTU *MTUMigration `json:"mtu,omitempty"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_node.go b/vendor/github.com/openshift/api/config/v1/types_node.go index 8bf099bd5c26..b3b1b62c4dfc 100644 --- a/vendor/github.com/openshift/api/config/v1/types_node.go +++ b/vendor/github.com/openshift/api/config/v1/types_node.go @@ -48,7 +48,15 @@ type NodeSpec struct { WorkerLatencyProfile WorkerLatencyProfileType `json:"workerLatencyProfile,omitempty"` } -type NodeStatus struct{} +type NodeStatus struct { + // conditions contain the details and the current state of the nodes.config object + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + // +optional + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} // +kubebuilder:validation:Enum=v1;v2;"" type CgroupMode string diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 9a81bc559ceb..069346998473 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -3783,7 +3783,7 @@ func (in *Node) DeepCopyInto(out *Node) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) out.Spec = in.Spec - out.Status = in.Status + in.Status.DeepCopyInto(&out.Status) return } @@ -3857,6 +3857,13 @@ func (in *NodeSpec) DeepCopy() *NodeSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodeStatus) DeepCopyInto(out *NodeStatus) { *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index ddc7594f75f1..626fff14f760 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -218,7 +218,8 @@ images.config.openshift.io: CRDName: images.config.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - ImageStreamImportMode FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -359,7 +360,6 @@ networks.config.openshift.io: Category: "" FeatureGates: - NetworkDiagnosticsConfig - - NetworkLiveMigration FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index e5e9bdb897df..8c8d54b93f43 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -1016,6 +1016,7 @@ var map_ImageSpec = map[string]string{ "externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.", "additionalTrustedCA": "additionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted during imagestream import, pod image pull, build image pull, and imageregistry pullthrough. The namespace for this config map is openshift-config.", "registrySources": "registrySources contains configuration that determines how the container runtime should treat individual registries when accessing images for builds+pods. (e.g. whether or not to allow insecure access). It does not contain configuration for the internal cluster registry.", + "imageStreamImportMode": "imageStreamImportMode controls the import mode behaviour of imagestreams. It can be set to `Legacy` or `PreserveOriginal` or the empty string. If this value is specified, this setting is applied to all newly created imagestreams which do not have the value set. `Legacy` indicates that the legacy behaviour should be used. For manifest lists, the legacy behaviour will discard the manifest list and import a single sub-manifest. In this case, the platform is chosen in the following order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, the manifest list and all its sub-manifests will be imported. When empty, the behaviour will be decided based on the payload type advertised by the ClusterVersion status, i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal.", } func (ImageSpec) SwaggerDoc() map[string]string { @@ -1025,6 +1026,7 @@ func (ImageSpec) SwaggerDoc() map[string]string { var map_ImageStatus = map[string]string{ "internalRegistryHostname": "internalRegistryHostname sets the hostname for the default internal image registry. The value must be in \"hostname[:port]\" format. This value is set by the image registry operator which controls the internal registry hostname.", "externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.", + "imageStreamImportMode": "imageStreamImportMode controls the import mode behaviour of imagestreams. It can be `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used. For manifest lists, the legacy behaviour will discard the manifest list and import a single sub-manifest. In this case, the platform is chosen in the following order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, the manifest list and all its sub-manifests will be imported. This value will be reconciled based on either the spec value or if no spec value is specified, the image registry operator would look at the ClusterVersion status to determine the payload type and set the import mode accordingly, i.e single arch payload implies the import mode is Legacy and multi payload implies PreserveOriginal.", } func (ImageStatus) SwaggerDoc() map[string]string { @@ -1778,7 +1780,7 @@ func (VSpherePlatformNodeNetworkingSpec) SwaggerDoc() map[string]string { var map_VSpherePlatformSpec = map[string]string{ "": "VSpherePlatformSpec holds the desired state of the vSphere infrastructure provider. In the future the cloud provider operator, storage operator and machine operator will use these fields for configuration.", - "vcenters": "vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported.", + "vcenters": "vcenters holds the connection details for services to communicate with vCenter. Currently, only a single vCenter is supported, but in tech preview 3 vCenters are supported. Once the cluster has been installed, you are unable to change the current number of defined vCenters except in the case where the cluster has been upgraded from a version of OpenShift where the vsphere platform spec was not present. You may make modifications to the existing vCenters that are defined in the vcenters list in order to match with any added or modified failure domains.", "failureDomains": "failureDomains contains the definition of region, zone and the vCenter topology. If this is omitted failure domains (regions and zones) will not be used.", "nodeNetworking": "nodeNetworking contains the definition of internal and external network constraints for assigning the node's networking. If this field is omitted, networking defaults to the legacy address selection behavior which is to only support a single address and return the first one found.", "apiServerInternalIPs": "apiServerInternalIPs are the IP addresses to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. These are the IPs for a self-hosted load balancer in front of the API servers. In dual stack clusters this list contains two IP addresses, one from IPv4 family and one from IPv6. In single stack clusters a single IP address is expected. When omitted, values from the status.apiServerInternalIPs will be used. Once set, the list cannot be completely removed (but its second entry can).", @@ -2027,9 +2029,9 @@ func (NetworkList) SwaggerDoc() map[string]string { } var map_NetworkMigration = map[string]string{ - "": "NetworkMigration represents the cluster network configuration.", - "networkType": "NetworkType is the target plugin that is to be deployed. Currently supported values are: OpenShiftSDN, OVNKubernetes", - "mtu": "MTU contains the MTU migration configuration.", + "": "NetworkMigration represents the network migration status.", + "networkType": "NetworkType is the target plugin that is being deployed. DEPRECATED: network type migration is no longer supported, so this should always be unset.", + "mtu": "MTU is the MTU configuration that is being deployed.", } func (NetworkMigration) SwaggerDoc() map[string]string { @@ -2040,7 +2042,7 @@ var map_NetworkSpec = map[string]string{ "": "NetworkSpec is the desired network configuration. As a general rule, this SHOULD NOT be read directly. Instead, you should consume the NetworkStatus, as it indicates the currently deployed configuration. Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each.", "clusterNetwork": "IP address pool to use for pod IPs. This field is immutable after installation.", "serviceNetwork": "IP address pool for services. Currently, we only support a single entry here. This field is immutable after installation.", - "networkType": "NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OpenShiftSDN This field is immutable after installation.", + "networkType": "NetworkType is the plugin that is to be deployed (e.g. OVNKubernetes). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OVNKubernetes This field is immutable after installation.", "externalIP": "externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set.", "serviceNodePortRange": "The port range allowed for Services of type NodePort. If not specified, the default of 30000-32767 will be used. Such Services without a NodePort specified will have one automatically allocated from this range. This parameter can be updated after the cluster is installed.", "networkDiagnostics": "networkDiagnostics defines network diagnostics configuration.\n\nTakes precedence over spec.disableNetworkDiagnostics in network.operator.openshift.io. If networkDiagnostics is not specified or is empty, and the spec.disableNetworkDiagnostics flag in network.operator.openshift.io is set to true, the network diagnostics feature will be disabled.", @@ -2054,10 +2056,10 @@ var map_NetworkStatus = map[string]string{ "": "NetworkStatus is the current network configuration.", "clusterNetwork": "IP address pool to use for pod IPs.", "serviceNetwork": "IP address pool for services. Currently, we only support a single entry here.", - "networkType": "NetworkType is the plugin that is deployed (e.g. OpenShiftSDN).", + "networkType": "NetworkType is the plugin that is deployed (e.g. OVNKubernetes).", "clusterNetworkMTU": "ClusterNetworkMTU is the MTU for inter-pod networking.", "migration": "Migration contains the cluster network migration configuration.", - "conditions": "conditions represents the observations of a network.config current state. Known .status.conditions.type are: \"NetworkTypeMigrationInProgress\", \"NetworkTypeMigrationMTUReady\", \"NetworkTypeMigrationTargetCNIAvailable\", \"NetworkTypeMigrationTargetCNIInUse\", \"NetworkTypeMigrationOriginalCNIPurged\" and \"NetworkDiagnosticsAvailable\"", + "conditions": "conditions represents the observations of a network.config current state. Known .status.conditions.type are: \"NetworkDiagnosticsAvailable\"", } func (NetworkStatus) SwaggerDoc() map[string]string { @@ -2093,6 +2095,14 @@ func (NodeSpec) SwaggerDoc() map[string]string { return map_NodeSpec } +var map_NodeStatus = map[string]string{ + "conditions": "conditions contain the details and the current state of the nodes.config object", +} + +func (NodeStatus) SwaggerDoc() map[string]string { + return map_NodeStatus +} + var map_BasicAuthIdentityProvider = map[string]string{ "": "BasicAuthPasswordIdentityProvider provides identities for users authenticating using HTTP basic auth credentials", } diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go index 676065d5f8b0..e3670f03e899 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go @@ -14,7 +14,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 // +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=ImagePolicy +// +openshift:enable:FeatureGate=SigstoreImageVerification // +openshift:compatibility-gen:level=4 type ClusterImagePolicy struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go index 241837dbd9e8..7031110ff1ea 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go @@ -13,7 +13,7 @@ import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 // +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=ImagePolicy +// +openshift:enable:FeatureGate=SigstoreImageVerification // +openshift:compatibility-gen:level=4 type ImagePolicy struct { metav1.TypeMeta `json:",inline"` diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 9b5744d4a0e9..393365b41c32 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -28,7 +28,7 @@ clusterimagepolicies.config.openshift.io: Capability: "" Category: "" FeatureGates: - - ImagePolicy + - SigstoreImageVerification FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -41,7 +41,7 @@ clusterimagepolicies.config.openshift.io: Scope: Cluster ShortNames: null TopLevelFeatureGates: - - ImagePolicy + - SigstoreImageVerification Version: v1alpha1 imagepolicies.config.openshift.io: @@ -51,7 +51,7 @@ imagepolicies.config.openshift.io: Capability: "" Category: "" FeatureGates: - - ImagePolicy + - SigstoreImageVerification FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -64,7 +64,7 @@ imagepolicies.config.openshift.io: Scope: Namespaced ShortNames: null TopLevelFeatureGates: - - ImagePolicy + - SigstoreImageVerification Version: v1alpha1 insightsdatagathers.config.openshift.io: diff --git a/vendor/github.com/openshift/api/envtest-releases.yaml b/vendor/github.com/openshift/api/envtest-releases.yaml new file mode 100644 index 000000000000..fa789b18cea2 --- /dev/null +++ b/vendor/github.com/openshift/api/envtest-releases.yaml @@ -0,0 +1,14 @@ +releases: + v1.30.3: + envtest-v1.30.3-darwin-amd64.tar.gz: + hash: 81ab2ad5841522976d9a5fc58642b745cf308230b0f2e634acfb2d5c8f288ef837f7b82144a5e91db607d86885101e06dd473a68bcac0d71be2297edc4aaa92e + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-darwin-amd64.tar.gz + envtest-v1.30.3-darwin-arm64.tar.gz: + hash: 8913c1e2e4b6eab0c92d9ddc611cea1b8a5173374e7544a667366ea66bc98a7d3442f21d34e7da65ba2dbe8e5778b2b0497943514b7b3639fc793bd0e98086f5 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-darwin-arm64.tar.gz + envtest-v1.30.3-linux-amd64.tar.gz: + hash: 6e81caf1d20c608b0149f36ca8dc6d68e97b22e07f69f1f0788d6c0057ae92fcaae402d26b6766819a31dac1911c6d07bf0328f152d6dd52dcebee94009de024 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-linux-amd64.tar.gz + envtest-v1.30.3-linux-arm64.tar.gz: + hash: deb395d5e9578a58786c42b4e7d878b4aef984ac2dce510031fbecf12092162a4aee1cde774f1527cfae90f6885382dc7b3d79ec379b7f4160c3a35fad7cbc3b + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.30.3-linux-arm64.tar.gz diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md index cdd5762f9908..b195385bf8eb 100644 --- a/vendor/github.com/openshift/api/features.md +++ b/vendor/github.com/openshift/api/features.md @@ -1,53 +1,52 @@ | FeatureGate | Default on Hypershift | Default on SelfManagedHA | DevPreviewNoUpgrade on Hypershift | DevPreviewNoUpgrade on SelfManagedHA | TechPreviewNoUpgrade on Hypershift | TechPreviewNoUpgrade on SelfManagedHA | | ------ | --- | --- | --- | --- | --- | --- | | ClusterAPIInstall| | | | | | | -| ClusterAPIInstallAzure| | | | | | | | ClusterAPIInstallIBMCloud| | | | | | | | EventedPLEG| | | | | | | | MachineAPIMigration| | | | | | | | MachineAPIOperatorDisableMachineHealthCheckController| | | | | | | -| MultiArchInstallAWS| | | | | | | | MultiArchInstallAzure| | | | | | | -| MultiArchInstallGCP| | | | | | | | GatewayAPI| | | Enabled | Enabled | | | +| AWSEFSDriverVolumeMetrics| | | Enabled | Enabled | Enabled | Enabled | +| AdditionalRoutingCapabilities| | | Enabled | Enabled | Enabled | Enabled | | AutomatedEtcdBackup| | | Enabled | Enabled | Enabled | Enabled | +| BootcNodeManagement| | | Enabled | Enabled | Enabled | Enabled | | CSIDriverSharedResource| | | Enabled | Enabled | Enabled | Enabled | -| ChunkSizeMiB| | | Enabled | Enabled | Enabled | Enabled | -| ClusterAPIInstallGCP| | | Enabled | Enabled | Enabled | Enabled | -| ClusterAPIInstallPowerVS| | | Enabled | Enabled | Enabled | Enabled | | ClusterMonitoringConfig| | | Enabled | Enabled | Enabled | Enabled | | DNSNameResolver| | | Enabled | Enabled | Enabled | Enabled | | DynamicResourceAllocation| | | Enabled | Enabled | Enabled | Enabled | | EtcdBackendQuota| | | Enabled | Enabled | Enabled | Enabled | | Example| | | Enabled | Enabled | Enabled | Enabled | -| ExternalRouteCertificate| | | Enabled | Enabled | Enabled | Enabled | | GCPClusterHostedDNS| | | Enabled | Enabled | Enabled | Enabled | -| GCPLabelsTags| | | Enabled | Enabled | Enabled | Enabled | -| ImagePolicy| | | Enabled | Enabled | Enabled | Enabled | +| ImageStreamImportMode| | | Enabled | Enabled | Enabled | Enabled | | InsightsConfig| | | Enabled | Enabled | Enabled | Enabled | | InsightsConfigAPI| | | Enabled | Enabled | Enabled | Enabled | | InsightsOnDemandDataGather| | | Enabled | Enabled | Enabled | Enabled | | InstallAlternateInfrastructureAWS| | | Enabled | Enabled | Enabled | Enabled | | MachineAPIProviderOpenStack| | | Enabled | Enabled | Enabled | Enabled | | MachineConfigNodes| | | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImages| | | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImagesAWS| | | Enabled | Enabled | Enabled | Enabled | | MaxUnavailableStatefulSet| | | Enabled | Enabled | Enabled | Enabled | | MetricsCollectionProfiles| | | Enabled | Enabled | Enabled | Enabled | | MixedCPUsAllocation| | | Enabled | Enabled | Enabled | Enabled | | NetworkSegmentation| | | Enabled | Enabled | Enabled | Enabled | | NewOLM| | | Enabled | Enabled | Enabled | Enabled | -| NodeDisruptionPolicy| | | Enabled | Enabled | Enabled | Enabled | | NodeSwap| | | Enabled | Enabled | Enabled | Enabled | +| OVNObservability| | | Enabled | Enabled | Enabled | Enabled | | OnClusterBuild| | | Enabled | Enabled | Enabled | Enabled | | PersistentIPsForVirtualization| | | Enabled | Enabled | Enabled | Enabled | | PinnedImages| | | Enabled | Enabled | Enabled | Enabled | | PlatformOperators| | | Enabled | Enabled | Enabled | Enabled | +| ProcMountType| | | Enabled | Enabled | Enabled | Enabled | +| RouteAdvertisements| | | Enabled | Enabled | Enabled | Enabled | | RouteExternalCertificate| | | Enabled | Enabled | Enabled | Enabled | | ServiceAccountTokenNodeBinding| | | Enabled | Enabled | Enabled | Enabled | | SignatureStores| | | Enabled | Enabled | Enabled | Enabled | | SigstoreImageVerification| | | Enabled | Enabled | Enabled | Enabled | | TranslateStreamCloseWebsocketRequests| | | Enabled | Enabled | Enabled | Enabled | | UpgradeStatus| | | Enabled | Enabled | Enabled | Enabled | +| UserNamespacesPodSecurityStandards| | | Enabled | Enabled | Enabled | Enabled | +| UserNamespacesSupport| | | Enabled | Enabled | Enabled | Enabled | | VSphereMultiVCenters| | | Enabled | Enabled | Enabled | Enabled | | VolumeGroupSnapshot| | | Enabled | Enabled | Enabled | Enabled | | ExternalOIDC| Enabled | | Enabled | Enabled | Enabled | Enabled | @@ -56,23 +55,30 @@ | AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | BareMetalLoadBalancer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ChunkSizeMiB| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | CloudDualStackNodeIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ClusterAPIInstallAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ClusterAPIInstallAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ClusterAPIInstallGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ClusterAPIInstallNutanix| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ClusterAPIInstallOpenStack| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ClusterAPIInstallPowerVS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ClusterAPIInstallVSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | DisableKubeletCloudCredentialProviders| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProvider| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderExternal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ExternalCloudProviderGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| GCPLabelsTags| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | HardwareSpeed| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| IngressControllerLBSubnetsAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MetricsServer| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| MultiArchInstallAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| MultiArchInstallGCP| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | NetworkDiagnosticsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | NetworkLiveMigration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| NodeDisruptionPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | PrivateHostedZoneAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| SetEIPForNLBIngressController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereControlPlaneMachineSet| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereDriverConfiguration| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereStaticIPs| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/vendor/github.com/openshift/api/features/features.go b/vendor/github.com/openshift/api/features/features.go index f806722e8936..6d32f158bb9d 100644 --- a/vendor/github.com/openshift/api/features/features.go +++ b/vendor/github.com/openshift/api/features/features.go @@ -57,37 +57,16 @@ var ( enableIn(configv1.DevPreviewNoUpgrade). mustRegister() - FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission"). - reportProblemsToJiraComponent("auth"). - contactPerson("stlaz"). + FeatureGateSetEIPForNLBIngressController = newFeatureGate("SetEIPForNLBIngressController"). + reportProblemsToJiraComponent("Networking / router"). + contactPerson("miheer"). productScope(ocpSpecific). enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() - FeatureGateExternalCloudProvider = newFeatureGate("ExternalCloudProvider"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProviderAzure = newFeatureGate("ExternalCloudProviderAzure"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProviderGCP = newFeatureGate("ExternalCloudProviderGCP"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("jspeed"). - productScope(ocpSpecific). - enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). - mustRegister() - - FeatureGateExternalCloudProviderExternal = newFeatureGate("ExternalCloudProviderExternal"). - reportProblemsToJiraComponent("cloud-provider"). - contactPerson("elmiko"). + FeatureGateOpenShiftPodSecurityAdmission = newFeatureGate("OpenShiftPodSecurityAdmission"). + reportProblemsToJiraComponent("auth"). + contactPerson("stlaz"). productScope(ocpSpecific). enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() @@ -172,7 +151,7 @@ var ( reportProblemsToJiraComponent("Installer"). contactPerson("bhb"). productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateAlibabaPlatform = newFeatureGate("AlibabaPlatform"). @@ -224,6 +203,20 @@ var ( enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() + FeatureGateAdditionalRoutingCapabilities = newFeatureGate("AdditionalRoutingCapabilities"). + reportProblemsToJiraComponent("Networking/cluster-network-operator"). + contactPerson("jcaamano"). + productScope(ocpSpecific). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateRouteAdvertisements = newFeatureGate("RouteAdvertisements"). + reportProblemsToJiraComponent("Networking/ovn-kubernetes"). + contactPerson("jcaamano"). + productScope(ocpSpecific). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + FeatureGateNetworkLiveMigration = newFeatureGate("NetworkLiveMigration"). reportProblemsToJiraComponent("Networking/ovn-kubernetes"). contactPerson("pliu"). @@ -238,6 +231,13 @@ var ( enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() + FeatureGateOVNObservability = newFeatureGate("OVNObservability"). + reportProblemsToJiraComponent("Networking"). + contactPerson("npinaeva"). + productScope(ocpSpecific). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + FeatureGateHardwareSpeed = newFeatureGate("HardwareSpeed"). reportProblemsToJiraComponent("etcd"). contactPerson("hasbro17"). @@ -321,6 +321,13 @@ var ( mustRegister() FeatureGateManagedBootImages = newFeatureGate("ManagedBootImages"). + reportProblemsToJiraComponent("MachineConfigOperator"). + contactPerson("djoshy"). + productScope(ocpSpecific). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateManagedBootImagesAWS = newFeatureGate("ManagedBootImagesAWS"). reportProblemsToJiraComponent("MachineConfigOperator"). contactPerson("djoshy"). productScope(ocpSpecific). @@ -341,6 +348,13 @@ var ( enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() + FeatureGateBootcNodeManagement = newFeatureGate("BootcNodeManagement"). + reportProblemsToJiraComponent("MachineConfigOperator"). + contactPerson("inesqyx"). + productScope(ocpSpecific). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + FeatureGateSignatureStores = newFeatureGate("SignatureStores"). reportProblemsToJiraComponent("Cluster Version Operator"). contactPerson("lmohanty"). @@ -412,13 +426,6 @@ var ( enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() - FeatureGateExternalRouteCertificate = newFeatureGate("ExternalRouteCertificate"). - reportProblemsToJiraComponent("network-edge"). - contactPerson("miciah"). - productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). - mustRegister() - FeatureGateInsightsOnDemandDataGather = newFeatureGate("InsightsOnDemandDataGather"). reportProblemsToJiraComponent("insights"). contactPerson("tremes"). @@ -440,18 +447,11 @@ var ( enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() - FeatureGateImagePolicy = newFeatureGate("ImagePolicy"). - reportProblemsToJiraComponent("node"). - contactPerson("rphillips"). - productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). - mustRegister() - FeatureGateNodeDisruptionPolicy = newFeatureGate("NodeDisruptionPolicy"). reportProblemsToJiraComponent("MachineConfigOperator"). contactPerson("jerzhang"). productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateMetricsCollectionProfiles = newFeatureGate("MetricsCollectionProfiles"). @@ -479,13 +479,14 @@ var ( reportProblemsToJiraComponent("Installer"). contactPerson("jhixson74"). productScope(ocpSpecific). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateClusterAPIInstallGCP = newFeatureGate("ClusterAPIInstallGCP"). reportProblemsToJiraComponent("Installer"). contactPerson("bfournie"). productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateClusterAPIInstallIBMCloud = newFeatureGate("ClusterAPIInstallIBMCloud"). @@ -512,7 +513,7 @@ var ( reportProblemsToJiraComponent("Installer"). contactPerson("mjturek"). productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateClusterAPIInstallVSphere = newFeatureGate("ClusterAPIInstallVSphere"). @@ -526,7 +527,7 @@ var ( reportProblemsToJiraComponent("Image Registry"). contactPerson("flavianmissi"). productScope(ocpSpecific). - enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateMachineAPIMigration = newFeatureGate("MachineAPIMigration"). @@ -553,6 +554,7 @@ var ( reportProblemsToJiraComponent("Installer"). contactPerson("r4f4"). productScope(ocpSpecific). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() FeatureGateMultiArchInstallAzure = newFeatureGate("MultiArchInstallAzure"). @@ -565,5 +567,47 @@ var ( reportProblemsToJiraComponent("Installer"). contactPerson("r4f4"). productScope(ocpSpecific). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateIngressControllerLBSubnetsAWS = newFeatureGate("IngressControllerLBSubnetsAWS"). + reportProblemsToJiraComponent("Routing"). + contactPerson("miciah"). + productScope(ocpSpecific). + enableIn(configv1.Default, configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateAWSEFSDriverVolumeMetrics = newFeatureGate("AWSEFSDriverVolumeMetrics"). + reportProblemsToJiraComponent("Storage / Kubernetes External Components"). + contactPerson("fbertina"). + productScope(ocpSpecific). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + FeatureGateImageStreamImportMode = newFeatureGate("ImageStreamImportMode"). + reportProblemsToJiraComponent("Multi-Arch"). + contactPerson("psundara"). + productScope(ocpSpecific). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateUserNamespacesSupport = newFeatureGate("UserNamespacesSupport"). + reportProblemsToJiraComponent("Node"). + contactPerson("haircommander"). + productScope(kubernetes). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateUserNamespacesPodSecurityStandards = newFeatureGate("UserNamespacesPodSecurityStandards"). + reportProblemsToJiraComponent("Node"). + contactPerson("haircommander"). + productScope(kubernetes). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). + mustRegister() + + FeatureGateProcMountType = newFeatureGate("ProcMountType"). + reportProblemsToJiraComponent("Node"). + contactPerson("haircommander"). + productScope(kubernetes). + enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade). mustRegister() ) diff --git a/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go b/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go index 1370ebdd2865..e5e0ae83055d 100644 --- a/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go +++ b/vendor/github.com/openshift/api/machine/v1/types_nutanixprovider.go @@ -78,6 +78,18 @@ type NutanixMachineProviderConfig struct { // +optional Categories []NutanixCategory `json:"categories"` + // gpus is a list of GPU devices to attach to the machine's VM. + // The GPU devices should already exist in Prism Central and associated with + // one of the Prism Element's hosts and available for the VM to attach (in "UNUSED" status). + // +listType=set + // +optional + GPUs []NutanixGPU `json:"gpus"` + + // dataDisks holds information of the data disks to attach to the Machine's VM + // +listType=set + // +optional + DataDisks []NutanixVMDisk `json:"dataDisks"` + // userDataSecret is a local reference to a secret that contains the // UserData to apply to the VM UserDataSecret *corev1.LocalObjectReference `json:"userDataSecret,omitempty"` @@ -154,6 +166,160 @@ type NutanixResourceIdentifier struct { Name *string `json:"name,omitempty"` } +// NutanixGPUIdentifierType is an enumeration of different resource identifier types for GPU entities. +// +kubebuilder:validation:Enum:=Name;DeviceID +type NutanixGPUIdentifierType string + +const ( + // NutanixGPUIdentifierName identifies a GPU by Name. + NutanixGPUIdentifierName NutanixGPUIdentifierType = "Name" + + // NutanixGPUIdentifierDeviceID identifies a GPU by device ID. + NutanixGPUIdentifierDeviceID NutanixGPUIdentifierType = "DeviceID" +) + +// NutanixGPU holds the identity of a Nutanix GPU resource in the Prism Central +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'DeviceID' ? has(self.deviceID) : !has(self.deviceID)",message="deviceID configuration is required when type is DeviceID, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Name' ? has(self.name) : !has(self.name)",message="name configuration is required when type is Name, and forbidden otherwise" +// +union +type NutanixGPU struct { + // type is the identifier type of the GPU device. + // Valid values are Name and DeviceID. + // +unionDiscriminator + // +kubebuilder:validation:Required + Type NutanixGPUIdentifierType `json:"type"` + + // deviceID is the GPU device ID with the integer value. + // +optional + // +unionMember + DeviceID *int32 `json:"deviceID,omitempty"` + + // name is the GPU device name + // +optional + // +unionMember + Name *string `json:"name,omitempty"` +} + +// NutanixDiskMode is an enumeration of different disk modes. +// +kubebuilder:validation:Enum=Standard;Flash +type NutanixDiskMode string + +const ( + // NutanixDiskModeStandard represents the disk standard mode (not flash). + NutanixDiskModeStandard NutanixDiskMode = "Standard" + + // NutanixDiskModeFlash represents the disk flash mode. + NutanixDiskModeFlash NutanixDiskMode = "Flash" +) + +// NutanixStorageResourceIdentifier holds the identity of a Nutanix storage resource (storage_container, etc.) +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'uuid' ? has(self.uuid) : !has(self.uuid)",message="uuid configuration is required when type is uuid, and forbidden otherwise" +// +union +type NutanixStorageResourceIdentifier struct { + // type is the identifier type to use for this resource. + // The valid value is "uuid". + // +unionDiscriminator + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum:=uuid + Type NutanixIdentifierType `json:"type"` + + // uuid is the UUID of the storage resource in the PC. + // +optional + // +unionMember + UUID *string `json:"uuid,omitempty"` +} + +// NutanixVMStorageConfig specifies the storage configuration parameters for VM disks. +type NutanixVMStorageConfig struct { + // diskMode specifies the disk mode. + // The valid values are Standard and Flash, and the default is Standard. + // +kubebuilder:default=Standard + DiskMode NutanixDiskMode `json:"diskMode"` + + // storageContainer refers to the storage_container used by the VM disk. + // +optional + StorageContainer *NutanixStorageResourceIdentifier `json:"storageContainer"` +} + +// NutanixDiskDeviceType is the VM disk device type. +// +kubebuilder:validation:Enum=Disk;CDRom +type NutanixDiskDeviceType string + +const ( + // NutanixDiskDeviceTypeDisk represents the VM disk device type "Disk". + NutanixDiskDeviceTypeDisk NutanixDiskDeviceType = "Disk" + + // NutanixDiskDeviceTypeCDROM represents the VM disk device type "CDRom". + NutanixDiskDeviceTypeCDROM NutanixDiskDeviceType = "CDRom" +) + +// NutanixDiskAdapterType is an enumeration of different disk device adapter types. +// +kubebuilder:validation:Enum:=SCSI;IDE;PCI;SATA;SPAPR +type NutanixDiskAdapterType string + +const ( + // NutanixDiskAdapterTypeSCSI represents the disk adapter type "SCSI". + NutanixDiskAdapterTypeSCSI NutanixDiskAdapterType = "SCSI" + + // NutanixDiskAdapterTypeIDE represents the disk adapter type "IDE". + NutanixDiskAdapterTypeIDE NutanixDiskAdapterType = "IDE" + + // NutanixDiskAdapterTypePCI represents the disk adapter type "PCI". + NutanixDiskAdapterTypePCI NutanixDiskAdapterType = "PCI" + + // NutanixDiskAdapterTypeSATA represents the disk adapter type "SATA". + NutanixDiskAdapterTypeSATA NutanixDiskAdapterType = "SATA" + + // NutanixDiskAdapterTypeSPAPR represents the disk adapter type "SPAPR". + NutanixDiskAdapterTypeSPAPR NutanixDiskAdapterType = "SPAPR" +) + +// NutanixVMDiskDeviceProperties specifies the disk device properties. +type NutanixVMDiskDeviceProperties struct { + // deviceType specifies the disk device type. + // The valid values are "Disk" and "CDRom", and the default is "Disk". + // +kubebuilder:default=Disk + // +kubebuilder:validation:Required + DeviceType NutanixDiskDeviceType `json:"deviceType"` + + // adapterType is the adapter type of the disk address. + // If the deviceType is "Disk", the valid adapterType can be "SCSI", "IDE", "PCI", "SATA" or "SPAPR". + // If the deviceType is "CDRom", the valid adapterType can be "IDE" or "SATA". + // +kubebuilder:validation:Required + AdapterType NutanixDiskAdapterType `json:"adapterType,omitempty"` + + // deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0. + // For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should + // start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0 + // and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE, + // the deviceIndex should start from 1. + // +kubebuilder:default=0 + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Required + DeviceIndex int32 `json:"deviceIndex,omitempty"` +} + +// NutanixDataDisk specifies the VM data disk configuration parameters. +type NutanixVMDisk struct { + // diskSize is size (in Quantity format) of the disk attached to the VM. + // See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation. + // The minimum diskSize is 1GB. + // +kubebuilder:validation:Required + DiskSize resource.Quantity `json:"diskSize"` + + // deviceProperties