From 95a9cab6c1994885b389a947ed5d4b6ac6f9d8b5 Mon Sep 17 00:00:00 2001 From: Akhil Rane Date: Wed, 9 Sep 2020 18:24:34 -0400 Subject: [PATCH 1/8] Fix formatting in README --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index fc15841190..c1e5d45ff7 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,7 @@ The default and recommended best practice for running OpenShift is to run the in Pros: * Each cluster component has only the permissions it needs. * Automatic on-going reconciliation for cloud credentials including upgrades, which may require additional credentials or permissions. + Cons: * Requires admin credential storage in a cluster kube-system secret. (however if a user has access to all secrets in your cluster, you are severely compromised regardless) @@ -139,6 +140,7 @@ Prior to upgrade, the admin credential should be restored. In the future upgrade Pros: * Admin credential is not stored in the cluster permanently and does not need to be long lived. + Cons: * Still requires admin credential in the cluster for brief periods of time. * Requires manually re-instating the Secret with admin credentials for each upgrade. @@ -155,6 +157,7 @@ By default the permissions needed only for installation are required, however it Pros: * Does not require installing or running with an admin credential. + Cons: * Includes broad permissions only needed at install time, unless manual action is taken to reduce permissions post-install. * Credential permissions may need to be manually updated prior to any upgrade. @@ -169,6 +172,7 @@ In this mode a user manually performs the job of the cloud credential operator. Pros: * Admin credential never stored in the cluster. * Each cluster component has only the permissions it needs. + Cons: * Manual process required for install and every upgrade to reconcile permissions with the new release image. @@ -185,6 +189,7 @@ This future enhancement will allow the use of short lived Amazon STS tokens. In Pros: * Each cluster component has only the permissions it needs. * Automatic on-going reconciliation for cloud credentials including upgrades. + Cons: * Requires admin credential storage in a cluster kube-system secret. (if this is readable however, your cluster is severely compromised regardless) From f8342a4631255854352b7fd8546fec04f266900d Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 6 Oct 2020 08:36:28 -0300 Subject: [PATCH 2/8] Stop reporting mode metrics for unused modes. We now will report 1 for any modes in use, and anything not in use will be explicitly cleared in case we transitioned modes since the pod was started. This is to make the metric easier to consume across the entire fleet. --- pkg/operator/metrics/metrics.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkg/operator/metrics/metrics.go b/pkg/operator/metrics/metrics.go index bcc114bd5c..b766d2d97c 100644 --- a/pkg/operator/metrics/metrics.go +++ b/pkg/operator/metrics/metrics.go @@ -250,7 +250,12 @@ func setCredentialsMode(ccoDisabled bool, secret *corev1.Secret, notFound bool, crMode[detectedMode] = 1 for k, v := range crMode { - metricCredentialsMode.WithLabelValues(string(k)).Set(float64(v)) + if v > 0 { + metricCredentialsMode.WithLabelValues(string(k)).Set(float64(v)) + } else { + // Ensure unused modes are cleared if we've recently changed mode: + metricCredentialsMode.Delete(map[string]string{"mode": string(k)}) + } } } From 2a12ac1c293173398b8051263ba141b1a4f1dcc8 Mon Sep 17 00:00:00 2001 From: Joel Diaz Date: Wed, 7 Oct 2020 08:51:44 -0400 Subject: [PATCH 3/8] allow skipping leader election --- pkg/cmd/operator/cmd.go | 54 ++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 25 deletions(-) diff --git a/pkg/cmd/operator/cmd.go b/pkg/cmd/operator/cmd.go index f42d7d1542..b14e90d7e1 100644 --- a/pkg/cmd/operator/cmd.go +++ b/pkg/cmd/operator/cmd.go @@ -139,32 +139,36 @@ func NewOperator() *cobra.Command { }, } - // start the leader election code loop - leaderelection.RunOrDie(ctx, leaderelection.LeaderElectionConfig{ - Lock: lock, - ReleaseOnCancel: true, - LeaseDuration: 360 * time.Second, - RenewDeadline: 270 * time.Second, - RetryPeriod: 90 * time.Second, - Callbacks: leaderelection.LeaderCallbacks{ - OnStartedLeading: func(ctx context.Context) { - run(ctx) + if os.Getenv("CCO_SKIP_LEADER_ELECTION") != "" { + run(ctx) + } else { + // start the leader election code loop + leaderelection.RunOrDie(ctx, leaderelection.LeaderElectionConfig{ + Lock: lock, + ReleaseOnCancel: true, + LeaseDuration: 360 * time.Second, + RenewDeadline: 270 * time.Second, + RetryPeriod: 90 * time.Second, + Callbacks: leaderelection.LeaderCallbacks{ + OnStartedLeading: func(ctx context.Context) { + run(ctx) + }, + OnStoppedLeading: func() { + // we can do cleanup here if necessary + leLog.Infof("leader lost") + os.Exit(0) + }, + OnNewLeader: func(identity string) { + if identity == id { + // We just became the leader + leLog.Info("became leader") + return + } + log.Infof("current leader: %s", identity) + }, }, - OnStoppedLeading: func() { - // we can do cleanup here if necessary - leLog.Infof("leader lost") - os.Exit(0) - }, - OnNewLeader: func(identity string) { - if identity == id { - // We just became the leader - leLog.Info("became leader") - return - } - log.Infof("current leader: %s", identity) - }, - }, - }) + }) + } }, } From a4d95fee3701df7c0690f59174bfe2341ca79fb5 Mon Sep 17 00:00:00 2001 From: Justin Pierce Date: Wed, 7 Oct 2020 11:45:34 -0400 Subject: [PATCH 4/8] Updating ose-cloud-credential-operator builder & base images to be consistent with ART Reconciling with https://github.com/openshift/ocp-build-data/tree/ac81dd4ff0bd57c4e75058d25b40615b92948259/images/ose-cloud-credential-operator.yml --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index bc462c1463..4c23e84c53 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,10 @@ -FROM registry.svc.ci.openshift.org/ocp/builder:rhel-8-golang-1.15-openshift-4.6 as builder +FROM registry.svc.ci.openshift.org/ocp/builder:rhel-8-golang-1.15-openshift-4.7 AS builder WORKDIR /go/src/github.com/openshift/cloud-credential-operator COPY . . ENV GO_PACKAGE github.com/openshift/cloud-credential-operator RUN go build -ldflags "-X $GO_PACKAGE/pkg/version.versionFromGit=$(git describe --long --tags --abbrev=7 --match 'v[0-9]*')" ./cmd/cloud-credential-operator -FROM registry.svc.ci.openshift.org/ocp/4.6:base +FROM registry.svc.ci.openshift.org/ocp/4.7:base COPY --from=builder /go/src/github.com/openshift/cloud-credential-operator/cloud-credential-operator /usr/bin/ COPY manifests /manifests # Update perms so we can copy updated CA if needed From bbb9d9a262c65fb9903702b5954fe583c2ad0fb8 Mon Sep 17 00:00:00 2001 From: Danielle Barda Date: Tue, 4 Aug 2020 15:36:38 +0300 Subject: [PATCH 5/8] Adding ocp actuator --- go.mod | 2 +- go.sum | 47 +- pkg/ocp/actuator.go | 275 ++++++++++ pkg/operator/constants/constants.go | 4 + pkg/operator/controller.go | 8 + .../credentialsrequest_controller.go | 1 + pkg/operator/metrics/metrics.go | 2 + vendor/github.com/openshift/api/Makefile | 1 + ...config-operator_01_infrastructure.crd.yaml | 29 +- .../api/config/v1/types_infrastructure.go | 32 +- .../api/config/v1/zz_generated.deepcopy.go | 42 ++ .../v1/zz_generated.swagger_doc_generated.go | 22 +- vendor/github.com/openshift/api/go.mod | 2 +- .../api/imageregistry/v1/00-crd.yaml | 22 +- .../api/imageregistry/v1/01-crd.yaml | 12 + .../openshift/api/imageregistry/v1/types.go | 2 +- .../api/imageregistry/v1/types_imagepruner.go | 7 + .../v1/zz_generated.swagger_doc_generated.go | 1 + ...0000_10_config-operator_01_config.crd.yaml | 22 +- ... 0000_12_etcd-operator_01_config.crd.yaml} | 22 +- ...kube-apiserver-operator_01_config.crd.yaml | 22 +- ...roller-manager-operator_01_config.crd.yaml | 22 +- ...kube-scheduler-operator_01_config.crd.yaml | 22 +- ...hift-apiserver-operator_01_config.crd.yaml | 22 +- ...oud-credential-operator_00_config.crd.yaml | 22 +- ...rsion-migrator-operator_00_config.crd.yaml | 22 +- ...authentication-operator_01_config.crd.yaml | 22 +- ...roller-manager-operator_02_config.crd.yaml | 22 +- ...00_50_cluster_storage_operator_01_crd.yaml | 22 +- ...ess-operator_00-ingresscontroller.crd.yaml | 4 + .../0000_50_service-ca-operator_02_crd.yaml | 37 +- ...00_70_cluster-network-operator_01_crd.yaml | 18 +- .../v1/0000_70_console-operator.crd.yaml | 22 +- ...i_snapshot_controller_operator_01_crd.yaml | 22 +- ...0_90_cluster_csi_driver_01_config.crd.yaml | 23 +- ...luster_csi_driver_01_config.crd.yaml-patch | 1 + .../openshift/api/operator/v1/types.go | 9 +- .../operator/v1/types_csi_cluster_driver.go | 1 + .../api/operator/v1/types_network.go | 10 +- .../v1/zz_generated.swagger_doc_generated.go | 6 +- ...10-pod-network-connectivity-check.crd.yaml | 492 +++++++++--------- .../openshift/api/route/v1/generated.proto | 4 + .../openshift/api/route/v1/types.go | 4 + .../v1/zz_generated.swagger_doc_generated.go | 2 +- vendor/modules.txt | 2 +- 45 files changed, 1045 insertions(+), 365 deletions(-) create mode 100644 pkg/ocp/actuator.go rename vendor/github.com/openshift/api/operator/v1/{0000_20_etcd-operator_01.crd.yaml => 0000_12_etcd-operator_01_config.crd.yaml} (92%) diff --git a/go.mod b/go.mod index 670d3a3117..5046434dab 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/googleapis/gnostic v0.5.1 // indirect github.com/imdario/mergo v0.3.10 // indirect github.com/onsi/ginkgo v1.14.0 // indirect - github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971 + github.com/openshift/api v0.0.0-20201012140924-16436fa6166b github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 github.com/openshift/library-go v0.0.0-20200911100307-610c6e9e90b8 diff --git a/go.sum b/go.sum index 6e64d145da..ed4b288c6a 100644 --- a/go.sum +++ b/go.sum @@ -147,6 +147,7 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v0.0.0-20190815234213-e83c0a1c26c8/go.mod h1:pmLOTb3x90VhIKxsA9yeQG5yfOkkKnkk1h+Ql8NDYDw= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M= github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -338,6 +339,8 @@ github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NH github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc= github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik= +github.com/joelanford/controller-runtime v0.2.0-beta.1.0.20200723141319-3249b9ca8d12 h1:dWXV9c+wvcS63MQA8dOHF+lo3ZyvouNk9AoUbCA1Wjg= +github.com/joelanford/controller-runtime v0.2.0-beta.1.0.20200723141319-3249b9ca8d12/go.mod h1:dIvg+GvXrqLZtcdpMIG+mscMDMMW0HZmty8i2Qj1hpI= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= @@ -397,6 +400,8 @@ github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8m github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/nirarg/api v0.0.0-20200803123134-acfad52c109f h1:6JijyBN/FZckWbG84daUqSNiJ/Hh5bR3crsEX7GDZj0= +github.com/nirarg/api v0.0.0-20200803123134-acfad52c109f/go.mod h1:IXsT3F4NjLtRzfnQvwU+g/oPWpoNsVV5vd5aaOMO8eU= github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= @@ -419,8 +424,9 @@ github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQ github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20191031171055-b133feaeeb2e/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/openshift/api v0.0.0-20200827090112-c05698d102cf/go.mod h1:M3xexPhgM8DISzzRpuFUy+jfPjQPIcs9yqEYj17mXV8= -github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971 h1:l4jU2pbYCFlWffDL8gQaN24UohhHI8Zq/zmiSpYzy7o= -github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971/go.mod h1:M3xexPhgM8DISzzRpuFUy+jfPjQPIcs9yqEYj17mXV8= +github.com/openshift/api v0.0.0-20201012140924-16436fa6166b h1:hnK7EIIqo8h8Ep0zVSkrdKnBpHF6tvrKZg6OAcgSkjg= +github.com/openshift/api v0.0.0-20201012140924-16436fa6166b/go.mod h1:Si/I9UGeRR3qzg01YWPmtlr0GeGk2fnuggXJRmjAZ6U= +github.com/openshift/build-machinery-go v0.0.0-20200713135615-1f43d26dccc7/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7 h1:mOq7Mg1Q9d7nIDxe1SJ6pluMBQsbVxa6olyAGmfYWTg= github.com/openshift/build-machinery-go v0.0.0-20200819073603-48aa266c95f7/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/openshift/client-go v0.0.0-20200827190008-3062137373b5 h1:E6WhVL5p3rfjtc+o+jVG/29Aclnf3XIF7akxXvadwR0= @@ -498,7 +504,6 @@ github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/y github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= @@ -524,6 +529,7 @@ go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= +go.etcd.io/etcd v0.5.0-alpha.5.0.20200716221620-18dfb9cca345/go.mod h1:skWido08r9w6Lq/w70DO5XYIKMu4QFu1+4VsqLQuJy8= go.etcd.io/etcd v0.5.0-alpha.5.0.20200819165624-17cef6e3e9d5/go.mod h1:skWido08r9w6Lq/w70DO5XYIKMu4QFu1+4VsqLQuJy8= go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= @@ -534,18 +540,14 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3 h1:8sGtKOrtQqkN1bp2AtX+misvLIlOmsEsNd+9NIcPEm8= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.6.0 h1:Ezj3JGmsOnG1MoRWQkPBsKLe9DwWD9QeXzTRzzldNVk= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= -go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.5.0 h1:KCa4XfM8CWFCpxXRGok+Q0SS/0XBhMDbHHGABQLvD2A= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= -go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee h1:0mgffUl7nfd+FpvXMVz4IDEaUSmT1ysygQC7qYo7sG4= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= go.uber.org/zap v1.8.