are the properties of the disk device. + // +optional + DeviceProperties *NutanixVMDiskDeviceProperties `json:"deviceProperties,omitempty"` + + // storageConfig are the storage configuration parameters of the VM disks. + // +optional + StorageConfig *NutanixVMStorageConfig `json:"storageConfig,omitempty"` + + // dataSource refers to a data source image for the VM disk. + // +optional + DataSource *NutanixResourceIdentifier `json:"dataSource,omitempty"` +} + // NutanixMachineProviderStatus is the type that will be embedded in a Machine.Status.ProviderStatus field. // It contains nutanix-specific status information. // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). diff --git a/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go index ffd8e951f26c..f30514381bfe 100644 --- a/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machine/v1/zz_generated.deepcopy.go @@ -624,6 +624,32 @@ func (in *NutanixFailureDomainReference) DeepCopy() *NutanixFailureDomainReferen return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NutanixGPU) DeepCopyInto(out *NutanixGPU) { + *out = *in + if in.DeviceID != nil { + in, out := &in.DeviceID, &out.DeviceID + *out = new(int32) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixGPU. +func (in *NutanixGPU) DeepCopy() *NutanixGPU { + if in == nil { + return nil + } + out := new(NutanixGPU) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NutanixMachineProviderConfig) DeepCopyInto(out *NutanixMachineProviderConfig) { *out = *in @@ -646,6 +672,20 @@ func (in *NutanixMachineProviderConfig) DeepCopyInto(out *NutanixMachineProvider *out = make([]NutanixCategory, len(*in)) copy(*out, *in) } + if in.GPUs != nil { + in, out := &in.GPUs, &out.GPUs + *out = make([]NutanixGPU, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DataDisks != nil { + in, out := &in.DataDisks, &out.DataDisks + *out = make([]NutanixVMDisk, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.UserDataSecret != nil { in, out := &in.UserDataSecret, &out.UserDataSecret *out = new(corev1.LocalObjectReference) @@ -745,6 +785,96 @@ func (in *NutanixResourceIdentifier) DeepCopy() *NutanixResourceIdentifier { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NutanixStorageResourceIdentifier) DeepCopyInto(out *NutanixStorageResourceIdentifier) { + *out = *in + if in.UUID != nil { + in, out := &in.UUID, &out.UUID + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixStorageResourceIdentifier. +func (in *NutanixStorageResourceIdentifier) DeepCopy() *NutanixStorageResourceIdentifier { + if in == nil { + return nil + } + out := new(NutanixStorageResourceIdentifier) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NutanixVMDisk) DeepCopyInto(out *NutanixVMDisk) { + *out = *in + out.DiskSize = in.DiskSize.DeepCopy() + if in.DeviceProperties != nil { + in, out := &in.DeviceProperties, &out.DeviceProperties + *out = new(NutanixVMDiskDeviceProperties) + **out = **in + } + if in.StorageConfig != nil { + in, out := &in.StorageConfig, &out.StorageConfig + *out = new(NutanixVMStorageConfig) + (*in).DeepCopyInto(*out) + } + if in.DataSource != nil { + in, out := &in.DataSource, &out.DataSource + *out = new(NutanixResourceIdentifier) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixVMDisk. +func (in *NutanixVMDisk) DeepCopy() *NutanixVMDisk { + if in == nil { + return nil + } + out := new(NutanixVMDisk) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NutanixVMDiskDeviceProperties) DeepCopyInto(out *NutanixVMDiskDeviceProperties) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixVMDiskDeviceProperties. +func (in *NutanixVMDiskDeviceProperties) DeepCopy() *NutanixVMDiskDeviceProperties { + if in == nil { + return nil + } + out := new(NutanixVMDiskDeviceProperties) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NutanixVMStorageConfig) DeepCopyInto(out *NutanixVMStorageConfig) { + *out = *in + if in.StorageContainer != nil { + in, out := &in.StorageContainer, &out.StorageContainer + *out = new(NutanixStorageResourceIdentifier) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixVMStorageConfig. +func (in *NutanixVMStorageConfig) DeepCopy() *NutanixVMStorageConfig { + if in == nil { + return nil + } + out := new(NutanixVMStorageConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OpenShiftMachineV1Beta1MachineTemplate) DeepCopyInto(out *OpenShiftMachineV1Beta1MachineTemplate) { *out = *in diff --git a/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go index 44fed0c1e1dd..32b86a7e9b40 100644 --- a/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machine/v1/zz_generated.swagger_doc_generated.go @@ -325,6 +325,17 @@ func (NutanixCategory) SwaggerDoc() map[string]string { return map_NutanixCategory } +var map_NutanixGPU = map[string]string{ + "": "NutanixGPU holds the identity of a Nutanix GPU resource in the Prism Central", + "type": "type is the identifier type of the GPU device. Valid values are Name and DeviceID.", + "deviceID": "deviceID is the GPU device ID with the integer value.", + "name": "name is the GPU device name", +} + +func (NutanixGPU) SwaggerDoc() map[string]string { + return map_NutanixGPU +} + var map_NutanixMachineProviderConfig = map[string]string{ "": "NutanixMachineProviderConfig is the Schema for the nutanixmachineproviderconfigs API Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -338,6 +349,8 @@ var map_NutanixMachineProviderConfig = map[string]string{ "bootType": "bootType indicates the boot type (Legacy, UEFI or SecureBoot) the Machine's VM uses to boot. If this field is empty or omitted, the VM will use the default boot type \"Legacy\" to boot. \"SecureBoot\" depends on \"UEFI\" boot, i.e., enabling \"SecureBoot\" means that \"UEFI\" boot is also enabled.", "project": "project optionally identifies a Prism project for the Machine's VM to associate with.", "categories": "categories optionally adds one or more prism categories (each with key and value) for the Machine's VM to associate with. All the category key and value pairs specified must already exist in the prism central.", + "gpus": "gpus is a list of GPU devices to attach to the machine's VM. The GPU devices should already exist in Prism Central and associated with one of the Prism Element's hosts and available for the VM to attach (in \"UNUSED\" status).", + "dataDisks": "dataDisks holds information of the data disks to attach to the Machine's VM", "userDataSecret": "userDataSecret is a local reference to a secret that contains the UserData to apply to the VM", "credentialsSecret": "credentialsSecret is a local reference to a secret that contains the credentials data to access Nutanix PC client", "failureDomain": "failureDomain refers to the name of the FailureDomain with which this Machine is associated. If this is configured, the Nutanix machine controller will use the prism_central endpoint and credentials defined in the referenced FailureDomain to communicate to the prism_central. It will also verify that the 'cluster' and subnets' configuration in the NutanixMachineProviderConfig is consistent with that in the referenced failureDomain.", @@ -368,6 +381,49 @@ func (NutanixResourceIdentifier) SwaggerDoc() map[string]string { return map_NutanixResourceIdentifier } +var map_NutanixStorageResourceIdentifier = map[string]string{ + "": "NutanixStorageResourceIdentifier holds the identity of a Nutanix storage resource (storage_container, etc.)", + "type": "type is the identifier type to use for this resource. The valid value is \"uuid\".", + "uuid": "uuid is the UUID of the storage resource in the PC.", +} + +func (NutanixStorageResourceIdentifier) SwaggerDoc() map[string]string { + return map_NutanixStorageResourceIdentifier +} + +var map_NutanixVMDisk = map[string]string{ + "": "NutanixDataDisk specifies the VM data disk configuration parameters.", + "diskSize": "diskSize is size (in Quantity format) of the disk attached to the VM. See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Format for the Quantity format and example documentation. The minimum diskSize is 1GB.", + "deviceProperties": "deviceProperties are the properties of the disk device.", + "storageConfig": "storageConfig are the storage configuration parameters of the VM disks.", + "dataSource": "dataSource refers to a data source image for the VM disk.", +} + +func (NutanixVMDisk) SwaggerDoc() map[string]string { + return map_NutanixVMDisk +} + +var map_NutanixVMDiskDeviceProperties = map[string]string{ + "": "NutanixVMDiskDeviceProperties specifies the disk device properties.", + "deviceType": "deviceType specifies the disk device type. The valid values are \"Disk\" and \"CDRom\", and the default is \"Disk\".", + "adapterType": "adapterType is the adapter type of the disk address. If the deviceType is \"Disk\", the valid adapterType can be \"SCSI\", \"IDE\", \"PCI\", \"SATA\" or \"SPAPR\". If the deviceType is \"CDRom\", the valid adapterType can be \"IDE\" or \"SATA\".", + "deviceIndex": "deviceIndex is the index of the disk address. The valid values are non-negative integers, with the default value 0. For a Machine VM, the deviceIndex for the disks with the same deviceType.adapterType combination should start from 0 and increase consecutively afterwards. Note that for each Machine VM, the Disk.SCSI.0 and CDRom.IDE.0 are reserved to be used by the VM's system. So for dataDisks of Disk.SCSI and CDRom.IDE, the deviceIndex should start from 1.", +} + +func (NutanixVMDiskDeviceProperties) SwaggerDoc() map[string]string { + return map_NutanixVMDiskDeviceProperties +} + +var map_NutanixVMStorageConfig = map[string]string{ + "": "NutanixVMStorageConfig specifies the storage configuration parameters for VM disks.", + "diskMode": "diskMode specifies the disk mode. The valid values are Standard and Flash, and the default is Standard.", + "storageContainer": "storageContainer refers to the storage_container used by the VM disk.", +} + +func (NutanixVMStorageConfig) SwaggerDoc() map[string]string { + return map_NutanixVMStorageConfig +} + var map_LoadBalancerReference = map[string]string{ "": "LoadBalancerReference is a reference to a load balancer on IBM Cloud virtual private cloud(VPC).", "name": "name of the LoadBalancer in IBM Cloud VPC. The name should be between 1 and 63 characters long and may consist of lowercase alphanumeric characters and hyphens only. The value must not end with a hyphen. It is a reference to existing LoadBalancer created by openshift installer component.", diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go index 2e3223b10b2d..b2c66b7072b8 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_awsprovider.go @@ -90,7 +90,11 @@ type AWSMachineProviderConfig struct { // +kubebuilder:validation:Minimum:=1 // +kubebuilder:validation:Maximum:=7 // +optional - PlacementGroupPartition int32 `json:"placementGroupPartition,omitempty"` + PlacementGroupPartition *int32 `json:"placementGroupPartition,omitempty"` + // capacityReservationId specifies the target Capacity Reservation into which the instance should be launched. + // The field size should be greater than 0 and the field input must start with cr-*** + // +optional + CapacityReservationID string `json:"capacityReservationId"` } // BlockDeviceMappingSpec describes a block device mapping diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go index 6322ca29cf25..d37ac11e6aff 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.deepcopy.go @@ -75,6 +75,11 @@ func (in *AWSMachineProviderConfig) DeepCopyInto(out *AWSMachineProviderConfig) (*in).DeepCopyInto(*out) } out.MetadataServiceOptions = in.MetadataServiceOptions + if in.PlacementGroupPartition != nil { + in, out := &in.PlacementGroupPartition, &out.PlacementGroupPartition + *out = new(int32) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go index f2173537c91c..5bba232bf7f1 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go @@ -32,6 +32,7 @@ var map_AWSMachineProviderConfig = map[string]string{ "metadataServiceOptions": "MetadataServiceOptions allows users to configure instance metadata service interaction options. If nothing specified, default AWS IMDS settings will be applied. https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_InstanceMetadataOptionsRequest.html", "placementGroupName": "PlacementGroupName specifies the name of the placement group in which to launch the instance. The placement group must already be created and may use any placement strategy. When omitted, no placement group is used when creating the EC2 instance.", "placementGroupPartition": "placementGroupPartition is the partition number within the placement group in which to launch the instance. This must be an integer value between 1 and 7. It is only valid if the placement group, referred in `PlacementGroupName` was created with strategy set to partition.", + "capacityReservationId": "capacityReservationId specifies the target Capacity Reservation into which the instance should be launched. The field size should be greater than 0 and the field input must start with cr-***", } func (AWSMachineProviderConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go index b84910ad40b6..98b3c48f713c 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/types_machineconfignode.go @@ -13,12 +13,15 @@ import ( // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1596 // +openshift:file-pattern=cvoRunLevel=0000_80,operatorName=machine-config,operatorOrdering=01 // +openshift:enable:FeatureGate=MachineConfigNodes -// +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status -// +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status -// +kubebuilder:printcolumn:name="UpdateExecuted",type="string",JSONPath=.status.conditions[?(@.type=="UpdateExecuted")].status -// +kubebuilder:printcolumn:name="UpdatePostActionComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePostActionComplete")].status -// +kubebuilder:printcolumn:name="UpdateComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdateComplete")].status -// +kubebuilder:printcolumn:name="Resumed",type="string",JSONPath=.status.conditions[?(@.type=="Resumed")].status +// +kubebuilder:printcolumn:name="PoolName",type="string",JSONPath=.spec.pool.name,priority=0 +// +kubebuilder:printcolumn:name="DesiredConfig",type="string",JSONPath=.spec.configVersion.desired,priority=0 +// +kubebuilder:printcolumn:name="CurrentConfig",type="string",JSONPath=.status.configVersion.current,priority=0 +// +kubebuilder:printcolumn:name="Updated",type="string",JSONPath=.status.conditions[?(@.type=="Updated")].status,priority=0 +// +kubebuilder:printcolumn:name="UpdatePrepared",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePrepared")].status,priority=1 +// +kubebuilder:printcolumn:name="UpdateExecuted",type="string",JSONPath=.status.conditions[?(@.type=="UpdateExecuted")].status,priority=1 +// +kubebuilder:printcolumn:name="UpdatePostActionComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdatePostActionComplete")].status,priority=1 +// +kubebuilder:printcolumn:name="UpdateComplete",type="string",JSONPath=.status.conditions[?(@.type=="UpdateComplete")].status,priority=1 +// +kubebuilder:printcolumn:name="Resumed",type="string",JSONPath=.status.conditions[?(@.type=="Resumed")].status,priority=1 // +kubebuilder:printcolumn:name="UpdateCompatible",type="string",JSONPath=.status.conditions[?(@.type=="UpdateCompatible")].status,priority=1 // +kubebuilder:printcolumn:name="UpdatedFilesAndOS",type="string",JSONPath=.status.conditions[?(@.type=="AppliedFilesAndOS")].status,priority=1 // +kubebuilder:printcolumn:name="CordonedNode",type="string",JSONPath=.status.conditions[?(@.type=="Cordoned")].status,priority=1 diff --git a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index 68c8828e55eb..ea7bbeeb549e 100644 --- a/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/machineconfiguration/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -16,23 +16,37 @@ machineconfignodes.machineconfiguration.openshift.io: openshift.io/operator-managed: "" PluralName: machineconfignodes PrinterColumns: + - jsonPath: .spec.pool.name + name: PoolName + type: string + - jsonPath: .spec.configVersion.desired + name: DesiredConfig + type: string + - jsonPath: .status.configVersion.current + name: CurrentConfig + type: string - jsonPath: .status.conditions[?(@.type=="Updated")].status name: Updated type: string - jsonPath: .status.conditions[?(@.type=="UpdatePrepared")].status name: UpdatePrepared + priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="UpdateExecuted")].status name: UpdateExecuted + priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="UpdatePostActionComplete")].status name: UpdatePostActionComplete + priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="UpdateComplete")].status name: UpdateComplete + priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="Resumed")].status name: Resumed + priority: 1 type: string - jsonPath: .status.conditions[?(@.type=="UpdateCompatible")].status name: UpdateCompatible diff --git a/vendor/github.com/openshift/api/network/v1/generated.proto b/vendor/github.com/openshift/api/network/v1/generated.proto index b7016bfb2514..d2e75548bb63 100644 --- a/vendor/github.com/openshift/api/network/v1/generated.proto +++ b/vendor/github.com/openshift/api/network/v1/generated.proto @@ -11,9 +11,9 @@ import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; // Package-wide variables from generator "generated". option go_package = "github.com/openshift/api/network/v1"; -// ClusterNetwork describes the cluster network. There is normally only one object of this type, -// named "default", which is created by the SDN network plugin based on the master configuration -// when the cluster is brought up for the first time. +// ClusterNetwork was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true @@ -91,11 +91,9 @@ message ClusterNetworkList { repeated ClusterNetwork items = 2; } -// EgressNetworkPolicy describes the current egress network policy for a Namespace. When using -// the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address -// outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's -// namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy -// is present) then the traffic will be allowed by default. +// EgressNetworkPolicy was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true @@ -154,8 +152,9 @@ message EgressNetworkPolicySpec { repeated EgressNetworkPolicyRule egress = 1; } -// HostSubnet describes the container subnet network on a node. The HostSubnet object must have the -// same name as the Node object it corresponds to. +// HostSubnet was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true @@ -211,9 +210,9 @@ message HostSubnetList { repeated HostSubnet items = 2; } -// NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant -// plugin, every Namespace will have a corresponding NetNamespace object with the same name. -// (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.) +// NetNamespace was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true diff --git a/vendor/github.com/openshift/api/network/v1/types.go b/vendor/github.com/openshift/api/network/v1/types.go index f39e786c209d..89015cf6b1ba 100644 --- a/vendor/github.com/openshift/api/network/v1/types.go +++ b/vendor/github.com/openshift/api/network/v1/types.go @@ -12,9 +12,9 @@ const ( // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// ClusterNetwork describes the cluster network. There is normally only one object of this type, -// named "default", which is created by the SDN network plugin based on the master configuration -// when the cluster is brought up for the first time. +// ClusterNetwork was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true @@ -112,8 +112,9 @@ type HostSubnetEgressCIDR string // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// HostSubnet describes the container subnet network on a node. The HostSubnet object must have the -// same name as the Node object it corresponds to. +// HostSubnet was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true @@ -184,9 +185,9 @@ type NetNamespaceEgressIP string // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant -// plugin, every Namespace will have a corresponding NetNamespace object with the same name. -// (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.) +// NetNamespace was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true @@ -274,11 +275,9 @@ type EgressNetworkPolicySpec struct { // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// EgressNetworkPolicy describes the current egress network policy for a Namespace. When using -// the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address -// outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's -// namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy -// is present) then the traffic will be allowed by default. +// EgressNetworkPolicy was used by OpenShift SDN. +// DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in +// any way by OpenShift. // // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). // +kubebuilder:object:root=true diff --git a/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go index f92172acaf89..743ddeab5720 100644 --- a/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/network/v1/zz_generated.swagger_doc_generated.go @@ -12,7 +12,7 @@ package v1 // AUTO-GENERATED FUNCTIONS START HERE var map_ClusterNetwork = map[string]string{ - "": "ClusterNetwork describes the cluster network. There is normally only one object of this type, named \"default\", which is created by the SDN network plugin based on the master configuration when the cluster is brought up for the first time.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "": "ClusterNetwork was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "network": "Network is a CIDR string specifying the global overlay network's L3 space", "hostsubnetlength": "HostSubnetLength is the number of bits of network to allocate to each node. eg, 8 would mean that each node would have a /24 slice of the overlay network for its pods", @@ -48,7 +48,7 @@ func (ClusterNetworkList) SwaggerDoc() map[string]string { } var map_EgressNetworkPolicy = map[string]string{ - "": "EgressNetworkPolicy describes the current egress network policy for a Namespace. When using the 'redhat/openshift-ovs-multitenant' network plugin, traffic from a pod to an IP address outside the cluster will be checked against each EgressNetworkPolicyRule in the pod's namespace's EgressNetworkPolicy, in order. If no rule matches (or no EgressNetworkPolicy is present) then the traffic will be allowed by default.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "": "EgressNetworkPolicy was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "spec": "spec is the specification of the current egress network policy", } @@ -97,7 +97,7 @@ func (EgressNetworkPolicySpec) SwaggerDoc() map[string]string { } var map_HostSubnet = map[string]string{ - "": "HostSubnet describes the container subnet network on a node. The HostSubnet object must have the same name as the Node object it corresponds to.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "": "HostSubnet was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "host": "Host is the name of the node. (This is the same as the object's name, but both fields must be set.)", "hostIP": "HostIP is the IP address to be used as a VTEP by other nodes in the overlay network", @@ -121,7 +121,7 @@ func (HostSubnetList) SwaggerDoc() map[string]string { } var map_NetNamespace = map[string]string{ - "": "NetNamespace describes a single isolated network. When using the redhat/openshift-ovs-multitenant plugin, every Namespace will have a corresponding NetNamespace object with the same name. (When using redhat/openshift-ovs-subnet, NetNamespaces are not used.)\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "": "NetNamespace was used by OpenShift SDN. DEPRECATED: OpenShift SDN is no longer supported and this object is no longer used in any way by OpenShift.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "netname": "NetName is the name of the network namespace. (This is the same as the object's name, but both fields must be set.)", "netid": "NetID is the network identifier of the network namespace assigned to each overlay network packet. This can be manipulated with the \"oc adm pod-network\" commands.", diff --git a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go index f077f98ab077..33e3cf2912f7 100644 --- a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go +++ b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go @@ -117,6 +117,23 @@ type RoutingConfig struct { Subdomain string `json:"subdomain"` } +// ImportModeType describes how to import an image manifest. +// +enum +// +kubebuilder:validation:Enum:="";Legacy;PreserveOriginal +type ImportModeType string + +const ( + // ImportModeLegacy indicates that the legacy behaviour should be used. + // For manifest lists, the legacy behaviour will discard the manifest list and import a single + // sub-manifest. In this case, the platform is chosen in the following order of priority: + // 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. + // This mode is the default. + ImportModeLegacy ImportModeType = "Legacy" + // ImportModePreserveOriginal indicates that the original manifest will be preserved. + // For manifest lists, the manifest list and all its sub-manifests will be imported. + ImportModePreserveOriginal ImportModeType = "PreserveOriginal" +) + type ImagePolicyConfig struct { // maxImagesBulkImportedPerRepository controls the number of images that are imported when a user // does a bulk import of a container repository. This number is set low to prevent users from @@ -142,6 +159,19 @@ type ImagePolicyConfig struct { // additionalTrustedCA is a path to a pem bundle file containing additional CAs that // should be trusted during imagestream import. AdditionalTrustedCA string `json:"additionalTrustedCA"` + + // imageStreamImportMode provides the import mode value for imagestreams. + // It can be `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour + // should be used. For manifest lists, the legacy behaviour will discard the manifest list + // and import a single sub-manifest. In this case, the platform is chosen in the following + // order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first + // manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. + // For manifest lists, the manifest list and all its sub-manifests will be imported.If this value + // is specified, this setting is applied to all newly created imagestreams which do not have the + // value set. + // +openshift:enable:FeatureGate=ImageStreamImportMode + // +optional + ImageStreamImportMode ImportModeType `json:"imageStreamImportMode"` } // AllowedRegistries represents a list of registries allowed for the image import. diff --git a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go index 25a9333bbf4b..5162e46ba0c9 100644 --- a/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/openshiftcontrolplane/v1/zz_generated.swagger_doc_generated.go @@ -114,6 +114,7 @@ var map_ImagePolicyConfig = map[string]string{ "internalRegistryHostname": "internalRegistryHostname sets the hostname for the default internal image registry. The value must be in \"hostname[:port]\" format.", "externalRegistryHostnames": "externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in \"hostname[:port]\" format.", "additionalTrustedCA": "additionalTrustedCA is a path to a pem bundle file containing additional CAs that should be trusted during imagestream import.", + "imageStreamImportMode": "imageStreamImportMode provides the import mode value for imagestreams. It can be `Legacy` or `PreserveOriginal`. `Legacy` indicates that the legacy behaviour should be used. For manifest lists, the legacy behaviour will discard the manifest list and import a single sub-manifest. In this case, the platform is chosen in the following order of priority: 1. tag annotations; 2. control plane arch/os; 3. linux/amd64; 4. the first manifest in the list. `PreserveOriginal` indicates that the original manifest will be preserved. For manifest lists, the manifest list and all its sub-manifests will be imported.If this value is specified, this setting is applied to all newly created imagestreams which do not have the value set.", } func (ImagePolicyConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operator/v1/types_console.go b/vendor/github.com/openshift/api/operator/v1/types_console.go index 66e3798d9246..aa39b2f950fe 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_console.go +++ b/vendor/github.com/openshift/api/operator/v1/types_console.go @@ -99,8 +99,63 @@ type StatuspageProvider struct { PageID string `json:"pageID"` } +// ConsoleCapabilityName defines name of UI capability in the console UI. +type ConsoleCapabilityName string + +const ( + // lightspeedButton is the name for the Lightspeed button HTML element. + LightspeedButton ConsoleCapabilityName = "LightspeedButton" + + // gettingStartedBanner is the name of the 'Getting started resources' banner in the console UI Overview page. + GettingStartedBanner ConsoleCapabilityName = "GettingStartedBanner" +) + +// CapabilityState defines the state of the capability in the console UI. +type CapabilityState string + +const ( + // "Enabled" means that the capability will be rendered in the console UI. + CapabilityEnabled CapabilityState = "Enabled" + // "Disabled" means that the capability will not be rendered in the console UI. + CapabilityDisabled CapabilityState = "Disabled" +) + +// CapabilityVisibility defines the criteria to enable/disable a capability. +// +union +type CapabilityVisibility struct { + // state defines if the capability is enabled or disabled in the console UI. + // Enabling the capability in the console UI is represented by the "Enabled" value. + // Disabling the capability in the console UI is represented by the "Disabled" value. + // +unionDiscriminator + // +kubebuilder:validation:Enum:="Enabled";"Disabled" + // +kubebuilder:validation:Required + State CapabilityState `json:"state"` +} + +// Capabilities contains set of UI capabilities and their state in the console UI. +type Capability struct { + // name is the unique name of a capability. + // Available capabilities are LightspeedButton and GettingStartedBanner. + // +kubebuilder:validation:Enum:="LightspeedButton";"GettingStartedBanner" + // +kubebuilder:validation:Required + Name ConsoleCapabilityName `json:"name"` + // visibility defines the visibility state of the capability. + // +kubebuilder:validation:Required + Visibility CapabilityVisibility `json:"visibility"` +} + // ConsoleCustomization defines a list of optional configuration for the console UI. type ConsoleCustomization struct { + // capabilities defines an array of capabilities that can be interacted with in the console UI. + // Each capability defines a visual state that can be interacted with the console to render in the UI. + // Available capabilities are LightspeedButton and GettingStartedBanner. + // Each of the available capabilities may appear only once in the list. + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=2 + // +listType=map + // +listMapKey=name + // +optional + Capabilities []Capability `json:"capabilities,omitempty"` // brand is the default branding of the web console which can be overridden by // providing the brand field. There is a limited set of specific brand options. // This field controls elements of the console such as the logo. diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index 4fccecb9f67b..0644b6a93c72 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -168,6 +168,65 @@ type AWSCSIDriverConfigSpec struct { // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)\/.*$` // +optional KMSKeyARN string `json:"kmsKeyARN,omitempty"` + + // efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver. + // +openshift:enable:FeatureGate=AWSEFSDriverVolumeMetrics + // +optional + EFSVolumeMetrics *AWSEFSVolumeMetrics `json:"efsVolumeMetrics,omitempty"` +} + +// AWSEFSVolumeMetricsState defines the modes for collecting volume metrics in the AWS EFS CSI Driver. +// This can either enable recursive collection of volume metrics or disable metric collection entirely. +// +kubebuilder:validation:Enum:="RecursiveWalk";"Disabled" +type AWSEFSVolumeMetricsState string + +const ( + // AWSEFSVolumeMetricsRecursiveWalk indicates that volume metrics collection in the AWS EFS CSI Driver + // is performed by recursively walking through the files in the volume. + AWSEFSVolumeMetricsRecursiveWalk AWSEFSVolumeMetricsState = "RecursiveWalk" + + // AWSEFSVolumeMetricsDisabled indicates that volume metrics collection in the AWS EFS CSI Driver is disabled. + AWSEFSVolumeMetricsDisabled AWSEFSVolumeMetricsState = "Disabled" +) + +// AWSEFSVolumeMetrics defines the configuration for volume metrics in the EFS CSI Driver. +// +union +type AWSEFSVolumeMetrics struct { + // state defines the state of metric collection in the AWS EFS CSI Driver. + // This field is required and must be set to one of the following values: Disabled or RecursiveWalk. + // Disabled means no metrics collection will be performed. This is the default value. + // RecursiveWalk means the AWS EFS CSI Driver will recursively scan volumes to collect metrics. + // This process may result in high CPU and memory usage, depending on the volume size. + // +unionDiscriminator + // +kubebuilder:validation:Required + State AWSEFSVolumeMetricsState `json:"state"` + + // recursiveWalk provides additional configuration for collecting volume metrics in the AWS EFS CSI Driver + // when the state is set to RecursiveWalk. + // +unionMember + // +optional + RecursiveWalk *AWSEFSVolumeMetricsRecursiveWalkConfig `json:"recursiveWalk,omitempty"` +} + +// AWSEFSVolumeMetricsRecursiveWalkConfig defines options for volume metrics in the EFS CSI Driver. +type AWSEFSVolumeMetricsRecursiveWalkConfig struct { + // refreshPeriodMinutes specifies the frequency, in minutes, at which volume metrics are refreshed. + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. The current default is 240. + // The valid range is from 1 to 43200 minutes (30 days). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=43200 + // +optional + RefreshPeriodMinutes int32 `json:"refreshPeriodMinutes,omitempty"` + + // fsRateLimit defines the rate limit, in goroutines per file system, for processing volume metrics. + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. The current default is 5. + // The valid range is from 1 to 100 goroutines. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=100 + // +optional + FSRateLimit int32 `json:"fsRateLimit,omitempty"` } // AzureDiskEncryptionSet defines the configuration for a disk encryption set. diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index 68df56b409fd..51970cea992e 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -391,6 +391,7 @@ var ( type CIDR string // LoadBalancerStrategy holds parameters for a load balancer. +// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule="!has(self.scope) || self.scope != 'Internal' || !has(self.providerParameters) || !has(self.providerParameters.aws) || !has(self.providerParameters.aws.networkLoadBalancer) || !has(self.providerParameters.aws.networkLoadBalancer.eipAllocations)",message="eipAllocations are forbidden when the scope is Internal." type LoadBalancerStrategy struct { // scope indicates the scope at which the load balancer is exposed. // Possible values are "External" and "Internal". @@ -558,6 +559,52 @@ const ( AWSNetworkLoadBalancer AWSLoadBalancerType = "NLB" ) +// AWSSubnets contains a list of references to AWS subnets by +// ID or name. +// +kubebuilder:validation:XValidation:rule=`has(self.ids) && has(self.names) ? size(self.ids + self.names) <= 10 : true`,message="the total number of subnets cannot exceed 10" +// +kubebuilder:validation:XValidation:rule=`has(self.ids) && self.ids.size() > 0 || has(self.names) && self.names.size() > 0`,message="must specify at least 1 subnet name or id" +type AWSSubnets struct { + // ids specifies a list of AWS subnets by subnet ID. + // Subnet IDs must start with "subnet-", consist only + // of alphanumeric characters, must be exactly 24 + // characters long, must be unique, and the total + // number of subnets specified by ids and names + // must not exceed 10. + // + // +optional + // +listType=atomic + // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="subnet ids cannot contain duplicates" + // + Note: Though it may seem redundant, MaxItems is necessary to prevent exceeding of the cost budget for the validation rules. + // +kubebuilder:validation:MaxItems=10 + IDs []AWSSubnetID `json:"ids,omitempty"` + + // names specifies a list of AWS subnets by subnet name. + // Subnet names must not start with "subnet-", must not + // include commas, must be under 256 characters in length, + // must be unique, and the total number of subnets + // specified by ids and names must not exceed 10. + // + // +optional + // +listType=atomic + // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="subnet names cannot contain duplicates" + // + Note: Though it may seem redundant, MaxItems is necessary to prevent exceeding of the cost budget for the validation rules. + // +kubebuilder:validation:MaxItems=10 + Names []AWSSubnetName `json:"names,omitempty"` +} + +// AWSSubnetID is a reference to an AWS subnet ID. +// +kubebuilder:validation:MinLength=24 +// +kubebuilder:validation:MaxLength=24 +// +kubebuilder:validation:Pattern=`^subnet-[0-9A-Za-z]+$` +type AWSSubnetID string + +// AWSSubnetName is a reference to an AWS subnet name. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=256 +// +kubebuilder:validation:XValidation:rule=`!self.contains(',')`,message="subnet name cannot contain a comma" +// +kubebuilder:validation:XValidation:rule=`!self.startsWith('subnet-')`,message="subnet name cannot start with 'subnet-'" +type AWSSubnetName string + // GCPLoadBalancerParameters provides configuration settings that are // specific to GCP load balancers. type GCPLoadBalancerParameters struct { @@ -632,13 +679,89 @@ type AWSClassicLoadBalancerParameters struct { // +kubebuilder:validation:Format=duration // +optional ConnectionIdleTimeout metav1.Duration `json:"connectionIdleTimeout,omitempty"` + + // subnets specifies the subnets to which the load balancer will + // attach. The subnets may be specified by either their + // ID or name. The total number of subnets is limited to 10. + // + // In order for the load balancer to be provisioned with subnets, + // each subnet must exist, each subnet must be from a different + // availability zone, and the load balancer service must be + // recreated to pick up new values. + // + // When omitted from the spec, the subnets will be auto-discovered + // for each availability zone. Auto-discovered subnets are not reported + // in the status of the IngressController object. + // + // +optional + // +openshift:enable:FeatureGate=IngressControllerLBSubnetsAWS + Subnets *AWSSubnets `json:"subnets,omitempty"` } // AWSNetworkLoadBalancerParameters holds configuration parameters for an -// AWS Network load balancer. +// AWS Network load balancer. For Example: Setting AWS EIPs https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html +// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule=`has(self.subnets) && has(self.subnets.ids) && has(self.subnets.names) && has(self.eipAllocations) ? size(self.subnets.ids + self.subnets.names) == size(self.eipAllocations) : true`,message="number of subnets must be equal to number of eipAllocations" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule=`has(self.subnets) && has(self.subnets.ids) && !has(self.subnets.names) && has(self.eipAllocations) ? size(self.subnets.ids) == size(self.eipAllocations) : true`,message="number of subnets must be equal to number of eipAllocations" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=SetEIPForNLBIngressController,rule=`has(self.subnets) && has(self.subnets.names) && !has(self.subnets.ids) && has(self.eipAllocations) ? size(self.subnets.names) == size(self.eipAllocations) : true`,message="number of subnets must be equal to number of eipAllocations" type AWSNetworkLoadBalancerParameters struct { + // subnets specifies the subnets to which the load balancer will + // attach. The subnets may be specified by either their + // ID or name. The total number of subnets is limited to 10. + // + // In order for the load balancer to be provisioned with subnets, + // each subnet must exist, each subnet must be from a different + // availability zone, and the load balancer service must be + // recreated to pick up new values. + // + // When omitted from the spec, the subnets will be auto-discovered + // for each availability zone. Auto-discovered subnets are not reported + // in the status of the IngressController object. + // + // +optional + // +openshift:enable:FeatureGate=IngressControllerLBSubnetsAWS + Subnets *AWSSubnets `json:"subnets,omitempty"` + + // eipAllocations is a list of IDs for Elastic IP (EIP) addresses that + // are assigned to the Network Load Balancer. + // The following restrictions apply: + // + // eipAllocations can only be used with external scope, not internal. + // An EIP can be allocated to only a single IngressController. + // The number of EIP allocations must match the number of subnets that are used for the load balancer. + // Each EIP allocation must be unique. + // A maximum of 10 EIP allocations are permitted. + // + // See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html for general + // information about configuration, characteristics, and limitations of Elastic IP addresses. + // + // +openshift:enable:FeatureGate=SetEIPForNLBIngressController + // +optional + // +listType=atomic + // +kubebuilder:validation:XValidation:rule=`self.all(x, self.exists_one(y, x == y))`,message="eipAllocations cannot contain duplicates" + // +kubebuilder:validation:MaxItems=10 + EIPAllocations []EIPAllocation `json:"eipAllocations"` } +// EIPAllocation is an ID for an Elastic IP (EIP) address that can be allocated to an ELB in the AWS environment. +// Values must begin with `eipalloc-` followed by exactly 17 hexadecimal (`[0-9a-fA-F]`) characters. +// + Explanation of the regex `^eipalloc-[0-9a-fA-F]{17}$` for validating value of the EIPAllocation: +// + ^eipalloc- ensures the string starts with "eipalloc-". +// + [0-9a-fA-F]{17} matches exactly 17 hexadecimal characters (0-9, a-f, A-F). +// + $ ensures the string ends after the 17 hexadecimal characters. +// + Example of Valid and Invalid values: +// + eipalloc-1234567890abcdef1 is valid. +// + eipalloc-1234567890abcde is not valid (too short). +// + eipalloc-1234567890abcdefg is not valid (contains a non-hex character 'g'). +// + Max length is calculated as follows: +// + eipalloc- = 9 chars and 17 hexadecimal chars after `-` +// + So, total is 17 + 9 = 26 chars required for value of an EIPAllocation. +// +// +kubebuilder:validation:MinLength=26 +// +kubebuilder:validation:MaxLength=26 +// +kubebuilder:validation:XValidation:rule=`self.startsWith('eipalloc-')`,message="eipAllocations should start with 'eipalloc-'" +// +kubebuilder:validation:XValidation:rule=`self.split("-", 2)[1].matches('[0-9a-fA-F]{17}$')`,message="eipAllocations must be 'eipalloc-' followed by exactly 17 hexadecimal characters (0-9, a-f, A-F)" +type EIPAllocation string + // HostNetworkStrategy holds parameters for the HostNetwork endpoint publishing // strategy. type HostNetworkStrategy struct { diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 35bb5ada3631..afe773192a14 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -53,17 +53,20 @@ type NetworkList struct { // NetworkSpec is the top-level network configuration object. // +kubebuilder:validation:XValidation:rule="!has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding) || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == oldSelf.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Restricted' || self.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding == 'Global'",message="invalid value for IPForwarding, valid values are 'Restricted' or 'Global'" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=AdditionalRoutingCapabilities,rule="(has(self.additionalRoutingCapabilities) && ('FRR' in self.additionalRoutingCapabilities.providers)) || !has(self.defaultNetwork) || !has(self.defaultNetwork.ovnKubernetesConfig) || !has(self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements) || self.defaultNetwork.ovnKubernetesConfig.routeAdvertisements != 'Enabled'",message="Route advertisements cannot be Enabled if 'FRR' routing capability provider is not available" type NetworkSpec struct { OperatorSpec `json:",inline"` // clusterNetwork is the IP address pool to use for pod IPs. - // Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. + // Some network providers support multiple ClusterNetworks. // Others only support one. This is equivalent to the cluster-cidr. + // +listType=atomic ClusterNetwork []ClusterNetworkEntry `json:"clusterNetwork"` // serviceNetwork is the ip address pool to use for Service IPs // Currently, all existing network providers only support a single value // here, but this is an array to allow for growth. + // +listType=atomic ServiceNetwork []string `json:"serviceNetwork"` // defaultNetwork is the "default" network that all pods will receive @@ -71,6 +74,8 @@ type NetworkSpec struct { // additionalNetworks is a list of extra networks to make available to pods // when multiple networks are enabled. + // +listType=map + // +listMapKey=name AdditionalNetworks []AdditionalNetworkDefinition `json:"additionalNetworks,omitempty"` // disableMultiNetwork specifies whether or not multiple pod network @@ -91,8 +96,8 @@ type NetworkSpec struct { // deployKubeProxy specifies whether or not a standalone kube-proxy should // be deployed by the operator. Some network providers include kube-proxy // or similar functionality. If unset, the plugin will attempt to select - // the correct value, which is false when OpenShift SDN and ovn-kubernetes are - // used and true otherwise. + // the correct value, which is false when ovn-kubernetes is used and true + // otherwise. // +optional DeployKubeProxy *bool `json:"deployKubeProxy,omitempty"` @@ -104,9 +109,9 @@ type NetworkSpec struct { // +kubebuilder:default:=false DisableNetworkDiagnostics bool `json:"disableNetworkDiagnostics"` - // kubeProxyConfig lets us configure desired proxy configuration. - // If not specified, sensible defaults will be chosen by OpenShift directly. - // Not consumed by all network providers - currently only openshift-sdn. + // kubeProxyConfig lets us configure desired proxy configuration, if + // deployKubeProxy is true. If not specified, sensible defaults will be chosen by + // OpenShift directly. KubeProxyConfig *ProxyConfig `json:"kubeProxyConfig,omitempty"` // exportNetworkFlows enables and configures the export of network flow metadata from the pod network @@ -115,79 +120,91 @@ type NetworkSpec struct { // +optional ExportNetworkFlows *ExportNetworkFlows `json:"exportNetworkFlows,omitempty"` - // migration enables and configures the cluster network migration. The - // migration procedure allows to change the network type and the MTU. + // migration enables and configures cluster network migration, for network changes + // that cannot be made instantly. // +optional Migration *NetworkMigration `json:"migration,omitempty"` + + // additionalRoutingCapabilities describes components and relevant + // configuration providing additional routing capabilities. When set, it + // enables such components and the usage of the routing capabilities they + // provide for the machine network. Upstream operators, like MetalLB + // operator, requiring these capabilities may rely on, or automatically set + // this attribute. Network plugins may leverage advanced routing + // capabilities acquired through the enablement of these components but may + // require specific configuration on their side to do so; refer to their + // respective documentation and configuration options. + // +openshift:enable:FeatureGate=AdditionalRoutingCapabilities + // +optional + AdditionalRoutingCapabilities *AdditionalRoutingCapabilities `json:"additionalRoutingCapabilities,omitempty"` } // NetworkMigrationMode is an enumeration of the possible mode of the network migration // Valid values are "Live", "Offline" and omitted. +// DEPRECATED: network type migration is no longer supported. // +kubebuilder:validation:Enum:=Live;Offline;"" type NetworkMigrationMode string const ( // A "Live" migration operation will not cause service interruption by migrating the CNI of each node one by one. The cluster network will work as normal during the network migration. + // DEPRECATED: network type migration is no longer supported. LiveNetworkMigrationMode NetworkMigrationMode = "Live" // An "Offline" migration operation will cause service interruption. During an "Offline" migration, two rounds of node reboots are required. The cluster network will be malfunctioning during the network migration. + // DEPRECATED: network type migration is no longer supported. OfflineNetworkMigrationMode NetworkMigrationMode = "Offline" ) -// NetworkMigration represents the cluster network configuration. +// NetworkMigration represents the cluster network migration configuration. // +openshift:validation:FeatureGateAwareXValidation:featureGate=NetworkLiveMigration,rule="!has(self.mtu) || !has(self.networkType) || self.networkType == \"\" || has(self.mode) && self.mode == 'Live'",message="networkType migration in mode other than 'Live' may not be configured at the same time as mtu migration" type NetworkMigration struct { - // networkType is the target type of network migration. Set this to the - // target network type to allow changing the default network. If unset, the - // operation of changing cluster default network plugin will be rejected. - // The supported values are OpenShiftSDN, OVNKubernetes - // +optional - NetworkType string `json:"networkType,omitempty"` - // mtu contains the MTU migration configuration. Set this to allow changing // the MTU values for the default network. If unset, the operation of // changing the MTU for the default network will be rejected. // +optional MTU *MTUMigration `json:"mtu,omitempty"` - // features contains the features migration configuration. Set this to migrate - // feature configuration when changing the cluster default network provider. - // if unset, the default operation is to migrate all the configuration of - // supported features. + // networkType was previously used when changing the default network type. + // DEPRECATED: network type migration is no longer supported, and setting + // this to a non-empty value will result in the network operator rejecting + // the configuration. + // +optional + NetworkType string `json:"networkType,omitempty"` + + // features was previously used to configure which network plugin features + // would be migrated in a network type migration. + // DEPRECATED: network type migration is no longer supported, and setting + // this to a non-empty value will result in the network operator rejecting + // the configuration. // +optional Features *FeaturesMigration `json:"features,omitempty"` - // mode indicates the mode of network migration. - // The supported values are "Live", "Offline" and omitted. - // A "Live" migration operation will not cause service interruption by migrating the CNI of each node one by one. The cluster network will work as normal during the network migration. - // An "Offline" migration operation will cause service interruption. During an "Offline" migration, two rounds of node reboots are required. The cluster network will be malfunctioning during the network migration. - // When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. - // The current default value is "Offline". + // mode indicates the mode of network type migration. + // DEPRECATED: network type migration is no longer supported, and setting + // this to a non-empty value will result in the network operator rejecting + // the configuration. // +optional - Mode NetworkMigrationMode `json:"mode"` + Mode NetworkMigrationMode `json:"mode,omitempty"` } type FeaturesMigration struct { - // egressIP specifies whether or not the Egress IP configuration is migrated - // automatically when changing the cluster default network provider. - // If unset, this property defaults to 'true' and Egress IP configure is migrated. + // egressIP specified whether or not the Egress IP configuration was migrated. + // DEPRECATED: network type migration is no longer supported. // +optional // +kubebuilder:default:=true EgressIP bool `json:"egressIP,omitempty"` - // egressFirewall specifies whether or not the Egress Firewall configuration is migrated - // automatically when changing the cluster default network provider. - // If unset, this property defaults to 'true' and Egress Firewall configure is migrated. + // egressFirewall specified whether or not the Egress Firewall configuration was migrated. + // DEPRECATED: network type migration is no longer supported. // +optional // +kubebuilder:default:=true EgressFirewall bool `json:"egressFirewall,omitempty"` - // multicast specifies whether or not the multicast configuration is migrated - // automatically when changing the cluster default network provider. - // If unset, this property defaults to 'true' and multicast configure is migrated. + // multicast specified whether or not the multicast configuration was migrated. + // DEPRECATED: network type migration is no longer supported. // +optional // +kubebuilder:default:=true Multicast bool `json:"multicast,omitempty"` } -// MTUMigration MTU contains infomation about MTU migration. +// MTUMigration contains infomation about MTU migration. type MTUMigration struct { // network contains information about MTU migration for the default network. // Migrations are only allowed to MTU values lower than the machine's uplink @@ -232,7 +249,8 @@ type DefaultNetworkDefinition struct { // All NetworkTypes are supported except for NetworkTypeRaw Type NetworkType `json:"type"` - // openShiftSDNConfig configures the openshift-sdn plugin + // openShiftSDNConfig was previously used to configure the openshift-sdn plugin. + // DEPRECATED: OpenShift SDN is no longer supported. // +optional OpenShiftSDNConfig *OpenShiftSDNConfig `json:"openshiftSDNConfig,omitempty"` @@ -287,12 +305,14 @@ type StaticIPAMRoutes struct { type StaticIPAMDNS struct { // Nameservers points DNS servers for IP lookup // +optional + // +listType=atomic Nameservers []string `json:"nameservers,omitempty"` // Domain configures the domainname the local domain used for short hostname lookups // +optional Domain string `json:"domain,omitempty"` // Search configures priority ordered search domains for short hostname lookups // +optional + // +listType=atomic Search []string `json:"search,omitempty"` } @@ -300,9 +320,11 @@ type StaticIPAMDNS struct { type StaticIPAMConfig struct { // Addresses configures IP address for the interface // +optional + // +listType=atomic Addresses []StaticIPAMAddresses `json:"addresses,omitempty"` // Routes configures IP routes for the interface // +optional + // +listType=atomic Routes []StaticIPAMRoutes `json:"routes,omitempty"` // DNS configures DNS for the interface // +optional @@ -330,6 +352,7 @@ type AdditionalNetworkDefinition struct { // name is the name of the network. This will be populated in the resulting CRD // This must be unique. + // +kubebuilder:validation:Required Name string `json:"name"` // namespace is the namespace of the network. This will be populated in the resulting CRD @@ -345,7 +368,7 @@ type AdditionalNetworkDefinition struct { SimpleMacvlanConfig *SimpleMacvlanConfig `json:"simpleMacvlanConfig,omitempty"` } -// OpenShiftSDNConfig configures the three openshift-sdn plugins +// OpenShiftSDNConfig was used to configure the OpenShift SDN plugin. It is no longer used. type OpenShiftSDNConfig struct { // mode is one of "Multitenant", "Subnet", or "NetworkPolicy" Mode SDNMode `json:"mode"` @@ -364,7 +387,6 @@ type OpenShiftSDNConfig struct { // useExternalOpenvswitch used to control whether the operator would deploy an OVS // DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always // run as a system service, and this flag is ignored. - // DEPRECATED: non-functional as of 4.6 // +optional UseExternalOpenvswitch *bool `json:"useExternalOpenvswitch,omitempty"` @@ -433,6 +455,19 @@ type OVNKubernetesConfig struct { // fields within ipv4 for details of default values. // +optional IPv6 *IPv6OVNKubernetesConfig `json:"ipv6,omitempty"` + + // routeAdvertisements determines if the functionality to advertise cluster + // network routes through a dynamic routing protocol, such as BGP, is + // enabled or not. This functionality is configured through the + // ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing + // capability provider to be enabled as an additional routing capability. + // Allowed values are "Enabled", "Disabled" and ommited. When omitted, this + // means the user has no opinion and the platform is left to choose + // reasonable defaults. These defaults are subject to change over time. The + // current default is "Disabled". + // +openshift:enable:FeatureGate=RouteAdvertisements + // +optional + RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` } type IPv4OVNKubernetesConfig struct { @@ -505,6 +540,7 @@ type IPv6OVNKubernetesConfig struct { type HybridOverlayConfig struct { // HybridClusterNetwork defines a network space given to nodes on an additional overlay network. + // +listType=atomic HybridClusterNetwork []ClusterNetworkEntry `json:"hybridClusterNetwork"` // HybridOverlayVXLANPort defines the VXLAN port number to be used by the additional overlay network. // Default is 4789 @@ -617,6 +653,7 @@ type NetFlowConfig struct { // It is a list of strings formatted as ip:port with a maximum of ten items // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=10 + // +listType=atomic Collectors []IPPort `json:"collectors,omitempty"` } @@ -624,6 +661,7 @@ type SFlowConfig struct { // sFlowCollectors is list of strings formatted as ip:port with a maximum of ten items // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=10 + // +listType=atomic Collectors []IPPort `json:"collectors,omitempty"` } @@ -631,6 +669,7 @@ type IPFIXConfig struct { // ipfixCollectors is list of strings formatted as ip:port with a maximum of ten items // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=10 + // +listType=atomic Collectors []IPPort `json:"collectors,omitempty"` } @@ -684,6 +723,7 @@ type PolicyAuditConfig struct { type NetworkType string // ProxyArgumentList is a list of arguments to pass to the kubeproxy process +// +listType=atomic type ProxyArgumentList []string // ProxyConfig defines the configuration knobs for kubeproxy @@ -719,11 +759,11 @@ type EgressIPConfig struct { } const ( - // NetworkTypeOpenShiftSDN means the openshift-sdn plugin will be configured + // NetworkTypeOpenShiftSDN means the openshift-sdn plugin will be configured. + // DEPRECATED: OpenShift SDN is no longer supported NetworkTypeOpenShiftSDN NetworkType = "OpenShiftSDN" - // NetworkTypeOVNKubernetes means the ovn-kubernetes project will be configured. - // This is currently not implemented. + // NetworkTypeOVNKubernetes means the ovn-kubernetes plugin will be configured. NetworkTypeOVNKubernetes NetworkType = "OVNKubernetes" // NetworkTypeRaw @@ -733,19 +773,23 @@ const ( NetworkTypeSimpleMacvlan NetworkType = "SimpleMacvlan" ) -// SDNMode is the Mode the openshift-sdn plugin is in +// SDNMode is the Mode the openshift-sdn plugin is in. +// DEPRECATED: OpenShift SDN is no longer supported type SDNMode string const ( // SDNModeSubnet is a simple mode that offers no isolation between pods + // DEPRECATED: OpenShift SDN is no longer supported SDNModeSubnet SDNMode = "Subnet" // SDNModeMultitenant is a special "multitenant" mode that offers limited // isolation configuration between namespaces + // DEPRECATED: OpenShift SDN is no longer supported SDNModeMultitenant SDNMode = "Multitenant" // SDNModeNetworkPolicy is a full NetworkPolicy implementation that allows // for sophisticated network isolation and segmenting. This is the default. + // DEPRECATED: OpenShift SDN is no longer supported SDNModeNetworkPolicy SDNMode = "NetworkPolicy" ) @@ -788,3 +832,38 @@ const ( // between pods on the cluster network. IPsecModeFull IPsecMode = "Full" ) + +// +kubebuilder:validation:Enum:="";"Enabled";"Disabled" +type RouteAdvertisementsEnablement string + +var ( + // RouteAdvertisementsEnabled enables route advertisements for ovn-kubernetes + RouteAdvertisementsEnabled RouteAdvertisementsEnablement = "Enabled" + // RouteAdvertisementsDisabled disables route advertisements for ovn-kubernetes + RouteAdvertisementsDisabled RouteAdvertisementsEnablement = "Disabled" +) + +// RoutingCapabilitiesProvider is a component providing routing capabilities. +// +kubebuilder:validation:Enum=FRR +type RoutingCapabilitiesProvider string + +const ( + // RoutingCapabilitiesProviderFRR determines FRR is providing advanced + // routing capabilities. + RoutingCapabilitiesProviderFRR RoutingCapabilitiesProvider = "FRR" +) + +// AdditionalRoutingCapabilities describes components and relevant configuration providing +// advanced routing capabilities. +type AdditionalRoutingCapabilities struct { + // providers is a set of enabled components that provide additional routing + // capabilities. Entries on this list must be unique. The only valid value + // is currrently "FRR" which provides FRR routing capabilities through the + // deployment of FRR. + // +listType=atomic + // +kubebuilder:validation:Required + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=1 + // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" + Providers []RoutingCapabilitiesProvider `json:"providers"` +} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index da3ce4e1077e..fc6b94ceb22c 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -16,6 +16,11 @@ import ( // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSCSIDriverConfigSpec) DeepCopyInto(out *AWSCSIDriverConfigSpec) { *out = *in + if in.EFSVolumeMetrics != nil { + in, out := &in.EFSVolumeMetrics, &out.EFSVolumeMetrics + *out = new(AWSEFSVolumeMetrics) + (*in).DeepCopyInto(*out) + } return } @@ -33,6 +38,11 @@ func (in *AWSCSIDriverConfigSpec) DeepCopy() *AWSCSIDriverConfigSpec { func (in *AWSClassicLoadBalancerParameters) DeepCopyInto(out *AWSClassicLoadBalancerParameters) { *out = *in out.ConnectionIdleTimeout = in.ConnectionIdleTimeout + if in.Subnets != nil { + in, out := &in.Subnets, &out.Subnets + *out = new(AWSSubnets) + (*in).DeepCopyInto(*out) + } return } @@ -46,18 +56,55 @@ func (in *AWSClassicLoadBalancerParameters) DeepCopy() *AWSClassicLoadBalancerPa return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AWSEFSVolumeMetrics) DeepCopyInto(out *AWSEFSVolumeMetrics) { + *out = *in + if in.RecursiveWalk != nil { + in, out := &in.RecursiveWalk, &out.RecursiveWalk + *out = new(AWSEFSVolumeMetricsRecursiveWalkConfig) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEFSVolumeMetrics. +func (in *AWSEFSVolumeMetrics) DeepCopy() *AWSEFSVolumeMetrics { + if in == nil { + return nil + } + out := new(AWSEFSVolumeMetrics) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AWSEFSVolumeMetricsRecursiveWalkConfig) DeepCopyInto(out *AWSEFSVolumeMetricsRecursiveWalkConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSEFSVolumeMetricsRecursiveWalkConfig. +func (in *AWSEFSVolumeMetricsRecursiveWalkConfig) DeepCopy() *AWSEFSVolumeMetricsRecursiveWalkConfig { + if in == nil { + return nil + } + out := new(AWSEFSVolumeMetricsRecursiveWalkConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSLoadBalancerParameters) DeepCopyInto(out *AWSLoadBalancerParameters) { *out = *in if in.ClassicLoadBalancerParameters != nil { in, out := &in.ClassicLoadBalancerParameters, &out.ClassicLoadBalancerParameters *out = new(AWSClassicLoadBalancerParameters) - **out = **in + (*in).DeepCopyInto(*out) } if in.NetworkLoadBalancerParameters != nil { in, out := &in.NetworkLoadBalancerParameters, &out.NetworkLoadBalancerParameters *out = new(AWSNetworkLoadBalancerParameters) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -75,6 +122,16 @@ func (in *AWSLoadBalancerParameters) DeepCopy() *AWSLoadBalancerParameters { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSNetworkLoadBalancerParameters) DeepCopyInto(out *AWSNetworkLoadBalancerParameters) { *out = *in + if in.Subnets != nil { + in, out := &in.Subnets, &out.Subnets + *out = new(AWSSubnets) + (*in).DeepCopyInto(*out) + } + if in.EIPAllocations != nil { + in, out := &in.EIPAllocations, &out.EIPAllocations + *out = make([]EIPAllocation, len(*in)) + copy(*out, *in) + } return } @@ -88,6 +145,32 @@ func (in *AWSNetworkLoadBalancerParameters) DeepCopy() *AWSNetworkLoadBalancerPa return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AWSSubnets) DeepCopyInto(out *AWSSubnets) { + *out = *in + if in.IDs != nil { + in, out := &in.IDs, &out.IDs + *out = make([]AWSSubnetID, len(*in)) + copy(*out, *in) + } + if in.Names != nil { + in, out := &in.Names, &out.Names + *out = make([]AWSSubnetName, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSSubnets. +func (in *AWSSubnets) DeepCopy() *AWSSubnets { + if in == nil { + return nil + } + out := new(AWSSubnets) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccessLogging) DeepCopyInto(out *AccessLogging) { *out = *in @@ -153,6 +236,27 @@ func (in *AdditionalNetworkDefinition) DeepCopy() *AdditionalNetworkDefinition { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalRoutingCapabilities) DeepCopyInto(out *AdditionalRoutingCapabilities) { + *out = *in + if in.Providers != nil { + in, out := &in.Providers, &out.Providers + *out = make([]RoutingCapabilitiesProvider, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalRoutingCapabilities. +func (in *AdditionalRoutingCapabilities) DeepCopy() *AdditionalRoutingCapabilities { + if in == nil { + return nil + } + out := new(AdditionalRoutingCapabilities) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Authentication) DeepCopyInto(out *Authentication) { *out = *in @@ -292,7 +396,7 @@ func (in *CSIDriverConfigSpec) DeepCopyInto(out *CSIDriverConfigSpec) { if in.AWS != nil { in, out := &in.AWS, &out.AWS *out = new(AWSCSIDriverConfigSpec) - **out = **in + (*in).DeepCopyInto(*out) } if in.Azure != nil { in, out := &in.Azure, &out.Azure @@ -422,6 +526,39 @@ func (in *CSISnapshotControllerStatus) DeepCopy() *CSISnapshotControllerStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Capability) DeepCopyInto(out *Capability) { + *out = *in + out.Visibility = in.Visibility + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Capability. +func (in *Capability) DeepCopy() *Capability { + if in == nil { + return nil + } + out := new(Capability) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CapabilityVisibility) DeepCopyInto(out *CapabilityVisibility) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapabilityVisibility. +func (in *CapabilityVisibility) DeepCopy() *CapabilityVisibility { + if in == nil { + return nil + } + out := new(CapabilityVisibility) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClientTLS) DeepCopyInto(out *ClientTLS) { *out = *in @@ -794,6 +931,11 @@ func (in *ConsoleConfigRoute) DeepCopy() *ConsoleConfigRoute { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConsoleCustomization) DeepCopyInto(out *ConsoleCustomization) { *out = *in + if in.Capabilities != nil { + in, out := &in.Capabilities, &out.Capabilities + *out = make([]Capability, len(*in)) + copy(*out, *in) + } out.CustomLogoFile = in.CustomLogoFile in.DeveloperCatalog.DeepCopyInto(&out.DeveloperCatalog) in.ProjectAccess.DeepCopyInto(&out.ProjectAccess) @@ -3303,6 +3445,11 @@ func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { *out = new(NetworkMigration) (*in).DeepCopyInto(*out) } + if in.AdditionalRoutingCapabilities != nil { + in, out := &in.AdditionalRoutingCapabilities, &out.AdditionalRoutingCapabilities + *out = new(AdditionalRoutingCapabilities) + (*in).DeepCopyInto(*out) + } return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index a8c2213cff99..c152b0e84f8b 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -69,6 +69,7 @@ clustercsidrivers.operator.openshift.io: Capability: "" Category: "" FeatureGates: + - AWSEFSDriverVolumeMetrics - VSphereDriverConfiguration FilenameOperatorName: csi-driver FilenameOperatorOrdering: "01" @@ -176,7 +177,9 @@ ingresscontrollers.operator.openshift.io: CRDName: ingresscontrollers.operator.openshift.io Capability: Ingress Category: "" - FeatureGates: [] + FeatureGates: + - IngressControllerLBSubnetsAWS + - SetEIPForNLBIngressController FilenameOperatorName: ingress FilenameOperatorOrdering: "00" FilenameRunLevel: "0000_50" @@ -326,7 +329,9 @@ networks.operator.openshift.io: Capability: "" Category: "" FeatureGates: + - AdditionalRoutingCapabilities - NetworkLiveMigration + - RouteAdvertisements FilenameOperatorName: network FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_70" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 1b8b18e3f5c3..832dd01d010d 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -205,6 +205,25 @@ func (AddPage) SwaggerDoc() map[string]string { return map_AddPage } +var map_Capability = map[string]string{ + "": "Capabilities contains set of UI capabilities and their state in the console UI.", + "name": "name is the unique name of a capability. Available capabilities are LightspeedButton and GettingStartedBanner.", + "visibility": "visibility defines the visibility state of the capability.", +} + +func (Capability) SwaggerDoc() map[string]string { + return map_Capability +} + +var map_CapabilityVisibility = map[string]string{ + "": "CapabilityVisibility defines the criteria to enable/disable a capability.", + "state": "state defines if the capability is enabled or disabled in the console UI. Enabling the capability in the console UI is represented by the \"Enabled\" value. Disabling the capability in the console UI is represented by the \"Disabled\" value.", +} + +func (CapabilityVisibility) SwaggerDoc() map[string]string { + return map_CapabilityVisibility +} + var map_Console = map[string]string{ "": "Console provides a means to configure an operator to manage the console.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -226,6 +245,7 @@ func (ConsoleConfigRoute) SwaggerDoc() map[string]string { var map_ConsoleCustomization = map[string]string{ "": "ConsoleCustomization defines a list of optional configuration for the console UI.", + "capabilities": "capabilities defines an array of capabilities that can be interacted with in the console UI. Each capability defines a visual state that can be interacted with the console to render in the UI. Available capabilities are LightspeedButton and GettingStartedBanner. Each of the available capabilities may appear only once in the list.", "brand": "brand is the default branding of the web console which can be overridden by providing the brand field. There is a limited set of specific brand options. This field controls elements of the console such as the logo. Invalid value will prevent a console rollout.", "documentationBaseURL": "documentationBaseURL links to external documentation are shown in various sections of the web console. Providing documentationBaseURL will override the default documentation URL. Invalid value will prevent a console rollout.", "customProductName": "customProductName is the name that will be displayed in page titles, logo alt text, and the about dialog instead of the normal OpenShift product name.", @@ -401,14 +421,35 @@ func (StatuspageProvider) SwaggerDoc() map[string]string { } var map_AWSCSIDriverConfigSpec = map[string]string{ - "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.", - "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.", + "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.", + "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.", + "efsVolumeMetrics": "efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.", } func (AWSCSIDriverConfigSpec) SwaggerDoc() map[string]string { return map_AWSCSIDriverConfigSpec } +var map_AWSEFSVolumeMetrics = map[string]string{ + "": "AWSEFSVolumeMetrics defines the configuration for volume metrics in the EFS CSI Driver.", + "state": "state defines the state of metric collection in the AWS EFS CSI Driver. This field is required and must be set to one of the following values: Disabled or RecursiveWalk. Disabled means no metrics collection will be performed. This is the default value. RecursiveWalk means the AWS EFS CSI Driver will recursively scan volumes to collect metrics. This process may result in high CPU and memory usage, depending on the volume size.", + "recursiveWalk": "recursiveWalk provides additional configuration for collecting volume metrics in the AWS EFS CSI Driver when the state is set to RecursiveWalk.", +} + +func (AWSEFSVolumeMetrics) SwaggerDoc() map[string]string { + return map_AWSEFSVolumeMetrics +} + +var map_AWSEFSVolumeMetricsRecursiveWalkConfig = map[string]string{ + "": "AWSEFSVolumeMetricsRecursiveWalkConfig defines options for volume metrics in the EFS CSI Driver.", + "refreshPeriodMinutes": "refreshPeriodMinutes specifies the frequency, in minutes, at which volume metrics are refreshed. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is 240. The valid range is from 1 to 43200 minutes (30 days).", + "fsRateLimit": "fsRateLimit defines the rate limit, in goroutines per file system, for processing volume metrics. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is 5. The valid range is from 1 to 100 goroutines.", +} + +func (AWSEFSVolumeMetricsRecursiveWalkConfig) SwaggerDoc() map[string]string { + return map_AWSEFSVolumeMetricsRecursiveWalkConfig +} + var map_AzureCSIDriverConfigSpec = map[string]string{ "": "AzureCSIDriverConfigSpec defines properties that can be configured for the Azure CSI driver.", "diskEncryptionSet": "diskEncryptionSet sets the cluster default storage class to encrypt volumes with a customer-managed encryption set, rather than the default platform-managed keys.", @@ -722,6 +763,7 @@ func (EtcdSpec) SwaggerDoc() map[string]string { var map_AWSClassicLoadBalancerParameters = map[string]string{ "": "AWSClassicLoadBalancerParameters holds configuration parameters for an AWS Classic load balancer.", "connectionIdleTimeout": "connectionIdleTimeout specifies the maximum time period that a connection may be idle before the load balancer closes the connection. The value must be parseable as a time duration value; see . A nil or zero value means no opinion, in which case a default value is used. The default value for this field is 60s. This default is subject to change.", + "subnets": "subnets specifies the subnets to which the load balancer will attach. The subnets may be specified by either their ID or name. The total number of subnets is limited to 10.\n\nIn order for the load balancer to be provisioned with subnets, each subnet must exist, each subnet must be from a different availability zone, and the load balancer service must be recreated to pick up new values.\n\nWhen omitted from the spec, the subnets will be auto-discovered for each availability zone. Auto-discovered subnets are not reported in the status of the IngressController object.", } func (AWSClassicLoadBalancerParameters) SwaggerDoc() map[string]string { @@ -740,13 +782,25 @@ func (AWSLoadBalancerParameters) SwaggerDoc() map[string]string { } var map_AWSNetworkLoadBalancerParameters = map[string]string{ - "": "AWSNetworkLoadBalancerParameters holds configuration parameters for an AWS Network load balancer.", + "": "AWSNetworkLoadBalancerParameters holds configuration parameters for an AWS Network load balancer. For Example: Setting AWS EIPs https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html", + "subnets": "subnets specifies the subnets to which the load balancer will attach. The subnets may be specified by either their ID or name. The total number of subnets is limited to 10.\n\nIn order for the load balancer to be provisioned with subnets, each subnet must exist, each subnet must be from a different availability zone, and the load balancer service must be recreated to pick up new values.\n\nWhen omitted from the spec, the subnets will be auto-discovered for each availability zone. Auto-discovered subnets are not reported in the status of the IngressController object.", + "eipAllocations": "eipAllocations is a list of IDs for Elastic IP (EIP) addresses that are assigned to the Network Load Balancer. The following restrictions apply:\n\neipAllocations can only be used with external scope, not internal. An EIP can be allocated to only a single IngressController. The number of EIP allocations must match the number of subnets that are used for the load balancer. Each EIP allocation must be unique. A maximum of 10 EIP allocations are permitted.\n\nSee https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html for general information about configuration, characteristics, and limitations of Elastic IP addresses.", } func (AWSNetworkLoadBalancerParameters) SwaggerDoc() map[string]string { return map_AWSNetworkLoadBalancerParameters } +var map_AWSSubnets = map[string]string{ + "": "AWSSubnets contains a list of references to AWS subnets by ID or name.", + "ids": "ids specifies a list of AWS subnets by subnet ID. Subnet IDs must start with \"subnet-\", consist only of alphanumeric characters, must be exactly 24 characters long, must be unique, and the total number of subnets specified by ids and names must not exceed 10.", + "names": "names specifies a list of AWS subnets by subnet name. Subnet names must not start with \"subnet-\", must not include commas, must be under 256 characters in length, must be unique, and the total number of subnets specified by ids and names must not exceed 10.", +} + +func (AWSSubnets) SwaggerDoc() map[string]string { + return map_AWSSubnets +} + var map_AccessLogging = map[string]string{ "": "AccessLogging describes how client requests should be logged.", "destination": "destination is where access logs go.", @@ -1485,6 +1539,15 @@ func (AdditionalNetworkDefinition) SwaggerDoc() map[string]string { return map_AdditionalNetworkDefinition } +var map_AdditionalRoutingCapabilities = map[string]string{ + "": "AdditionalRoutingCapabilities describes components and relevant configuration providing advanced routing capabilities.", + "providers": "providers is a set of enabled components that provide additional routing capabilities. Entries on this list must be unique. The only valid value is currrently \"FRR\" which provides FRR routing capabilities through the deployment of FRR.", +} + +func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string { + return map_AdditionalRoutingCapabilities +} + var map_ClusterNetworkEntry = map[string]string{ "": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks", } @@ -1496,7 +1559,7 @@ func (ClusterNetworkEntry) SwaggerDoc() map[string]string { var map_DefaultNetworkDefinition = map[string]string{ "": "DefaultNetworkDefinition represents a single network plugin's configuration. type must be specified, along with exactly one \"Config\" that matches the type.", "type": "type is the type of network All NetworkTypes are supported except for NetworkTypeRaw", - "openshiftSDNConfig": "openShiftSDNConfig configures the openshift-sdn plugin", + "openshiftSDNConfig": "openShiftSDNConfig was previously used to configure the openshift-sdn plugin. DEPRECATED: OpenShift SDN is no longer supported.", "ovnKubernetesConfig": "ovnKubernetesConfig configures the ovn-kubernetes plugin.", } @@ -1524,9 +1587,9 @@ func (ExportNetworkFlows) SwaggerDoc() map[string]string { } var map_FeaturesMigration = map[string]string{ - "egressIP": "egressIP specifies whether or not the Egress IP configuration is migrated automatically when changing the cluster default network provider. If unset, this property defaults to 'true' and Egress IP configure is migrated.", - "egressFirewall": "egressFirewall specifies whether or not the Egress Firewall configuration is migrated automatically when changing the cluster default network provider. If unset, this property defaults to 'true' and Egress Firewall configure is migrated.", - "multicast": "multicast specifies whether or not the multicast configuration is migrated automatically when changing the cluster default network provider. If unset, this property defaults to 'true' and multicast configure is migrated.", + "egressIP": "egressIP specified whether or not the Egress IP configuration was migrated. DEPRECATED: network type migration is no longer supported.", + "egressFirewall": "egressFirewall specified whether or not the Egress Firewall configuration was migrated. DEPRECATED: network type migration is no longer supported.", + "multicast": "multicast specified whether or not the multicast configuration was migrated. DEPRECATED: network type migration is no longer supported.", } func (FeaturesMigration) SwaggerDoc() map[string]string { @@ -1617,7 +1680,7 @@ func (IPv6OVNKubernetesConfig) SwaggerDoc() map[string]string { } var map_MTUMigration = map[string]string{ - "": "MTUMigration MTU contains infomation about MTU migration.", + "": "MTUMigration contains infomation about MTU migration.", "network": "network contains information about MTU migration for the default network. Migrations are only allowed to MTU values lower than the machine's uplink MTU by the minimum appropriate offset.", "machine": "machine contains MTU migration configuration for the machine's uplink. Needs to be migrated along with the default network MTU unless the current uplink MTU already accommodates the default network MTU.", } @@ -1663,11 +1726,11 @@ func (NetworkList) SwaggerDoc() map[string]string { } var map_NetworkMigration = map[string]string{ - "": "NetworkMigration represents the cluster network configuration.", - "networkType": "networkType is the target type of network migration. Set this to the target network type to allow changing the default network. If unset, the operation of changing cluster default network plugin will be rejected. The supported values are OpenShiftSDN, OVNKubernetes", + "": "NetworkMigration represents the cluster network migration configuration.", "mtu": "mtu contains the MTU migration configuration. Set this to allow changing the MTU values for the default network. If unset, the operation of changing the MTU for the default network will be rejected.", - "features": "features contains the features migration configuration. Set this to migrate feature configuration when changing the cluster default network provider. if unset, the default operation is to migrate all the configuration of supported features.", - "mode": "mode indicates the mode of network migration. The supported values are \"Live\", \"Offline\" and omitted. A \"Live\" migration operation will not cause service interruption by migrating the CNI of each node one by one. The cluster network will work as normal during the network migration. An \"Offline\" migration operation will cause service interruption. During an \"Offline\" migration, two rounds of node reboots are required. The cluster network will be malfunctioning during the network migration. When omitted, this means no opinion and the platform is left to choose a reasonable default which is subject to change over time. The current default value is \"Offline\".", + "networkType": "networkType was previously used when changing the default network type. DEPRECATED: network type migration is no longer supported, and setting this to a non-empty value will result in the network operator rejecting the configuration.", + "features": "features was previously used to configure which network plugin features would be migrated in a network type migration. DEPRECATED: network type migration is no longer supported, and setting this to a non-empty value will result in the network operator rejecting the configuration.", + "mode": "mode indicates the mode of network type migration. DEPRECATED: network type migration is no longer supported, and setting this to a non-empty value will result in the network operator rejecting the configuration.", } func (NetworkMigration) SwaggerDoc() map[string]string { @@ -1675,18 +1738,19 @@ func (NetworkMigration) SwaggerDoc() map[string]string { } var map_NetworkSpec = map[string]string{ - "": "NetworkSpec is the top-level network configuration object.", - "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.", - "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.", - "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive", - "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.", - "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", - "useMultiNetworkPolicy": "useMultiNetworkPolicy enables a controller which allows for MultiNetworkPolicy objects to be used on additional networks as created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy objects, but NetworkPolicy objects only apply to the primary interface. With MultiNetworkPolicy, you can control the traffic that a pod can receive over the secondary interfaces. If unset, this property defaults to 'false' and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is 'true' then the value of this field is ignored.", - "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.", - "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.", - "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.", - "exportNetworkFlows": "exportNetworkFlows enables and configures the export of network flow metadata from the pod network by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. If unset, flows will not be exported to any collector.", - "migration": "migration enables and configures the cluster network migration. The migration procedure allows to change the network type and the MTU.", + "": "NetworkSpec is the top-level network configuration object.", + "clusterNetwork": "clusterNetwork is the IP address pool to use for pod IPs. Some network providers support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.", + "serviceNetwork": "serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.", + "defaultNetwork": "defaultNetwork is the \"default\" network that all pods will receive", + "additionalNetworks": "additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.", + "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", + "useMultiNetworkPolicy": "useMultiNetworkPolicy enables a controller which allows for MultiNetworkPolicy objects to be used on additional networks as created by Multus CNI. MultiNetworkPolicy are similar to NetworkPolicy objects, but NetworkPolicy objects only apply to the primary interface. With MultiNetworkPolicy, you can control the traffic that a pod can receive over the secondary interfaces. If unset, this property defaults to 'false' and MultiNetworkPolicy objects are ignored. If 'disableMultiNetwork' is 'true' then the value of this field is ignored.", + "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when ovn-kubernetes is used and true otherwise.", + "disableNetworkDiagnostics": "disableNetworkDiagnostics specifies whether or not PodNetworkConnectivityCheck CRs from a test pod to every node, apiserver and LB should be disabled or not. If unset, this property defaults to 'false' and network diagnostics is enabled. Setting this to 'true' would reduce the additional load of the pods performing the checks.", + "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration, if deployKubeProxy is true. If not specified, sensible defaults will be chosen by OpenShift directly.", + "exportNetworkFlows": "exportNetworkFlows enables and configures the export of network flow metadata from the pod network by using protocols NetFlow, SFlow or IPFIX. Currently only supported on OVN-Kubernetes plugin. If unset, flows will not be exported to any collector.", + "migration": "migration enables and configures cluster network migration, for network changes that cannot be made instantly.", + "additionalRoutingCapabilities": "additionalRoutingCapabilities describes components and relevant configuration providing additional routing capabilities. When set, it enables such components and the usage of the routing capabilities they provide for the machine network. Upstream operators, like MetalLB operator, requiring these capabilities may rely on, or automatically set this attribute. Network plugins may leverage advanced routing capabilities acquired through the enablement of these components but may require specific configuration on their side to do so; refer to their respective documentation and configuration options.", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -1714,6 +1778,7 @@ var map_OVNKubernetesConfig = map[string]string{ "egressIPConfig": "egressIPConfig holds the configuration for EgressIP options.", "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", + "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { @@ -1721,11 +1786,11 @@ func (OVNKubernetesConfig) SwaggerDoc() map[string]string { } var map_OpenShiftSDNConfig = map[string]string{ - "": "OpenShiftSDNConfig configures the three openshift-sdn plugins", + "": "OpenShiftSDNConfig was used to configure the OpenShift SDN plugin. It is no longer used.", "mode": "mode is one of \"Multitenant\", \"Subnet\", or \"NetworkPolicy\"", "vxlanPort": "vxlanPort is the port to use for all vxlan packets. The default is 4789.", "mtu": "mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. This must be 50 bytes smaller than the machine's uplink.", - "useExternalOpenvswitch": "useExternalOpenvswitch used to control whether the operator would deploy an OVS DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always run as a system service, and this flag is ignored. DEPRECATED: non-functional as of 4.6", + "useExternalOpenvswitch": "useExternalOpenvswitch used to control whether the operator would deploy an OVS DaemonSet itself or expect someone else to start OVS. As of 4.6, OVS is always run as a system service, and this flag is ignored.", "enableUnidling": "enableUnidling controls whether or not the service proxy will support idling and unidling of services. By default, unidling is enabled.", } diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index 621bec09b00a..82bf94d30416 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -199,6 +199,8 @@ message RouteIngress { optional string routerName = 2; // Conditions is the state of the route, may be empty. + // +listType=map + // +listMapKey=type repeated RouteIngressCondition conditions = 3; // Wildcard policy is the wildcard policy that was allowed where this route is exposed. @@ -331,6 +333,9 @@ message RouteSpec { // Use the weight field in RouteTargetReference object to specify relative preference. // // +kubebuilder:validation:MaxItems=3 + // +listType=map + // +listMapKey=name + // +listMapKey=kind repeated RouteTargetReference alternateBackends = 4; // If specified, the port to be used by the router. Most routers will use all @@ -360,6 +365,7 @@ message RouteStatus { // ingress describes the places where the route may be exposed. The list of // ingress points may contain duplicate Host or RouterName values. Routes // are considered live once they are `Ready` + // +listType=atomic repeated RouteIngress ingress = 1; } @@ -404,7 +410,7 @@ message RouterShard { // TLSConfig defines config used to secure a route and provide termination // // +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalRouteCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=RouteExternalCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate" message TLSConfig { // termination indicates termination type. // @@ -453,7 +459,7 @@ message TLSConfig { // be present in the same namespace as that of the Route. // Forbidden when `certificate` is set. // - // +openshift:enable:FeatureGate=ExternalRouteCertificate + // +openshift:enable:FeatureGate=RouteExternalCertificate // +optional optional LocalObjectReference externalCertificate = 7; } diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index fadc4b618baf..9416199946c1 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -136,6 +136,9 @@ type RouteSpec struct { // Use the weight field in RouteTargetReference object to specify relative preference. // // +kubebuilder:validation:MaxItems=3 + // +listType=map + // +listMapKey=name + // +listMapKey=kind AlternateBackends []RouteTargetReference `json:"alternateBackends,omitempty" protobuf:"bytes,4,rep,name=alternateBackends"` // If specified, the port to be used by the router. Most routers will use all @@ -350,6 +353,7 @@ type RouteStatus struct { // ingress describes the places where the route may be exposed. The list of // ingress points may contain duplicate Host or RouterName values. Routes // are considered live once they are `Ready` + // +listType=atomic Ingress []RouteIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"` } @@ -360,6 +364,8 @@ type RouteIngress struct { // Name is a name chosen by the router to identify itself; this value is required RouterName string `json:"routerName,omitempty" protobuf:"bytes,2,opt,name=routerName"` // Conditions is the state of the route, may be empty. + // +listType=map + // +listMapKey=type Conditions []RouteIngressCondition `json:"conditions,omitempty" protobuf:"bytes,3,rep,name=conditions"` // Wildcard policy is the wildcard policy that was allowed where this route is exposed. WildcardPolicy WildcardPolicyType `json:"wildcardPolicy,omitempty" protobuf:"bytes,4,opt,name=wildcardPolicy"` @@ -415,7 +421,7 @@ type RouterShard struct { // TLSConfig defines config used to secure a route and provide termination // // +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalRouteCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=RouteExternalCertificate,rule="!(has(self.certificate) && has(self.externalCertificate))", message="cannot have both spec.tls.certificate and spec.tls.externalCertificate" type TLSConfig struct { // termination indicates termination type. // @@ -464,7 +470,7 @@ type TLSConfig struct { // be present in the same namespace as that of the Route. // Forbidden when `certificate` is set. // - // +openshift:enable:FeatureGate=ExternalRouteCertificate + // +openshift:enable:FeatureGate=RouteExternalCertificate // +optional ExternalCertificate *LocalObjectReference `json:"externalCertificate,omitempty" protobuf:"bytes,7,opt,name=externalCertificate"` } diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml index aced0855f405..0277ba2f322c 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,7 +5,7 @@ routes.route.openshift.io: Capability: "" Category: "" FeatureGates: - - ExternalRouteCertificate + - RouteExternalCertificate FilenameOperatorName: "" FilenameOperatorOrdering: "" FilenameRunLevel: "" diff --git a/vendor/github.com/openshift/api/security/v1/consts.go b/vendor/github.com/openshift/api/security/v1/consts.go index 3b686c31d61e..7e8adf6e6424 100644 --- a/vendor/github.com/openshift/api/security/v1/consts.go +++ b/vendor/github.com/openshift/api/security/v1/consts.go @@ -10,4 +10,7 @@ const ( // This annotation pins required SCCs for core OpenShift workloads to prevent preemption of custom SCCs. // It is being used in the SCC admission plugin. RequiredSCCAnnotation = "openshift.io/required-scc" + + // MinimallySufficientPodSecurityStandard indicates the PodSecurityStandard that matched the SCCs available to the users of the namespace. + MinimallySufficientPodSecurityStandard = "security.openshift.io/MinimallySufficientPodSecurityStandard" ) diff --git a/vendor/github.com/openshift/api/security/v1/generated.pb.go b/vendor/github.com/openshift/api/security/v1/generated.pb.go index d57b162c48f8..e28b5958412c 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.pb.go +++ b/vendor/github.com/openshift/api/security/v1/generated.pb.go @@ -10,7 +10,7 @@ import ( proto "github.com/gogo/protobuf/proto" k8s_io_api_core_v1 "k8s.io/api/core/v1" - v1 "k8s.io/api/core/v1" + v11 "k8s.io/api/core/v1" math "math" math_bits "math/bits" @@ -592,117 +592,120 @@ func init() { } var fileDescriptor_af65d9655aa67551 = []byte{ - // 1750 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x58, 0xcd, 0x6f, 0x1c, 0x49, - 0x15, 0x77, 0x7b, 0xfc, 0x35, 0x65, 0xc7, 0x1f, 0x65, 0xc7, 0xe9, 0x35, 0xeb, 0x19, 0xd3, 0x36, - 0xab, 0x08, 0xd8, 0x19, 0x12, 0x2d, 0x6c, 0xd0, 0xb2, 0xd1, 0x4e, 0x7b, 0xd6, 0x59, 0xaf, 0x9c, - 0x64, 0xb6, 0x66, 0xbd, 0x42, 0xab, 0x15, 0xa2, 0xdc, 0x53, 0x33, 0xae, 0xb8, 0xbf, 0xe8, 0xaa, - 0x76, 0x3c, 0xe2, 0x12, 0x89, 0x0b, 0x47, 0x24, 0xae, 0x88, 0x33, 0xfc, 0x03, 0x5c, 0x10, 0x70, - 0x8d, 0x04, 0x12, 0x39, 0xa1, 0x9c, 0x46, 0x64, 0x10, 0x27, 0x8e, 0xdc, 0x72, 0x42, 0x55, 0x53, - 0xf3, 0xd1, 0x3d, 0xdd, 0xe3, 0x4e, 0x48, 0xa2, 0xbd, 0x4d, 0xbf, 0x8f, 0xdf, 0xef, 0xbd, 0xd7, - 0xaf, 0x5f, 0xbd, 0x1a, 0xf0, 0x5e, 0x8b, 0xf2, 0xd3, 0xf0, 0xa4, 0x64, 0x79, 0x4e, 0xd9, 0xf3, - 0x89, 0xcb, 0x4e, 0x69, 0x93, 0x97, 0xb1, 0x4f, 0xcb, 0x8c, 0x58, 0x61, 0x40, 0x79, 0xbb, 0x7c, - 0x7e, 0xa3, 0xdc, 0x22, 0x2e, 0x09, 0x30, 0x27, 0x8d, 0x92, 0x1f, 0x78, 0xdc, 0x83, 0x7b, 0x43, - 0xaf, 0xd2, 0xc0, 0xab, 0x84, 0x7d, 0x5a, 0xea, 0x7b, 0x95, 0xce, 0x6f, 0x6c, 0xbd, 0x3b, 0x82, - 0xdd, 0xf2, 0x5a, 0x5e, 0x59, 0x3a, 0x9f, 0x84, 0x4d, 0xf9, 0x24, 0x1f, 0xe4, 0xaf, 0x1e, 0xe8, - 0x96, 0x71, 0x76, 0x8b, 0x95, 0xa8, 0x27, 0xc9, 0x2d, 0x2f, 0x20, 0x09, 0xc4, 0x5b, 0xef, 0x0d, - 0x6d, 0x1c, 0x6c, 0x9d, 0x52, 0x97, 0x04, 0xed, 0xb2, 0x7f, 0xd6, 0x12, 0x02, 0x56, 0x76, 0x08, - 0xc7, 0x49, 0x5e, 0x3f, 0x48, 0xf3, 0x0a, 0x42, 0x97, 0x53, 0x87, 0x94, 0x99, 0x75, 0x4a, 0x1c, - 0x1c, 0xf7, 0x33, 0x3e, 0x00, 0x6b, 0x15, 0xdb, 0xf6, 0x1e, 0x92, 0xc6, 0x81, 0x4d, 0x2e, 0xbe, - 0xf0, 0xec, 0xd0, 0x21, 0xf0, 0x1d, 0x30, 0xd7, 0x08, 0xe8, 0x39, 0x09, 0x74, 0x6d, 0x47, 0xbb, - 0x9e, 0x37, 0x97, 0x1f, 0x77, 0x8a, 0x53, 0xdd, 0x4e, 0x71, 0xae, 0x2a, 0xa5, 0x48, 0x69, 0x8d, - 0xdf, 0x69, 0x60, 0xf3, 0xa0, 0x7e, 0x27, 0xf0, 0x42, 0xbf, 0xce, 0x05, 0x6a, 0xab, 0x7d, 0xdf, - 0xe7, 0xd4, 0x73, 0x19, 0x7c, 0x1f, 0xcc, 0xf0, 0xb6, 0x4f, 0x14, 0xc0, 0xae, 0x02, 0x98, 0xf9, - 0xbc, 0xed, 0x93, 0xe7, 0x9d, 0xe2, 0x7a, 0xcc, 0x4b, 0x88, 0x91, 0x74, 0x80, 0xc7, 0x60, 0x2e, - 0xc0, 0x6e, 0x8b, 0x30, 0x7d, 0x7a, 0x27, 0x77, 0x7d, 0xf1, 0xe6, 0xbb, 0xa5, 0x2c, 0x2f, 0xa2, - 0x74, 0x58, 0x45, 0xc2, 0x6b, 0x18, 0xaa, 0x7c, 0x64, 0x48, 0x81, 0x19, 0x77, 0xc0, 0xbc, 0x32, - 0x81, 0xdb, 0x20, 0xe7, 0x50, 0x57, 0x46, 0x96, 0x33, 0x17, 0x95, 0x7d, 0xee, 0x2e, 0x75, 0x91, - 0x90, 0x4b, 0x35, 0xbe, 0xd0, 0xa7, 0x63, 0x6a, 0x7c, 0x81, 0x84, 0xdc, 0xf8, 0x8f, 0x06, 0xae, - 0xd5, 0xbc, 0x46, 0x5d, 0x71, 0xd7, 0x3c, 0x9b, 0x5a, 0x6d, 0x44, 0xce, 0x29, 0x79, 0x08, 0x2d, - 0x30, 0xc3, 0x7c, 0x62, 0x49, 0xe8, 0xc5, 0x9b, 0x95, 0x6c, 0x91, 0xa7, 0x80, 0xd5, 0x7d, 0x62, - 0x99, 0x4b, 0xfd, 0xba, 0x89, 0x27, 0x24, 0xc1, 0xe1, 0x19, 0x98, 0x63, 0x1c, 0xf3, 0x90, 0xc9, - 0x10, 0x17, 0x6f, 0xee, 0xff, 0x7f, 0x34, 0x12, 0x6a, 0x58, 0xb6, 0xde, 0x33, 0x52, 0x14, 0xc6, - 0x1f, 0x35, 0xf0, 0x8d, 0x09, 0x01, 0xc2, 0xcf, 0xc0, 0x02, 0x27, 0x8e, 0x6f, 0x63, 0x4e, 0x54, - 0xd6, 0xbb, 0xa5, 0x5e, 0x27, 0xca, 0x00, 0x44, 0x8f, 0x2b, 0xf2, 0xcf, 0x95, 0x99, 0xcc, 0x6b, - 0x55, 0xd1, 0x2d, 0xf4, 0xa5, 0x68, 0x00, 0x03, 0x0f, 0xc1, 0x3a, 0x23, 0xc1, 0x39, 0xb5, 0x48, - 0xc5, 0xb2, 0xbc, 0xd0, 0xe5, 0xf7, 0xb0, 0xa3, 0xba, 0x21, 0x6f, 0x5e, 0xeb, 0x76, 0x8a, 0xeb, - 0xf5, 0x71, 0x35, 0x4a, 0xf2, 0x31, 0xfe, 0xaa, 0x81, 0xed, 0x89, 0x79, 0xc3, 0xdf, 0x6b, 0x60, - 0x13, 0xf7, 0xfa, 0x3f, 0x8a, 0xca, 0x74, 0x4d, 0xb6, 0xdf, 0x67, 0xd9, 0xaa, 0x1b, 0x75, 0x9e, - 0x5c, 0xeb, 0x82, 0x4a, 0x7e, 0xb3, 0x92, 0x48, 0x8c, 0x52, 0x02, 0x32, 0x7e, 0x39, 0x0d, 0x8c, - 0x31, 0xe4, 0x3a, 0xb1, 0x9b, 0xf5, 0xf0, 0xe4, 0x01, 0xb1, 0xb8, 0x6a, 0x42, 0x37, 0xd2, 0x84, - 0x47, 0x2f, 0xd9, 0x1d, 0x63, 0xb8, 0xa9, 0xfd, 0x18, 0xc4, 0xfa, 0xf1, 0xd3, 0x97, 0x65, 0x8c, - 0xb0, 0x4d, 0x6e, 0xcb, 0x9f, 0x83, 0x77, 0xb2, 0x45, 0xfc, 0x1a, 0x1a, 0xd4, 0x78, 0x34, 0x0d, - 0x0a, 0x93, 0xa3, 0x87, 0x0f, 0x22, 0xef, 0xe0, 0x93, 0x57, 0x52, 0x91, 0xaf, 0x53, 0xfd, 0xff, - 0xa4, 0x25, 0xb5, 0xe2, 0x1b, 0x28, 0x3e, 0xdc, 0x01, 0x33, 0x21, 0x23, 0x81, 0xcc, 0x35, 0x3f, - 0xac, 0xc7, 0x31, 0x23, 0x01, 0x92, 0x1a, 0x68, 0x80, 0xb9, 0x96, 0x38, 0x5b, 0x98, 0x9e, 0x93, - 0x23, 0x03, 0x88, 0xf8, 0xe5, 0x69, 0xc3, 0x90, 0xd2, 0x18, 0xff, 0xd5, 0xc0, 0x5e, 0x96, 0x02, - 0xc0, 0x1a, 0xc8, 0xab, 0xaf, 0xd1, 0x6c, 0x4f, 0x4a, 0xe1, 0xbe, 0x72, 0x6d, 0x92, 0x80, 0xb8, - 0x16, 0x31, 0xaf, 0x74, 0x3b, 0xc5, 0x7c, 0xa5, 0xef, 0x89, 0x86, 0x20, 0xe2, 0x6c, 0x0d, 0x08, - 0x66, 0x9e, 0xab, 0x52, 0x18, 0x1e, 0x58, 0x52, 0x8a, 0x94, 0x36, 0x52, 0xbb, 0xdc, 0xab, 0x69, - 0xdc, 0x3f, 0x68, 0x60, 0x45, 0x1e, 0x81, 0x22, 0x30, 0x0b, 0x8b, 0x83, 0x1a, 0xfe, 0x14, 0x2c, - 0x88, 0x95, 0xa2, 0x81, 0x39, 0x56, 0xf9, 0x7d, 0x6f, 0x84, 0x66, 0xb0, 0x4a, 0x94, 0xfc, 0xb3, - 0x96, 0x10, 0xb0, 0x92, 0xb0, 0x1e, 0x66, 0x7c, 0x97, 0x70, 0x6c, 0x42, 0xc5, 0x09, 0x86, 0x32, - 0x34, 0x40, 0x85, 0xbb, 0x60, 0x56, 0x9e, 0xc1, 0x2a, 0xdf, 0x2b, 0xca, 0x78, 0x56, 0x46, 0x82, - 0x7a, 0x3a, 0xf8, 0x36, 0x98, 0x91, 0x21, 0x88, 0x4c, 0x97, 0xcc, 0x05, 0xf1, 0x4a, 0xab, 0x98, - 0x63, 0x24, 0xa5, 0xc6, 0xdf, 0x35, 0xb0, 0x1e, 0x0b, 0xfc, 0x88, 0x32, 0x0e, 0xbf, 0x1a, 0x0b, - 0xbe, 0x94, 0x2d, 0x78, 0xe1, 0x2d, 0x43, 0x1f, 0x94, 0xab, 0x2f, 0x19, 0x09, 0xfc, 0x4b, 0x30, - 0x4b, 0x39, 0x71, 0xfa, 0x8b, 0xc8, 0xf7, 0xb3, 0x7d, 0x57, 0xb1, 0x38, 0x87, 0xf9, 0x1e, 0x0a, - 0x2c, 0xd4, 0x83, 0x34, 0xfe, 0xa1, 0x01, 0x1d, 0x85, 0x6e, 0x85, 0x89, 0xc6, 0x8d, 0xef, 0x4e, - 0x3f, 0x8c, 0xec, 0x4e, 0xdf, 0x8a, 0xed, 0x4e, 0x57, 0xc7, 0xfc, 0x46, 0xb6, 0xa7, 0xb7, 0x40, - 0x2e, 0xa4, 0x0d, 0xb5, 0xbc, 0xcc, 0x8b, 0xc5, 0xe5, 0xf8, 0xb0, 0x8a, 0x84, 0x0c, 0xde, 0x00, - 0x8b, 0x21, 0x6d, 0xc8, 0xf0, 0xee, 0x52, 0x57, 0x56, 0x3a, 0x67, 0xae, 0x74, 0x3b, 0xc5, 0xc5, - 0x63, 0xb5, 0x19, 0x89, 0x15, 0x68, 0xd4, 0x26, 0xe2, 0x82, 0x2f, 0xf4, 0x99, 0x04, 0x17, 0x7c, - 0x81, 0x46, 0x6d, 0x8c, 0xbf, 0x68, 0x60, 0xbb, 0xfe, 0xf1, 0x11, 0x75, 0xc3, 0x8b, 0x7d, 0xcf, - 0xe5, 0xe4, 0x82, 0xc7, 0xb3, 0xbb, 0x1d, 0xc9, 0xee, 0xdb, 0xb1, 0xec, 0xb6, 0x92, 0x9d, 0x47, - 0x52, 0xfc, 0x09, 0x58, 0x66, 0x44, 0xda, 0x28, 0x44, 0x35, 0xf7, 0x8c, 0xa4, 0xcf, 0x43, 0xa1, - 0x29, 0x4b, 0x13, 0x76, 0x3b, 0xc5, 0xe5, 0xa8, 0x0c, 0xc5, 0xd0, 0x8c, 0xdf, 0xac, 0x81, 0xad, - 0xfe, 0x60, 0x50, 0x51, 0xec, 0x7b, 0x2e, 0xe3, 0x01, 0xa6, 0x2e, 0x67, 0x6f, 0xe0, 0x83, 0xb9, - 0x0e, 0x16, 0xfc, 0x80, 0x7a, 0x82, 0x5f, 0xa6, 0x36, 0x6b, 0x2e, 0x89, 0x0e, 0xad, 0x29, 0x19, - 0x1a, 0x68, 0xe1, 0x57, 0x40, 0x97, 0x83, 0xa5, 0x16, 0xd0, 0x73, 0x6a, 0x93, 0x16, 0x69, 0x88, - 0x80, 0xb1, 0x08, 0x40, 0xbe, 0xdf, 0x05, 0x73, 0x47, 0x31, 0xe9, 0x95, 0x14, 0x3b, 0x94, 0x8a, - 0x00, 0x19, 0xd8, 0x6c, 0x90, 0x26, 0x0e, 0x6d, 0x5e, 0x69, 0x34, 0xf6, 0xb1, 0x8f, 0x4f, 0xa8, - 0x4d, 0x39, 0x25, 0x4c, 0x9f, 0x91, 0x83, 0xf5, 0x03, 0xb1, 0xc3, 0x54, 0x13, 0x2d, 0x9e, 0x77, - 0x8a, 0xdb, 0xe3, 0x57, 0x9d, 0xd2, 0xc0, 0xa4, 0x8d, 0x52, 0xa0, 0x61, 0x1b, 0xe8, 0x01, 0xf9, - 0x59, 0x48, 0x03, 0xd2, 0xa8, 0x06, 0x9e, 0x1f, 0xa1, 0x9d, 0x95, 0xb4, 0x1f, 0x8a, 0x74, 0x50, - 0x8a, 0xcd, 0xe5, 0xc4, 0xa9, 0xf0, 0xf0, 0x01, 0x58, 0x57, 0x63, 0x3a, 0xc2, 0x3a, 0x27, 0x59, - 0x6f, 0x89, 0xc5, 0xb3, 0x32, 0xae, 0xbe, 0x9c, 0x30, 0x09, 0x74, 0xf0, 0xe6, 0x3e, 0xf1, 0x18, - 0xaf, 0xd2, 0xa0, 0x77, 0xef, 0xaa, 0xd9, 0x61, 0x8b, 0xba, 0xfa, 0x7c, 0xc2, 0x9b, 0x4b, 0xb0, - 0x43, 0xa9, 0x08, 0xb0, 0x0c, 0xe6, 0xcf, 0xe5, 0x33, 0xd3, 0x17, 0x64, 0xf4, 0x57, 0xbb, 0x9d, - 0xe2, 0x7c, 0xcf, 0x44, 0x44, 0x3c, 0x77, 0x50, 0x97, 0x1f, 0x54, 0xdf, 0x0a, 0xfe, 0x42, 0x03, - 0x10, 0xc7, 0xaf, 0x81, 0x4c, 0xbf, 0x2a, 0x07, 0xdf, 0xfb, 0xd9, 0x06, 0xdf, 0xd8, 0x35, 0xd2, - 0xdc, 0x52, 0x29, 0xc0, 0x31, 0x15, 0x43, 0x09, 0x74, 0xb0, 0x0a, 0x56, 0x07, 0x29, 0xdd, 0x23, - 0xfc, 0xa1, 0x17, 0x9c, 0xe9, 0x79, 0x59, 0x0c, 0x5d, 0x21, 0xad, 0x56, 0x62, 0x7a, 0x34, 0xe6, - 0x01, 0x6f, 0x83, 0xe5, 0x81, 0xac, 0xe6, 0x05, 0x9c, 0xe9, 0x40, 0x62, 0x6c, 0x2a, 0x8c, 0xe5, - 0x4a, 0x44, 0x8b, 0x62, 0xd6, 0xf0, 0x16, 0x58, 0x1a, 0x4a, 0x0e, 0xab, 0xfa, 0xa2, 0xf4, 0xde, - 0x50, 0xde, 0x4b, 0x95, 0x11, 0x1d, 0x8a, 0x58, 0x46, 0x3c, 0x0f, 0x6b, 0xfb, 0xfa, 0x52, 0x8a, - 0xe7, 0x61, 0x6d, 0x1f, 0x45, 0x2c, 0xa1, 0x03, 0x8a, 0xfd, 0xef, 0x21, 0xf2, 0x35, 0x7e, 0xcc, - 0x2c, 0x6c, 0xcb, 0x73, 0x44, 0xdf, 0x94, 0x60, 0xbb, 0xdd, 0x4e, 0xb1, 0x58, 0x9d, 0x6c, 0x8a, - 0x2e, 0xc3, 0x82, 0x3f, 0x8e, 0xcf, 0x8d, 0x11, 0x9e, 0x6b, 0x92, 0xe7, 0xed, 0xf1, 0x99, 0x31, - 0x42, 0x90, 0xea, 0x2d, 0x1a, 0xa9, 0x3f, 0x4f, 0xd5, 0xec, 0xd4, 0xaf, 0xbc, 0xc8, 0x2d, 0x75, - 0xe2, 0xd1, 0x31, 0x7c, 0x85, 0x51, 0x33, 0x14, 0xa3, 0x84, 0x1e, 0xc8, 0x07, 0xfd, 0x43, 0x52, - 0x5f, 0x96, 0xfc, 0xb7, 0x33, 0x9e, 0xde, 0x29, 0x67, 0xb2, 0xb9, 0xa6, 0xa8, 0xf3, 0x03, 0x0b, - 0x34, 0xe4, 0x80, 0xbf, 0xd6, 0x00, 0x64, 0xa1, 0xef, 0xdb, 0xc4, 0x21, 0x2e, 0xc7, 0x76, 0x6f, - 0xdd, 0xd4, 0x57, 0x24, 0xf5, 0x9d, 0x8c, 0xa9, 0x8f, 0xf9, 0xc7, 0x63, 0x18, 0x7c, 0x4f, 0xe3, - 0xa6, 0x28, 0x81, 0x1e, 0xb6, 0xc0, 0x7c, 0x93, 0xc9, 0xdf, 0xfa, 0xaa, 0x8c, 0xe4, 0x47, 0xd9, - 0x22, 0x49, 0xfe, 0x4b, 0xc7, 0x5c, 0x51, 0xf4, 0xf3, 0x4a, 0x8f, 0xfa, 0xe8, 0xf0, 0x0b, 0xb0, - 0x19, 0x10, 0xdc, 0xb8, 0xef, 0xda, 0x6d, 0xe4, 0x79, 0xfc, 0x80, 0xda, 0x84, 0xb5, 0x19, 0x27, - 0x8e, 