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.10.0 h1:ORx85nbTijNz8ljznvCMR1ZBIPKFn3jQrag10X2AsuM= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM= go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= @@ -560,9 +562,7 @@ golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 h1:ULYEB3JvPRE/IfO+9uO7vKV/xzVTO7XPAwm8xbf4w2g= golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975 h1:/Tl7pH94bvbAAHBdZJT947M/+gp0+CqQXDtMRC0fseo= golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -589,7 +589,6 @@ golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= @@ -597,7 +596,6 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -628,9 +626,7 @@ golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7+slrESplyjG25HgL+k= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7 h1:AeiKBIuRw3UomYXSbLy0Mc2dDLfdtbT/IVn4keq83P0= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -684,7 +680,6 @@ golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200331124033-c3d80250170d h1:nc5K6ox/4lTFbMVSL9WRR81ixkcwXThoiF6yf+R9scA= golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -694,14 +689,12 @@ golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fq golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e h1:EHBhcS0mlXEAVwNyO2dLfjToGsyY4j24pTs2ScHnX7s= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -745,15 +738,14 @@ golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4 h1:kDtqNkeBrZb8B+atrj50B5XLHpzXXqcCdZPP/ApQ5NY= golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200602230032-c00d67ef29d0/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200616133436-c1934b75d054 h1:HHeAlu5H9b71C+Fx0K+1dGgVFN1DM1/wz4aoGOA5qS8= golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.0.1 h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0= gomodules.xyz/jsonpatch/v2 v2.0.1/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= gomodules.xyz/jsonpatch/v2 v2.1.0 h1:Phva6wqu+xR//Njw6iorylFFgn/z547tw5Ne3HZPQ+k= gomodules.xyz/jsonpatch/v2 v2.1.0/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= @@ -776,7 +768,6 @@ google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9Ywl google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= @@ -822,16 +813,13 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -840,14 +828,12 @@ gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24 gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.2.2 h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -861,40 +847,46 @@ honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -honnef.co/go/tools v0.0.1-2020.1.3 h1:sXmLre5bzIR6ypkjXCDI3jHPssRhc8KD/Ome589sc3U= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI= k8s.io/api v0.18.0-beta.2/go.mod h1:2oeNnWEqcSmaM/ibSh3t7xcIqbkGXhzZdn4ezV9T4m0= k8s.io/api v0.18.6/go.mod h1:eeyxr+cwCjMdLAmr2W3RyDI0VvTawSg/3RFFBEnmZGI= +k8s.io/api v0.19.0-rc.2/go.mod h1:9nHeM2gbqeaL7yN6UFvOxKzLG5gZ4v+DJ6bpavDetZo= k8s.io/api v0.19.0 h1:XyrFIJqTYZJ2DU7FBE/bSPz7b1HvbVBuBf07oeo6eTc= k8s.io/api v0.19.0/go.mod h1:I1K45XlvTrDjmj5LoM5LuP/KYrhWbjUKT/SoPG0qTjw= k8s.io/apiextensions-apiserver v0.17.0/go.mod h1:XiIFUakZywkUl54fVXa7QTEHcqQz9HG55nHd1DCoHj8= k8s.io/apiextensions-apiserver v0.18.0-beta.2/go.mod h1:Hnrg5jx8/PbxRbUoqDGxtQkULjwx8FDW4WYJaKNK+fk= k8s.io/apiextensions-apiserver v0.18.6/go.mod h1:lv89S7fUysXjLZO7ke783xOwVTm6lKizADfvUM/SS/M= +k8s.io/apiextensions-apiserver v0.19.0-rc.2/go.mod h1:LkNk/VUFXmwgURxOOQz3FJEjX/Ls0bwkq5/LIGTipIM= k8s.io/apiextensions-apiserver v0.19.0 h1:jlY13lvZp+0p9fRX2khHFdiT9PYzT7zUrANz6R1NKtY= k8s.io/apiextensions-apiserver v0.19.0/go.mod h1:znfQxNpjqz/ZehvbfMg5N6fvBJW5Lqu5HVLTJQdP4Fs= k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= k8s.io/apimachinery v0.18.0-beta.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= k8s.io/apimachinery v0.18.6/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko= +k8s.io/apimachinery v0.19.0-rc.2/go.mod h1:eHbWZVMaaewmYBAUuRYnAmTTMtDhvpPNZuh8/6Yl7v0= k8s.io/apimachinery v0.19.0 h1:gjKnAda/HZp5k4xQYjL0K/Yb66IvNqjthCb03QlKpaQ= k8s.io/apimachinery v0.19.0/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= k8s.io/apiserver v0.17.0/go.mod h1:ABM+9x/prjINN6iiffRVNCBR2Wk7uY4z+EtEGZD48cg= k8s.io/apiserver v0.18.0-beta.2/go.mod h1:bnblMkMoCFnIfVnVftd0SXJPzyvrk3RtaqSbblphF/A= k8s.io/apiserver v0.18.6/go.mod h1:Zt2XvTHuaZjBz6EFYzpp+X4hTmgWGy8AthNVnTdm3Wg= +k8s.io/apiserver v0.19.0-rc.2/go.mod h1:fJNYk3hSPRsS8uvkFoYwW17MyC5oyoPq6JCgaJM5Zmo= k8s.io/apiserver v0.19.0/go.mod h1:XvzqavYj73931x7FLtyagh8WibHpePJ1QwWrSJs2CLk= k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k= k8s.io/client-go v0.18.0-beta.2/go.mod h1:UvuVxHjKWIcgy0iMvF+bwNDW7l0mskTNOaOW1Qv5BMA= k8s.io/client-go v0.18.6/go.mod h1:/fwtGLjYMS1MaM5oi+eXhKwG+1UHidUEXRh6cNsdO0Q= +k8s.io/client-go v0.19.0-rc.2/go.mod h1:8ELpdR+MEbL/z6gbYHpB52eKPKOVJNKj4I1WiR3g87A= k8s.io/client-go v0.19.0 h1:1+0E0zfWFIWeyRhQYWzimJOyAk2UT7TiARaLNwJCf7k= k8s.io/client-go v0.19.0/go.mod h1:H9E/VT95blcFQnlyShFgnFT9ZnJOAceiUHM3MlRC+mU= k8s.io/code-generator v0.17.0/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/code-generator v0.18.0-beta.2/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc= k8s.io/code-generator v0.18.6/go.mod h1:TgNEVx9hCyPGpdtCWA34olQYLkh3ok9ar7XfSsr8b6c= +k8s.io/code-generator v0.19.0-rc.2/go.mod h1:uR3gwQvtcOjBrvwXhFF1lw5kq9BOOAfSKl/pZZ1zW3I= k8s.io/code-generator v0.19.0 h1:r0BxYnttP/r8uyKd4+Njg0B57kKi8wLvwEzaaVy3iZ8= k8s.io/code-generator v0.19.0/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= k8s.io/component-base v0.17.0/go.mod h1:rKuRAokNMY2nn2A6LP/MiwpoaMRHpfRnrPaUJJj1Yoc= k8s.io/component-base v0.18.0-beta.2/go.mod h1:HVk5FpRnyzQ/MjBr9//e/yEBjTVa2qjGXCTuUzcD7ks= k8s.io/component-base v0.18.6/go.mod h1:knSVsibPR5K6EW2XOjEHik6sdU5nCvKMrzMt2D4In14= +k8s.io/component-base v0.19.0-rc.2/go.mod h1:aqXtywSxbTRUXnC1+1+DFIT1GXBxb6SogGhsHXmEbyc= k8s.io/component-base v0.19.0 h1:OueXf1q3RW7NlLlUCj2Dimwt7E1ys6ZqRnq53l2YuoE= k8s.io/component-base v0.19.0/go.mod h1:dKsY8BxkA+9dZIAh2aWJLL/UdASFDNtGYTCItL4LM7Y= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= @@ -908,7 +900,6 @@ k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.3.0 h1:WmkrnW7fdrm0/DMClc+HIxtftvxVIPAhlVwMQo5yLco= k8s.io/klog/v2 v2.3.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= @@ -918,12 +909,14 @@ k8s.io/kube-aggregator v0.19.0/go.mod h1:1Ln45PQggFAG8xOqWPIYMxUq8WNtpPnYsbUJ39D k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= +k8s.io/kube-openapi v0.0.0-20200427153329-656914f816f9/go.mod h1:bfCVj+qXcEaE5SCvzBaqpOySr6tuCcpPKqF6HD8nyCw= k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ= k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20200229041039-0a110f9eb7ab/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20200603063816-c1c6865ac451/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20200720150651-0bdb4ca86cbc/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20200729134348-d5654de09c73 h1:uJmqzgNWG7XyClnU/mLPBWwfKKF1K8Hf8whTseBgJcg= k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= @@ -945,9 +938,9 @@ sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06 h1:zD2Iem sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1:/ULNhyfzRopfcjskuui0cTITekDduZ7ycKN3oUT9R18= sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= +sigs.k8s.io/structured-merge-diff/v3 v3.0.1-0.20200706213357-43c19bbb7fba/go.mod h1:V06abazjHneE37ZdSY/UUwPVgcJMKI/jU5XGUjgIKoc= sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/pkg/ocp/actuator.go b/pkg/ocp/actuator.go new file mode 100644 index 0000000000..6833dfb672 --- /dev/null +++ b/pkg/ocp/actuator.go @@ -0,0 +1,275 @@ +/* +Copyright 2019 The OpenShift Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package ocp + +import ( + "context" + "errors" + "fmt" + "github.com/openshift/cloud-credential-operator/pkg/operator/constants" + actuatoriface "github.com/openshift/cloud-credential-operator/pkg/operator/credentialsrequest/actuator" + "reflect" + + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" + + + configv1 "github.com/openshift/api/config/v1" + operatorv1 "github.com/openshift/api/operator/v1" + minterv1 "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1" + log "github.com/sirupsen/logrus" + corev1 "k8s.io/api/core/v1" + kubernetesErrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type OCPActuator struct { + Client client.Client + Codec *minterv1.ProviderCodec +} + +const ( + KubevirtCredentialsSecretKey = "kubeconfig" +) +// NewActuator creates a new OCP actuator. +func NewActuator(client client.Client) (*OCPActuator, error) { + codec, err := minterv1.NewCodec() + if err != nil { + log.WithError(err).Error("error creating OCP codec") + return nil, fmt.Errorf("error creating OCP codec: %v", err) + } + + return &OCPActuator{ + Codec: codec, + Client: client, + }, nil +} + +// Exists checks if the credentials currently exist. +// TODO: in the future validate the expiration of the credentials +func (a *OCPActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error) { + logger := a.getLogger(cr) + logger.Debug("running Exists") + var err error + + existingSecret, err := a.getSecret(ctx, cr, logger) + if err != nil { + return false, err + } + + return existingSecret != nil, nil +} + +// Create the credentials. +func (a *OCPActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error { + logger := a.getLogger(cr) + logger.Debug("running Create") + return a.sync(ctx, cr, logger) +} + +// Update the credentials to the provided definition. +func (a *OCPActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error { + logger := a.getLogger(cr) + logger.Debug("running Update") + return a.sync(ctx, cr, logger) +} + +// Delete credentials +func (a *OCPActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error { + logger := a.getLogger(cr) + logger.Debug("running Delete") + + existingSecret, err := a.getSecret(ctx, cr, logger) + if err != nil { + return err + } + if existingSecret != nil{ + logger.Debug("Deleting existing secret") + if err = a.Client.Delete(ctx, existingSecret); err != nil { + return err + } + } + + return nil +} + +// GetCredentialsRootSecretLocation returns the namespace and name where the parent credentials secret is stored. +func (a *OCPActuator) GetCredentialsRootSecretLocation() types.NamespacedName { + return types.NamespacedName{Namespace: constants.CloudCredSecretNamespace, Name: constants.KubevirtCloudCredSecretName} +} + +func (a *OCPActuator) sync(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) error { + logger.Debug("running sync") + + // get the secret data from the credentials request + kubevirtCredentialData, err := a.getCredentialsSecretData(ctx, logger) + if err != nil { + logger.WithError(err).Error("issue with cloud credentials secret") + return err + } + + // get the existing secret in order to check if need to update or create a new + logger.Debug("provisioning secret") + existingSecret, err := a.getSecret(ctx, cr, logger) + if err != nil { + return err + } + + // check if need to update or create a new one + if err = a.syncCredentialSecret(ctx, cr, &kubevirtCredentialData, existingSecret, logger); err != nil { + msg := "error creating/updating secret" + logger.WithError(err).Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: fmt.Sprintf("%v: %v", msg, err), + } + } + return nil +} + +func (a *OCPActuator) getCredentialsSecretData(ctx context.Context, logger log.FieldLogger) ([]byte, error) { + // get the secret of the kubevirt credentials + kubevirtCredentialsSecret := &corev1.Secret{} + if err := a.Client.Get(ctx, a.GetCredentialsRootSecretLocation(), kubevirtCredentialsSecret); err != nil { + msg := "unable to fetch root cloud cred secret" + logger.WithError(err).Error(msg) + return nil, &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: fmt.Sprintf("%v: %v", msg, err), + } + } + + // get the secret data - the infra kubeconfig + infraClusterKubeconfig, ok := kubevirtCredentialsSecret.Data[KubevirtCredentialsSecretKey] + if !ok { + return nil, errors.New("invalid mode") + } + + logger.Debug("extracted kubevirt credentials") + return infraClusterKubeconfig, nil +} + +func (a *OCPActuator) syncCredentialSecret(ctx context.Context, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, existingSecret *corev1.Secret, logger log.FieldLogger) error{ + if existingSecret == nil { + if kubevirtCredentialData == nil { + msg := "new access key secret needed but no key data provided" + logger.Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: msg, + } + } + + return a.createNewSecret(logger, cr, kubevirtCredentialData, ctx) + } + + return a.updateExistingSecret(logger, existingSecret, cr, kubevirtCredentialData) +} + +func (a *OCPActuator) updateExistingSecret(logger log.FieldLogger, existingSecret *corev1.Secret, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte) error { + // Update the existing secret: + logger.Debug("updating secret") + origSecret := existingSecret.DeepCopy() + if existingSecret.Annotations == nil { + existingSecret.Annotations = map[string]string{} + } + existingSecret.Annotations[minterv1.AnnotationCredentialsRequest] = fmt.Sprintf("%s/%s", cr.Namespace, cr.Name) + if kubevirtCredentialData != nil { + existingSecret.Data = map[string][]byte{ + KubevirtCredentialsSecretKey: *kubevirtCredentialData, + } + } + + if !reflect.DeepEqual(existingSecret, origSecret) { + logger.Info("target secret has changed, updating") + if err := a.Client.Update(context.TODO(), existingSecret); err != nil { + msg := "error updating secret" + logger.WithError(err).Error(msg) + return &actuatoriface.ActuatorError{ + ErrReason: minterv1.CredentialsProvisionFailure, + Message: msg, + } + } + } else { + logger.Debug("target secret unchanged") + } + + return nil +} + +func (a *OCPActuator) createNewSecret(logger log.FieldLogger, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, ctx context.Context) error { + logger.Info("creating secret") + secret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: cr.Spec.SecretRef.Name, + Namespace: cr.Spec.SecretRef.Namespace, + Annotations: map[string]string{ + minterv1.AnnotationCredentialsRequest: fmt.Sprintf("%s/%s", cr.Namespace, cr.Name), + }, + }, + Data: map[string][]byte{ + KubevirtCredentialsSecretKey: *kubevirtCredentialData, + }, + } + + if err := a.Client.Create(ctx, secret); err != nil { + logger.WithError(err).Error("error creating secret") + return err + } + + logger.Info("secret created successfully") + return nil +} + +func (a *OCPActuator) getSecret(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) (*corev1.Secret, error) { + logger.Debug("running getSecret") + + existingSecret := &corev1.Secret{} + if err := a.Client.Get(ctx, types.NamespacedName{Namespace: cr.Spec.SecretRef.Namespace, Name: cr.Spec.SecretRef.Name}, existingSecret); err != nil { + if kubernetesErrors.IsNotFound(err) { + logger.Debug("target secret does not exist") + return nil, nil + } + return nil, err + } + + if _, ok := existingSecret.Data[KubevirtCredentialsSecretKey]; !ok { + logger.Warningf("secret did not have expected key: %s", KubevirtCredentialsSecretKey) + } + + logger.Debug("target secret exists") + return existingSecret, nil +} + +func (a *OCPActuator) getLogger(cr *minterv1.CredentialsRequest) log.FieldLogger { + return log.WithFields(log.Fields{ + "actuator": "Openshift", + "targetSecret": fmt.Sprintf("%s/%s", cr.Spec.SecretRef.Namespace, cr.Spec.SecretRef.Name), + "cr": fmt.Sprintf("%s/%s", cr.Namespace, cr.Name), + }) +} + +func (a *OCPActuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition { + upgradeableCondition := &configv1.ClusterOperatorStatusCondition{ + Status: configv1.ConditionTrue, + Type: configv1.OperatorUpgradeable, + } + return upgradeableCondition +} + +func (a *OCPActuator) GetUpcomingCredSecrets() []types.NamespacedName { + return []types.NamespacedName{} +} diff --git a/pkg/operator/constants/constants.go b/pkg/operator/constants/constants.go index 3af38b8db6..d56f3a6104 100644 --- a/pkg/operator/constants/constants.go +++ b/pkg/operator/constants/constants.go @@ -106,6 +106,10 @@ const ( // VSphereCloudCredSecretName is the name of the secret where credentials // for vSphere are stored. VSphereCloudCredSecretName = "vsphere-creds" + + // KubevirtCloudCredSecretName is the name of the secret where credentials + // for Kubevirt are stored. + KubevirtCloudCredSecretName = "kubevirt-credentials" ) var ( diff --git a/pkg/operator/controller.go b/pkg/operator/controller.go index 217a40b39d..9ba9fb4599 100644 --- a/pkg/operator/controller.go +++ b/pkg/operator/controller.go @@ -31,6 +31,7 @@ import ( "github.com/openshift/cloud-credential-operator/pkg/operator/secretannotator" "github.com/openshift/cloud-credential-operator/pkg/ovirt" "github.com/openshift/cloud-credential-operator/pkg/util" + "github.com/openshift/cloud-credential-operator/pkg/ocp" vsphereactuator "github.com/openshift/cloud-credential-operator/pkg/vsphere/actuator" configv1 "github.com/openshift/api/config/v1" @@ -122,6 +123,13 @@ func AddToManager(m manager.Manager, explicitKubeconfig string) error { if err != nil { return err } + // TODO: change it to OCP + case configv1.KubevirtPlatformType: + log.Info("initializing OCP actuator") + a, err = ocp.NewActuator(m.GetClient()) + if err != nil { + return err + } default: log.Info("initializing no-op actuator (unsupported platform)") a = &actuator.DummyActuator{} diff --git a/pkg/operator/credentialsrequest/credentialsrequest_controller.go b/pkg/operator/credentialsrequest/credentialsrequest_controller.go index 8380646ac3..d2dd97f2a1 100644 --- a/pkg/operator/credentialsrequest/credentialsrequest_controller.go +++ b/pkg/operator/credentialsrequest/credentialsrequest_controller.go @@ -379,6 +379,7 @@ func isAdminCredSecret(namespace, secretName string) bool { secretName == constants.GCPCloudCredSecretName || secretName == constants.OpenStackCloudCredsSecretName || secretName == constants.OvirtCloudCredsSecretName || + secretName == constants.KubevirtCloudCredSecretName || secretName == constants.VSphereCloudCredSecretName { log.WithField("secret", secretName).WithField("namespace", namespace).Info("observed admin cloud credential secret event") return true diff --git a/pkg/operator/metrics/metrics.go b/pkg/operator/metrics/metrics.go index b766d2d97c..34ad74fdd1 100644 --- a/pkg/operator/metrics/metrics.go +++ b/pkg/operator/metrics/metrics.go @@ -169,6 +169,8 @@ func (mc *Calculator) getCloudSecret() (*corev1.Secret, error) { secretKey.Name = constants.OvirtCloudCredsSecretName case configv1.VSpherePlatformType: secretKey.Name = constants.VSphereCloudCredSecretName + case configv1.KubevirtPlatformType: + secretKey.Name = constants.KubevirtCloudCredSecretName default: mc.log.WithField("cloud", platformType).Info("unsupported cloud for determing CCO mode") return nil, nil diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 7993192b6a..f1d7ca0003 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -30,6 +30,7 @@ $(call add-crd-gen,operatoringress,./operatoringress/v1,./operatoringress/v1,./o $(call add-crd-gen,quota,./quota/v1,./quota/v1,./quota/v1) $(call add-crd-gen,samples,./samples/v1,./samples/v1,./samples/v1) $(call add-crd-gen,security,./security/v1,./security/v1,./security/v1) +$(call add-crd-gen,securityinternal,./securityinternal/v1,./securityinternal/v1,./securityinternal/v1) $(call add-crd-gen,network,./network/v1,./network/v1,./network/v1) $(call add-crd-gen,operatorcontrolplane,./operatorcontrolplane/v1alpha1,./operatorcontrolplane/v1alpha1,./operatorcontrolplane/v1alpha1) diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml index 7287300e4e..57b7c6e2b9 100644 --- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml +++ b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_infrastructure.crd.yaml @@ -112,6 +112,10 @@ spec: description: IBMCloud contains settings specific to the IBMCloud infrastructure provider. type: object + kubevirt: + description: Kubevirt contains settings specific to the kubevirt + infrastructure provider. + type: object openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -127,8 +131,8 @@ spec: creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", - "VSphere", "oVirt", and "None". Individual components may not - support all platforms, and must handle unrecognized platforms + "VSphere", "oVirt", "KubeVirt" and "None". Individual components + may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. type: string enum: @@ -143,6 +147,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. @@ -190,6 +195,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt platformStatus: description: platformStatus holds status information specific to the underlying infrastructure provider. @@ -307,6 +313,24 @@ spec: description: ResourceGroupName is the Resource Group for new IBMCloud resources created for the cluster. type: string + kubevirt: + description: Kubevirt contains settings specific to the kubevirt + infrastructure provider. + type: object + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact + the Kubernetes API server that can be used by components inside + the cluster, like kubelets using the infrastructure rather + than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + points to. It is the IP for a self-hosted load balancer in + front of the API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the + default ingress controller. The IP is a suitable target of + a wildcard DNS record used to resolve default route host names. + type: string openstack: description: OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -385,6 +409,7 @@ spec: - VSphere - oVirt - IBMCloud + - KubeVirt vsphere: description: VSphere contains settings specific to the VSphere infrastructure provider. diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 3c4bd788ff..efea0a41a4 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -79,7 +79,7 @@ type InfrastructureStatus struct { } // PlatformType is a specific supported infrastructure provider. -// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud +// +kubebuilder:validation:Enum="";AWS;Azure;BareMetal;GCP;Libvirt;OpenStack;None;VSphere;oVirt;IBMCloud;KubeVirt type PlatformType string const ( @@ -112,6 +112,9 @@ const ( // IBMCloudPlatformType represents IBM Cloud infrastructure. IBMCloudPlatformType PlatformType = "IBMCloud" + + // KubevirtPlatformType represents KubeVirt/Openshift Virtualization infrastructure. + KubevirtPlatformType PlatformType = "KubeVirt" ) // IBMCloudProviderType is a specific supported IBM Cloud provider cluster type @@ -134,7 +137,7 @@ type PlatformSpec struct { // balancers, dynamic volume provisioning, machine creation and deletion, and // other integrations are enabled. If None, no infrastructure automation is // enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", - // "OpenStack", "VSphere", "oVirt", and "None". Individual components may not support + // "OpenStack", "VSphere", "oVirt", "KubeVirt" and "None". Individual components may not support // all platforms, and must handle unrecognized platforms as None if they do // not support that platform. // @@ -172,6 +175,10 @@ type PlatformSpec struct { // IBMCloud contains settings specific to the IBMCloud infrastructure provider. // +optional IBMCloud *IBMCloudPlatformSpec `json:"ibmcloud,omitempty"` + + // Kubevirt contains settings specific to the kubevirt infrastructure provider. + // +optional + Kubevirt *KubevirtPlatformSpec `json:"kubevirt,omitempty"` } // PlatformStatus holds the current status specific to the underlying infrastructure provider @@ -222,6 +229,10 @@ type PlatformStatus struct { // IBMCloud contains settings specific to the IBMCloud infrastructure provider. // +optional IBMCloud *IBMCloudPlatformStatus `json:"ibmcloud,omitempty"` + + // Kubevirt contains settings specific to the kubevirt infrastructure provider. + // +optional + Kubevirt *KubevirtPlatformStatus `json:"kubevirt,omitempty"` } // AWSServiceEndpoint store the configuration of a custom url to @@ -433,6 +444,23 @@ type IBMCloudPlatformStatus struct { ProviderType IBMCloudProviderType `json:"providerType,omitempty"` } +// KubevirtPlatformSpec holds the desired state of the kubevirt infrastructure provider. +// This only includes fields that can be modified in the cluster. +type KubevirtPlatformSpec struct{} + +// KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider. +type KubevirtPlatformStatus struct { + // apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used + // by components inside the cluster, like kubelets using the infrastructure rather + // than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI + // points to. It is the IP for a self-hosted load balancer in front of the API servers. + APIServerInternalIP string `json:"apiServerInternalIP,omitempty"` + + // ingressIP is an external IP which routes to the default ingress controller. + // The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + IngressIP string `json:"ingressIP,omitempty"` +} + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // InfrastructureList is diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 7542490ef9..4a41d1b7f2 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -2259,6 +2259,38 @@ func (in *KubeClientConfig) DeepCopy() *KubeClientConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtPlatformSpec) DeepCopyInto(out *KubevirtPlatformSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtPlatformSpec. +func (in *KubevirtPlatformSpec) DeepCopy() *KubevirtPlatformSpec { + if in == nil { + return nil + } + out := new(KubevirtPlatformSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtPlatformStatus) DeepCopyInto(out *KubevirtPlatformStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtPlatformStatus. +func (in *KubevirtPlatformStatus) DeepCopy() *KubevirtPlatformStatus { + if in == nil { + return nil + } + out := new(KubevirtPlatformStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LDAPAttributeMapping) DeepCopyInto(out *LDAPAttributeMapping) { *out = *in @@ -2949,6 +2981,11 @@ func (in *PlatformSpec) DeepCopyInto(out *PlatformSpec) { *out = new(IBMCloudPlatformSpec) **out = **in } + if in.Kubevirt != nil { + in, out := &in.Kubevirt, &out.Kubevirt + *out = new(KubevirtPlatformSpec) + **out = **in + } return } @@ -3005,6 +3042,11 @@ func (in *PlatformStatus) DeepCopyInto(out *PlatformStatus) { *out = new(IBMCloudPlatformStatus) **out = **in } + if in.Kubevirt != nil { + in, out := &in.Kubevirt, &out.Kubevirt + *out = new(KubevirtPlatformStatus) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 72d3bb2cfd..61fae076c2 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -857,6 +857,24 @@ func (InfrastructureStatus) SwaggerDoc() map[string]string { return map_InfrastructureStatus } +var map_KubevirtPlatformSpec = map[string]string{ + "": "KubevirtPlatformSpec holds the desired state of the kubevirt infrastructure provider. This only includes fields that can be modified in the cluster.", +} + +func (KubevirtPlatformSpec) SwaggerDoc() map[string]string { + return map_KubevirtPlatformSpec +} + +var map_KubevirtPlatformStatus = map[string]string{ + "": "KubevirtPlatformStatus holds the current status of the kubevirt infrastructure provider.", + "apiServerInternalIP": "apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers.", + "ingressIP": "ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names.", +} + +func (KubevirtPlatformStatus) SwaggerDoc() map[string]string { + return map_KubevirtPlatformStatus +} + var map_OpenStackPlatformSpec = map[string]string{ "": "OpenStackPlatformSpec holds the desired state of the OpenStack infrastructure provider. This only includes fields that can be modified in the cluster.", } @@ -898,7 +916,7 @@ func (OvirtPlatformStatus) SwaggerDoc() map[string]string { var map_PlatformSpec = map[string]string{ "": "PlatformSpec holds the desired state specific to the underlying infrastructure provider of the current cluster. Since these are used at spec-level for the underlying cluster, it is supposed that only one of the spec structs is set.", - "type": "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform.", + "type": "type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are \"AWS\", \"Azure\", \"BareMetal\", \"GCP\", \"Libvirt\", \"OpenStack\", \"VSphere\", \"oVirt\", \"KubeVirt\" and \"None\". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform.", "aws": "AWS contains settings specific to the Amazon Web Services infrastructure provider.", "azure": "Azure contains settings specific to the Azure infrastructure provider.", "gcp": "GCP contains settings specific to the Google Cloud Platform infrastructure provider.", @@ -907,6 +925,7 @@ var map_PlatformSpec = map[string]string{ "ovirt": "Ovirt contains settings specific to the oVirt infrastructure provider.", "vsphere": "VSphere contains settings specific to the VSphere infrastructure provider.", "ibmcloud": "IBMCloud contains settings specific to the IBMCloud infrastructure provider.", + "kubevirt": "Kubevirt contains settings specific to the kubevirt infrastructure provider.", } func (PlatformSpec) SwaggerDoc() map[string]string { @@ -924,6 +943,7 @@ var map_PlatformStatus = map[string]string{ "ovirt": "Ovirt contains settings specific to the oVirt infrastructure provider.", "vsphere": "VSphere contains settings specific to the VSphere infrastructure provider.", "ibmcloud": "IBMCloud contains settings specific to the IBMCloud infrastructure provider.", + "kubevirt": "Kubevirt contains settings specific to the kubevirt infrastructure provider.", } func (PlatformStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/go.mod b/vendor/github.com/openshift/api/go.mod index 24b746a76f..90ec463394 100644 --- a/vendor/github.com/openshift/api/go.mod +++ b/vendor/github.com/openshift/api/go.mod @@ -1,6 +1,6 @@ module github.com/openshift/api -go 1.13 +go 1.15 require ( github.com/gogo/protobuf v1.3.1 diff --git a/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml index 14297e9ac3..8f7d5c5ce0 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/00-crd.yaml @@ -651,6 +651,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll logging: description: logging is deprecated, use logLevel instead. type: integer @@ -674,11 +680,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll proxy: description: proxy defines the proxy to be used when calling master api, upstream registries, etc. diff --git a/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml b/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml index a1f7cce99e..8f1ac60773 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml +++ b/vendor/github.com/openshift/api/imageregistry/v1/01-crd.yaml @@ -656,6 +656,18 @@ spec: pruning. Defaults to 60m (60 minutes). type: string format: duration + logLevel: + description: "logLevel sets the level of log output for the pruner + job. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". + Defaults to \"Normal\"." + type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll nodeSelector: description: nodeSelector defines the node selection constraints for the image pruner pod. diff --git a/vendor/github.com/openshift/api/imageregistry/v1/types.go b/vendor/github.com/openshift/api/imageregistry/v1/types.go index a9988843a4..debb34c092 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/types.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/types.go @@ -82,7 +82,7 @@ type ImageRegistrySpec struct { Replicas int32 `json:"replicas"` // logging is deprecated, use logLevel instead. // +optional - Logging int64 `json:"logging"` + Logging int64 `json:"logging,omitempty"` // resources defines the resource requests+limits for the registry pod. // +optional Resources *corev1.ResourceRequirements `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go b/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go index 0ed892e009..08948924df 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/types_imagepruner.go @@ -80,6 +80,13 @@ type ImagePrunerSpec struct { // errors while parsing image references. // +optional IgnoreInvalidImageReferences bool `json:"ignoreInvalidImageReferences,omitempty"` + // logLevel sets the level of log output for the pruner job. + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". + // +optional + // +kubebuilder:default=Normal + LogLevel operatorv1.LogLevel `json:"logLevel,omitempty"` } // ImagePrunerStatus reports image pruner operational status. diff --git a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go index 0084cc3669..5149a2d22a 100644 --- a/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/imageregistry/v1/zz_generated.swagger_doc_generated.go @@ -232,6 +232,7 @@ var map_ImagePrunerSpec = map[string]string{ "successfulJobsHistoryLimit": "successfulJobsHistoryLimit specifies how many successful image pruner jobs to retain. Defaults to 3 if not set.", "failedJobsHistoryLimit": "failedJobsHistoryLimit specifies how many failed image pruner jobs to retain. Defaults to 3 if not set.", "ignoreInvalidImageReferences": "ignoreInvalidImageReferences indicates whether the pruner can ignore errors while parsing image references.", + "logLevel": "logLevel sets the level of log output for the pruner job.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", } func (ImagePrunerSpec) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml index 6beaeb259d..5fe799ffe6 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_10_config-operator_01_config.crd.yaml @@ -51,6 +51,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -64,11 +70,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_20_etcd-operator_01.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml similarity index 92% rename from vendor/github.com/openshift/api/operator/v1/0000_20_etcd-operator_01.crd.yaml rename to vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml index 14f6aeb576..150a872661 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_20_etcd-operator_01.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_12_etcd-operator_01_config.crd.yaml @@ -63,6 +63,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -76,11 +82,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, diff --git a/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml index b695ce8381..58a1d3bc13 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_20_kube-apiserver-operator_01_config.crd.yaml @@ -54,6 +54,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -68,10 +74,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static diff --git a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml index 6f08cec5d9..efd88b3c98 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml @@ -56,6 +56,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -70,10 +76,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static diff --git a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml index faf3f04486..3cb62b80b2 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_25_kube-scheduler-operator_01_config.crd.yaml @@ -56,6 +56,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -70,10 +76,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string succeededRevisionLimit: description: succeededRevisionLimit is the number of successful static diff --git a/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml index b6bba3cc6e..269edb4d85 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_30_openshift-apiserver-operator_01_config.crd.yaml @@ -52,6 +52,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -65,11 +71,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml index 098de4470e..829cf05b36 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_40_cloud-credential-operator_00_config.crd.yaml @@ -62,6 +62,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -75,11 +81,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml index 9adbb29e60..d0133c88a3 