0xbe, 0x26, 0xbb, 0x69, 0x70, 0xe3, 0x45, 0x89, 0x56, 0x28, 0xc5, 0x1b, 0x16, 0xc1, 0xac, - 0x58, 0xe9, 0x99, 0x0e, 0xe5, 0x14, 0xcb, 0x8b, 0x35, 0x4a, 0xd4, 0x9b, 0xa1, 0x9e, 0x7c, 0x64, - 0xd7, 0x5f, 0x4f, 0xdb, 0xf5, 0xe1, 0x87, 0x60, 0x85, 0x11, 0xcb, 0xf2, 0x1c, 0xbf, 0x16, 0x78, - 0x4d, 0x01, 0xae, 0x6f, 0x48, 0xe3, 0xf5, 0x6e, 0xa7, 0xb8, 0x52, 0x8f, 0xaa, 0x50, 0xdc, 0x16, - 0x1e, 0x81, 0x0d, 0x35, 0xaa, 0x8e, 0x5d, 0x86, 0x9b, 0xa4, 0xde, 0x66, 0x16, 0xb7, 0x99, 0xae, - 0x4b, 0x0c, 0xbd, 0xdb, 0x29, 0x6e, 0x54, 0x12, 0xf4, 0x28, 0xd1, 0x0b, 0x7e, 0x04, 0x56, 0x9b, - 0x5e, 0x70, 0x42, 0x1b, 0x0d, 0xe2, 0xf6, 0x91, 0xde, 0x92, 0x48, 0x1b, 0x62, 0xbc, 0x1d, 0xc4, - 0x74, 0x68, 0xcc, 0xda, 0xf8, 0xb7, 0x06, 0x0a, 0xe9, 0xeb, 0xc9, 0x1b, 0x58, 0x8b, 0x49, 0x74, - 0x2d, 0xfe, 0x28, 0xeb, 0x1f, 0x24, 0x69, 0x21, 0xa7, 0x6c, 0xc8, 0xbf, 0x9d, 0x06, 0xdf, 0x79, - 0x81, 0x7f, 0x55, 0xe0, 0xdf, 0x34, 0xb0, 0xe7, 0x67, 0xb8, 0xd2, 0xa9, 0x8a, 0xbc, 0xca, 0x5b, - 0xf2, 0x77, 0x55, 0x02, 0x99, 0xae, 0x94, 0x28, 0x53, 0x94, 0xe2, 0x9e, 0xeb, 0x62, 0x87, 0xc4, - 0xef, 0xb9, 0xf7, 0xb0, 0x43, 0x90, 0xd4, 0x18, 0x7f, 0xd6, 0xc0, 0x37, 0x2f, 0x9d, 0x19, 0xd0, - 0x8c, 0x6c, 0xdb, 0xa5, 0xd8, 0xb6, 0x5d, 0x48, 0x07, 0x78, 0xed, 0x7f, 0xc9, 0x9a, 0x9f, 0x3e, - 0x7e, 0x56, 0x98, 0x7a, 0xf2, 0xac, 0x30, 0xf5, 0xf4, 0x59, 0x61, 0xea, 0x51, 0xb7, 0xa0, 0x3d, - 0xee, 0x16, 0xb4, 0x27, 0xdd, 0x82, 0xf6, 0xb4, 0x5b, 0xd0, 0xfe, 0xd9, 0x2d, 0x68, 0xbf, 0xfa, - 0x57, 0x61, 0xea, 0xcb, 0xbd, 0x2c, 0xff, 0xde, 0xff, 0x2f, 0x00, 0x00, 0xff, 0xff, 0xc3, 0x31, - 0x4b, 0x4e, 0xe4, 0x17, 0x00, 0x00, + // 1803 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x59, 0xcd, 0x6f, 0x1b, 0xc7, + 0x15, 0xd7, 0x8a, 0xfa, 0xe2, 0x48, 0x96, 0xe4, 0x91, 0x2c, 0x4f, 0xd4, 0x98, 0x54, 0xd7, 0x6e, + 0x60, 0xb4, 0xcd, 0x32, 0x36, 0xd2, 0xc6, 0x45, 0x1a, 0x23, 0x5c, 0x31, 0x72, 0x14, 0xc8, 0x31, + 0x33, 0x8c, 0x82, 0x22, 0x08, 0x8a, 0x8c, 0x96, 0x43, 0x7a, 0xac, 0xe5, 0xee, 0x76, 0x67, 0x56, + 0x16, 0xd1, 0x4b, 0x81, 0xfe, 0x03, 0x05, 0x7a, 0xef, 0xb9, 0xfd, 0x07, 0x7a, 0x29, 0xda, 0x5e, + 0x0d, 0xb4, 0x45, 0x73, 0x2a, 0x72, 0x22, 0x6a, 0x16, 0xbd, 0xf4, 0xda, 0x9b, 0x0f, 0x45, 0x31, + 0xc3, 0xe1, 0xc7, 0x2e, 0x77, 0xe9, 0x4d, 0x6a, 0x0b, 0xbd, 0x69, 0xdf, 0xc7, 0xef, 0xfd, 0xde, + 0xcc, 0xbc, 0x37, 0x6f, 0x28, 0xf0, 0x66, 0x9b, 0x89, 0x87, 0xd1, 0x89, 0xe5, 0xf8, 0x9d, 0x8a, + 0x1f, 0x50, 0x8f, 0x3f, 0x64, 0x2d, 0x51, 0x21, 0x01, 0xab, 0x70, 0xea, 0x44, 0x21, 0x13, 0xdd, + 0xca, 0xd9, 0xad, 0x4a, 0x9b, 0x7a, 0x34, 0x24, 0x82, 0x36, 0xad, 0x20, 0xf4, 0x85, 0x0f, 0x6f, + 0x8c, 0xbd, 0xac, 0x91, 0x97, 0x45, 0x02, 0x66, 0x0d, 0xbd, 0xac, 0xb3, 0x5b, 0xbb, 0xaf, 0x4f, + 0x60, 0xb7, 0xfd, 0xb6, 0x5f, 0x51, 0xce, 0x27, 0x51, 0x4b, 0x7d, 0xa9, 0x0f, 0xf5, 0xd7, 0x00, + 0x74, 0xd7, 0x3c, 0xbd, 0xc3, 0x2d, 0xe6, 0xab, 0xe0, 0x8e, 0x1f, 0xd2, 0x94, 0xc0, 0xbb, 0x6f, + 0x8e, 0x6d, 0x3a, 0xc4, 0x79, 0xc8, 0x3c, 0x1a, 0x76, 0x2b, 0xc1, 0x69, 0x5b, 0x0a, 0x78, 0xa5, + 0x43, 0x05, 0x49, 0xf3, 0xfa, 0x7e, 0x96, 0x57, 0x18, 0x79, 0x82, 0x75, 0x68, 0x85, 0x3b, 0x0f, + 0x69, 0x87, 0x24, 0xfd, 0xcc, 0xb7, 0xc1, 0xe5, 0xaa, 0xeb, 0xfa, 0x8f, 0x69, 0xf3, 0xc0, 0xa5, + 0xe7, 0x9f, 0xf8, 0x6e, 0xd4, 0xa1, 0xf0, 0x35, 0xb0, 0xd4, 0x0c, 0xd9, 0x19, 0x0d, 0x91, 0xb1, + 0x67, 0xdc, 0x2c, 0xda, 0xeb, 0x4f, 0x7a, 0xe5, 0xb9, 0x7e, 0xaf, 0xbc, 0x54, 0x53, 0x52, 0xac, + 0xb5, 0xe6, 0xaf, 0x0d, 0xb0, 0x73, 0xd0, 0xb8, 0x17, 0xfa, 0x51, 0xd0, 0x10, 0x12, 0xb5, 0xdd, + 0x7d, 0x10, 0x08, 0xe6, 0x7b, 0x1c, 0xbe, 0x05, 0x16, 0x44, 0x37, 0xa0, 0x1a, 0xe0, 0xba, 0x06, + 0x58, 0xf8, 0xb8, 0x1b, 0xd0, 0x67, 0xbd, 0xf2, 0x56, 0xc2, 0x4b, 0x8a, 0xb1, 0x72, 0x80, 0xc7, + 0x60, 0x29, 0x24, 0x5e, 0x9b, 0x72, 0x34, 0xbf, 0x57, 0xb8, 0xb9, 0x7a, 0xfb, 0x75, 0x2b, 0xcf, + 0x46, 0x58, 0x87, 0x35, 0x2c, 0xbd, 0xc6, 0x54, 0xd5, 0x27, 0xc7, 0x1a, 0xcc, 0xbc, 0x07, 0x96, + 0xb5, 0x09, 0xbc, 0x06, 0x0a, 0x1d, 0xe6, 0x29, 0x66, 0x05, 0x7b, 0x55, 0xdb, 0x17, 0xee, 0x33, + 0x0f, 0x4b, 0xb9, 0x52, 0x93, 0x73, 0x34, 0x9f, 0x50, 0x93, 0x73, 0x2c, 0xe5, 0xe6, 0x5f, 0xe6, + 0xc1, 0xd5, 0xba, 0xdf, 0x6c, 0xe8, 0xd8, 0x75, 0xdf, 0x65, 0x4e, 0x17, 0xd3, 0x33, 0x46, 0x1f, + 0xc3, 0xcf, 0xc1, 0x8a, 0xdc, 0x9f, 0x26, 0x11, 0x04, 0x15, 0xf6, 0x8c, 0x9b, 0xab, 0xb7, 0xdf, + 0xb0, 0x06, 0xfb, 0x62, 0x4d, 0xee, 0x8b, 0x15, 0x9c, 0xb6, 0xa5, 0x80, 0x5b, 0xd2, 0x5a, 0xb2, + 0x7f, 0x70, 0xf2, 0x88, 0x3a, 0xe2, 0x3e, 0x15, 0xc4, 0x86, 0x3a, 0x22, 0x18, 0xcb, 0xf0, 0x08, + 0x15, 0x3a, 0x60, 0x81, 0x07, 0xd4, 0x51, 0xe4, 0x57, 0x6f, 0x57, 0xf3, 0xad, 0x4d, 0x06, 0xdd, + 0x46, 0x40, 0x1d, 0x7b, 0x6d, 0xb8, 0x33, 0xf2, 0x0b, 0x2b, 0x70, 0x78, 0x0a, 0x96, 0xb8, 0x20, + 0x22, 0xe2, 0x6a, 0x11, 0x56, 0x6f, 0xef, 0xff, 0x6f, 0x61, 0x14, 0xd4, 0x78, 0x63, 0x06, 0xdf, + 0x58, 0x87, 0x30, 0x7f, 0x67, 0x80, 0x6f, 0xcc, 0x20, 0x08, 0x3f, 0x02, 0x2b, 0x82, 0x76, 0x02, + 0x97, 0x08, 0xaa, 0xb3, 0xbe, 0x3e, 0xb1, 0xa6, 0x96, 0xac, 0x22, 0x1d, 0xfc, 0x63, 0x6d, 0xa6, + 0xf2, 0xda, 0xd4, 0xe1, 0x56, 0x86, 0x52, 0x3c, 0x82, 0x81, 0x87, 0x60, 0x8b, 0xd3, 0xf0, 0x8c, + 0x39, 0xb4, 0xea, 0x38, 0x7e, 0xe4, 0x89, 0x0f, 0x49, 0x47, 0x9f, 0xb7, 0xa2, 0x7d, 0xb5, 0xdf, + 0x2b, 0x6f, 0x35, 0xa6, 0xd5, 0x38, 0xcd, 0xc7, 0xfc, 0x93, 0x01, 0xae, 0xcd, 0xcc, 0x1b, 0xfe, + 0xc6, 0x00, 0x3b, 0x64, 0x50, 0x61, 0x71, 0x54, 0x8e, 0x0c, 0x75, 0xc0, 0x3f, 0xca, 0xb7, 0xba, + 0x71, 0xe7, 0xd9, 0x6b, 0x5d, 0xd2, 0xc9, 0xef, 0x54, 0x53, 0x03, 0xe3, 0x0c, 0x42, 0xe6, 0xbf, + 0xe6, 0x81, 0x39, 0x85, 0xdc, 0xa0, 0x6e, 0xab, 0x11, 0xa9, 0xc3, 0x78, 0x61, 0xc7, 0xdc, 0x8b, + 0x1d, 0xf3, 0xa3, 0xaf, 0x79, 0xfe, 0xa6, 0x98, 0x67, 0x9e, 0xf8, 0x30, 0x71, 0xe2, 0x3f, 0xf8, + 0xba, 0x11, 0x63, 0xd1, 0x66, 0x1f, 0xfc, 0x9f, 0x82, 0xd7, 0xf2, 0x31, 0x7e, 0x09, 0x25, 0x60, + 0xf6, 0xe7, 0x41, 0x69, 0x36, 0xfb, 0x0b, 0xd8, 0xe5, 0x47, 0xb1, 0x5d, 0x7e, 0xff, 0x85, 0xac, + 0xf9, 0xff, 0xd3, 0x0e, 0xff, 0xde, 0x48, 0x2b, 0xa7, 0x0b, 0xd8, 0x5e, 0xb8, 0x07, 0x16, 0x22, + 0x4e, 0x43, 0x95, 0x6b, 0x71, 0xbc, 0x1e, 0xc7, 0x9c, 0x86, 0x58, 0x69, 0xa0, 0x09, 0x96, 0xda, + 0xf2, 0x06, 0xe6, 0xa8, 0xa0, 0xda, 0x1e, 0x90, 0xfc, 0xd5, 0x9d, 0xcc, 0xb1, 0xd6, 0x98, 0xff, + 0x36, 0xc0, 0x8d, 0x3c, 0x0b, 0x00, 0xeb, 0xa0, 0xa8, 0x3b, 0x8a, 0xdd, 0x9d, 0x95, 0xc2, 0x03, + 0xed, 0xda, 0xa2, 0x21, 0xf5, 0x1c, 0x6a, 0x5f, 0xea, 0xf7, 0xca, 0xc5, 0xea, 0xd0, 0x13, 0x8f, + 0x41, 0xe4, 0x04, 0x12, 0x52, 0xc2, 0x7d, 0x4f, 0xa7, 0x30, 0xbe, 0xd6, 0x95, 0x14, 0x6b, 0x6d, + 0x6c, 0xed, 0x0a, 0x2f, 0xa6, 0x34, 0x7e, 0x6b, 0x80, 0x0d, 0x35, 0x28, 0x48, 0x62, 0x0e, 0x91, + 0xe3, 0x4c, 0xac, 0x16, 0x8c, 0x97, 0x52, 0x0b, 0xd7, 0xc1, 0xa2, 0x9a, 0x54, 0x74, 0xbe, 0x97, + 0xb4, 0xf1, 0xa2, 0x62, 0x82, 0x07, 0x3a, 0xf8, 0x2a, 0x58, 0x18, 0x95, 0xe3, 0x9a, 0xbd, 0x22, + 0xb7, 0xb4, 0x46, 0x04, 0xc1, 0x4a, 0x6a, 0xfe, 0xd5, 0x00, 0x5b, 0x09, 0xe2, 0x47, 0x8c, 0x0b, + 0xf8, 0xd9, 0x14, 0x79, 0x2b, 0x1f, 0x79, 0xe9, 0xad, 0xa8, 0x8f, 0x96, 0x6b, 0x28, 0x99, 0x20, + 0xfe, 0x29, 0x58, 0x64, 0x82, 0x76, 0x86, 0xe3, 0xda, 0xf7, 0xf2, 0xd5, 0x55, 0x82, 0xe7, 0x38, + 0xdf, 0x43, 0x89, 0x85, 0x07, 0x90, 0xe6, 0xdf, 0x0c, 0x80, 0x70, 0xe4, 0x55, 0xb9, 0x3c, 0xb8, + 0xc9, 0x09, 0xf3, 0x07, 0xb1, 0x09, 0xf3, 0x5b, 0x89, 0x09, 0xf3, 0xca, 0x94, 0xdf, 0xc4, 0x8c, + 0xf9, 0x0a, 0x28, 0x44, 0xac, 0xa9, 0x47, 0xbc, 0x65, 0x39, 0xde, 0x1d, 0x1f, 0xd6, 0xb0, 0x94, + 0xc1, 0x5b, 0x60, 0x35, 0x62, 0x4d, 0x45, 0xef, 0x3e, 0xf3, 0xd4, 0x4a, 0x17, 0xec, 0x8d, 0x7e, + 0xaf, 0xbc, 0x7a, 0xac, 0xe7, 0x47, 0x39, 0x28, 0x4e, 0xda, 0xc4, 0x5c, 0xc8, 0x39, 0x5a, 0x48, + 0x71, 0x21, 0xe7, 0x78, 0xd2, 0xc6, 0xfc, 0xa3, 0x01, 0xae, 0x35, 0xde, 0x3b, 0x62, 0x5e, 0x74, + 0xbe, 0xef, 0x7b, 0x82, 0x9e, 0x8b, 0x64, 0x76, 0x77, 0x63, 0xd9, 0x7d, 0x3b, 0x91, 0xdd, 0x6e, + 0xba, 0xf3, 0x44, 0x8a, 0x3f, 0x06, 0xeb, 0x9c, 0x2a, 0x1b, 0x8d, 0xa8, 0xfb, 0x9e, 0x99, 0x56, + 0x1e, 0x1a, 0x4d, 0x5b, 0xda, 0xb0, 0xdf, 0x2b, 0xaf, 0xc7, 0x65, 0x38, 0x81, 0x66, 0xfe, 0xe7, + 0x32, 0xd8, 0x1d, 0x36, 0x06, 0xcd, 0x62, 0xdf, 0xf7, 0xb8, 0x08, 0x09, 0xf3, 0x04, 0xbf, 0x80, + 0x82, 0xb9, 0x09, 0x56, 0x82, 0x90, 0xf9, 0x32, 0xbe, 0x4a, 0x6d, 0xd1, 0x5e, 0x93, 0x27, 0xb4, + 0xae, 0x65, 0x78, 0xa4, 0x85, 0x9f, 0x01, 0xa4, 0x1a, 0x4b, 0x3d, 0x64, 0x67, 0xcc, 0xa5, 0x6d, + 0xda, 0x94, 0x84, 0x89, 0x24, 0xa0, 0xf6, 0x77, 0xc5, 0xde, 0xd3, 0x91, 0x50, 0x35, 0xc3, 0x0e, + 0x67, 0x22, 0x40, 0x0e, 0x76, 0x9a, 0xb4, 0x45, 0x22, 0x57, 0x54, 0x9b, 0xcd, 0x7d, 0x12, 0x90, + 0x13, 0xe6, 0x32, 0xc1, 0x28, 0x47, 0x0b, 0xaa, 0xb1, 0xbe, 0x2d, 0xe7, 0xb0, 0x5a, 0xaa, 0xc5, + 0xb3, 0x5e, 0xf9, 0xda, 0xf4, 0x83, 0xd0, 0x1a, 0x99, 0x74, 0x71, 0x06, 0x34, 0xec, 0x02, 0x14, + 0xd2, 0x9f, 0x44, 0x2c, 0xa4, 0xcd, 0x5a, 0xe8, 0x07, 0xb1, 0xb0, 0x8b, 0x2a, 0xec, 0x3b, 0x32, + 0x1d, 0x9c, 0x61, 0xf3, 0xfc, 0xc0, 0x99, 0xf0, 0xf0, 0x11, 0xd8, 0xd2, 0x6d, 0x3a, 0x16, 0x75, + 0x49, 0x45, 0xbd, 0x23, 0x87, 0xe7, 0xea, 0xb4, 0xfa, 0xf9, 0x01, 0xd3, 0x40, 0x47, 0x3b, 0xf7, + 0xbe, 0xcf, 0x45, 0x8d, 0x85, 0x83, 0xd7, 0x69, 0xdd, 0x8d, 0xda, 0xcc, 0x43, 0xcb, 0x29, 0x3b, + 0x97, 0x62, 0x87, 0x33, 0x11, 0x60, 0x05, 0x2c, 0x9f, 0xa9, 0x6f, 0x8e, 0x56, 0x14, 0xfb, 0x2b, + 0xfd, 0x5e, 0x79, 0x79, 0x60, 0x22, 0x19, 0x2f, 0x1d, 0x34, 0x54, 0x41, 0x0d, 0xad, 0xe0, 0xcf, + 0x0d, 0x00, 0x49, 0xf2, 0xb1, 0xcc, 0xd1, 0x15, 0xd5, 0xf8, 0xde, 0xca, 0xd7, 0xf8, 0xa6, 0x1e, + 0xdb, 0xf6, 0xae, 0x4e, 0x01, 0x4e, 0xa9, 0x38, 0x4e, 0x09, 0x07, 0x6b, 0x60, 0x73, 0x94, 0xd2, + 0x87, 0x54, 0x3c, 0xf6, 0xc3, 0x53, 0x54, 0x54, 0x8b, 0x81, 0x34, 0xd2, 0x66, 0x35, 0xa1, 0xc7, + 0x53, 0x1e, 0xf0, 0x2e, 0x58, 0x1f, 0xc9, 0xea, 0x7e, 0x28, 0x38, 0x02, 0x0a, 0x63, 0x47, 0x63, + 0xac, 0x57, 0x63, 0x5a, 0x9c, 0xb0, 0x86, 0x77, 0xc0, 0xda, 0x58, 0x72, 0x58, 0x43, 0xab, 0xca, + 0x7b, 0x5b, 0x7b, 0xaf, 0x55, 0x27, 0x74, 0x38, 0x66, 0x19, 0xf3, 0x3c, 0xac, 0xef, 0xa3, 0xb5, + 0x0c, 0xcf, 0xc3, 0xfa, 0x3e, 0x8e, 0x59, 0xc2, 0xcf, 0x01, 0x94, 0xb3, 0x8b, 0x7a, 0x79, 0x05, + 0xc4, 0xa1, 0x47, 0xf4, 0x8c, 0xba, 0x68, 0x57, 0x75, 0xc8, 0x37, 0x86, 0xab, 0x78, 0x3c, 0x65, + 0xf1, 0xac, 0x57, 0x86, 0x71, 0x89, 0xda, 0xd6, 0x14, 0x2c, 0xd8, 0x01, 0xe5, 0x61, 0xc5, 0xc5, + 0xea, 0xfd, 0x3d, 0xee, 0x10, 0x57, 0xdd, 0x54, 0x68, 0x47, 0xd1, 0xbd, 0xde, 0xef, 0x95, 0xcb, + 0xb5, 0xd9, 0xa6, 0xf8, 0x79, 0x58, 0xf0, 0x47, 0xc9, 0xce, 0x34, 0x11, 0xe7, 0xaa, 0x8a, 0xf3, + 0xea, 0x74, 0x57, 0x9a, 0x08, 0x90, 0xe9, 0x2d, 0x8f, 0xea, 0xb0, 0x63, 0xeb, 0xee, 0x8c, 0x2e, + 0x7d, 0x95, 0xb7, 0xfc, 0xcc, 0xcb, 0x69, 0x7c, 0x48, 0xe2, 0x66, 0x38, 0x11, 0x12, 0xfa, 0xa0, + 0x18, 0x0e, 0xaf, 0x61, 0xb4, 0xae, 0xe2, 0xdf, 0xcd, 0x39, 0x1f, 0x64, 0xdc, 0xfa, 0xf6, 0x65, + 0x1d, 0xba, 0x38, 0xb2, 0xc0, 0xe3, 0x18, 0xf0, 0x97, 0x06, 0x80, 0x3c, 0x0a, 0x02, 0x97, 0x76, + 0xa8, 0x27, 0x88, 0x3b, 0x18, 0x68, 0xd1, 0x86, 0x0a, 0x7d, 0x2f, 0x67, 0xea, 0x53, 0xfe, 0x49, + 0x0e, 0xa3, 0x8a, 0x9d, 0x36, 0xc5, 0x29, 0xe1, 0x61, 0x1b, 0x2c, 0xb7, 0xb8, 0xfa, 0x1b, 0x6d, + 0x2a, 0x26, 0x3f, 0xcc, 0xc7, 0x24, 0xfd, 0xa7, 0x35, 0x7b, 0x43, 0x87, 0x5f, 0xd6, 0x7a, 0x3c, + 0x44, 0x87, 0x9f, 0x80, 0x9d, 0x90, 0x92, 0xe6, 0x03, 0xcf, 0xed, 0x62, 0xdf, 0x17, 0x07, 0xcc, + 0xa5, 0xbc, 0xcb, 0x05, 0xed, 0xa0, 0xcb, 0xea, 0x34, 0x8d, 0x7e, 0x17, 0xc0, 0xa9, 0x56, 0x38, + 0xc3, 0x1b, 0x96, 0xc1, 0xa2, 0x2c, 0x16, 0x8e, 0xa0, 0xea, 0x93, 0x45, 0x39, 0xa8, 0xc9, 0xf5, + 0xe6, 0x78, 0x20, 0x9f, 0x78, 0x4d, 0x6c, 0x65, 0xbd, 0x26, 0xe0, 0x3b, 0x60, 0x83, 0x53, 0xc7, + 0xf1, 0x3b, 0x41, 0x3d, 0xf4, 0x5b, 0x12, 0x1c, 0x6d, 0x2b, 0xe3, 0xad, 0x7e, 0xaf, 0xbc, 0xd1, + 0x88, 0xab, 0x70, 0xd2, 0x16, 0x1e, 0x81, 0x6d, 0xdd, 0x0c, 0x8f, 0x3d, 0x4e, 0x5a, 0xb4, 0xd1, + 0xe5, 0x8e, 0x70, 0x39, 0x42, 0x0a, 0x03, 0xf5, 0x7b, 0xe5, 0xed, 0x6a, 0x8a, 0x1e, 0xa7, 0x7a, + 0xc1, 0x77, 0xc1, 0x66, 0xcb, 0x0f, 0x4f, 0x58, 0xb3, 0x49, 0xbd, 0x21, 0xd2, 0x2b, 0x0a, 0x69, + 0x5b, 0x36, 0xd0, 0x83, 0x84, 0x0e, 0x4f, 0x59, 0x9b, 0xff, 0x34, 0x40, 0x29, 0x7b, 0x00, 0xba, + 0x80, 0xc1, 0x9b, 0xc6, 0x07, 0xef, 0x77, 0xf3, 0xfe, 0x8c, 0x94, 0x45, 0x39, 0x63, 0x06, 0xff, + 0xd5, 0x3c, 0xf8, 0xce, 0x57, 0xf8, 0xed, 0x09, 0xfe, 0xd9, 0x00, 0x37, 0x82, 0x1c, 0x8f, 0x46, + 0xbd, 0x22, 0x2f, 0xf2, 0x1d, 0xfe, 0x5d, 0x9d, 0x40, 0xae, 0x47, 0x2b, 0xce, 0xc5, 0x52, 0xbe, + 0xa4, 0x3d, 0xd2, 0xa1, 0xc9, 0x97, 0xb4, 0xbc, 0x37, 0xb0, 0xd2, 0x98, 0x7f, 0x30, 0xc0, 0x37, + 0x9f, 0xdb, 0x33, 0xa0, 0x1d, 0x9b, 0xe7, 0xad, 0xc4, 0x3c, 0x5f, 0xca, 0x06, 0x78, 0xe9, 0x3f, + 0x8d, 0xdb, 0x1f, 0x3c, 0x79, 0x5a, 0x9a, 0xfb, 0xe2, 0x69, 0x69, 0xee, 0xcb, 0xa7, 0xa5, 0xb9, + 0x9f, 0xf5, 0x4b, 0xc6, 0x93, 0x7e, 0xc9, 0xf8, 0xa2, 0x5f, 0x32, 0xbe, 0xec, 0x97, 0x8c, 0xbf, + 0xf7, 0x4b, 0xc6, 0x2f, 0xfe, 0x51, 0x9a, 0xfb, 0xf4, 0x46, 0x9e, 0xff, 0xa2, 0xfc, 0x37, 0x00, + 0x00, 0xff, 0xff, 0xb7, 0xb2, 0xaf, 0x36, 0x6c, 0x19, 0x00, 0x00, } func (m *AllowedFlexVolume) Marshal() (dAtA []byte, err error) { @@ -824,6 +827,16 @@ func (m *PodSecurityPolicyReview) MarshalToSizedBuffer(dAtA []byte) (int, error) _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a { size, err := m.Status.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -946,6 +959,16 @@ func (m *PodSecurityPolicySelfSubjectReview) MarshalToSizedBuffer(dAtA []byte) ( _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a { size, err := m.Status.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -1022,6 +1045,16 @@ func (m *PodSecurityPolicySubjectReview) MarshalToSizedBuffer(dAtA []byte) (int, _ = i var l int _ = l + { + size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintGenerated(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a { size, err := m.Status.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -1337,6 +1370,13 @@ func (m *SecurityContextConstraints) MarshalToSizedBuffer(dAtA []byte) (int, err _ = i var l int _ = l + i -= len(m.UserNamespaceLevel) + copy(dAtA[i:], m.UserNamespaceLevel) + i = encodeVarintGenerated(dAtA, i, uint64(len(m.UserNamespaceLevel))) + i-- + dAtA[i] = 0x1 + i-- + dAtA[i] = 0xd2 if len(m.ForbiddenSysctls) > 0 { for iNdEx := len(m.ForbiddenSysctls) - 1; iNdEx >= 0; iNdEx-- { i -= len(m.ForbiddenSysctls[iNdEx]) @@ -1773,6 +1813,8 @@ func (m *PodSecurityPolicyReview) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) l = m.Status.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -1818,6 +1860,8 @@ func (m *PodSecurityPolicySelfSubjectReview) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) l = m.Status.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -1842,6 +1886,8 @@ func (m *PodSecurityPolicySubjectReview) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) l = m.Status.Size() n += 1 + l + sovGenerated(uint64(l)) + l = m.ObjectMeta.Size() + n += 1 + l + sovGenerated(uint64(l)) return n } @@ -2042,6 +2088,8 @@ func (m *SecurityContextConstraints) Size() (n int) { n += 2 + l + sovGenerated(uint64(l)) } } + l = len(m.UserNamespaceLevel) + n += 2 + l + sovGenerated(uint64(l)) return n } @@ -2142,6 +2190,7 @@ func (this *PodSecurityPolicyReview) String() string { s := strings.Join([]string{`&PodSecurityPolicyReview{`, `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "PodSecurityPolicyReviewSpec", "PodSecurityPolicyReviewSpec", 1), `&`, ``, 1) + `,`, `Status:` + strings.Replace(strings.Replace(this.Status.String(), "PodSecurityPolicyReviewStatus", "PodSecurityPolicyReviewStatus", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -2151,7 +2200,7 @@ func (this *PodSecurityPolicyReviewSpec) String() string { return "nil" } s := strings.Join([]string{`&PodSecurityPolicyReviewSpec{`, - `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v1.PodTemplateSpec", 1), `&`, ``, 1) + `,`, + `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v11.PodTemplateSpec", 1), `&`, ``, 1) + `,`, `ServiceAccountNames:` + fmt.Sprintf("%v", this.ServiceAccountNames) + `,`, `}`, }, "") @@ -2179,6 +2228,7 @@ func (this *PodSecurityPolicySelfSubjectReview) String() string { s := strings.Join([]string{`&PodSecurityPolicySelfSubjectReview{`, `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "PodSecurityPolicySelfSubjectReviewSpec", "PodSecurityPolicySelfSubjectReviewSpec", 1), `&`, ``, 1) + `,`, `Status:` + strings.Replace(strings.Replace(this.Status.String(), "PodSecurityPolicySubjectReviewStatus", "PodSecurityPolicySubjectReviewStatus", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -2188,7 +2238,7 @@ func (this *PodSecurityPolicySelfSubjectReviewSpec) String() string { return "nil" } s := strings.Join([]string{`&PodSecurityPolicySelfSubjectReviewSpec{`, - `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v1.PodTemplateSpec", 1), `&`, ``, 1) + `,`, + `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v11.PodTemplateSpec", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -2200,6 +2250,7 @@ func (this *PodSecurityPolicySubjectReview) String() string { s := strings.Join([]string{`&PodSecurityPolicySubjectReview{`, `Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "PodSecurityPolicySubjectReviewSpec", "PodSecurityPolicySubjectReviewSpec", 1), `&`, ``, 1) + `,`, `Status:` + strings.Replace(strings.Replace(this.Status.String(), "PodSecurityPolicySubjectReviewStatus", "PodSecurityPolicySubjectReviewStatus", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -2209,7 +2260,7 @@ func (this *PodSecurityPolicySubjectReviewSpec) String() string { return "nil" } s := strings.Join([]string{`&PodSecurityPolicySubjectReviewSpec{`, - `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v1.PodTemplateSpec", 1), `&`, ``, 1) + `,`, + `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v11.PodTemplateSpec", 1), `&`, ``, 1) + `,`, `User:` + fmt.Sprintf("%v", this.User) + `,`, `Groups:` + fmt.Sprintf("%v", this.Groups) + `,`, `}`, @@ -2221,9 +2272,9 @@ func (this *PodSecurityPolicySubjectReviewStatus) String() string { return "nil" } s := strings.Join([]string{`&PodSecurityPolicySubjectReviewStatus{`, - `AllowedBy:` + strings.Replace(fmt.Sprintf("%v", this.AllowedBy), "ObjectReference", "v1.ObjectReference", 1) + `,`, + `AllowedBy:` + strings.Replace(fmt.Sprintf("%v", this.AllowedBy), "ObjectReference", "v11.ObjectReference", 1) + `,`, `Reason:` + fmt.Sprintf("%v", this.Reason) + `,`, - `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v1.PodTemplateSpec", 1), `&`, ``, 1) + `,`, + `Template:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Template), "PodTemplateSpec", "v11.PodTemplateSpec", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -2233,7 +2284,7 @@ func (this *RangeAllocation) String() string { return "nil" } s := strings.Join([]string{`&RangeAllocation{`, - `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v11.ObjectMeta", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `Range:` + fmt.Sprintf("%v", this.Range) + `,`, `Data:` + valueToStringGenerated(this.Data) + `,`, `}`, @@ -2250,7 +2301,7 @@ func (this *RangeAllocationList) String() string { } repeatedStringForItems += "}" s := strings.Join([]string{`&RangeAllocationList{`, - `ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v11.ListMeta", 1), `&`, ``, 1) + `,`, + `ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`, `Items:` + repeatedStringForItems + `,`, `}`, }, "") @@ -2275,7 +2326,7 @@ func (this *SELinuxContextStrategyOptions) String() string { } s := strings.Join([]string{`&SELinuxContextStrategyOptions{`, `Type:` + fmt.Sprintf("%v", this.Type) + `,`, - `SELinuxOptions:` + strings.Replace(fmt.Sprintf("%v", this.SELinuxOptions), "SELinuxOptions", "v1.SELinuxOptions", 1) + `,`, + `SELinuxOptions:` + strings.Replace(fmt.Sprintf("%v", this.SELinuxOptions), "SELinuxOptions", "v11.SELinuxOptions", 1) + `,`, `}`, }, "") return s @@ -2290,7 +2341,7 @@ func (this *SecurityContextConstraints) String() string { } repeatedStringForAllowedFlexVolumes += "}" s := strings.Join([]string{`&SecurityContextConstraints{`, - `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v11.ObjectMeta", 1), `&`, ``, 1) + `,`, + `ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`, `Priority:` + valueToStringGenerated(this.Priority) + `,`, `AllowPrivilegedContainer:` + fmt.Sprintf("%v", this.AllowPrivilegedContainer) + `,`, `DefaultAddCapabilities:` + fmt.Sprintf("%v", this.DefaultAddCapabilities) + `,`, @@ -2315,6 +2366,7 @@ func (this *SecurityContextConstraints) String() string { `AllowPrivilegeEscalation:` + valueToStringGenerated(this.AllowPrivilegeEscalation) + `,`, `AllowedUnsafeSysctls:` + fmt.Sprintf("%v", this.AllowedUnsafeSysctls) + `,`, `ForbiddenSysctls:` + fmt.Sprintf("%v", this.ForbiddenSysctls) + `,`, + `UserNamespaceLevel:` + fmt.Sprintf("%v", this.UserNamespaceLevel) + `,`, `}`, }, "") return s @@ -2329,7 +2381,7 @@ func (this *SecurityContextConstraintsList) String() string { } repeatedStringForItems += "}" s := strings.Join([]string{`&SecurityContextConstraintsList{`, - `ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v11.ListMeta", 1), `&`, ``, 1) + `,`, + `ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`, `Items:` + repeatedStringForItems + `,`, `}`, }, "") @@ -2751,6 +2803,39 @@ func (m *PodSecurityPolicyReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -3066,6 +3151,39 @@ func (m *PodSecurityPolicySelfSubjectReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -3265,6 +3383,39 @@ func (m *PodSecurityPolicySubjectReview) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -3492,7 +3643,7 @@ func (m *PodSecurityPolicySubjectReviewStatus) Unmarshal(dAtA []byte) error { return io.ErrUnexpectedEOF } if m.AllowedBy == nil { - m.AllowedBy = &v1.ObjectReference{} + m.AllowedBy = &v11.ObjectReference{} } if err := m.AllowedBy.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err @@ -4083,7 +4234,7 @@ func (m *SELinuxContextStrategyOptions) Unmarshal(dAtA []byte) error { return io.ErrUnexpectedEOF } if m.SELinuxOptions == nil { - m.SELinuxOptions = &v1.SELinuxOptions{} + m.SELinuxOptions = &v11.SELinuxOptions{} } if err := m.SELinuxOptions.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err @@ -4828,6 +4979,38 @@ func (m *SecurityContextConstraints) Unmarshal(dAtA []byte) error { } m.ForbiddenSysctls = append(m.ForbiddenSysctls, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex + case 26: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field UserNamespaceLevel", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.UserNamespaceLevel = NamespaceLevelType(dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) diff --git a/vendor/github.com/openshift/api/security/v1/generated.proto b/vendor/github.com/openshift/api/security/v1/generated.proto index 0f00758e5b36..84cecdcb6179 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.proto +++ b/vendor/github.com/openshift/api/security/v1/generated.proto @@ -25,6 +25,7 @@ message FSGroupStrategyOptions { // Ranges are the allowed ranges of fs groups. If you would like to force a single // fs group then supply a single range with the same start and end. + // +listType=atomic repeated IDRange ranges = 2; } @@ -43,6 +44,10 @@ message IDRange { // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=2 message PodSecurityPolicyReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 3; + // spec is the PodSecurityPolicy to check. optional PodSecurityPolicyReviewSpec spec = 1; @@ -76,6 +81,10 @@ message PodSecurityPolicyReviewStatus { // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=2 message PodSecurityPolicySelfSubjectReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 3; + // spec defines specification the PodSecurityPolicySelfSubjectReview. optional PodSecurityPolicySelfSubjectReviewSpec spec = 1; @@ -94,6 +103,10 @@ message PodSecurityPolicySelfSubjectReviewSpec { // Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). // +openshift:compatibility-gen:level=2 message PodSecurityPolicySubjectReview { + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 3; + // spec defines specification for the PodSecurityPolicySubjectReview. optional PodSecurityPolicySubjectReviewSpec spec = 1; @@ -232,11 +245,13 @@ message SecurityContextConstraints { // unless the pod spec specifically drops the capability. You may not list a capabiility in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable + // +listType=atomic repeated string defaultAddCapabilities = 4; // RequiredDropCapabilities are the capabilities that will be dropped from the container. These // are required to be dropped and cannot be added. // +nullable + // +listType=atomic repeated string requiredDropCapabilities = 5; // AllowedCapabilities is a list of capabilities that can be requested to add to the container. @@ -244,6 +259,7 @@ message SecurityContextConstraints { // You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. // To allow all capabilities you may use '*'. // +nullable + // +listType=atomic repeated string allowedCapabilities = 6; // AllowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin @@ -254,6 +270,7 @@ message SecurityContextConstraints { // of a VolumeSource (azureFile, configMap, emptyDir). To allow all volumes you may use "*". // To allow no volumes, set to ["none"]. // +nullable + // +listType=atomic repeated string volumes = 8; // AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all @@ -261,6 +278,7 @@ message SecurityContextConstraints { // is allowed in the "Volumes" field. // +optional // +nullable + // +listType=atomic repeated AllowedFlexVolume allowedFlexVolumes = 21; // AllowHostNetwork determines if the policy allows the use of HostNetwork in the pod spec. @@ -275,6 +293,18 @@ message SecurityContextConstraints { // AllowHostIPC determines if the policy allows host ipc in the containers. optional bool allowHostIPC = 12; + // userNamespaceLevel determines if the policy allows host users in containers. + // Valid values are "AllowHostLevel", "RequirePodLevel", and omitted. + // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. + // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. + // When omitted, the default value is "AllowHostLevel". + // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards + // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" + // +kubebuilder:default:="AllowHostLevel" + // +default="AllowHostLevel" + // +optional + optional string userNamespaceLevel = 26; + // DefaultAllowPrivilegeEscalation controls the default setting for whether a // process can gain more privileges than its parent process. // +optional @@ -313,11 +343,13 @@ message SecurityContextConstraints { // The users who have permissions to use this security context constraints // +optional // +nullable + // +listType=atomic repeated string users = 18; // The groups that have permission to use this security context constraints // +optional // +nullable + // +listType=atomic repeated string groups = 19; // SeccompProfiles lists the allowed profiles that may be set for the pod or @@ -326,6 +358,7 @@ message SecurityContextConstraints { // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable + // +listType=atomic repeated string seccompProfiles = 20; // AllowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. @@ -338,6 +371,7 @@ message SecurityContextConstraints { // e.g. "foo.*" allows "foo.bar", "foo.baz", etc. // +optional // +nullable + // +listType=atomic repeated string allowedUnsafeSysctls = 24; // ForbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. @@ -349,6 +383,7 @@ message SecurityContextConstraints { // e.g. "foo.*" forbids "foo.bar", "foo.baz", etc. // +optional // +nullable + // +listType=atomic repeated string forbiddenSysctls = 25; } @@ -380,6 +415,7 @@ message SupplementalGroupsStrategyOptions { // Ranges are the allowed ranges of supplemental groups. If you would like to force a single // supplemental group then supply a single range with the same start and end. + // +listType=atomic repeated IDRange ranges = 2; } diff --git a/vendor/github.com/openshift/api/security/v1/types.go b/vendor/github.com/openshift/api/security/v1/types.go index 44db1cdd39a0..1b88f76fe57a 100644 --- a/vendor/github.com/openshift/api/security/v1/types.go +++ b/vendor/github.com/openshift/api/security/v1/types.go @@ -60,16 +60,19 @@ type SecurityContextConstraints struct { // unless the pod spec specifically drops the capability. You may not list a capabiility in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable + // +listType=atomic DefaultAddCapabilities []corev1.Capability `json:"defaultAddCapabilities" protobuf:"bytes,4,rep,name=defaultAddCapabilities,casttype=Capability"` // RequiredDropCapabilities are the capabilities that will be dropped from the container. These // are required to be dropped and cannot be added. // +nullable + // +listType=atomic RequiredDropCapabilities []corev1.Capability `json:"requiredDropCapabilities" protobuf:"bytes,5,rep,name=requiredDropCapabilities,casttype=Capability"` // AllowedCapabilities is a list of capabilities that can be requested to add to the container. // Capabilities in this field maybe added at the pod author's discretion. // You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. // To allow all capabilities you may use '*'. // +nullable + // +listType=atomic AllowedCapabilities []corev1.Capability `json:"allowedCapabilities" protobuf:"bytes,6,rep,name=allowedCapabilities,casttype=Capability"` // AllowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin // +k8s:conversion-gen=false @@ -78,12 +81,14 @@ type SecurityContextConstraints struct { // of a VolumeSource (azureFile, configMap, emptyDir). To allow all volumes you may use "*". // To allow no volumes, set to ["none"]. // +nullable + // +listType=atomic Volumes []FSType `json:"volumes" protobuf:"bytes,8,rep,name=volumes,casttype=FSType"` // AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all // Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes // is allowed in the "Volumes" field. // +optional // +nullable + // +listType=atomic AllowedFlexVolumes []AllowedFlexVolume `json:"allowedFlexVolumes,omitempty" protobuf:"bytes,21,rep,name=allowedFlexVolumes"` // AllowHostNetwork determines if the policy allows the use of HostNetwork in the pod spec. AllowHostNetwork bool `json:"allowHostNetwork" protobuf:"varint,9,opt,name=allowHostNetwork"` @@ -93,6 +98,17 @@ type SecurityContextConstraints struct { AllowHostPID bool `json:"allowHostPID" protobuf:"varint,11,opt,name=allowHostPID"` // AllowHostIPC determines if the policy allows host ipc in the containers. AllowHostIPC bool `json:"allowHostIPC" protobuf:"varint,12,opt,name=allowHostIPC"` + // userNamespaceLevel determines if the policy allows host users in containers. + // Valid values are "AllowHostLevel", "RequirePodLevel", and omitted. + // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. + // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. + // When omitted, the default value is "AllowHostLevel". + // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards + // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" + // +kubebuilder:default:="AllowHostLevel" + // +default="AllowHostLevel" + // +optional + UserNamespaceLevel NamespaceLevelType `json:"userNamespaceLevel,omitempty" protobuf:"bytes,26,opt,name=userNamespaceLevel"` // DefaultAllowPrivilegeEscalation controls the default setting for whether a // process can gain more privileges than its parent process. // +optional @@ -125,10 +141,12 @@ type SecurityContextConstraints struct { // The users who have permissions to use this security context constraints // +optional // +nullable + // +listType=atomic Users []string `json:"users" protobuf:"bytes,18,rep,name=users"` // The groups that have permission to use this security context constraints // +optional // +nullable + // +listType=atomic Groups []string `json:"groups" protobuf:"bytes,19,rep,name=groups"` // SeccompProfiles lists the allowed profiles that may be set for the pod or @@ -137,6 +155,7 @@ type SecurityContextConstraints struct { // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable + // +listType=atomic SeccompProfiles []string `json:"seccompProfiles,omitempty" protobuf:"bytes,20,opt,name=seccompProfiles"` // AllowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. @@ -149,6 +168,7 @@ type SecurityContextConstraints struct { // e.g. "foo.*" allows "foo.bar", "foo.baz", etc. // +optional // +nullable + // +listType=atomic AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls,omitempty" protobuf:"bytes,24,rep,name=allowedUnsafeSysctls"` // ForbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. // Each entry is either a plain sysctl name or ends in "*" in which case it is considered @@ -159,6 +179,7 @@ type SecurityContextConstraints struct { // e.g. "foo.*" forbids "foo.bar", "foo.baz", etc. // +optional // +nullable + // +listType=atomic ForbiddenSysctls []string `json:"forbiddenSysctls,omitempty" protobuf:"bytes,25,rep,name=forbiddenSysctls"` } @@ -232,6 +253,7 @@ type FSGroupStrategyOptions struct { Type FSGroupStrategyType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type,casttype=FSGroupStrategyType"` // Ranges are the allowed ranges of fs groups. If you would like to force a single // fs group then supply a single range with the same start and end. + // +listType=atomic Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"` } @@ -241,6 +263,7 @@ type SupplementalGroupsStrategyOptions struct { Type SupplementalGroupsStrategyType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type,casttype=SupplementalGroupsStrategyType"` // Ranges are the allowed ranges of supplemental groups. If you would like to force a single // supplemental group then supply a single range with the same start and end. + // +listType=atomic Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"` } @@ -253,6 +276,9 @@ type IDRange struct { Max int64 `json:"max,omitempty" protobuf:"varint,2,opt,name=max"` } +// NamespaceLevelType shows the allowable values for the UserNamespaceLevel field. +type NamespaceLevelType string + // SELinuxContextStrategyType denotes strategy types for generating SELinux options for a // SecurityContext type SELinuxContextStrategyType string @@ -270,6 +296,11 @@ type SupplementalGroupsStrategyType string type FSGroupStrategyType string const ( + // NamespaceLevelAllowHost allows a pod to set `hostUsers` field to either `true` or `false` + NamespaceLevelAllowHost NamespaceLevelType = "AllowHostLevel" + // NamespaceLevelRequirePod requires the `hostUsers` field be `false` in a pod. + NamespaceLevelRequirePod NamespaceLevelType = "RequirePodLevel" + // container must have SELinux labels of X applied. SELinuxStrategyMustRunAs SELinuxContextStrategyType = "MustRunAs" // container may make requests for any SELinux context labels. @@ -323,6 +354,10 @@ type SecurityContextConstraintsList struct { type PodSecurityPolicySubjectReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,3,opt,name=metadata"` + // spec defines specification for the PodSecurityPolicySubjectReview. Spec PodSecurityPolicySubjectReviewSpec `json:"spec" protobuf:"bytes,1,opt,name=spec"` @@ -372,6 +407,10 @@ type PodSecurityPolicySubjectReviewStatus struct { type PodSecurityPolicySelfSubjectReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,3,opt,name=metadata"` + // spec defines specification the PodSecurityPolicySelfSubjectReview. Spec PodSecurityPolicySelfSubjectReviewSpec `json:"spec" protobuf:"bytes,1,opt,name=spec"` @@ -396,6 +435,10 @@ type PodSecurityPolicySelfSubjectReviewSpec struct { type PodSecurityPolicyReview struct { metav1.TypeMeta `json:",inline"` + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,3,opt,name=metadata"` + // spec is the PodSecurityPolicy to check. Spec PodSecurityPolicyReviewSpec `json:"spec" protobuf:"bytes,1,opt,name=spec"` diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/security/v1/zz_generated.deepcopy.go index 26c88f7de8b9..66e8b5a21cde 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.deepcopy.go @@ -67,6 +67,7 @@ func (in *IDRange) DeepCopy() *IDRange { func (in *PodSecurityPolicyReview) DeepCopyInto(out *PodSecurityPolicyReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) return @@ -139,6 +140,7 @@ func (in *PodSecurityPolicyReviewStatus) DeepCopy() *PodSecurityPolicyReviewStat func (in *PodSecurityPolicySelfSubjectReview) DeepCopyInto(out *PodSecurityPolicySelfSubjectReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) return @@ -183,6 +185,7 @@ func (in *PodSecurityPolicySelfSubjectReviewSpec) DeepCopy() *PodSecurityPolicyS func (in *PodSecurityPolicySubjectReview) DeepCopyInto(out *PodSecurityPolicySubjectReview) { *out = *in out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) return diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml index 86f78058a24e..178c97078011 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,7 +5,8 @@ securitycontextconstraints.security.openshift.io: CRDName: securitycontextconstraints.security.