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_40_kube-storage-version-migrator-operator_00_config.crd.yaml @@ -49,6 +49,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -62,11 +68,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml index 20cac90b4a..ceb754a52c 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-authentication-operator_01_config.crd.yaml @@ -48,6 +48,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -61,11 +67,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml index 0d9403cd3a..ce10a15762 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster-openshift-controller-manager-operator_02_config.crd.yaml @@ -50,6 +50,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -63,11 +69,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml index a05f408887..0ae3d95689 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_cluster_storage_operator_01_crd.yaml @@ -49,6 +49,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -62,11 +68,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml index 9f1c4238d0..75d757d991 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_ingress-operator_00-ingresscontroller.crd.yaml @@ -1031,4 +1031,8 @@ spec: served: true storage: true subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.availableReplicas status: {} diff --git a/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml index 3f9f7b10a5..b33eff67f8 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_50_service-ca-operator_02_crd.yaml @@ -7,6 +7,11 @@ metadata: spec: scope: Cluster group: operator.openshift.io + names: + kind: ServiceCA + listKind: ServiceCAList + plural: servicecas + singular: serviceca versions: - name: v1 served: true @@ -38,11 +43,19 @@ spec: type: object properties: logLevel: - description: logLevel is an intent based logging for an overall component. It - does not give fine grained control, but it is a simple way to manage - coarse grained logging choices that operators have to interpret - for their operands. + description: "logLevel is an intent based logging for an overall component. + \ It does not give fine grained control, but it is a simple way + to manage coarse grained logging choices that operators have to + interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", + \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -56,11 +69,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml index 0f16866957..0e39605962 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01_crd.yaml @@ -353,7 +353,10 @@ spec: description: The address to "bind" on Defaults to 0.0.0.0 type: string iptablesSyncPeriod: - description: 'The period that iptables rules are refreshed. Default: + description: 'An internal kube-proxy parameter. In older releases + of OCP, this sometimes needed to be adjusted in large clusters + for performance reasons, but this is no longer necessary, and + there is no reason to change this from the default value. Default: 30s' type: string proxyArguments: @@ -367,11 +370,20 @@ spec: items: type: string logLevel: - description: logLevel allows configuring the logging level of the + description: "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive - logging may affect performance. The default value is "Normal". + logging may affect performance. The default value is \"Normal\". + \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". + Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll serviceNetwork: description: serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml index f23db5fef2..ae39ae7164 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_console-operator.crd.yaml @@ -95,6 +95,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -108,11 +114,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll providers: description: providers contains configuration for using specific service providers. diff --git a/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml index 16e04f4c79..709eff4fe4 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_80_csi_snapshot_controller_operator_01_crd.yaml @@ -49,6 +49,12 @@ spec: \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll managementState: description: managementState indicates whether and how the operator should manage the component @@ -62,11 +68,19 @@ spec: nullable: true x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." type: string + default: Normal + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml index 4b44f35bdc..8404b1a0f4 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml @@ -35,6 +35,7 @@ spec: name: enum: - ebs.csi.aws.com + - cinder.csi.openstack.org - manila.csi.openstack.org - csi.ovirt.org type: string @@ -49,6 +50,12 @@ spec: to manage coarse grained logging choices that operators have to interpret for their operands. \n Valid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string managementState: description: managementState indicates whether and how the operator @@ -63,10 +70,18 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true operatorLogLevel: - description: operatorLogLevel is an intent based logging for the operator - itself. It does not give fine grained control, but it is a simple - way to manage coarse grained logging choices that operators have - to interpret for themselves. + default: Normal + description: "operatorLogLevel is an intent based logging for the + operator itself. It does not give fine grained control, but it + is a simple way to manage coarse grained logging choices that operators + have to interpret for themselves. \n Valid values are: \"Normal\", + \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\"." + enum: + - "" + - Normal + - Debug + - Trace + - TraceAll type: string unsupportedConfigOverrides: description: 'unsupportedConfigOverrides holds a sparse config that diff --git a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch index 22f3a12944..7f1945a9c0 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch +++ b/vendor/github.com/openshift/api/operator/v1/0000_90_cluster_csi_driver_01_config.crd.yaml-patch @@ -5,5 +5,6 @@ type: string enum: - ebs.csi.aws.com + - cinder.csi.openstack.org - manila.csi.openstack.org - csi.ovirt.org diff --git a/vendor/github.com/openshift/api/operator/v1/types.go b/vendor/github.com/openshift/api/operator/v1/types.go index ed11b32191..c4cd345052 100644 --- a/vendor/github.com/openshift/api/operator/v1/types.go +++ b/vendor/github.com/openshift/api/operator/v1/types.go @@ -56,12 +56,16 @@ type OperatorSpec struct { // Defaults to "Normal". // +optional // +kubebuilder:default=Normal - LogLevel LogLevel `json:"logLevel"` + LogLevel LogLevel `json:"logLevel,omitempty"` // operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a // simple way to manage coarse grained logging choices that operators have to interpret for themselves. + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". // +optional - OperatorLogLevel LogLevel `json:"operatorLogLevel"` + // +kubebuilder:default=Normal + OperatorLogLevel LogLevel `json:"operatorLogLevel,omitempty"` // unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override // it will end up overlaying in the following order: @@ -81,6 +85,7 @@ type OperatorSpec struct { ObservedConfig runtime.RawExtension `json:"observedConfig"` } +// +kubebuilder:validation:Enum="";Normal;Debug;Trace;TraceAll type LogLevel string var ( diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index e6217ab8c0..3e897b9f3f 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -41,6 +41,7 @@ type CSIDriverName string // and 0000_90_cluster_csi_driver_01_config.crd.yaml-merge-patch file is also updated with new driver name. const ( AWSEBSCSIDriver CSIDriverName = "ebs.csi.aws.com" + CinderCSIDriver CSIDriverName = "cinder.csi.openstack.org" ManilaCSIDriver CSIDriverName = "manila.csi.openstack.org" OvirtCSIDriver CSIDriverName = "csi.ovirt.org" ) diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 7e678d11ae..71cf5a35e5 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -74,8 +74,12 @@ type NetworkSpec struct { // by the operator. Currently only Kuryr SDN is affected by this setting. // Please note that turning on extensive logging may affect performance. // The default value is "Normal". + // + // Valid values are: "Normal", "Debug", "Trace", "TraceAll". + // Defaults to "Normal". // +optional - LogLevel LogLevel `json:"logLevel"` + // +kubebuilder:default=Normal + LogLevel LogLevel `json:"logLevel,omitempty"` } // ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size @@ -337,7 +341,9 @@ type ProxyArgumentList []string // ProxyConfig defines the configuration knobs for kubeproxy // All of these are optional and have sensible defaults type ProxyConfig struct { - // The period that iptables rules are refreshed. + // An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted + // in large clusters for performance reasons, but this is no longer necessary, and there is no reason + // to change this from the default value. // Default: 30s IptablesSyncPeriod string `json:"iptablesSyncPeriod,omitempty"` diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index f4cef5edd3..cb241c7842 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -58,7 +58,7 @@ var map_OperatorSpec = map[string]string{ "": "OperatorSpec contains common fields operators need. It is intended to be anonymous included inside of the Spec struct for your particular operator.", "managementState": "managementState indicates whether and how the operator should manage the component", "logLevel": "logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", - "operatorLogLevel": "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.", + "operatorLogLevel": "operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", "unsupportedConfigOverrides": "unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides", "observedConfig": "observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator", } @@ -794,7 +794,7 @@ var map_NetworkSpec = map[string]string{ "disableMultiNetwork": "disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.", "deployKubeProxy": "deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.", "kubeProxyConfig": "kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn.", - "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".", + "logLevel": "logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is \"Normal\".\n\nValid values are: \"Normal\", \"Debug\", \"Trace\", \"TraceAll\". Defaults to \"Normal\".", } func (NetworkSpec) SwaggerDoc() map[string]string { @@ -835,7 +835,7 @@ func (OpenShiftSDNConfig) SwaggerDoc() map[string]string { var map_ProxyConfig = map[string]string{ "": "ProxyConfig defines the configuration knobs for kubeproxy All of these are optional and have sensible defaults", - "iptablesSyncPeriod": "The period that iptables rules are refreshed. Default: 30s", + "iptablesSyncPeriod": "An internal kube-proxy parameter. In older releases of OCP, this sometimes needed to be adjusted in large clusters for performance reasons, but this is no longer necessary, and there is no reason to change this from the default value. Default: 30s", "bindAddress": "The address to \"bind\" on Defaults to 0.0.0.0", "proxyArguments": "Any additional arguments to pass to the kubeproxy process", } diff --git a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml index 5cc8e56f90..a11af8884c 100644 --- a/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml +++ b/vendor/github.com/openshift/api/operatorcontrolplane/v1alpha1/0000_10-pod-network-connectivity-check.crd.yaml @@ -1,9 +1,8 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: include.release.openshift.io/self-managed-high-availability: "true" - creationTimestamp: null name: podnetworkconnectivitychecks.controlplane.operator.openshift.io spec: group: controlplane.operator.openshift.io @@ -12,255 +11,248 @@ spec: listKind: PodNetworkConnectivityCheckList plural: podnetworkconnectivitychecks singular: podnetworkconnectivitycheck - scope: "" - subresources: - status: {} - validation: - openAPIV3Schema: - description: PodNetworkConnectivityCheck - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the source and target of the connectivity check - type: object - required: - - sourcePod - - targetEndpoint - properties: - sourcePod: - description: SourcePod names the pod from which the condition will be - checked - type: string - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - targetEndpoint: - description: EndpointAddress to check. A TCP address of the form host:port. - Note that if host is a DNS name, then the check would fail if the - DNS name cannot be resolved. Specify an IP address for host to bypass - DNS name lookup. - type: string - pattern: ^\S+:\d*$ - tlsClientCert: - description: TLSClientCert, if specified, references a kubernetes.io/tls - type secret with 'tls.crt' and 'tls.key' entries containing an optional - TLS client certificate and key to be used when checking endpoints - that require a client certificate in order to gracefully preform the - scan without causing excessive logging in the endpoint process. The - secret must exist in the same namespace as this resource. - type: object - required: - - name - properties: - name: - description: name is the metadata.name of the referenced secret - type: string - status: - description: Status contains the observed status of the connectivity check - type: object - properties: - conditions: - description: Conditions summarize the status of the check - type: array - items: - description: PodNetworkConnectivityCheckCondition represents the overall - status of the pod network connectivity. - type: object - required: - - lastTransitionTime - - status - - type - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - type: string - format: date-time - nullable: true - message: - description: Message indicating details about last transition - in a human readable format. - type: string - reason: - description: Reason for the condition's last status transition - in a machine readable format. - type: string - status: - description: Status of the condition - type: string - type: - description: Type of the condition - type: string - failures: - description: Failures contains logs of unsuccessful check actions - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned in - the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates a success - or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - outages: - description: Outages contains logs of time periods of outages - type: array - items: - description: OutageEntry records time period of an outage - type: object - required: - - start - properties: - end: - description: End of outage detected - type: string - format: date-time - nullable: true - endLogs: - description: EndLogs contains log entries related to the end of - this outage. Should contain the success entry that resolved - the outage and possibly a few of the failure log entries that - preceded it. - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned - in the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable - format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates - a success or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - message: - description: Message summarizes outage details in a human readable - format. - type: string - start: - description: Start of outage detected - type: string - format: date-time - nullable: true - startLogs: - description: StartLogs contains log entries related to the start - of this outage. Should contain the original failure, any entries - where the failure mode changed. - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned - in the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable - format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates - a success or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - successes: - description: Successes contains logs successful check actions - type: array - items: - description: LogEntry records events - type: object - required: - - success - - time - properties: - latency: - description: Latency records how long the action mentioned in - the entry took. - type: string - nullable: true - message: - description: Message explaining status in a human readable format. - type: string - reason: - description: Reason for status in a machine readable format. - type: string - success: - description: Success indicates if the log entry indicates a success - or failure. - type: boolean - time: - description: Start time of check action. - type: string - format: date-time - nullable: true - version: v1alpha1 + scope: Namespaced versions: - name: v1alpha1 served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + subresources: + status: {} + schema: + openAPIV3Schema: + description: PodNetworkConnectivityCheck + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the source and target of the connectivity check + type: object + required: + - sourcePod + - targetEndpoint + properties: + sourcePod: + description: SourcePod names the pod from which the condition will + be checked + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + targetEndpoint: + description: EndpointAddress to check. A TCP address of the form host:port. + Note that if host is a DNS name, then the check would fail if the + DNS name cannot be resolved. Specify an IP address for host to bypass + DNS name lookup. + type: string + pattern: ^\S+:\d*$ + tlsClientCert: + description: TLSClientCert, if specified, references a kubernetes.io/tls + type secret with 'tls.crt' and 'tls.key' entries containing an optional + TLS client certificate and key to be used when checking endpoints + that require a client certificate in order to gracefully preform + the scan without causing excessive logging in the endpoint process. + The secret must exist in the same namespace as this resource. + type: object + required: + - name + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + status: + description: Status contains the observed status of the connectivity check + type: object + properties: + conditions: + description: Conditions summarize the status of the check + type: array + items: + description: PodNetworkConnectivityCheckCondition represents the + overall status of the pod network connectivity. + type: object + required: + - lastTransitionTime + - status + - type + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + format: date-time + nullable: true + message: + description: Message indicating details about last transition + in a human readable format. + type: string + reason: + description: Reason for the condition's last status transition + in a machine readable format. + type: string + status: + description: Status of the condition + type: string + type: + description: Type of the condition + type: string + failures: + description: Failures contains logs of unsuccessful check actions + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned in + the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates a + success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true + outages: + description: Outages contains logs of time periods of outages + type: array + items: + description: OutageEntry records time period of an outage + type: object + required: + - start + properties: + end: + description: End of outage detected + type: string + format: date-time + nullable: true + endLogs: + description: EndLogs contains log entries related to the end + of this outage. Should contain the success entry that resolved + the outage and possibly a few of the failure log entries that + preceded it. + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned + in the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable + format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates + a success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true + message: + description: Message summarizes outage details in a human readable + format. + type: string + start: + description: Start of outage detected + type: string + format: date-time + nullable: true + startLogs: + description: StartLogs contains log entries related to the start + of this outage. Should contain the original failure, any entries + where the failure mode changed. + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned + in the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable + format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates + a success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true + successes: + description: Successes contains logs successful check actions + type: array + items: + description: LogEntry records events + type: object + required: + - success + - time + properties: + latency: + description: Latency records how long the action mentioned in + the entry took. + type: string + nullable: true + message: + description: Message explaining status in a human readable format. + type: string + reason: + description: Reason for status in a machine readable format. + type: string + success: + description: Success indicates if the log entry indicates a + success or failure. + type: boolean + time: + description: Start time of check action. + type: string + format: date-time + nullable: true diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index c4bc446e34..abf11f4c4a 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -212,6 +212,10 @@ message RouterShard { // TLSConfig defines config used to secure a route and provide termination message TLSConfig { // termination indicates termination type. + // + // * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + // * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + // * reencrypt - TLS termination is done by the router and https is used to communicate with the backend optional string termination = 1; // certificate provides certificate contents diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index 9e59c69782..e36e192d8f 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -212,6 +212,10 @@ type RouterShard struct { // TLSConfig defines config used to secure a route and provide termination type TLSConfig struct { // termination indicates termination type. + // + // * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + // * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + // * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Termination TLSTerminationType `json:"termination" protobuf:"bytes,1,opt,name=termination,casttype=TLSTerminationType"` // certificate provides certificate contents diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go index 9974795f62..83b92816b4 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go @@ -113,7 +113,7 @@ func (RouterShard) SwaggerDoc() map[string]string { var map_TLSConfig = map[string]string{ "": "TLSConfig defines config used to secure a route and provide termination", - "termination": "termination indicates termination type.", + "termination": "termination indicates termination type.\n\n* edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend", "certificate": "certificate provides certificate contents", "key": "key provides key file contents", "caCertificate": "caCertificate provides the cert authority certificate contents", diff --git a/vendor/modules.txt b/vendor/modules.txt index 1eb7c93435..a43d17a71f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -171,7 +171,7 @@ github.com/mitchellh/go-homedir github.com/modern-go/concurrent # github.com/modern-go/reflect2 v1.0.1 github.com/modern-go/reflect2 -# github.com/openshift/api v0.0.0-20200901182017-7ac89ba6b971 +# github.com/openshift/api v0.0.0-20201012140924-16436fa6166b github.com/openshift/api github.com/openshift/api/apps github.com/openshift/api/apps/v1 From e1fb34a4209a215c73699cd02d7abb05558b3b73 Mon Sep 17 00:00:00 2001 From: Danielle Barda Date: Thu, 6 Aug 2020 12:23:33 +0300 Subject: [PATCH 6/8] Adding kubevirtSpec --- pkg/apis/cloudcredential/v1/register.go | 1 + pkg/apis/cloudcredential/v1/types_kubevirt.go | 36 +++++++++++++ .../v1/zz_generated.deepcopy.go | 50 +++++++++++++++++++ .../credentialsrequest_controller.go | 2 + pkg/operator/metrics/metrics.go | 2 + 5 files changed, 91 insertions(+) create mode 100644 pkg/apis/cloudcredential/v1/types_kubevirt.go diff --git a/pkg/apis/cloudcredential/v1/register.go b/pkg/apis/cloudcredential/v1/register.go index 53a8cb1010..43fed04946 100644 --- a/pkg/apis/cloudcredential/v1/register.go +++ b/pkg/apis/cloudcredential/v1/register.go @@ -58,6 +58,7 @@ func addKnownTypes(scheme *runtime.Scheme) error { &AzureProviderStatus{}, &AzureProviderSpec{}, &GCPProviderStatus{}, &GCPProviderSpec{}, &VSphereProviderStatus{}, &VSphereProviderSpec{}, + &KubevirtProviderStatus{}, &KubevirtProviderSpec{}, ) return nil diff --git a/pkg/apis/cloudcredential/v1/types_kubevirt.go b/pkg/apis/cloudcredential/v1/types_kubevirt.go new file mode 100644 index 0000000000..42cac102bb --- /dev/null +++ b/pkg/apis/cloudcredential/v1/types_kubevirt.go @@ -0,0 +1,36 @@ +/* +Copyright 2019 The OpenShift Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// TODO: these types should eventually be broken out, along with the actuator, +// to a separate repo. + +// KubevirtProviderSpec the specification of the credentials request in Kubevirt. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type KubevirtProviderSpec struct { + metav1.TypeMeta `json:",inline"` +} + +// KubevirtProviderSpec contains the status of the credentials request in Kubevirt. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type KubevirtProviderStatus struct { + metav1.TypeMeta `json:",inline"` +} diff --git a/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go b/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go index 6c2c5eaa23..4cc0306d0d 100644 --- a/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go +++ b/pkg/apis/cloudcredential/v1/zz_generated.deepcopy.go @@ -308,6 +308,56 @@ func (in *GCPProviderStatus) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtProviderSpec) DeepCopyInto(out *KubevirtProviderSpec) { + *out = *in + out.TypeMeta = in.TypeMeta + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderSpec. +func (in *KubevirtProviderSpec) DeepCopy() *KubevirtProviderSpec { + if in == nil { + return nil + } + out := new(KubevirtProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubevirtProviderSpec) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubevirtProviderStatus) DeepCopyInto(out *KubevirtProviderStatus) { + *out = *in + out.TypeMeta = in.TypeMeta + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderStatus. +func (in *KubevirtProviderStatus) DeepCopy() *KubevirtProviderStatus { + if in == nil { + return nil + } + out := new(KubevirtProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubevirtProviderStatus) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OpenStackProviderSpec) DeepCopyInto(out *OpenStackProviderSpec) { *out = *in diff --git a/pkg/operator/credentialsrequest/credentialsrequest_controller.go b/pkg/operator/credentialsrequest/credentialsrequest_controller.go index d2dd97f2a1..e3cbbd42c2 100644 --- a/pkg/operator/credentialsrequest/credentialsrequest_controller.go +++ b/pkg/operator/credentialsrequest/credentialsrequest_controller.go @@ -835,6 +835,8 @@ func crInfraMatches(cr *minterv1.CredentialsRequest, clusterCloudPlatform config return cloudType == reflect.TypeOf(minterv1.OvirtProviderSpec{}).Name(), nil case configv1.VSpherePlatformType: return cloudType == reflect.TypeOf(minterv1.VSphereProviderSpec{}).Name(), nil + case configv1.KubevirtPlatformType: + return cloudType == reflect.TypeOf(minterv1.KubevirtProviderSpec{}).Name(), nil default: return false, fmt.Errorf("unsupported platorm type: %v", clusterCloudPlatform) } diff --git a/pkg/operator/metrics/metrics.go b/pkg/operator/metrics/metrics.go index 34ad74fdd1..9af3f58d08 100644 --- a/pkg/operator/metrics/metrics.go +++ b/pkg/operator/metrics/metrics.go @@ -193,6 +193,8 @@ func cloudProviderSpecToMetricsKey(cloud string) string { return "ovirt" case "VsphereProviderSpec": return "vsphere" + case "KubevirtProviderSpec": + return "kubevirt" default: return "unknown" } From 317756241a98906cfe82fdc51bbff37e89587e85 Mon Sep 17 00:00:00 2001 From: Danielle Barda Date: Thu, 13 Aug 2020 22:07:04 +0300 Subject: [PATCH 7/8] Adding UT --- pkg/ocp/actuator_test.go | 400 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 400 insertions(+) create mode 100644 pkg/ocp/actuator_test.go diff --git a/pkg/ocp/actuator_test.go b/pkg/ocp/actuator_test.go new file mode 100644 index 0000000000..17d5367460 --- /dev/null +++ b/pkg/ocp/actuator_test.go @@ -0,0 +1,400 @@ +/* +Copyright 2019 The OpenShift Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package ocp_test + +import ( + "context" + "fmt" + "github.com/openshift/cloud-credential-operator/pkg/ocp" + kubernetesErrors "k8s.io/apimachinery/pkg/api/errors" + "reflect" + "testing" + + openshiftapiv1 "github.com/openshift/api/config/v1" + minterv1 "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1" + "github.com/openshift/cloud-credential-operator/pkg/operator/constants" + "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + "k8s.io/client-go/kubernetes/scheme" + kubernetesClient "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/client/fake" +) + +const ( + testNamespace = "openshift-cloud-credential-operator" + testCredRequestName = "openshift-machine-api-kubevirt" + testInfrastructureName = "test-cluster-abcd" + testRandomSuffix = "random" + testOpenshiftMachineApiKubevirtNamespace = "openshift-machine-api" + +) + +var ( + kubevirtCredentialData = []byte("data") + + kubevirtSpec = &minterv1.KubevirtProviderSpec{} + + kubevirtCredentialsSecret = corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: constants.KubevirtCloudCredSecretName, + Namespace: constants.CloudCredSecretNamespace, + }, + Data: map[string][]byte{ + ocp.KubevirtCredentialsSecretKey: kubevirtCredentialData, + }, + } + + kubevirtOpenshiftMmachineApiSecret = corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: constants.KubevirtCloudCredSecretName, + Namespace: testOpenshiftMachineApiKubevirtNamespace, + }, + Data: map[string][]byte{ + ocp.KubevirtCredentialsSecretKey: kubevirtCredentialData, + }, + } + + +) + +func TestDecodeToUnknown(t *testing.T) { + codec, err := minterv1.NewCodec() + if err != nil { + t.Fatalf("failed to create codec %#v", err) + } + var raw *runtime.RawExtension + aps := minterv1.KubevirtProviderSpec{} + raw, err = codec.EncodeProviderSpec(&aps) + if err != nil { + t.Fatalf("failed to encode codec %#v", err) + } + unknown := runtime.Unknown{} + err = codec.DecodeProviderStatus(raw, &unknown) + if err != nil { + t.Fatalf("should be able to decode to Unknown %#v", err) + } + if unknown.Kind != reflect.TypeOf(minterv1.KubevirtProviderSpec{}).Name() { + t.Fatalf("expected decoded kind to be %s but was %s", reflect.TypeOf(minterv1.KubevirtProviderSpec{}).Name(), unknown.Kind) + } +} + +func TestCreateCR(t *testing.T) { + if err := openshiftapiv1.Install(scheme.Scheme); err != nil { + t.Fatal(err) + } + + if err := minterv1.SchemeBuilder.AddToScheme(scheme.Scheme); err != nil { + t.Fatal(err) + } + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesClient.Client) + }{ + { + name: "Create CR happy flow", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client) { + cr := getCredRequest(t, c) + assert.NotEqual(t, cr, nil) + + secret := getSecret(t, c) + assert.NotEqual(t, secret, nil) + + }, + }, + { + name: "Create CR fail on getCredentialSecret kube-system:kubevirt-credentials", + existing: []runtime.Object{}, + credentialsRequest: testCredentialsRequest(t), + expectedErr: fmt.Errorf("unable to fetch root cloud cred secret: secrets \"kubevirt-credentials\" not found"), + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := ocp.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + testErr := actuator.Create(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient) + } + + }) + } +} + +func TestDeleteCR(t *testing.T) { + if err := openshiftapiv1.Install(scheme.Scheme); err != nil { + t.Fatal(err) + } + + if err := minterv1.SchemeBuilder.AddToScheme(scheme.Scheme); err != nil { + t.Fatal(err) + } + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesClient.Client) + }{ + { + name: "Delete CR happy flow", + existing: existingObjectsAfterCreate(t), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client) {}, + }, + { + name: "Delete CR happy flow - existingSecret not exist", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client) {}, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := ocp.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + testErr := actuator.Delete(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient) + } + + }) + } +} + +func TestExistsCR(t *testing.T) { + if err := openshiftapiv1.Install(scheme.Scheme); err != nil { + t.Fatal(err) + } + + if err := minterv1.SchemeBuilder.AddToScheme(scheme.Scheme); err != nil { + t.Fatal(err) + } + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesClient.Client, bool) + }{ + { + name: "Exists CR happy flow (true)", + existing: existingObjectsAfterCreate(t), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client, isExists bool) { + secret := getSecret(t, c) + assert.Equal(t, isExists, true) + assert.NotEqual(t, secret, nil) + }, + }, + { + name: "Non Exists CR happy flow (false)", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client, isExists bool) { + secret := getSecret(t, c) + assert.Equal(t, isExists, false) + assert.Nil(t, secret) + }, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := ocp.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + isExists, testErr := actuator.Exists(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient, isExists) + } + + }) + } +} + +func TestUpdateCR(t *testing.T) { + if err := openshiftapiv1.Install(scheme.Scheme); err != nil { + t.Fatal(err) + } + + if err := minterv1.SchemeBuilder.AddToScheme(scheme.Scheme); err != nil { + t.Fatal(err) + } + + tests := []struct { + name string + existing []runtime.Object + credentialsRequest *minterv1.CredentialsRequest + expectedErr error + errRegexp string + validate func(*testing.T, kubernetesClient.Client) + }{ + { + name: "Update CR happy flow - non exists", + existing: defaultExistingObjects(), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client) { + cr := getCredRequest(t, c) + assert.NotEqual(t, cr, nil) + }, + }, + { + name: "Update CR happy flow - exists", + existing: existingObjectsAfterCreate(t), + credentialsRequest: testCredentialsRequest(t), + validate: func(t *testing.T, c kubernetesClient.Client) { + cr := getCredRequest(t, c) + assert.NotEqual(t, cr, nil) + }, + }, + { + name: "Update CR fail on getCredentialSecret kube-system:kubevirt-credentials", + existing: []runtime.Object{}, + credentialsRequest: testCredentialsRequest(t), + expectedErr: fmt.Errorf("unable to fetch root cloud cred secret: secrets \"kubevirt-credentials\" not found"), + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + allObjects := append(test.existing, test.credentialsRequest) + fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) + + actuator, err := ocp.NewActuator(fakeClient) + if err != nil { + assert.Regexp(t, test.errRegexp, err) + assert.Nil(t, actuator) + return + } + testErr := actuator.Update(context.TODO(), test.credentialsRequest) + if test.expectedErr != nil { + assert.Error(t, testErr) + assert.Equal(t, test.expectedErr.Error(), testErr.Error()) + } else { + test.validate(t, fakeClient) + } + + }) + } +} + +func getSecret(t *testing.T, c kubernetesClient.Client) *corev1.Secret { + credRequest := getCredRequest(t, c) + + secret := &corev1.Secret{} + err := c.Get(context.TODO(), types.NamespacedName{ + Namespace: credRequest.Spec.SecretRef.Namespace, + Name: credRequest.Spec.SecretRef.Name, + }, secret) + if err != nil && kubernetesErrors.IsNotFound(err) { + return nil + } + + assert.NoError(t, err) + return secret +} + +func getCredRequest(t *testing.T, c kubernetesClient.Client) *minterv1.CredentialsRequest { + cr := &minterv1.CredentialsRequest{} + assert.NoError(t, c.Get(context.TODO(), types.NamespacedName{Namespace: testNamespace, Name: testCredRequestName}, cr)) + return cr +} + +func defaultExistingObjects() []runtime.Object { + objs := []runtime.Object{ + &kubevirtCredentialsSecret, + } + return objs +} + +func existingObjectsAfterCreate(t *testing.T) []runtime.Object { + objs := []runtime.Object{ + &kubevirtCredentialsSecret, + &kubevirtOpenshiftMmachineApiSecret, + } + return objs +} + +func testCredentialsRequest(t *testing.T) *minterv1.CredentialsRequest { + codec, err := minterv1.NewCodec() + if err != nil { + t.Fatalf("error creating OCP codec: %v", err) + } + + rawObj, err := codec.EncodeProviderSpec(kubevirtSpec) + if err != nil { + t.Fatalf("error decoding provider v1 spec: %v", err) + } + + cr := &minterv1.CredentialsRequest{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: testNamespace, + Name: testCredRequestName, + }, + Spec: minterv1.CredentialsRequestSpec{ + SecretRef: corev1.ObjectReference{ + Namespace: testOpenshiftMachineApiKubevirtNamespace, + Name: constants.KubevirtCloudCredSecretName, + }, + ProviderSpec: rawObj, + }, + } + + return cr +} From b2d258fefec13bac05c6d04f31aa81ef274b2398 Mon Sep 17 00:00:00 2001 From: Danielle Barda Date: Wed, 30 Sep 2020 13:37:14 +0300 Subject: [PATCH 8/8] Changing openshift provider to be kubevirt provider --- pkg/{ocp => kubevirt}/actuator.go | 44 +++++++++++++------------- pkg/{ocp => kubevirt}/actuator_test.go | 20 ++++++------ pkg/operator/controller.go | 7 ++-- 3 files changed, 35 insertions(+), 36 deletions(-) rename pkg/{ocp => kubevirt}/actuator.go (77%) rename pkg/{ocp => kubevirt}/actuator_test.go (95%) diff --git a/pkg/ocp/actuator.go b/pkg/kubevirt/actuator.go similarity index 77% rename from pkg/ocp/actuator.go rename to pkg/kubevirt/actuator.go index 6833dfb672..649f995c64 100644 --- a/pkg/ocp/actuator.go +++ b/pkg/kubevirt/actuator.go @@ -13,7 +13,7 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ -package ocp +package kubevirt import ( "context" @@ -36,7 +36,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -type OCPActuator struct { +type KubevirtActuator struct { Client client.Client Codec *minterv1.ProviderCodec } @@ -44,15 +44,15 @@ type OCPActuator struct { const ( KubevirtCredentialsSecretKey = "kubeconfig" ) -// NewActuator creates a new OCP actuator. -func NewActuator(client client.Client) (*OCPActuator, error) { +// NewActuator creates a new Kubevirt actuator. +func NewActuator(client client.Client) (*KubevirtActuator, error) { codec, err := minterv1.NewCodec() if err != nil { - log.WithError(err).Error("error creating OCP codec") - return nil, fmt.Errorf("error creating OCP codec: %v", err) + log.WithError(err).Error("error creating Kubevirt codec") + return nil, fmt.Errorf("error creating Kubevirt codec: %v", err) } - return &OCPActuator{ + return &KubevirtActuator{ Codec: codec, Client: client, }, nil @@ -60,7 +60,7 @@ func NewActuator(client client.Client) (*OCPActuator, error) { // Exists checks if the credentials currently exist. // TODO: in the future validate the expiration of the credentials -func (a *OCPActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error) { +func (a *KubevirtActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error) { logger := a.getLogger(cr) logger.Debug("running Exists") var err error @@ -74,21 +74,21 @@ func (a *OCPActuator) Exists(ctx context.Context, cr *minterv1.CredentialsReques } // Create the credentials. -func (a *OCPActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error { +func (a *KubevirtActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error { logger := a.getLogger(cr) logger.Debug("running Create") return a.sync(ctx, cr, logger) } // Update the credentials to the provided definition. -func (a *OCPActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error { +func (a *KubevirtActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error { logger := a.getLogger(cr) logger.Debug("running Update") return a.sync(ctx, cr, logger) } // Delete credentials -func (a *OCPActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error { +func (a *KubevirtActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error { logger := a.getLogger(cr) logger.Debug("running Delete") @@ -107,11 +107,11 @@ func (a *OCPActuator) Delete(ctx context.Context, cr *minterv1.CredentialsReques } // GetCredentialsRootSecretLocation returns the namespace and name where the parent credentials secret is stored. -func (a *OCPActuator) GetCredentialsRootSecretLocation() types.NamespacedName { +func (a *KubevirtActuator) GetCredentialsRootSecretLocation() types.NamespacedName { return types.NamespacedName{Namespace: constants.CloudCredSecretNamespace, Name: constants.KubevirtCloudCredSecretName} } -func (a *OCPActuator) sync(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) error { +func (a *KubevirtActuator) sync(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) error { logger.Debug("running sync") // get the secret data from the credentials request @@ -140,7 +140,7 @@ func (a *OCPActuator) sync(ctx context.Context, cr *minterv1.CredentialsRequest, return nil } -func (a *OCPActuator) getCredentialsSecretData(ctx context.Context, logger log.FieldLogger) ([]byte, error) { +func (a *KubevirtActuator) getCredentialsSecretData(ctx context.Context, logger log.FieldLogger) ([]byte, error) { // get the secret of the kubevirt credentials kubevirtCredentialsSecret := &corev1.Secret{} if err := a.Client.Get(ctx, a.GetCredentialsRootSecretLocation(), kubevirtCredentialsSecret); err != nil { @@ -162,7 +162,7 @@ func (a *OCPActuator) getCredentialsSecretData(ctx context.Context, logger log.F return infraClusterKubeconfig, nil } -func (a *OCPActuator) syncCredentialSecret(ctx context.Context, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, existingSecret *corev1.Secret, logger log.FieldLogger) error{ +func (a *KubevirtActuator) syncCredentialSecret(ctx context.Context, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, existingSecret *corev1.Secret, logger log.FieldLogger) error{ if existingSecret == nil { if kubevirtCredentialData == nil { msg := "new access key secret needed but no key data provided" @@ -179,7 +179,7 @@ func (a *OCPActuator) syncCredentialSecret(ctx context.Context, cr *minterv1.Cre return a.updateExistingSecret(logger, existingSecret, cr, kubevirtCredentialData) } -func (a *OCPActuator) updateExistingSecret(logger log.FieldLogger, existingSecret *corev1.Secret, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte) error { +func (a *KubevirtActuator) updateExistingSecret(logger log.FieldLogger, existingSecret *corev1.Secret, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte) error { // Update the existing secret: logger.Debug("updating secret") origSecret := existingSecret.DeepCopy() @@ -210,7 +210,7 @@ func (a *OCPActuator) updateExistingSecret(logger log.FieldLogger, existingSecre return nil } -func (a *OCPActuator) createNewSecret(logger log.FieldLogger, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, ctx context.Context) error { +func (a *KubevirtActuator) createNewSecret(logger log.FieldLogger, cr *minterv1.CredentialsRequest, kubevirtCredentialData *[]byte, ctx context.Context) error { logger.Info("creating secret") secret := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ @@ -234,7 +234,7 @@ func (a *OCPActuator) createNewSecret(logger log.FieldLogger, cr *minterv1.Crede return nil } -func (a *OCPActuator) getSecret(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) (*corev1.Secret, error) { +func (a *KubevirtActuator) getSecret(ctx context.Context, cr *minterv1.CredentialsRequest, logger log.FieldLogger) (*corev1.Secret, error) { logger.Debug("running getSecret") existingSecret := &corev1.Secret{} @@ -254,15 +254,15 @@ func (a *OCPActuator) getSecret(ctx context.Context, cr *minterv1.CredentialsReq return existingSecret, nil } -func (a *OCPActuator) getLogger(cr *minterv1.CredentialsRequest) log.FieldLogger { +func (a *KubevirtActuator) getLogger(cr *minterv1.CredentialsRequest) log.FieldLogger { return log.WithFields(log.Fields{ - "actuator": "Openshift", + "actuator": "Kubevirt", "targetSecret": fmt.Sprintf("%s/%s", cr.Spec.SecretRef.Namespace, cr.Spec.SecretRef.Name), "cr": fmt.Sprintf("%s/%s", cr.Namespace, cr.Name), }) } -func (a *OCPActuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition { +func (a *KubevirtActuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition { upgradeableCondition := &configv1.ClusterOperatorStatusCondition{ Status: configv1.ConditionTrue, Type: configv1.OperatorUpgradeable, @@ -270,6 +270,6 @@ func (a *OCPActuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv return upgradeableCondition } -func (a *OCPActuator) GetUpcomingCredSecrets() []types.NamespacedName { +func (a *KubevirtActuator) GetUpcomingCredSecrets() []types.NamespacedName { return []types.NamespacedName{} } diff --git a/pkg/ocp/actuator_test.go b/pkg/kubevirt/actuator_test.go similarity index 95% rename from pkg/ocp/actuator_test.go rename to pkg/kubevirt/actuator_test.go index 17d5367460..0643999364 100644 --- a/pkg/ocp/actuator_test.go +++ b/pkg/kubevirt/actuator_test.go @@ -14,12 +14,12 @@ See the License for the specific language governing permissions and limitations under the License. */ -package ocp_test +package kubevirt_test import ( "context" "fmt" - "github.com/openshift/cloud-credential-operator/pkg/ocp" + "github.com/openshift/cloud-credential-operator/pkg/kubevirt" kubernetesErrors "k8s.io/apimachinery/pkg/api/errors" "reflect" "testing" @@ -38,7 +38,7 @@ import ( ) const ( - testNamespace = "openshift-cloud-credential-operator" + testNamespace = "Kubevirt-cloud-credential-operator" testCredRequestName = "openshift-machine-api-kubevirt" testInfrastructureName = "test-cluster-abcd" testRandomSuffix = "random" @@ -57,7 +57,7 @@ var ( Namespace: constants.CloudCredSecretNamespace, }, Data: map[string][]byte{ - ocp.KubevirtCredentialsSecretKey: kubevirtCredentialData, + kubevirt.KubevirtCredentialsSecretKey: kubevirtCredentialData, }, } @@ -67,7 +67,7 @@ var ( Namespace: testOpenshiftMachineApiKubevirtNamespace, }, Data: map[string][]byte{ - ocp.KubevirtCredentialsSecretKey: kubevirtCredentialData, + kubevirt.KubevirtCredentialsSecretKey: kubevirtCredentialData, }, } @@ -137,7 +137,7 @@ func TestCreateCR(t *testing.T) { allObjects := append(test.existing, test.credentialsRequest) fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) - actuator, err := ocp.NewActuator(fakeClient) + actuator, err := kubevirt.NewActuator(fakeClient) if err != nil { assert.Regexp(t, test.errRegexp, err) assert.Nil(t, actuator) @@ -190,7 +190,7 @@ func TestDeleteCR(t *testing.T) { allObjects := append(test.existing, test.credentialsRequest) fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) - actuator, err := ocp.NewActuator(fakeClient) + actuator, err := kubevirt.NewActuator(fakeClient) if err != nil { assert.Regexp(t, test.errRegexp, err) assert.Nil(t, actuator) @@ -251,7 +251,7 @@ func TestExistsCR(t *testing.T) { allObjects := append(test.existing, test.credentialsRequest) fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) - actuator, err := ocp.NewActuator(fakeClient) + actuator, err := kubevirt.NewActuator(fakeClient) if err != nil { assert.Regexp(t, test.errRegexp, err) assert.Nil(t, actuator) @@ -316,7 +316,7 @@ func TestUpdateCR(t *testing.T) { allObjects := append(test.existing, test.credentialsRequest) fakeClient := fake.NewFakeClientWithScheme(scheme.Scheme, allObjects...) - actuator, err := ocp.NewActuator(fakeClient) + actuator, err := kubevirt.NewActuator(fakeClient) if err != nil { assert.Regexp(t, test.errRegexp, err) assert.Nil(t, actuator) @@ -374,7 +374,7 @@ func existingObjectsAfterCreate(t *testing.T) []runtime.Object { func testCredentialsRequest(t *testing.T) *minterv1.CredentialsRequest { codec, err := minterv1.NewCodec() if err != nil { - t.Fatalf("error creating OCP codec: %v", err) + t.Fatalf("error creating Kubevirt codec: %v", err) } rawObj, err := codec.EncodeProviderSpec(kubevirtSpec) diff --git a/pkg/operator/controller.go b/pkg/operator/controller.go index 9ba9fb4599..c76beb8ad7 100644 --- a/pkg/operator/controller.go +++ b/pkg/operator/controller.go @@ -31,7 +31,7 @@ import ( "github.com/openshift/cloud-credential-operator/pkg/operator/secretannotator" "github.com/openshift/cloud-credential-operator/pkg/ovirt" "github.com/openshift/cloud-credential-operator/pkg/util" - "github.com/openshift/cloud-credential-operator/pkg/ocp" + "github.com/openshift/cloud-credential-operator/pkg/kubevirt" vsphereactuator "github.com/openshift/cloud-credential-operator/pkg/vsphere/actuator" configv1 "github.com/openshift/api/config/v1" @@ -123,10 +123,9 @@ func AddToManager(m manager.Manager, explicitKubeconfig string) error { if err != nil { return err } - // TODO: change it to OCP case configv1.KubevirtPlatformType: - log.Info("initializing OCP actuator") - a, err = ocp.NewActuator(m.GetClient()) + log.Info("initializing Kubevirt actuator") + a, err = kubevirt.NewActuator(m.GetClient()) if err != nil { return err }