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - UserNamespacesPodSecurityStandards FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_03" diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go index a72b8ecf0880..2f242366a8cd 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go @@ -41,9 +41,10 @@ func (IDRange) SwaggerDoc() map[string]string { } var map_PodSecurityPolicyReview = map[string]string{ - "": "PodSecurityPolicyReview checks which service accounts (not users, since that would be cluster-wide) can create the `PodTemplateSpec` in question.\n\nCompatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", - "spec": "spec is the PodSecurityPolicy to check.", - "status": "status represents the current information/status for the PodSecurityPolicyReview.", + "": "PodSecurityPolicyReview checks which service accounts (not users, since that would be cluster-wide) can create the `PodTemplateSpec` in question.\n\nCompatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec is the PodSecurityPolicy to check.", + "status": "status represents the current information/status for the PodSecurityPolicyReview.", } func (PodSecurityPolicyReview) SwaggerDoc() map[string]string { @@ -70,9 +71,10 @@ func (PodSecurityPolicyReviewStatus) SwaggerDoc() map[string]string { } var map_PodSecurityPolicySelfSubjectReview = map[string]string{ - "": "PodSecurityPolicySelfSubjectReview checks whether this user/SA tuple can create the PodTemplateSpec\n\nCompatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", - "spec": "spec defines specification the PodSecurityPolicySelfSubjectReview.", - "status": "status represents the current information/status for the PodSecurityPolicySelfSubjectReview.", + "": "PodSecurityPolicySelfSubjectReview checks whether this user/SA tuple can create the PodTemplateSpec\n\nCompatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines specification the PodSecurityPolicySelfSubjectReview.", + "status": "status represents the current information/status for the PodSecurityPolicySelfSubjectReview.", } func (PodSecurityPolicySelfSubjectReview) SwaggerDoc() map[string]string { @@ -89,9 +91,10 @@ func (PodSecurityPolicySelfSubjectReviewSpec) SwaggerDoc() map[string]string { } var map_PodSecurityPolicySubjectReview = map[string]string{ - "": "PodSecurityPolicySubjectReview checks whether a particular user/SA tuple can create the PodTemplateSpec.\n\nCompatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", - "spec": "spec defines specification for the PodSecurityPolicySubjectReview.", - "status": "status represents the current information/status for the PodSecurityPolicySubjectReview.", + "": "PodSecurityPolicySubjectReview checks whether a particular user/SA tuple can create the PodTemplateSpec.\n\nCompatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines specification for the PodSecurityPolicySubjectReview.", + "status": "status represents the current information/status for the PodSecurityPolicySubjectReview.", } func (PodSecurityPolicySubjectReview) SwaggerDoc() map[string]string { @@ -178,6 +181,7 @@ var map_SecurityContextConstraints = map[string]string{ "allowHostPorts": "AllowHostPorts determines if the policy allows host ports in the containers.", "allowHostPID": "AllowHostPID determines if the policy allows host pid in the containers.", "allowHostIPC": "AllowHostIPC determines if the policy allows host ipc in the containers.", + "userNamespaceLevel": "userNamespaceLevel determines if the policy allows host users in containers. Valid values are \"AllowHostLevel\", \"RequirePodLevel\", and omitted. When \"AllowHostLevel\" is set, a pod author may set `hostUsers` to either `true` or `false`. When \"RequirePodLevel\" is set, a pod author must set `hostUsers` to `false`. When omitted, the default value is \"AllowHostLevel\".", "defaultAllowPrivilegeEscalation": "DefaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.", "allowPrivilegeEscalation": "AllowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.", "seLinuxContext": "SELinuxContext is the strategy that will dictate what labels will be set in the SecurityContext.", diff --git a/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sysctl/mustmatchpatterns.go b/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sysctl/mustmatchpatterns.go index 2c9b9e5b0f43..4a67b043c50d 100644 --- a/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sysctl/mustmatchpatterns.go +++ b/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sysctl/mustmatchpatterns.go @@ -36,6 +36,10 @@ func SafeSysctlAllowlist() []string { "net.ipv4.tcp_syncookies", "net.ipv4.ping_group_range", "net.ipv4.ip_unprivileged_port_start", + "net.ipv4.tcp_keepalive_time", + "net.ipv4.tcp_fin_timeout", + "net.ipv4.tcp_keepalive_intvl", + "net.ipv4.tcp_keepalive_probes", } } diff --git a/vendor/github.com/openshift/client-go/authorization/applyconfigurations/authorization/v1/action.go b/vendor/github.com/openshift/client-go/authorization/applyconfigurations/authorization/v1/action.go deleted file mode 100644 index 66c50ad6acd0..000000000000 --- a/vendor/github.com/openshift/client-go/authorization/applyconfigurations/authorization/v1/action.go +++ /dev/null @@ -1,99 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// ActionApplyConfiguration represents an declarative configuration of the Action type for use -// with apply. -type ActionApplyConfiguration struct { - Namespace *string `json:"namespace,omitempty"` - Verb *string `json:"verb,omitempty"` - Group *string `json:"resourceAPIGroup,omitempty"` - Version *string `json:"resourceAPIVersion,omitempty"` - Resource *string `json:"resource,omitempty"` - ResourceName *string `json:"resourceName,omitempty"` - Path *string `json:"path,omitempty"` - IsNonResourceURL *bool `json:"isNonResourceURL,omitempty"` - Content *runtime.RawExtension `json:"content,omitempty"` -} - -// ActionApplyConfiguration constructs an declarative configuration of the Action type for use with -// apply. -func Action() *ActionApplyConfiguration { - return &ActionApplyConfiguration{} -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithNamespace(value string) *ActionApplyConfiguration { - b.Namespace = &value - return b -} - -// WithVerb sets the Verb field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Verb field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithVerb(value string) *ActionApplyConfiguration { - b.Verb = &value - return b -} - -// WithGroup sets the Group field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Group field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithGroup(value string) *ActionApplyConfiguration { - b.Group = &value - return b -} - -// WithVersion sets the Version field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Version field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithVersion(value string) *ActionApplyConfiguration { - b.Version = &value - return b -} - -// WithResource sets the Resource field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Resource field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithResource(value string) *ActionApplyConfiguration { - b.Resource = &value - return b -} - -// WithResourceName sets the ResourceName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceName field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithResourceName(value string) *ActionApplyConfiguration { - b.ResourceName = &value - return b -} - -// WithPath sets the Path field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Path field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithPath(value string) *ActionApplyConfiguration { - b.Path = &value - return b -} - -// WithIsNonResourceURL sets the IsNonResourceURL field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the IsNonResourceURL field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithIsNonResourceURL(value bool) *ActionApplyConfiguration { - b.IsNonResourceURL = &value - return b -} - -// WithContent sets the Content field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Content field is set to the value of the last call. -func (b *ActionApplyConfiguration) WithContent(value runtime.RawExtension) *ActionApplyConfiguration { - b.Content = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go index 17adef2168fe..0e158621849a 100644 --- a/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/authorization/applyconfigurations/internal/internal.go @@ -95,112 +95,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector elementRelationship: atomic -- name: com.github.openshift.api.authorization.v1.LocalResourceAccessReview - map: - fields: - - name: apiVersion - type: - scalar: string - - name: content - type: - namedType: __untyped_atomic_ - default: {} - - name: isNonResourceURL - type: - scalar: boolean - default: false - - name: kind - type: - scalar: string - - name: namespace - type: - scalar: string - default: "" - - name: path - type: - scalar: string - default: "" - - name: resource - type: - scalar: string - default: "" - - name: resourceAPIGroup - type: - scalar: string - default: "" - - name: resourceAPIVersion - type: - scalar: string - default: "" - - name: resourceName - type: - scalar: string - default: "" - - name: verb - type: - scalar: string - default: "" -- name: com.github.openshift.api.authorization.v1.LocalSubjectAccessReview - map: - fields: - - name: apiVersion - type: - scalar: string - - name: content - type: - namedType: __untyped_atomic_ - default: {} - - name: groups - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: isNonResourceURL - type: - scalar: boolean - default: false - - name: kind - type: - scalar: string - - name: namespace - type: - scalar: string - default: "" - - name: path - type: - scalar: string - default: "" - - name: resource - type: - scalar: string - default: "" - - name: resourceAPIGroup - type: - scalar: string - default: "" - - name: resourceAPIVersion - type: - scalar: string - default: "" - - name: resourceName - type: - scalar: string - default: "" - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: user - type: - scalar: string - default: "" - - name: verb - type: - scalar: string - default: "" - name: com.github.openshift.api.authorization.v1.PolicyRule map: fields: @@ -238,51 +132,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic -- name: com.github.openshift.api.authorization.v1.ResourceAccessReview - map: - fields: - - name: apiVersion - type: - scalar: string - - name: content - type: - namedType: __untyped_atomic_ - default: {} - - name: isNonResourceURL - type: - scalar: boolean - default: false - - name: kind - type: - scalar: string - - name: namespace - type: - scalar: string - default: "" - - name: path - type: - scalar: string - default: "" - - name: resource - type: - scalar: string - default: "" - - name: resourceAPIGroup - type: - scalar: string - default: "" - - name: resourceAPIVersion - type: - scalar: string - default: "" - - name: resourceName - type: - scalar: string - default: "" - - name: verb - type: - scalar: string - default: "" - name: com.github.openshift.api.authorization.v1.Role map: fields: @@ -392,67 +241,6 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: com.github.openshift.api.authorization.v1.ServiceAccountReference elementRelationship: atomic -- name: com.github.openshift.api.authorization.v1.SubjectAccessReview - map: - fields: - - name: apiVersion - type: - scalar: string - - name: content - type: - namedType: __untyped_atomic_ - default: {} - - name: groups - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: isNonResourceURL - type: - scalar: boolean - default: false - - name: kind - type: - scalar: string - - name: namespace - type: - scalar: string - default: "" - - name: path - type: - scalar: string - default: "" - - name: resource - type: - scalar: string - default: "" - - name: resourceAPIGroup - type: - scalar: string - default: "" - - name: resourceAPIVersion - type: - scalar: string - default: "" - - name: resourceName - type: - scalar: string - default: "" - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: user - type: - scalar: string - default: "" - - name: verb - type: - scalar: string - default: "" - name: com.github.openshift.api.authorization.v1.UserRestriction map: fields: diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go index 10e80e77fae9..48541b72cad1 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagespec.go @@ -2,6 +2,10 @@ package v1 +import ( + configv1 "github.com/openshift/api/config/v1" +) + // ImageSpecApplyConfiguration represents an declarative configuration of the ImageSpec type for use // with apply. type ImageSpecApplyConfiguration struct { @@ -9,6 +13,7 @@ type ImageSpecApplyConfiguration struct { ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` AdditionalTrustedCA *ConfigMapNameReferenceApplyConfiguration `json:"additionalTrustedCA,omitempty"` RegistrySources *RegistrySourcesApplyConfiguration `json:"registrySources,omitempty"` + ImageStreamImportMode *configv1.ImportModeType `json:"imageStreamImportMode,omitempty"` } // ImageSpecApplyConfiguration constructs an declarative configuration of the ImageSpec type for use with @@ -55,3 +60,11 @@ func (b *ImageSpecApplyConfiguration) WithRegistrySources(value *RegistrySources b.RegistrySources = value return b } + +// WithImageStreamImportMode sets the ImageStreamImportMode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ImageStreamImportMode field is set to the value of the last call. +func (b *ImageSpecApplyConfiguration) WithImageStreamImportMode(value configv1.ImportModeType) *ImageSpecApplyConfiguration { + b.ImageStreamImportMode = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go index 38c90271a1d1..3c2aec6129d2 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/imagestatus.go @@ -2,11 +2,16 @@ package v1 +import ( + v1 "github.com/openshift/api/config/v1" +) + // ImageStatusApplyConfiguration represents an declarative configuration of the ImageStatus type for use // with apply. type ImageStatusApplyConfiguration struct { - InternalRegistryHostname *string `json:"internalRegistryHostname,omitempty"` - ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` + InternalRegistryHostname *string `json:"internalRegistryHostname,omitempty"` + ExternalRegistryHostnames []string `json:"externalRegistryHostnames,omitempty"` + ImageStreamImportMode *v1.ImportModeType `json:"imageStreamImportMode,omitempty"` } // ImageStatusApplyConfiguration constructs an declarative configuration of the ImageStatus type for use with @@ -32,3 +37,11 @@ func (b *ImageStatusApplyConfiguration) WithExternalRegistryHostnames(values ... } return b } + +// WithImageStreamImportMode sets the ImageStreamImportMode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ImageStreamImportMode field is set to the value of the last call. +func (b *ImageStatusApplyConfiguration) WithImageStreamImportMode(value v1.ImportModeType) *ImageStatusApplyConfiguration { + b.ImageStreamImportMode = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go index a407a9e45040..0dd12da2be95 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/node.go @@ -16,8 +16,8 @@ import ( type NodeApplyConfiguration struct { v1.TypeMetaApplyConfiguration `json:",inline"` *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - Spec *NodeSpecApplyConfiguration `json:"spec,omitempty"` - Status *apiconfigv1.NodeStatus `json:"status,omitempty"` + Spec *NodeSpecApplyConfiguration `json:"spec,omitempty"` + Status *NodeStatusApplyConfiguration `json:"status,omitempty"` } // Node constructs an declarative configuration of the Node type for use with @@ -234,7 +234,7 @@ func (b *NodeApplyConfiguration) WithSpec(value *NodeSpecApplyConfiguration) *No // WithStatus sets the Status field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Status field is set to the value of the last call. -func (b *NodeApplyConfiguration) WithStatus(value apiconfigv1.NodeStatus) *NodeApplyConfiguration { - b.Status = &value +func (b *NodeApplyConfiguration) WithStatus(value *NodeStatusApplyConfiguration) *NodeApplyConfiguration { + b.Status = value return b } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go new file mode 100644 index 000000000000..8f2f4861eec7 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/nodestatus.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "k8s.io/client-go/applyconfigurations/meta/v1" +) + +// NodeStatusApplyConfiguration represents an declarative configuration of the NodeStatus type for use +// with apply. +type NodeStatusApplyConfiguration struct { + Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` +} + +// NodeStatusApplyConfiguration constructs an declarative configuration of the NodeStatus type for use with +// apply. +func NodeStatus() *NodeStatusApplyConfiguration { + return &NodeStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *NodeStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *NodeStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.Conditions = append(b.Conditions, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go index fc70cbc32027..e8ea2f569ced 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go @@ -1621,6 +1621,10 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic + - name: imageStreamImportMode + type: + scalar: string + default: "" - name: registrySources type: namedType: com.github.openshift.api.config.v1.RegistrySources @@ -1634,6 +1638,9 @@ var schemaYAML = typed.YAMLObject(`types: elementType: scalar: string elementRelationship: atomic + - name: imageStreamImportMode + type: + scalar: string - name: internalRegistryHostname type: scalar: string @@ -2167,16 +2174,15 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: com.github.openshift.api.config.v1.NodeStatus map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable + fields: + - name: conditions + type: + list: + elementType: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + elementRelationship: associative + keys: + - type - name: com.github.openshift.api.config.v1.NutanixFailureDomain map: fields: diff --git a/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go index f7abb41cc498..7eabff7895f7 100644 --- a/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/machine/applyconfigurations/internal/internal.go @@ -517,6 +517,14 @@ var schemaYAML = typed.YAMLObject(`types: - name: availableReplicas type: scalar: numeric + - name: conditions + type: + list: + elementType: + namedType: com.github.openshift.api.machine.v1beta1.Condition + elementRelationship: associative + keys: + - type - name: errorMessage type: scalar: string diff --git a/vendor/github.com/openshift/client-go/machine/applyconfigurations/machine/v1beta1/machinesetstatus.go b/vendor/github.com/openshift/client-go/machine/applyconfigurations/machine/v1beta1/machinesetstatus.go index 2b9299a63cb2..cdcbeaabc20b 100644 --- a/vendor/github.com/openshift/client-go/machine/applyconfigurations/machine/v1beta1/machinesetstatus.go +++ b/vendor/github.com/openshift/client-go/machine/applyconfigurations/machine/v1beta1/machinesetstatus.go @@ -16,6 +16,7 @@ type MachineSetStatusApplyConfiguration struct { ObservedGeneration *int64 `json:"observedGeneration,omitempty"` ErrorReason *v1beta1.MachineSetStatusError `json:"errorReason,omitempty"` ErrorMessage *string `json:"errorMessage,omitempty"` + Conditions []ConditionApplyConfiguration `json:"conditions,omitempty"` AuthoritativeAPI *v1beta1.MachineAuthority `json:"authoritativeAPI,omitempty"` SynchronizedGeneration *int64 `json:"synchronizedGeneration,omitempty"` } @@ -82,6 +83,19 @@ func (b *MachineSetStatusApplyConfiguration) WithErrorMessage(value string) *Mac return b } +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *MachineSetStatusApplyConfiguration) WithConditions(values ...*ConditionApplyConfiguration) *MachineSetStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.Conditions = append(b.Conditions, *values[i]) + } + return b +} + // WithAuthoritativeAPI sets the AuthoritativeAPI field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the AuthoritativeAPI field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go index 942b4b3f5a53..92d4b064142c 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go @@ -142,6 +142,9 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.operator.v1.AWSCSIDriverConfigSpec map: fields: + - name: efsVolumeMetrics + type: + namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics - name: kmsKeyARN type: scalar: string @@ -151,6 +154,33 @@ var schemaYAML = typed.YAMLObject(`types: - name: connectionIdleTimeout type: namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + - name: subnets + type: + namedType: com.github.openshift.api.operator.v1.AWSSubnets +- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + map: + fields: + - name: recursiveWalk + type: + namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + - name: state + type: + scalar: string + default: "" + unions: + - discriminator: state + fields: + - fieldName: recursiveWalk + discriminatorValue: RecursiveWalk +- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + map: + fields: + - name: fsRateLimit + type: + scalar: numeric + - name: refreshPeriodMinutes + type: + scalar: numeric - name: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters map: fields: @@ -173,16 +203,31 @@ var schemaYAML = typed.YAMLObject(`types: discriminatorValue: NetworkLoadBalancerParameters - name: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable + fields: + - name: eipAllocations + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: subnets + type: + namedType: com.github.openshift.api.operator.v1.AWSSubnets +- name: com.github.openshift.api.operator.v1.AWSSubnets + map: + fields: + - name: ids + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: names + type: + list: + elementType: + scalar: string + elementRelationship: atomic - name: com.github.openshift.api.operator.v1.AccessLogging map: fields: @@ -235,6 +280,15 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.operator.v1.AdditionalRoutingCapabilities + map: + fields: + - name: providers + type: + list: + elementType: + scalar: string + elementRelationship: atomic - name: com.github.openshift.api.operator.v1.Authentication map: fields: @@ -433,6 +487,26 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string +- name: com.github.openshift.api.operator.v1.Capability + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: visibility + type: + namedType: com.github.openshift.api.operator.v1.CapabilityVisibility + default: {} +- name: com.github.openshift.api.operator.v1.CapabilityVisibility + map: + fields: + - name: state + type: + scalar: string + default: "" + unions: + - discriminator: state - name: com.github.openshift.api.operator.v1.ClientTLS map: fields: @@ -719,6 +793,14 @@ var schemaYAML = typed.YAMLObject(`types: - name: brand type: scalar: string + - name: capabilities + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.Capability + elementRelationship: associative + keys: + - name - name: customLogoFile type: namedType: com.github.openshift.api.config.v1.ConfigMapFileReference @@ -1697,7 +1779,9 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: atomic + elementRelationship: associative + keys: + - type - name: domain type: scalar: string @@ -2428,7 +2512,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: mode type: scalar: string - default: "" - name: mtu type: namedType: com.github.openshift.api.operator.v1.MTUMigration @@ -2443,7 +2526,12 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition - elementRelationship: atomic + elementRelationship: associative + keys: + - name + - name: additionalRoutingCapabilities + type: + namedType: com.github.openshift.api.operator.v1.AdditionalRoutingCapabilities - name: clusterNetwork type: list: @@ -2782,6 +2870,9 @@ var schemaYAML = typed.YAMLObject(`types: - name: policyAuditConfig type: namedType: com.github.openshift.api.operator.v1.PolicyAuditConfig + - name: routeAdvertisements + type: + scalar: string - name: v4InternalSubnet type: scalar: string diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/additionalroutingcapabilities.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/additionalroutingcapabilities.go new file mode 100644 index 000000000000..1db61d87f22e --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/additionalroutingcapabilities.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/operator/v1" +) + +// AdditionalRoutingCapabilitiesApplyConfiguration represents an declarative configuration of the AdditionalRoutingCapabilities type for use +// with apply. +type AdditionalRoutingCapabilitiesApplyConfiguration struct { + Providers []v1.RoutingCapabilitiesProvider `json:"providers,omitempty"` +} + +// AdditionalRoutingCapabilitiesApplyConfiguration constructs an declarative configuration of the AdditionalRoutingCapabilities type for use with +// apply. +func AdditionalRoutingCapabilities() *AdditionalRoutingCapabilitiesApplyConfiguration { + return &AdditionalRoutingCapabilitiesApplyConfiguration{} +} + +// WithProviders adds the given value to the Providers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Providers field. +func (b *AdditionalRoutingCapabilitiesApplyConfiguration) WithProviders(values ...v1.RoutingCapabilitiesProvider) *AdditionalRoutingCapabilitiesApplyConfiguration { + for i := range values { + b.Providers = append(b.Providers, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsclassicloadbalancerparameters.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsclassicloadbalancerparameters.go index 8a0d2c2a62d9..892fe581439d 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsclassicloadbalancerparameters.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsclassicloadbalancerparameters.go @@ -9,7 +9,8 @@ import ( // AWSClassicLoadBalancerParametersApplyConfiguration represents an declarative configuration of the AWSClassicLoadBalancerParameters type for use // with apply. type AWSClassicLoadBalancerParametersApplyConfiguration struct { - ConnectionIdleTimeout *v1.Duration `json:"connectionIdleTimeout,omitempty"` + ConnectionIdleTimeout *v1.Duration `json:"connectionIdleTimeout,omitempty"` + Subnets *AWSSubnetsApplyConfiguration `json:"subnets,omitempty"` } // AWSClassicLoadBalancerParametersApplyConfiguration constructs an declarative configuration of the AWSClassicLoadBalancerParameters type for use with @@ -25,3 +26,11 @@ func (b *AWSClassicLoadBalancerParametersApplyConfiguration) WithConnectionIdleT b.ConnectionIdleTimeout = &value return b } + +// WithSubnets sets the Subnets field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Subnets field is set to the value of the last call. +func (b *AWSClassicLoadBalancerParametersApplyConfiguration) WithSubnets(value *AWSSubnetsApplyConfiguration) *AWSClassicLoadBalancerParametersApplyConfiguration { + b.Subnets = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go index 7a4fa7ab3aeb..f9384b54f4c9 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go @@ -5,7 +5,8 @@ package v1 // AWSCSIDriverConfigSpecApplyConfiguration represents an declarative configuration of the AWSCSIDriverConfigSpec type for use // with apply. type AWSCSIDriverConfigSpecApplyConfiguration struct { - KMSKeyARN *string `json:"kmsKeyARN,omitempty"` + KMSKeyARN *string `json:"kmsKeyARN,omitempty"` + EFSVolumeMetrics *AWSEFSVolumeMetricsApplyConfiguration `json:"efsVolumeMetrics,omitempty"` } // AWSCSIDriverConfigSpecApplyConfiguration constructs an declarative configuration of the AWSCSIDriverConfigSpec type for use with @@ -21,3 +22,11 @@ func (b *AWSCSIDriverConfigSpecApplyConfiguration) WithKMSKeyARN(value string) * b.KMSKeyARN = &value return b } + +// WithEFSVolumeMetrics sets the EFSVolumeMetrics field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EFSVolumeMetrics field is set to the value of the last call. +func (b *AWSCSIDriverConfigSpecApplyConfiguration) WithEFSVolumeMetrics(value *AWSEFSVolumeMetricsApplyConfiguration) *AWSCSIDriverConfigSpecApplyConfiguration { + b.EFSVolumeMetrics = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsefsvolumemetrics.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsefsvolumemetrics.go new file mode 100644 index 000000000000..1cdeb76f03c0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsefsvolumemetrics.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/operator/v1" +) + +// AWSEFSVolumeMetricsApplyConfiguration represents an declarative configuration of the AWSEFSVolumeMetrics type for use +// with apply. +type AWSEFSVolumeMetricsApplyConfiguration struct { + State *v1.AWSEFSVolumeMetricsState `json:"state,omitempty"` + RecursiveWalk *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration `json:"recursiveWalk,omitempty"` +} + +// AWSEFSVolumeMetricsApplyConfiguration constructs an declarative configuration of the AWSEFSVolumeMetrics type for use with +// apply. +func AWSEFSVolumeMetrics() *AWSEFSVolumeMetricsApplyConfiguration { + return &AWSEFSVolumeMetricsApplyConfiguration{} +} + +// WithState sets the State field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the State field is set to the value of the last call. +func (b *AWSEFSVolumeMetricsApplyConfiguration) WithState(value v1.AWSEFSVolumeMetricsState) *AWSEFSVolumeMetricsApplyConfiguration { + b.State = &value + return b +} + +// WithRecursiveWalk sets the RecursiveWalk field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RecursiveWalk field is set to the value of the last call. +func (b *AWSEFSVolumeMetricsApplyConfiguration) WithRecursiveWalk(value *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration) *AWSEFSVolumeMetricsApplyConfiguration { + b.RecursiveWalk = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsefsvolumemetricsrecursivewalkconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsefsvolumemetricsrecursivewalkconfig.go new file mode 100644 index 000000000000..93c04827acbe --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsefsvolumemetricsrecursivewalkconfig.go @@ -0,0 +1,32 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration represents an declarative configuration of the AWSEFSVolumeMetricsRecursiveWalkConfig type for use +// with apply. +type AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration struct { + RefreshPeriodMinutes *int32 `json:"refreshPeriodMinutes,omitempty"` + FSRateLimit *int32 `json:"fsRateLimit,omitempty"` +} + +// AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration constructs an declarative configuration of the AWSEFSVolumeMetricsRecursiveWalkConfig type for use with +// apply. +func AWSEFSVolumeMetricsRecursiveWalkConfig() *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration { + return &AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration{} +} + +// WithRefreshPeriodMinutes sets the RefreshPeriodMinutes field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RefreshPeriodMinutes field is set to the value of the last call. +func (b *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration) WithRefreshPeriodMinutes(value int32) *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration { + b.RefreshPeriodMinutes = &value + return b +} + +// WithFSRateLimit sets the FSRateLimit field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the FSRateLimit field is set to the value of the last call. +func (b *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration) WithFSRateLimit(value int32) *AWSEFSVolumeMetricsRecursiveWalkConfigApplyConfiguration { + b.FSRateLimit = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsloadbalancerparameters.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsloadbalancerparameters.go index a38b99197017..78d5a4334f2a 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsloadbalancerparameters.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsloadbalancerparameters.go @@ -11,7 +11,7 @@ import ( type AWSLoadBalancerParametersApplyConfiguration struct { Type *v1.AWSLoadBalancerType `json:"type,omitempty"` ClassicLoadBalancerParameters *AWSClassicLoadBalancerParametersApplyConfiguration `json:"classicLoadBalancer,omitempty"` - NetworkLoadBalancerParameters *v1.AWSNetworkLoadBalancerParameters `json:"networkLoadBalancer,omitempty"` + NetworkLoadBalancerParameters *AWSNetworkLoadBalancerParametersApplyConfiguration `json:"networkLoadBalancer,omitempty"` } // AWSLoadBalancerParametersApplyConfiguration constructs an declarative configuration of the AWSLoadBalancerParameters type for use with @@ -39,7 +39,7 @@ func (b *AWSLoadBalancerParametersApplyConfiguration) WithClassicLoadBalancerPar // WithNetworkLoadBalancerParameters sets the NetworkLoadBalancerParameters field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the NetworkLoadBalancerParameters field is set to the value of the last call. -func (b *AWSLoadBalancerParametersApplyConfiguration) WithNetworkLoadBalancerParameters(value v1.AWSNetworkLoadBalancerParameters) *AWSLoadBalancerParametersApplyConfiguration { - b.NetworkLoadBalancerParameters = &value +func (b *AWSLoadBalancerParametersApplyConfiguration) WithNetworkLoadBalancerParameters(value *AWSNetworkLoadBalancerParametersApplyConfiguration) *AWSLoadBalancerParametersApplyConfiguration { + b.NetworkLoadBalancerParameters = value return b } diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go new file mode 100644 index 000000000000..9bc099855650 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awsnetworkloadbalancerparameters.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// AWSNetworkLoadBalancerParametersApplyConfiguration represents an declarative configuration of the AWSNetworkLoadBalancerParameters type for use +// with apply. +type AWSNetworkLoadBalancerParametersApplyConfiguration struct { + Subnets *AWSSubnetsApplyConfiguration `json:"subnets,omitempty"` + EIPAllocations []operatorv1.EIPAllocation `json:"eipAllocations,omitempty"` +} + +// AWSNetworkLoadBalancerParametersApplyConfiguration constructs an declarative configuration of the AWSNetworkLoadBalancerParameters type for use with +// apply. +func AWSNetworkLoadBalancerParameters() *AWSNetworkLoadBalancerParametersApplyConfiguration { + return &AWSNetworkLoadBalancerParametersApplyConfiguration{} +} + +// WithSubnets sets the Subnets field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Subnets field is set to the value of the last call. +func (b *AWSNetworkLoadBalancerParametersApplyConfiguration) WithSubnets(value *AWSSubnetsApplyConfiguration) *AWSNetworkLoadBalancerParametersApplyConfiguration { + b.Subnets = value + return b +} + +// WithEIPAllocations adds the given value to the EIPAllocations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the EIPAllocations field. +func (b *AWSNetworkLoadBalancerParametersApplyConfiguration) WithEIPAllocations(values ...operatorv1.EIPAllocation) *AWSNetworkLoadBalancerParametersApplyConfiguration { + for i := range values { + b.EIPAllocations = append(b.EIPAllocations, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awssubnets.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awssubnets.go new file mode 100644 index 000000000000..e3d063f08a09 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awssubnets.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/operator/v1" +) + +// AWSSubnetsApplyConfiguration represents an declarative configuration of the AWSSubnets type for use +// with apply. +type AWSSubnetsApplyConfiguration struct { + IDs []v1.AWSSubnetID `json:"ids,omitempty"` + Names []v1.AWSSubnetName `json:"names,omitempty"` +} + +// AWSSubnetsApplyConfiguration constructs an declarative configuration of the AWSSubnets type for use with +// apply. +func AWSSubnets() *AWSSubnetsApplyConfiguration { + return &AWSSubnetsApplyConfiguration{} +} + +// WithIDs adds the given value to the IDs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the IDs field. +func (b *AWSSubnetsApplyConfiguration) WithIDs(values ...v1.AWSSubnetID) *AWSSubnetsApplyConfiguration { + for i := range values { + b.IDs = append(b.IDs, values[i]) + } + return b +} + +// WithNames adds the given value to the Names field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Names field. +func (b *AWSSubnetsApplyConfiguration) WithNames(values ...v1.AWSSubnetName) *AWSSubnetsApplyConfiguration { + for i := range values { + b.Names = append(b.Names, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/capability.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/capability.go new file mode 100644 index 000000000000..55aa8415c1d1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/capability.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/operator/v1" +) + +// CapabilityApplyConfiguration represents an declarative configuration of the Capability type for use +// with apply. +type CapabilityApplyConfiguration struct { + Name *v1.ConsoleCapabilityName `json:"name,omitempty"` + Visibility *CapabilityVisibilityApplyConfiguration `json:"visibility,omitempty"` +} + +// CapabilityApplyConfiguration constructs an declarative configuration of the Capability type for use with +// apply. +func Capability() *CapabilityApplyConfiguration { + return &CapabilityApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *CapabilityApplyConfiguration) WithName(value v1.ConsoleCapabilityName) *CapabilityApplyConfiguration { + b.Name = &value + return b +} + +// WithVisibility sets the Visibility field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Visibility field is set to the value of the last call. +func (b *CapabilityApplyConfiguration) WithVisibility(value *CapabilityVisibilityApplyConfiguration) *CapabilityApplyConfiguration { + b.Visibility = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/capabilityvisibility.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/capabilityvisibility.go new file mode 100644 index 000000000000..b230a8f632cf --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/capabilityvisibility.go @@ -0,0 +1,27 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + v1 "github.com/openshift/api/operator/v1" +) + +// CapabilityVisibilityApplyConfiguration represents an declarative configuration of the CapabilityVisibility type for use +// with apply. +type CapabilityVisibilityApplyConfiguration struct { + State *v1.CapabilityState `json:"state,omitempty"` +} + +// CapabilityVisibilityApplyConfiguration constructs an declarative configuration of the CapabilityVisibility type for use with +// apply. +func CapabilityVisibility() *CapabilityVisibilityApplyConfiguration { + return &CapabilityVisibilityApplyConfiguration{} +} + +// WithState sets the State field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the State field is set to the value of the last call. +func (b *CapabilityVisibilityApplyConfiguration) WithState(value v1.CapabilityState) *CapabilityVisibilityApplyConfiguration { + b.State = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/consolecustomization.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/consolecustomization.go index c2d95e2b9efd..123a8aea6f3e 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/consolecustomization.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/consolecustomization.go @@ -4,13 +4,14 @@ package v1 import ( configv1 "github.com/openshift/api/config/v1" - v1 "github.com/openshift/api/operator/v1" + operatorv1 "github.com/openshift/api/operator/v1" ) // ConsoleCustomizationApplyConfiguration represents an declarative configuration of the ConsoleCustomization type for use // with apply. type ConsoleCustomizationApplyConfiguration struct { - Brand *v1.Brand `json:"brand,omitempty"` + Capabilities []CapabilityApplyConfiguration `json:"capabilities,omitempty"` + Brand *operatorv1.Brand `json:"brand,omitempty"` DocumentationBaseURL *string `json:"documentationBaseURL,omitempty"` CustomProductName *string `json:"customProductName,omitempty"` CustomLogoFile *configv1.ConfigMapFileReference `json:"customLogoFile,omitempty"` @@ -27,10 +28,23 @@ func ConsoleCustomization() *ConsoleCustomizationApplyConfiguration { return &ConsoleCustomizationApplyConfiguration{} } +// WithCapabilities adds the given value to the Capabilities field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Capabilities field. +func (b *ConsoleCustomizationApplyConfiguration) WithCapabilities(values ...*CapabilityApplyConfiguration) *ConsoleCustomizationApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithCapabilities") + } + b.Capabilities = append(b.Capabilities, *values[i]) + } + return b +} + // WithBrand sets the Brand field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Brand field is set to the value of the last call. -func (b *ConsoleCustomizationApplyConfiguration) WithBrand(value v1.Brand) *ConsoleCustomizationApplyConfiguration { +func (b *ConsoleCustomizationApplyConfiguration) WithBrand(value operatorv1.Brand) *ConsoleCustomizationApplyConfiguration { b.Brand = &value return b } diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkmigration.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkmigration.go index 348af89bed21..5ad82eb46386 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkmigration.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkmigration.go @@ -9,8 +9,8 @@ import ( // NetworkMigrationApplyConfiguration represents an declarative configuration of the NetworkMigration type for use // with apply. type NetworkMigrationApplyConfiguration struct { - NetworkType *string `json:"networkType,omitempty"` MTU *MTUMigrationApplyConfiguration `json:"mtu,omitempty"` + NetworkType *string `json:"networkType,omitempty"` Features *FeaturesMigrationApplyConfiguration `json:"features,omitempty"` Mode *operatorv1.NetworkMigrationMode `json:"mode,omitempty"` } @@ -21,14 +21,6 @@ func NetworkMigration() *NetworkMigrationApplyConfiguration { return &NetworkMigrationApplyConfiguration{} } -// WithNetworkType sets the NetworkType field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the NetworkType field is set to the value of the last call. -func (b *NetworkMigrationApplyConfiguration) WithNetworkType(value string) *NetworkMigrationApplyConfiguration { - b.NetworkType = &value - return b -} - // WithMTU sets the MTU field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MTU field is set to the value of the last call. @@ -37,6 +29,14 @@ func (b *NetworkMigrationApplyConfiguration) WithMTU(value *MTUMigrationApplyCon return b } +// WithNetworkType sets the NetworkType field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetworkType field is set to the value of the last call. +func (b *NetworkMigrationApplyConfiguration) WithNetworkType(value string) *NetworkMigrationApplyConfiguration { + b.NetworkType = &value + return b +} + // WithFeatures sets the Features field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Features field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkspec.go index 0bfb95375629..13b262623453 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/networkspec.go @@ -11,17 +11,18 @@ import ( // with apply. type NetworkSpecApplyConfiguration struct { OperatorSpecApplyConfiguration `json:",inline"` - ClusterNetwork []ClusterNetworkEntryApplyConfiguration `json:"clusterNetwork,omitempty"` - ServiceNetwork []string `json:"serviceNetwork,omitempty"` - DefaultNetwork *DefaultNetworkDefinitionApplyConfiguration `json:"defaultNetwork,omitempty"` - AdditionalNetworks []AdditionalNetworkDefinitionApplyConfiguration `json:"additionalNetworks,omitempty"` - DisableMultiNetwork *bool `json:"disableMultiNetwork,omitempty"` - UseMultiNetworkPolicy *bool `json:"useMultiNetworkPolicy,omitempty"` - DeployKubeProxy *bool `json:"deployKubeProxy,omitempty"` - DisableNetworkDiagnostics *bool `json:"disableNetworkDiagnostics,omitempty"` - KubeProxyConfig *ProxyConfigApplyConfiguration `json:"kubeProxyConfig,omitempty"` - ExportNetworkFlows *ExportNetworkFlowsApplyConfiguration `json:"exportNetworkFlows,omitempty"` - Migration *NetworkMigrationApplyConfiguration `json:"migration,omitempty"` + ClusterNetwork []ClusterNetworkEntryApplyConfiguration `json:"clusterNetwork,omitempty"` + ServiceNetwork []string `json:"serviceNetwork,omitempty"` + DefaultNetwork *DefaultNetworkDefinitionApplyConfiguration `json:"defaultNetwork,omitempty"` + AdditionalNetworks []AdditionalNetworkDefinitionApplyConfiguration `json:"additionalNetworks,omitempty"` + DisableMultiNetwork *bool `json:"disableMultiNetwork,omitempty"` + UseMultiNetworkPolicy *bool `json:"useMultiNetworkPolicy,omitempty"` + DeployKubeProxy *bool `json:"deployKubeProxy,omitempty"` + DisableNetworkDiagnostics *bool `json:"disableNetworkDiagnostics,omitempty"` + KubeProxyConfig *ProxyConfigApplyConfiguration `json:"kubeProxyConfig,omitempty"` + ExportNetworkFlows *ExportNetworkFlowsApplyConfiguration `json:"exportNetworkFlows,omitempty"` + Migration *NetworkMigrationApplyConfiguration `json:"migration,omitempty"` + AdditionalRoutingCapabilities *AdditionalRoutingCapabilitiesApplyConfiguration `json:"additionalRoutingCapabilities,omitempty"` } // NetworkSpecApplyConfiguration constructs an declarative configuration of the NetworkSpec type for use with @@ -169,3 +170,11 @@ func (b *NetworkSpecApplyConfiguration) WithMigration(value *NetworkMigrationApp b.Migration = value return b } + +// WithAdditionalRoutingCapabilities sets the AdditionalRoutingCapabilities field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AdditionalRoutingCapabilities field is set to the value of the last call. +func (b *NetworkSpecApplyConfiguration) WithAdditionalRoutingCapabilities(value *AdditionalRoutingCapabilitiesApplyConfiguration) *NetworkSpecApplyConfiguration { + b.AdditionalRoutingCapabilities = value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go index 625549d735f1..b072c16ef248 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go @@ -2,6 +2,10 @@ package v1 +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + // OVNKubernetesConfigApplyConfiguration represents an declarative configuration of the OVNKubernetesConfig type for use // with apply. type OVNKubernetesConfigApplyConfiguration struct { @@ -16,6 +20,7 @@ type OVNKubernetesConfigApplyConfiguration struct { EgressIPConfig *EgressIPConfigApplyConfiguration `json:"egressIPConfig,omitempty"` IPv4 *IPv4OVNKubernetesConfigApplyConfiguration `json:"ipv4,omitempty"` IPv6 *IPv6OVNKubernetesConfigApplyConfiguration `json:"ipv6,omitempty"` + RouteAdvertisements *operatorv1.RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` } // OVNKubernetesConfigApplyConfiguration constructs an declarative configuration of the OVNKubernetesConfig type for use with @@ -111,3 +116,11 @@ func (b *OVNKubernetesConfigApplyConfiguration) WithIPv6(value *IPv6OVNKubernete b.IPv6 = value return b } + +// WithRouteAdvertisements sets the RouteAdvertisements field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RouteAdvertisements field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithRouteAdvertisements(value operatorv1.RouteAdvertisementsEnablement) *OVNKubernetesConfigApplyConfiguration { + b.RouteAdvertisements = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go index 38acf6dc72f1..0c8730d98e73 100644 --- a/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/route/applyconfigurations/internal/internal.go @@ -111,7 +111,9 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.route.v1.RouteIngressCondition - elementRelationship: atomic + elementRelationship: associative + keys: + - type - name: host type: scalar: string @@ -166,7 +168,10 @@ var schemaYAML = typed.YAMLObject(`types: list: elementType: namedType: com.github.openshift.api.route.v1.RouteTargetReference - elementRelationship: atomic + elementRelationship: associative + keys: + - name + - kind - name: host type: scalar: string diff --git a/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go index 55e489fca0cd..7e40ec582066 100644 --- a/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go @@ -209,6 +209,10 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.security.v1.SupplementalGroupsStrategyOptions default: {} + - name: userNamespaceLevel + type: + scalar: string + default: AllowHostLevel - name: users type: list: diff --git a/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go b/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go index 9d029bb7127f..aecc647eb834 100644 --- a/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go +++ b/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go @@ -29,6 +29,7 @@ type SecurityContextConstraintsApplyConfiguration struct { AllowHostPorts *bool `json:"allowHostPorts,omitempty"` AllowHostPID *bool `json:"allowHostPID,omitempty"` AllowHostIPC *bool `json:"allowHostIPC,omitempty"` + UserNamespaceLevel *securityv1.NamespaceLevelType `json:"userNamespaceLevel,omitempty"` DefaultAllowPrivilegeEscalation *bool `json:"defaultAllowPrivilegeEscalation,omitempty"` AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty"` SELinuxContext *SELinuxContextStrategyOptionsApplyConfiguration `json:"seLinuxContext,omitempty"` @@ -355,6 +356,14 @@ func (b *SecurityContextConstraintsApplyConfiguration) WithAllowHostIPC(value bo return b } +// WithUserNamespaceLevel sets the UserNamespaceLevel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UserNamespaceLevel field is set to the value of the last call. +func (b *SecurityContextConstraintsApplyConfiguration) WithUserNamespaceLevel(value securityv1.NamespaceLevelType) *SecurityContextConstraintsApplyConfiguration { + b.UserNamespaceLevel = &value + return b +} + // WithDefaultAllowPrivilegeEscalation sets the DefaultAllowPrivilegeEscalation field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the DefaultAllowPrivilegeEscalation field is set to the value of the last call. diff --git a/vendor/github.com/openshift/library-go/pkg/certs/cert-inspection/certgraphanalysis/collector.go b/vendor/github.com/openshift/library-go/pkg/certs/cert-inspection/certgraphanalysis/collector.go index 6d13dc5d5b33..b4516d6d5e15 100644 --- a/vendor/github.com/openshift/library-go/pkg/certs/cert-inspection/certgraphanalysis/collector.go +++ b/vendor/github.com/openshift/library-go/pkg/certs/cert-inspection/certgraphanalysis/collector.go @@ -289,17 +289,11 @@ func GetBootstrapIPAndHostname(ctx context.Context, kubeClient kubernetes.Interf if !ok || !strings.Contains(certHostNames, bootstrapIP) { continue } - // Node name is stored as last word in the secret description - description, ok := secret.Annotations[annotations.OpenShiftDescription] - if !ok { - continue - } - descriptionWords := strings.Split(description, " ") - if len(descriptionWords) < 1 { - continue + // Extract bootstrap name from etcd secret name + if result, found := strings.CutPrefix(secret.Name, "etcd-peer-"); found { + bootstrapHostname = result + break } - bootstrapHostname = descriptionWords[len(descriptionWords)-1] - break } return bootstrapIP, bootstrapHostname, nil diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go index da3539a02979..88bd00b25187 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/admissionregistration.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" admissionregistrationv1 "k8s.io/api/admissionregistration/v1" admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1" @@ -34,7 +35,7 @@ func ApplyMutatingWebhookConfigurationImproved(ctx context.Context, client admis required := requiredOriginal.DeepCopy() actual, err := client.MutatingWebhookConfigurations().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(required).(*admissionregistrationv1.MutatingWebhookConfiguration), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -68,7 +69,7 @@ func ApplyMutatingWebhookConfigurationImproved(ctx context.Context, client admis klog.V(2).Infof("MutatingWebhookConfiguration %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) actual, err := client.MutatingWebhookConfigurations().Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -109,7 +110,7 @@ func ApplyValidatingWebhookConfigurationImproved(ctx context.Context, client adm required := requiredOriginal.DeepCopy() actual, err := client.ValidatingWebhookConfigurations().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(required).(*admissionregistrationv1.ValidatingWebhookConfiguration), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -143,7 +144,7 @@ func ApplyValidatingWebhookConfigurationImproved(ctx context.Context, client adm klog.V(2).Infof("ValidatingWebhookConfiguration %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) actual, err := client.ValidatingWebhookConfigurations().Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -152,6 +153,18 @@ func ApplyValidatingWebhookConfigurationImproved(ctx context.Context, client adm return actual, true, nil } +func DeleteValidatingWebhookConfiguration(ctx context.Context, client admissionregistrationclientv1.ValidatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionregistrationv1.ValidatingWebhookConfiguration) (*admissionregistrationv1.ValidatingWebhookConfiguration, bool, error) { + err := client.ValidatingWebhookConfigurations().Delete(ctx, required.Name, metav1.DeleteOptions{}) + if err != nil && apierrors.IsNotFound(err) { + return nil, false, nil + } + if err != nil { + return nil, false, err + } + resourcehelper.ReportDeleteEvent(recorder, required, err) + return nil, true, nil +} + // copyValidatingWebhookCABundle populates webhooks[].clientConfig.caBundle fields from existing resource if it was set before // and is not set in present. This provides upgrade compatibility with service-ca-bundle operator. func copyValidatingWebhookCABundle(from, to *admissionregistrationv1.ValidatingWebhookConfiguration) { @@ -184,7 +197,7 @@ func ApplyValidatingAdmissionPolicyV1beta1(ctx context.Context, client admission required := requiredOriginal.DeepCopy() actual, err := client.ValidatingAdmissionPolicies().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(required).(*admissionregistrationv1beta1.ValidatingAdmissionPolicy), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -217,7 +230,7 @@ func ApplyValidatingAdmissionPolicyV1beta1(ctx context.Context, client admission klog.V(2).Infof("ValidatingAdmissionPolicyConfigurationV1beta1 %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) actual, err := client.ValidatingAdmissionPolicies().Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -243,7 +256,7 @@ func ApplyValidatingAdmissionPolicyV1(ctx context.Context, client admissionregis required := requiredOriginal.DeepCopy() actual, err := client.ValidatingAdmissionPolicies().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(required).(*admissionregistrationv1.ValidatingAdmissionPolicy), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -276,7 +289,7 @@ func ApplyValidatingAdmissionPolicyV1(ctx context.Context, client admissionregis klog.V(2).Infof("ValidatingAdmissionPolicyConfigurationV1 %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) actual, err := client.ValidatingAdmissionPolicies().Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -302,7 +315,7 @@ func ApplyValidatingAdmissionPolicyBindingV1beta1(ctx context.Context, client ad required := requiredOriginal.DeepCopy() actual, err := client.ValidatingAdmissionPolicyBindings().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(required).(*admissionregistrationv1beta1.ValidatingAdmissionPolicyBinding), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -335,7 +348,7 @@ func ApplyValidatingAdmissionPolicyBindingV1beta1(ctx context.Context, client ad klog.V(2).Infof("ValidatingAdmissionPolicyBindingConfigurationV1beta1 %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) actual, err := client.ValidatingAdmissionPolicyBindings().Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -361,7 +374,7 @@ func ApplyValidatingAdmissionPolicyBindingV1(ctx context.Context, client admissi required := requiredOriginal.DeepCopy() actual, err := client.ValidatingAdmissionPolicyBindings().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(required).(*admissionregistrationv1.ValidatingAdmissionPolicyBinding), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) if err != nil { return nil, false, err } @@ -394,7 +407,7 @@ func ApplyValidatingAdmissionPolicyBindingV1(ctx context.Context, client admissi klog.V(2).Infof("ValidatingAdmissionPolicyBindingConfigurationV1 %q changes: %v", required.GetNamespace()+"/"+required.GetName(), JSONPatchNoError(existing, toWrite)) actual, err := client.ValidatingAdmissionPolicyBindings().Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) if err != nil { return nil, false, err } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiextensions.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiextensions.go index 587c9bd556cd..0e76cf83412f 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiextensions.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiextensions.go @@ -4,6 +4,7 @@ import ( "context" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" apiextclientv1 "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1" @@ -19,7 +20,7 @@ func ApplyCustomResourceDefinitionV1(ctx context.Context, client apiextclientv1. requiredCopy := required.DeepCopy() actual, err := client.CustomResourceDefinitions().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*apiextensionsv1.CustomResourceDefinition), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -38,7 +39,7 @@ func ApplyCustomResourceDefinitionV1(ctx context.Context, client apiextclientv1. } actual, err := client.CustomResourceDefinitions().Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -51,6 +52,6 @@ func DeleteCustomResourceDefinitionV1(ctx context.Context, client apiextclientv1 if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiregistration.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiregistration.go index 931a6c0e1bcf..e465438f6b84 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiregistration.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apiregistration.go @@ -11,6 +11,7 @@ import ( apiregistrationv1client "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/typed/apiregistration/v1" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" ) @@ -21,7 +22,7 @@ func ApplyAPIService(ctx context.Context, client apiregistrationv1client.APIServ requiredCopy := required.DeepCopy() actual, err := client.APIServices().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*apiregistrationv1.APIService), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -46,6 +47,6 @@ func ApplyAPIService(ctx context.Context, client apiregistrationv1client.APIServ klog.Infof("APIService %q changes: %s", existing.Name, JSONPatchNoError(existing, existingCopy)) } actual, err := client.APIServices().Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apps.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apps.go index 0560c66abc08..650cf9b4f83e 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apps.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/apps.go @@ -15,6 +15,7 @@ import ( appsclientv1 "k8s.io/client-go/kubernetes/typed/apps/v1" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" ) @@ -118,7 +119,7 @@ func ApplyDeploymentWithForce(ctx context.Context, client appsclientv1.Deploymen existing, err := client.Deployments(required.Namespace).Get(ctx, required.Name, metav1.GetOptions{}) if apierrors.IsNotFound(err) { actual, err := client.Deployments(required.Namespace).Create(ctx, required, metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -155,7 +156,7 @@ func ApplyDeploymentWithForce(ctx context.Context, client appsclientv1.Deploymen } actual, err := client.Deployments(required.Namespace).Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -205,7 +206,7 @@ func ApplyDaemonSetWithForce(ctx context.Context, client appsclientv1.DaemonSets existing, err := client.DaemonSets(required.Namespace).Get(ctx, required.Name, metav1.GetOptions{}) if apierrors.IsNotFound(err) { actual, err := client.DaemonSets(required.Namespace).Create(ctx, required, metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -241,6 +242,6 @@ func ApplyDaemonSetWithForce(ctx context.Context, client appsclientv1.DaemonSets klog.Infof("DaemonSet %q changes: %v", required.Namespace+"/"+required.Name, JSONPatchNoError(existing, toWrite)) } actual, err := client.DaemonSets(required.Namespace).Update(ctx, toWrite, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go index ba20f7b1c8a4..f954d48cc65b 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go @@ -8,6 +8,7 @@ import ( "strings" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/equality" @@ -85,15 +86,7 @@ func ApplyConfigMap(ctx context.Context, client coreclientv1.ConfigMapsGetter, r // ApplySecret merges objectmeta, requires data func ApplySecret(ctx context.Context, client coreclientv1.SecretsGetter, recorder events.Recorder, required *corev1.Secret) (*corev1.Secret, bool, error) { - return applySecretImproved(ctx, client, recorder, required, noCache, false) -} - -// ApplySecretDoNotUse is depreated and will be removed -// Deprecated: DO NOT USE, it is intended as a short term hack for a very specific use case, -// and it works in tandem with a particular carry patch applied to the openshift kube-apiserver. -// Use ApplySecret instead. -func ApplySecretDoNotUse(ctx context.Context, client coreclientv1.SecretsGetter, recorder events.Recorder, required *corev1.Secret) (*corev1.Secret, bool, error) { - return applySecretImproved(ctx, client, recorder, required, noCache, true) + return ApplySecretImproved(ctx, client, recorder, required, noCache) } // ApplyNamespace merges objectmeta, does not worry about anything else @@ -103,7 +96,7 @@ func ApplyNamespaceImproved(ctx context.Context, client coreclientv1.NamespacesG requiredCopy := required.DeepCopy() actual, err := client.Namespaces(). Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*corev1.Namespace), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -129,7 +122,7 @@ func ApplyNamespaceImproved(ctx context.Context, client coreclientv1.NamespacesG } actual, err := client.Namespaces().Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -150,7 +143,7 @@ func ApplyServiceImproved(ctx context.Context, client coreclientv1.ServicesGette requiredCopy := required.DeepCopy() actual, err := client.Services(requiredCopy.Namespace). Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*corev1.Service), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -190,7 +183,7 @@ func ApplyServiceImproved(ctx context.Context, client coreclientv1.ServicesGette } actual, err := client.Services(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -202,7 +195,7 @@ func ApplyPodImproved(ctx context.Context, client coreclientv1.PodsGetter, recor requiredCopy := required.DeepCopy() actual, err := client.Pods(requiredCopy.Namespace). Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*corev1.Pod), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -228,7 +221,7 @@ func ApplyPodImproved(ctx context.Context, client coreclientv1.PodsGetter, recor } actual, err := client.Pods(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -240,7 +233,7 @@ func ApplyServiceAccountImproved(ctx context.Context, client coreclientv1.Servic requiredCopy := required.DeepCopy() actual, err := client.ServiceAccounts(requiredCopy.Namespace). Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*corev1.ServiceAccount), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -264,7 +257,7 @@ func ApplyServiceAccountImproved(ctx context.Context, client coreclientv1.Servic klog.Infof("ServiceAccount %q changes: %v", required.Namespace+"/"+required.Name, JSONPatchNoError(existing, required)) } actual, err := client.ServiceAccounts(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -276,7 +269,7 @@ func ApplyConfigMapImproved(ctx context.Context, client coreclientv1.ConfigMapsG requiredCopy := required.DeepCopy() actual, err := client.ConfigMaps(requiredCopy.Namespace). Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*corev1.ConfigMap), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } @@ -358,17 +351,13 @@ func ApplyConfigMapImproved(ctx context.Context, client coreclientv1.ConfigMapsG if klog.V(2).Enabled() { klog.Infof("ConfigMap %q changes: %v", required.Namespace+"/"+required.Name, JSONPatchNoError(existing, required)) } - reportUpdateEvent(recorder, required, err, details) + resourcehelper.ReportUpdateEvent(recorder, required, err, details) cache.UpdateCachedResourceMetadata(required, actual) return actual, true, err } // ApplySecret merges objectmeta, requires data func ApplySecretImproved(ctx context.Context, client coreclientv1.SecretsGetter, recorder events.Recorder, requiredInput *corev1.Secret, cache ResourceCache) (*corev1.Secret, bool, error) { - return applySecretImproved(ctx, client, recorder, requiredInput, cache, false) -} - -func applySecretImproved(ctx context.Context, client coreclientv1.SecretsGetter, recorder events.Recorder, requiredInput *corev1.Secret, cache ResourceCache, updateOnly bool) (*corev1.Secret, bool, error) { // copy the stringData to data. Error on a data content conflict inside required. This is usually a bug. existing, err := client.Secrets(requiredInput.Namespace).Get(ctx, requiredInput.Name, metav1.GetOptions{}) @@ -398,7 +387,7 @@ func applySecretImproved(ctx context.Context, client coreclientv1.SecretsGetter, requiredCopy := required.DeepCopy() actual, err := client.Secrets(requiredCopy.Namespace). Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*corev1.Secret), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) cache.UpdateCachedResourceMetadata(requiredInput, actual) return actual, true, err } @@ -448,15 +437,9 @@ func applySecretImproved(ctx context.Context, client coreclientv1.SecretsGetter, * https://github.com/kubernetes/kubernetes/blob/98e65951dccfd40d3b4f31949c2ab8df5912d93e/pkg/apis/core/validation/validation.go#L5048 * We need to explicitly opt for delete+create in that case. */ - if updateOnly { - actual, err = client.Secrets(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, existingCopy, err) - return actual, err == nil, err - } - if existingCopy.Type == existing.Type { actual, err = client.Secrets(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, existingCopy, err) + resourcehelper.ReportUpdateEvent(recorder, existingCopy, err) if err == nil { return actual, true, err @@ -468,12 +451,12 @@ func applySecretImproved(ctx context.Context, client coreclientv1.SecretsGetter, // if the field was immutable on a secret, we're going to be stuck until we delete it. Try to delete and then create deleteErr := client.Secrets(required.Namespace).Delete(ctx, existingCopy.Name, metav1.DeleteOptions{}) - reportDeleteEvent(recorder, existingCopy, deleteErr) + resourcehelper.ReportDeleteEvent(recorder, existingCopy, deleteErr) // clear the RV and track the original actual and error for the return like our create value. existingCopy.ResourceVersion = "" actual, err = client.Secrets(required.Namespace).Create(ctx, existingCopy, metav1.CreateOptions{}) - reportCreateEvent(recorder, existingCopy, err) + resourcehelper.ReportCreateEvent(recorder, existingCopy, err) cache.UpdateCachedResourceMetadata(requiredInput, actual) return actual, true, err } @@ -620,7 +603,7 @@ func DeleteNamespace(ctx context.Context, client coreclientv1.NamespacesGetter, if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -632,7 +615,7 @@ func DeleteService(ctx context.Context, client coreclientv1.ServicesGetter, reco if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -644,7 +627,7 @@ func DeletePod(ctx context.Context, client coreclientv1.PodsGetter, recorder eve if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -656,7 +639,7 @@ func DeleteServiceAccount(ctx context.Context, client coreclientv1.ServiceAccoun if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -668,7 +651,7 @@ func DeleteConfigMap(ctx context.Context, client coreclientv1.ConfigMapsGetter, if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -680,6 +663,6 @@ func DeleteSecret(ctx context.Context, client coreclientv1.SecretsGetter, record if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/event_helpers.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/event_helpers.go deleted file mode 100644 index af598993f956..000000000000 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/event_helpers.go +++ /dev/null @@ -1,56 +0,0 @@ -package resourceapply - -import ( - "fmt" - "strings" - - "k8s.io/apimachinery/pkg/runtime" - - openshiftapi "github.com/openshift/api" - - "github.com/openshift/library-go/pkg/operator/events" - "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" -) - -var ( - openshiftScheme = runtime.NewScheme() -) - -func init() { - if err := openshiftapi.Install(openshiftScheme); err != nil { - panic(err) - } -} - -func reportCreateEvent(recorder events.Recorder, obj runtime.Object, originalErr error) { - gvk := resourcehelper.GuessObjectGroupVersionKind(obj) - if originalErr == nil { - recorder.Eventf(fmt.Sprintf("%sCreated", gvk.Kind), "Created %s because it was missing", resourcehelper.FormatResourceForCLIWithNamespace(obj)) - return - } - recorder.Warningf(fmt.Sprintf("%sCreateFailed", gvk.Kind), "Failed to create %s: %v", resourcehelper.FormatResourceForCLIWithNamespace(obj), originalErr) -} - -func reportUpdateEvent(recorder events.Recorder, obj runtime.Object, originalErr error, details ...string) { - gvk := resourcehelper.GuessObjectGroupVersionKind(obj) - switch { - case originalErr != nil: - recorder.Warningf(fmt.Sprintf("%sUpdateFailed", gvk.Kind), "Failed to update %s: %v", resourcehelper.FormatResourceForCLIWithNamespace(obj), originalErr) - case len(details) == 0: - recorder.Eventf(fmt.Sprintf("%sUpdated", gvk.Kind), "Updated %s because it changed", resourcehelper.FormatResourceForCLIWithNamespace(obj)) - default: - recorder.Eventf(fmt.Sprintf("%sUpdated", gvk.Kind), "Updated %s:\n%s", resourcehelper.FormatResourceForCLIWithNamespace(obj), strings.Join(details, "\n")) - } -} - -func reportDeleteEvent(recorder events.Recorder, obj runtime.Object, originalErr error, details ...string) { - gvk := resourcehelper.GuessObjectGroupVersionKind(obj) - switch { - case originalErr != nil: - recorder.Warningf(fmt.Sprintf("%sDeleteFailed", gvk.Kind), "Failed to delete %s: %v", resourcehelper.FormatResourceForCLIWithNamespace(obj), originalErr) - case len(details) == 0: - recorder.Eventf(fmt.Sprintf("%sDeleted", gvk.Kind), "Deleted %s", resourcehelper.FormatResourceForCLIWithNamespace(obj)) - default: - recorder.Eventf(fmt.Sprintf("%sDeleted", gvk.Kind), "Deleted %s:\n%s", resourcehelper.FormatResourceForCLIWithNamespace(obj), strings.Join(details, "\n")) - } -} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go index 087893e02972..d812254dc76f 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/generic.go @@ -335,6 +335,12 @@ func DeleteAll(ctx context.Context, clients *ClientHolder, recorder events.Recor } else { _, result.Changed, result.Error = DeleteStorageClass(ctx, clients.kubeClient.StorageV1(), recorder, t) } + case *admissionregistrationv1.ValidatingWebhookConfiguration: + if clients.kubeClient == nil { + result.Error = fmt.Errorf("missing kubeClient") + } else { + _, result.Changed, result.Error = DeleteValidatingWebhookConfiguration(ctx, clients.kubeClient.AdmissionregistrationV1(), recorder, t) + } case *storagev1.CSIDriver: if clients.kubeClient == nil { result.Error = fmt.Errorf("missing kubeClient") diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/migration.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/migration.go index 7c0dcf60517b..2bf3d74b6c06 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/migration.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/migration.go @@ -5,6 +5,7 @@ import ( "reflect" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -21,7 +22,7 @@ func ApplyStorageVersionMigration(ctx context.Context, client migrationclientv1a if apierrors.IsNotFound(err) { requiredCopy := required.DeepCopy() actual, err := clientInterface.Create(ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*v1alpha1.StorageVersionMigration), metav1.CreateOptions{}) - reportCreateEvent(recorder, requiredCopy, err) + resourcehelper.ReportCreateEvent(recorder, requiredCopy, err) return actual, true, err } if err != nil { @@ -41,7 +42,7 @@ func ApplyStorageVersionMigration(ctx context.Context, client migrationclientv1a required.Spec.Resource.DeepCopyInto(&existingCopy.Spec.Resource) actual, err := clientInterface.Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -54,6 +55,6 @@ func DeleteStorageVersionMigration(ctx context.Context, client migrationclientv1 if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go index 555f7a3821cb..99f3ecb73bd6 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/monitoring.go @@ -2,167 +2,220 @@ package resourceapply import ( "context" + errorsstdlib "errors" + "fmt" - "github.com/openshift/library-go/pkg/operator/events" "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/dynamic" "k8s.io/klog/v2" + "k8s.io/utils/ptr" + + "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" + + "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" ) +var alertmanagerGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "alertmanagers"} +var prometheusGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "prometheuses"} +var prometheusRuleGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "prometheusrules"} var serviceMonitorGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "servicemonitors"} -func ensureGenericSpec(required, existing *unstructured.Unstructured, mimicDefaultingFn mimicDefaultingFunc, equalityChecker equalityChecker) (*unstructured.Unstructured, bool, error) { - requiredCopy := required.DeepCopy() - mimicDefaultingFn(requiredCopy) - requiredSpec, _, err := unstructured.NestedMap(requiredCopy.UnstructuredContent(), "spec") - if err != nil { - return nil, false, err - } - existingSpec, _, err := unstructured.NestedMap(existing.UnstructuredContent(), "spec") - if err != nil { - return nil, false, err - } - - if equalityChecker.DeepEqual(existingSpec, requiredSpec) { - return existing, false, nil - } +// ApplyAlertmanager applies the Alertmanager. +func ApplyAlertmanager(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return ApplyUnstructuredResourceImproved(ctx, client, recorder, required, noCache, alertmanagerGVR, nil, nil) +} - existingCopy := existing.DeepCopy() - if err := unstructured.SetNestedMap(existingCopy.UnstructuredContent(), requiredSpec, "spec"); err != nil { - return nil, true, err - } +// DeleteAlertmanager deletes the Alertmanager. +func DeleteAlertmanager(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return DeleteUnstructuredResource(ctx, client, recorder, required, alertmanagerGVR) +} - return existingCopy, true, nil +// ApplyPrometheus applies the Prometheus. +func ApplyPrometheus(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return ApplyUnstructuredResourceImproved(ctx, client, recorder, required, noCache, prometheusGVR, nil, nil) } -// mimicDefaultingFunc is used to set fields that are defaulted. This allows for sparse manifests to apply correctly. -// For instance, if field .spec.foo is set to 10 if not set, then a function of this type could be used to set -// the field to 10 to match the comparison. This is soemtimes (often?) easier than updating the semantic equality. -// We often see this in places like RBAC and CRD. Logically it can happen generically too. -type mimicDefaultingFunc func(obj *unstructured.Unstructured) +// DeletePrometheus deletes the Prometheus. +func DeletePrometheus(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return DeleteUnstructuredResource(ctx, client, recorder, required, prometheusGVR) +} -func noDefaulting(obj *unstructured.Unstructured) {} +// ApplyPrometheusRule applies the PrometheusRule. +func ApplyPrometheusRule(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return ApplyUnstructuredResourceImproved(ctx, client, recorder, required, noCache, prometheusRuleGVR, nil, nil) +} -// equalityChecker allows for custom equality comparisons. This can be used to allow equality checks to skip certain -// operator managed fields. This capability allows something like .spec.scale to be specified or changed by a component -// like HPA. Use this capability sparingly. Most places ought to just use `equality.Semantic` -type equalityChecker interface { - DeepEqual(a1, a2 interface{}) bool +// DeletePrometheusRule deletes the PrometheusRule. +func DeletePrometheusRule(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return DeleteUnstructuredResource(ctx, client, recorder, required, prometheusRuleGVR) } -// ApplyServiceMonitor applies the Prometheus service monitor. +// ApplyServiceMonitor applies the ServiceMonitor. func ApplyServiceMonitor(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return ApplyUnstructuredResourceImproved(ctx, client, recorder, required, noCache, serviceMonitorGVR, nil, nil) +} + +// DeleteServiceMonitor deletes the ServiceMonitor. +func DeleteServiceMonitor(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { + return DeleteUnstructuredResource(ctx, client, recorder, required, serviceMonitorGVR) +} + +// ApplyUnstructuredResourceImproved can utilize the cache to reconcile the existing resource to the desired state. +// NOTE: A `nil` defaultingFunc and equalityChecker are assigned resourceapply.noDefaulting and equality.Semantic, +// respectively. Users are recommended to instantiate a cache to benefit from the memoization machinery. +func ApplyUnstructuredResourceImproved( + ctx context.Context, + client dynamic.Interface, + recorder events.Recorder, + required *unstructured.Unstructured, + cache ResourceCache, + resourceGVR schema.GroupVersionResource, + defaultingFunc mimicDefaultingFunc, + equalityChecker equalityChecker, +) (*unstructured.Unstructured, bool, error) { + name := required.GetName() namespace := required.GetNamespace() - existing, err := client.Resource(serviceMonitorGVR).Namespace(namespace).Get(ctx, required.GetName(), metav1.GetOptions{}) + + // Create if resource does not exist, and update cache with new metadata. + if cache == nil { + cache = noCache + } + existing, err := client.Resource(resourceGVR).Namespace(namespace).Get(ctx, name, metav1.GetOptions{}) if errors.IsNotFound(err) { - newObj, createErr := client.Resource(serviceMonitorGVR).Namespace(namespace).Create(ctx, required, metav1.CreateOptions{}) - if createErr != nil { - recorder.Warningf("ServiceMonitorCreateFailed", "Failed to create ServiceMonitor.monitoring.coreos.com/v1: %v", createErr) - return nil, true, createErr - } - recorder.Eventf("ServiceMonitorCreated", "Created ServiceMonitor.monitoring.coreos.com/v1 because it was missing") - return newObj, true, nil + want, err := client.Resource(resourceGVR).Namespace(namespace).Create(ctx, required, metav1.CreateOptions{}) + resourcehelper.ReportCreateEvent(recorder, required, err) + cache.UpdateCachedResourceMetadata(required, want) + return want, true, err } if err != nil { return nil, false, err } - existingCopy := existing.DeepCopy() + // Skip if the cache is non-nil, and the metadata hashes and resource version hashes match. + if cache.SafeToSkipApply(required, existing) { + return existing, false, nil + } - toUpdate, modified, err := ensureGenericSpec(required, existingCopy, noDefaulting, equality.Semantic) + // Ensure metadata field is present on the object. + existingCopy := existing.DeepCopy() + existingObjectMeta, found, err := unstructured.NestedMap(existingCopy.Object, "metadata") if err != nil { return nil, false, err } - - if !modified { - return nil, false, nil - } - - if klog.V(2).Enabled() { - klog.Infof("ServiceMonitor %q changes: %v", namespace+"/"+required.GetName(), JSONPatchNoError(existing, toUpdate)) + if !found { + return nil, false, errorsstdlib.New(fmt.Sprintf("metadata not found in the existing object: %s/%s", existing.GetNamespace(), existingCopy.GetName())) } - - newObj, err := client.Resource(serviceMonitorGVR).Namespace(namespace).Update(ctx, toUpdate, metav1.UpdateOptions{}) + requiredObjectMeta, found, err := unstructured.NestedMap(required.Object, "metadata") if err != nil { - recorder.Warningf("ServiceMonitorUpdateFailed", "Failed to update ServiceMonitor.monitoring.coreos.com/v1: %v", err) - return nil, true, err + return nil, false, err } - - recorder.Eventf("ServiceMonitorUpdated", "Updated ServiceMonitor.monitoring.coreos.com/v1 because it changed") - return newObj, true, err -} - -var prometheusRuleGVR = schema.GroupVersionResource{Group: "monitoring.coreos.com", Version: "v1", Resource: "prometheusrules"} - -// ApplyPrometheusRule applies the PrometheusRule -func ApplyPrometheusRule(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { - namespace := required.GetNamespace() - - existing, err := client.Resource(prometheusRuleGVR).Namespace(namespace).Get(ctx, required.GetName(), metav1.GetOptions{}) - if errors.IsNotFound(err) { - newObj, createErr := client.Resource(prometheusRuleGVR).Namespace(namespace).Create(ctx, required, metav1.CreateOptions{}) - if createErr != nil { - recorder.Warningf("PrometheusRuleCreateFailed", "Failed to create PrometheusRule.monitoring.coreos.com/v1: %v", createErr) - return nil, true, createErr - } - recorder.Eventf("PrometheusRuleCreated", "Created PrometheusRule.monitoring.coreos.com/v1 because it was missing") - return newObj, true, nil + if !found { + return nil, false, errorsstdlib.New(fmt.Sprintf("metadata not found in the required object: %s/%s", required.GetNamespace(), required.GetName())) } + + // Cast the metadata to the correct type. + var existingObjectMetaTyped, requiredObjectMetaTyped metav1.ObjectMeta + err = runtime.DefaultUnstructuredConverter.FromUnstructured(existingObjectMeta, &existingObjectMetaTyped) if err != nil { return nil, false, err } - - existingCopy := existing.DeepCopy() - - toUpdate, modified, err := ensureGenericSpec(required, existingCopy, noDefaulting, equality.Semantic) + err = runtime.DefaultUnstructuredConverter.FromUnstructured(requiredObjectMeta, &requiredObjectMetaTyped) if err != nil { return nil, false, err } - if !modified { - return nil, false, nil + // Fail-fast if the resource versions differ. + if requiredObjectMetaTyped.ResourceVersion != "" && existingObjectMetaTyped.ResourceVersion != requiredObjectMetaTyped.ResourceVersion { + err = errors.NewConflict(resourceGVR.GroupResource(), name, fmt.Errorf("rejected to update %s %s because the object has been modified: desired/actual ResourceVersion: %v/%v", existing.GetKind(), existing.GetName(), requiredObjectMetaTyped.ResourceVersion, existingObjectMetaTyped.ResourceVersion)) + return nil, false, err } - if klog.V(2).Enabled() { - klog.Infof("PrometheusRule %q changes: %v", namespace+"/"+required.GetName(), JSONPatchNoError(existing, toUpdate)) - } + // Check if the metadata objects differ. + didMetadataModify := ptr.To(false) + resourcemerge.EnsureObjectMeta(didMetadataModify, &existingObjectMetaTyped, requiredObjectMetaTyped) - newObj, err := client.Resource(prometheusRuleGVR).Namespace(namespace).Update(ctx, toUpdate, metav1.UpdateOptions{}) + // Deep-check the spec objects for equality, and update the cache in either case. + if defaultingFunc == nil { + defaultingFunc = noDefaulting + } + if equalityChecker == nil { + equalityChecker = equality.Semantic + } + existingCopy, didSpecModify, err := ensureGenericSpec(required, existingCopy, defaultingFunc, equalityChecker) if err != nil { - recorder.Warningf("PrometheusRuleUpdateFailed", "Failed to update PrometheusRule.monitoring.coreos.com/v1: %v", err) - return nil, true, err + return nil, false, err + } + if !didSpecModify && !*didMetadataModify { + // Update cache even if certain fields are not modified, in order to maintain a consistent cache based on the + // resource hash. The resource hash depends on the entire metadata, not just the fields that were checked above, + cache.UpdateCachedResourceMetadata(required, existingCopy) + return existingCopy, false, nil + } + + if klog.V(4).Enabled() { + klog.Infof("%s %q changes: %v", resourceGVR.String(), namespace+"/"+name, JSONPatchNoError(existing, existingCopy)) } - recorder.Eventf("PrometheusRuleUpdated", "Updated PrometheusRule.monitoring.coreos.com/v1 because it changed") - return newObj, true, err + // Perform update if resource exists but different from the required (desired) one. + actual, err := client.Resource(resourceGVR).Namespace(namespace).Update(ctx, required, metav1.UpdateOptions{}) + resourcehelper.ReportUpdateEvent(recorder, required, err) + cache.UpdateCachedResourceMetadata(required, actual) + return actual, true, err } -func DeletePrometheusRule(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { - namespace := required.GetNamespace() - err := client.Resource(prometheusRuleGVR).Namespace(namespace).Delete(ctx, required.GetName(), metav1.DeleteOptions{}) +// DeleteUnstructuredResource deletes the unstructured resource. +func DeleteUnstructuredResource(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured, resourceGVR schema.GroupVersionResource) (*unstructured.Unstructured, bool, error) { + err := client.Resource(resourceGVR).Namespace(required.GetNamespace()).Delete(ctx, required.GetName(), metav1.DeleteOptions{}) if err != nil && errors.IsNotFound(err) { return nil, false, nil } if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } -func DeleteServiceMonitor(ctx context.Context, client dynamic.Interface, recorder events.Recorder, required *unstructured.Unstructured) (*unstructured.Unstructured, bool, error) { - namespace := required.GetNamespace() - err := client.Resource(serviceMonitorGVR).Namespace(namespace).Delete(ctx, required.GetName(), metav1.DeleteOptions{}) - if err != nil && errors.IsNotFound(err) { - return nil, false, nil +func ensureGenericSpec(required, existing *unstructured.Unstructured, mimicDefaultingFn mimicDefaultingFunc, equalityChecker equalityChecker) (*unstructured.Unstructured, bool, error) { + mimicDefaultingFn(required) + requiredSpec, _, err := unstructured.NestedMap(required.UnstructuredContent(), "spec") + if err != nil { + return nil, false, err } + existingSpec, _, err := unstructured.NestedMap(existing.UnstructuredContent(), "spec") if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) - return nil, true, nil + + if equalityChecker.DeepEqual(existingSpec, requiredSpec) { + return existing, false, nil + } + + existingCopy := existing.DeepCopy() + if err := unstructured.SetNestedMap(existingCopy.UnstructuredContent(), requiredSpec, "spec"); err != nil { + return nil, true, err + } + + return existingCopy, true, nil +} + +// mimicDefaultingFunc is used to set fields that are defaulted. This allows for sparse manifests to apply correctly. +// For instance, if field .spec.foo is set to 10 if not set, then a function of this type could be used to set +// the field to 10 to match the comparison. This is sometimes (often?) easier than updating the semantic equality. +// We often see this in places like RBAC and CRD. Logically it can happen generically too. +type mimicDefaultingFunc func(obj *unstructured.Unstructured) + +func noDefaulting(*unstructured.Unstructured) {} + +// equalityChecker allows for custom equality comparisons. This can be used to allow equality checks to skip certain +// operator managed fields. This capability allows something like .spec.scale to be specified or changed by a component +// like HPA. Use this capability sparingly. Most places ought to just use `equality.Semantic` +type equalityChecker interface { + DeepEqual(existing, required interface{}) bool } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go index 6cf4793253a8..86d45fad0888 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/policy.go @@ -11,6 +11,7 @@ import ( "k8s.io/klog/v2" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" ) @@ -20,7 +21,7 @@ func ApplyPodDisruptionBudget(ctx context.Context, client policyclientv1.PodDisr requiredCopy := required.DeepCopy() actual, err := client.PodDisruptionBudgets(required.Namespace).Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*policyv1.PodDisruptionBudget), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -43,7 +44,7 @@ func ApplyPodDisruptionBudget(ctx context.Context, client policyclientv1.PodDisr } actual, err := client.PodDisruptionBudgets(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -55,6 +56,6 @@ func DeletePodDisruptionBudget(ctx context.Context, client policyclientv1.PodDis if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/rbac.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/rbac.go index 4b45c8818e58..223c64d4f862 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/rbac.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/rbac.go @@ -11,6 +11,7 @@ import ( "k8s.io/klog/v2" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" ) @@ -21,7 +22,7 @@ func ApplyClusterRole(ctx context.Context, client rbacclientv1.ClusterRolesGette requiredCopy := required.DeepCopy() actual, err := client.ClusterRoles().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*rbacv1.ClusterRole), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -55,7 +56,7 @@ func ApplyClusterRole(ctx context.Context, client rbacclientv1.ClusterRolesGette } actual, err := client.ClusterRoles().Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -67,7 +68,7 @@ func ApplyClusterRoleBinding(ctx context.Context, client rbacclientv1.ClusterRol requiredCopy := required.DeepCopy() actual, err := client.ClusterRoleBindings().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*rbacv1.ClusterRoleBinding), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -110,7 +111,7 @@ func ApplyClusterRoleBinding(ctx context.Context, client rbacclientv1.ClusterRol } actual, err := client.ClusterRoleBindings().Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, requiredCopy, err) + resourcehelper.ReportUpdateEvent(recorder, requiredCopy, err) return actual, true, err } @@ -121,7 +122,7 @@ func ApplyRole(ctx context.Context, client rbacclientv1.RolesGetter, recorder ev requiredCopy := required.DeepCopy() actual, err := client.Roles(required.Namespace).Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*rbacv1.Role), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -143,7 +144,7 @@ func ApplyRole(ctx context.Context, client rbacclientv1.RolesGetter, recorder ev klog.Infof("Role %q changes: %v", required.Namespace+"/"+required.Name, JSONPatchNoError(existing, existingCopy)) } actual, err := client.Roles(required.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -155,7 +156,7 @@ func ApplyRoleBinding(ctx context.Context, client rbacclientv1.RoleBindingsGette requiredCopy := required.DeepCopy() actual, err := client.RoleBindings(required.Namespace).Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*rbacv1.RoleBinding), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -198,7 +199,7 @@ func ApplyRoleBinding(ctx context.Context, client rbacclientv1.RoleBindingsGette } actual, err := client.RoleBindings(requiredCopy.Namespace).Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, requiredCopy, err) + resourcehelper.ReportUpdateEvent(recorder, requiredCopy, err) return actual, true, err } @@ -210,7 +211,7 @@ func DeleteClusterRole(ctx context.Context, client rbacclientv1.ClusterRolesGett if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -222,7 +223,7 @@ func DeleteClusterRoleBinding(ctx context.Context, client rbacclientv1.ClusterRo if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -234,7 +235,7 @@ func DeleteRole(ctx context.Context, client rbacclientv1.RolesGetter, recorder e if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -246,6 +247,6 @@ func DeleteRoleBinding(ctx context.Context, client rbacclientv1.RoleBindingsGett if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/storage.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/storage.go index 1d08e4cca27a..3199d2db05de 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/storage.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/storage.go @@ -12,6 +12,7 @@ import ( "k8s.io/klog/v2" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" "github.com/openshift/library-go/pkg/operator/resource/resourcemerge" ) @@ -37,7 +38,7 @@ func ApplyStorageClass(ctx context.Context, client storageclientv1.StorageClasse requiredCopy := required.DeepCopy() actual, err := client.StorageClasses().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*storagev1.StorageClass), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -84,7 +85,7 @@ func ApplyStorageClass(ctx context.Context, client storageclientv1.StorageClasse if storageClassNeedsRecreate(existingCopy, requiredCopy) { requiredCopy.ObjectMeta.ResourceVersion = "" err = client.StorageClasses().Delete(ctx, existingCopy.Name, metav1.DeleteOptions{}) - reportDeleteEvent(recorder, requiredCopy, err, "Deleting StorageClass to re-create it with updated parameters") + resourcehelper.ReportDeleteEvent(recorder, requiredCopy, err, "Deleting StorageClass to re-create it with updated parameters") if err != nil && !apierrors.IsNotFound(err) { return existing, false, err } @@ -99,13 +100,13 @@ func ApplyStorageClass(ctx context.Context, client storageclientv1.StorageClasse } else if err != nil { err = fmt.Errorf("failed to re-create StorageClass %s: %s", existingCopy.Name, err) } - reportCreateEvent(recorder, actual, err) + resourcehelper.ReportCreateEvent(recorder, actual, err) return actual, true, err } // Only mutable fields need a change actual, err := client.StorageClasses().Update(ctx, requiredCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -153,7 +154,7 @@ func ApplyCSIDriver(ctx context.Context, client storageclientv1.CSIDriversGetter requiredCopy := required.DeepCopy() actual, err := client.CSIDrivers().Create( ctx, resourcemerge.WithCleanLabelsAndAnnotations(requiredCopy).(*storagev1.CSIDriver), metav1.CreateOptions{}) - reportCreateEvent(recorder, required, err) + resourcehelper.ReportCreateEvent(recorder, required, err) return actual, true, err } if err != nil { @@ -187,7 +188,7 @@ func ApplyCSIDriver(ctx context.Context, client storageclientv1.CSIDriversGetter if sameSpec { // Update metadata by a simple Update call actual, err := client.CSIDrivers().Update(ctx, existingCopy, metav1.UpdateOptions{}) - reportUpdateEvent(recorder, required, err) + resourcehelper.ReportUpdateEvent(recorder, required, err) return actual, true, err } @@ -195,7 +196,7 @@ func ApplyCSIDriver(ctx context.Context, client storageclientv1.CSIDriversGetter existingCopy.ObjectMeta.ResourceVersion = "" // Spec is read-only after creation. Delete and re-create the object err = client.CSIDrivers().Delete(ctx, existingCopy.Name, metav1.DeleteOptions{}) - reportDeleteEvent(recorder, existingCopy, err, "Deleting CSIDriver to re-create it with updated parameters") + resourcehelper.ReportDeleteEvent(recorder, existingCopy, err, "Deleting CSIDriver to re-create it with updated parameters") if err != nil && !apierrors.IsNotFound(err) { return existing, false, err } @@ -210,7 +211,7 @@ func ApplyCSIDriver(ctx context.Context, client storageclientv1.CSIDriversGetter } else if err != nil { err = fmt.Errorf("failed to re-create CSIDriver %s: %s", existingCopy.Name, err) } - reportCreateEvent(recorder, existingCopy, err) + resourcehelper.ReportCreateEvent(recorder, existingCopy, err) return actual, true, err } @@ -242,7 +243,7 @@ func DeleteStorageClass(ctx context.Context, client storageclientv1.StorageClass if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } @@ -254,6 +255,6 @@ func DeleteCSIDriver(ctx context.Context, client storageclientv1.CSIDriversGette if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go index 1adb01aeebc5..b17e484a88ba 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/unstructured.go @@ -4,10 +4,11 @@ import ( "context" "fmt" - "github.com/openshift/library-go/pkg/operator/events" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/dynamic" + + "github.com/openshift/library-go/pkg/operator/events" ) // ApplyKnownUnstructured applies few selected Unstructured types, where it semantic knowledge @@ -20,6 +21,10 @@ func ApplyKnownUnstructured(ctx context.Context, client dynamic.Interface, recor return ApplyPrometheusRule(ctx, client, recorder, obj) case schema.GroupKind{Group: "snapshot.storage.k8s.io", Kind: "VolumeSnapshotClass"}: return ApplyVolumeSnapshotClass(ctx, client, recorder, obj) + case schema.GroupKind{Group: "monitoring.coreos.com", Kind: "Alertmanager"}: + return ApplyAlertmanager(ctx, client, recorder, obj) + case schema.GroupKind{Group: "monitoring.coreos.com", Kind: "Prometheus"}: + return ApplyPrometheus(ctx, client, recorder, obj) } @@ -35,6 +40,10 @@ func DeleteKnownUnstructured(ctx context.Context, client dynamic.Interface, reco return DeletePrometheusRule(ctx, client, recorder, obj) case schema.GroupKind{Group: "snapshot.storage.k8s.io", Kind: "VolumeSnapshotClass"}: return DeleteVolumeSnapshotClass(ctx, client, recorder, obj) + case schema.GroupKind{Group: "monitoring.coreos.com", Kind: "Alertmanager"}: + return DeleteAlertmanager(ctx, client, recorder, obj) + case schema.GroupKind{Group: "monitoring.coreos.com", Kind: "Prometheus"}: + return DeletePrometheus(ctx, client, recorder, obj) } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go index 4c89e6529100..763e03d5d500 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/volumesnapshotclass.go @@ -13,6 +13,7 @@ import ( "k8s.io/client-go/dynamic" "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/resource/resourcehelper" ) const ( @@ -124,6 +125,6 @@ func DeleteVolumeSnapshotClass(ctx context.Context, client dynamic.Interface, re if err != nil { return nil, false, err } - reportDeleteEvent(recorder, required, err) + resourcehelper.ReportDeleteEvent(recorder, required, err) return nil, true, nil } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/event_helpers.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/event_helpers.go new file mode 100644 index 000000000000..8e8ebbe96a85 --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/event_helpers.go @@ -0,0 +1,43 @@ +package resourcehelper + +import ( + "fmt" + "strings" + + "k8s.io/apimachinery/pkg/runtime" + + "github.com/openshift/library-go/pkg/operator/events" +) + +func ReportCreateEvent(recorder events.Recorder, obj runtime.Object, originalErr error) { + gvk := GuessObjectGroupVersionKind(obj) + if originalErr == nil { + recorder.Eventf(fmt.Sprintf("%sCreated", gvk.Kind), "Created %s because it was missing", FormatResourceForCLIWithNamespace(obj)) + return + } + recorder.Warningf(fmt.Sprintf("%sCreateFailed", gvk.Kind), "Failed to create %s: %v", FormatResourceForCLIWithNamespace(obj), originalErr) +} + +func ReportUpdateEvent(recorder events.Recorder, obj runtime.Object, originalErr error, details ...string) { + gvk := GuessObjectGroupVersionKind(obj) + switch { + case originalErr != nil: + recorder.Warningf(fmt.Sprintf("%sUpdateFailed", gvk.Kind), "Failed to update %s: %v", FormatResourceForCLIWithNamespace(obj), originalErr) + case len(details) == 0: + recorder.Eventf(fmt.Sprintf("%sUpdated", gvk.Kind), "Updated %s because it changed", FormatResourceForCLIWithNamespace(obj)) + default: + recorder.Eventf(fmt.Sprintf("%sUpdated", gvk.Kind), "Updated %s:\n%s", FormatResourceForCLIWithNamespace(obj), strings.Join(details, "\n")) + } +} + +func ReportDeleteEvent(recorder events.Recorder, obj runtime.Object, originalErr error, details ...string) { + gvk := GuessObjectGroupVersionKind(obj) + switch { + case originalErr != nil: + recorder.Warningf(fmt.Sprintf("%sDeleteFailed", gvk.Kind), "Failed to delete %s: %v", FormatResourceForCLIWithNamespace(obj), originalErr) + case len(details) == 0: + recorder.Eventf(fmt.Sprintf("%sDeleted", gvk.Kind), "Deleted %s", FormatResourceForCLIWithNamespace(obj)) + default: + recorder.Eventf(fmt.Sprintf("%sDeleted", gvk.Kind), "Deleted %s:\n%s", FormatResourceForCLIWithNamespace(obj), strings.Join(details, "\n")) + } +} diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/resource_helpers.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/resource_helpers.go index 43ea9111c6f2..e89974790ba4 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/resource_helpers.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourcehelper/resource_helpers.go @@ -63,6 +63,9 @@ func FormatResourceForCLI(obj runtime.Object) string { // GuessObjectGroupVersionKind returns a human readable for the passed runtime object. func GuessObjectGroupVersionKind(object runtime.Object) schema.GroupVersionKind { + if object == nil { + return schema.GroupVersionKind{Kind: ""} + } if gvk := object.GetObjectKind().GroupVersionKind(); len(gvk.Kind) > 0 { return gvk } diff --git a/vendor/modules.txt b/vendor/modules.txt index 2fff8175662e..b435b48297e9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -800,7 +800,7 @@ github.com/opencontainers/runtime-spec/specs-go github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/api v0.0.0-20240704102751-33ed71ab039f +# github.com/openshift/api v0.0.0-20240704102751-33ed71ab039f => github.com/atiratree/api v0.0.0-20240830152941-34de2c1ab9d8 ## explicit; go 1.22.0 github.com/openshift/api github.com/openshift/api/annotations @@ -875,7 +875,7 @@ github.com/openshift/api/template/v1 github.com/openshift/api/unidling/v1alpha1 github.com/openshift/api/user github.com/openshift/api/user/v1 -# github.com/openshift/apiserver-library-go v0.0.0-20240716092710-e88385a79b17 +# github.com/openshift/apiserver-library-go v0.0.0-20240716092710-e88385a79b17 => github.com/atiratree/apiserver-library-go v0.0.0-20240902141710-d46ab0ce0d50 ## explicit; go 1.22.0 github.com/openshift/apiserver-library-go/pkg/admission/imagepolicy github.com/openshift/apiserver-library-go/pkg/admission/imagepolicy/apis/imagepolicy/v1 @@ -906,7 +906,7 @@ github.com/openshift/build-machinery-go/make/targets/golang github.com/openshift/build-machinery-go/make/targets/openshift github.com/openshift/build-machinery-go/make/targets/openshift/operator github.com/openshift/build-machinery-go/scripts -# github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87 +# github.com/openshift/client-go v0.0.0-20240528061634-b054aa794d87 => github.com/atiratree/client-go v0.0.0-20240830171345-d8eefb9e13fa ## explicit; go 1.22.0 github.com/openshift/client-go/apiserver/applyconfigurations/apiserver/v1 github.com/openshift/client-go/apiserver/applyconfigurations/internal @@ -1037,7 +1037,7 @@ github.com/openshift/client-go/user/listers/user/v1 # github.com/openshift/cluster-network-operator v0.0.0-20240708200319-1cd8678b38fb ## explicit; go 1.22.0 github.com/openshift/cluster-network-operator/pkg/names -# github.com/openshift/library-go v0.0.0-20240709182732-b94141242b0c +# github.com/openshift/library-go v0.0.0-20240709182732-b94141242b0c => github.com/atiratree/library-go v0.0.0-20240830172616-6ec6d5a91763 ## explicit; go 1.22.0 github.com/openshift/library-go/pkg/apiserver/admission/admissionrestconfig github.com/openshift/library-go/pkg/apiserver/admission/admissiontimeout @@ -1108,7 +1108,7 @@ github.com/pkg/errors # github.com/pkg/profile v1.3.0 ## explicit github.com/pkg/profile -# github.com/pmezard/go-difflib v1.0.0 +# github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 ## explicit github.com/pmezard/go-difflib/difflib # github.com/pquerna/cachecontrol v0.1.0 @@ -3838,3 +3838,7 @@ sigs.k8s.io/yaml/goyaml.v2 # k8s.io/sample-apiserver => github.com/openshift/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20240723170835-32f817d75efe # k8s.io/sample-cli-plugin => github.com/openshift/kubernetes/staging/src/k8s.io/sample-cli-plugin v0.0.0-20240723170835-32f817d75efe # k8s.io/sample-controller => github.com/openshift/kubernetes/staging/src/k8s.io/sample-controller v0.0.0-20240723170835-32f817d75efe +# github.com/openshift/api => github.com/atiratree/api v0.0.0-20240830152941-34de2c1ab9d8 +# github.com/openshift/client-go => github.com/atiratree/client-go v0.0.0-20240830171345-d8eefb9e13fa +# github.com/openshift/library-go => github.com/atiratree/library-go v0.0.0-20240830172616-6ec6d5a91763 +# github.com/openshift/apiserver-library-go => github.com/atiratree/apiserver-library-go v0.0.0-20240902141710-d46ab0ce0d50