diff --git a/go.mod b/go.mod index 8b92afb30..7999094c4 100644 --- a/go.mod +++ b/go.mod @@ -6,10 +6,10 @@ require ( github.com/ghodss/yaml v1.0.0 github.com/gonum/graph v0.0.0-20170401004347-50b27dea7ebb github.com/google/go-cmp v0.5.9 - github.com/openshift/api v0.0.0-20230503133300-8bbcb7ca7183 + github.com/openshift/api v0.0.0-20230509100629-894b49f57a15 github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d github.com/openshift/client-go v0.0.0-20230503144108-75015d2347cb - github.com/openshift/library-go v0.0.0-20230503173034-95ca3c14e50a + github.com/openshift/library-go v0.0.0-20230510144506-e749b54aff20 github.com/prometheus/client_golang v1.14.0 github.com/prometheus/common v0.37.0 github.com/spf13/cobra v1.6.0 diff --git a/go.sum b/go.sum index ddf992b8c..386c5be1f 100644 --- a/go.sum +++ b/go.sum @@ -431,14 +431,14 @@ github.com/onsi/ginkgo/v2 v2.9.1 h1:zie5Ly042PD3bsCvsSOPvRnFwyo3rKe64TJlD6nu0mk= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.27.4 h1:Z2AnStgsdSayCMDiCU42qIz+HLqEPcgiOCXjAU/w+8E= -github.com/openshift/api v0.0.0-20230503133300-8bbcb7ca7183 h1:t/CahSnpqY46sQR01SoS+Jt0jtjgmhgE6lFmRnO4q70= -github.com/openshift/api v0.0.0-20230503133300-8bbcb7ca7183/go.mod h1:4VWG+W22wrB4HfBL88P40DxLEpSOaiBVxUnfalfJo9k= +github.com/openshift/api v0.0.0-20230509100629-894b49f57a15 h1:0aKQixYOtjKB3NKhNzFeQ1t0oDOkacpaAN1ztfZufB8= +github.com/openshift/api v0.0.0-20230509100629-894b49f57a15/go.mod h1:4VWG+W22wrB4HfBL88P40DxLEpSOaiBVxUnfalfJo9k= github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d h1:RR4ah7FfaPR1WePizm0jlrsbmPu91xQZnAsVVreQV1k= github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= github.com/openshift/client-go v0.0.0-20230503144108-75015d2347cb h1:Nij5OnaECrkmcRQMAE9LMbQXPo95aqFnf+12B7SyFVI= github.com/openshift/client-go v0.0.0-20230503144108-75015d2347cb/go.mod h1:Rhb3moCqeiTuGHAbXBOlwPubUMlOZEkrEWTRjIF3jzs= -github.com/openshift/library-go v0.0.0-20230503173034-95ca3c14e50a h1:GWDlGsHQUo2QaXG8r4nCAbAMAYNN85HOMt+vZSLBOdQ= -github.com/openshift/library-go v0.0.0-20230503173034-95ca3c14e50a/go.mod h1:PJVatR/oS/EaFciwylyAr9hORSqQHrC+5bXf4L0wsBY= +github.com/openshift/library-go v0.0.0-20230510144506-e749b54aff20 h1:BfL2/x2Z/N3Wc1AhovvZ1pWStxwTuQdo6A84NPhSTvY= +github.com/openshift/library-go v0.0.0-20230510144506-e749b54aff20/go.mod h1:PJVatR/oS/EaFciwylyAr9hORSqQHrC+5bXf4L0wsBY= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= diff --git a/pkg/cmd/render/render.go b/pkg/cmd/render/render.go index 9cf117bea..8afc8ef3c 100644 --- a/pkg/cmd/render/render.go +++ b/pkg/cmd/render/render.go @@ -7,7 +7,6 @@ import ( "path/filepath" "github.com/ghodss/yaml" - configv1 "github.com/openshift/api/config/v1" kubecontrolplanev1 "github.com/openshift/api/kubecontrolplane/v1" "github.com/openshift/cluster-kube-controller-manager-operator/bindata" "github.com/openshift/cluster-kube-controller-manager-operator/pkg/operator/targetconfigcontroller" @@ -130,22 +129,6 @@ type TemplateData struct { ServiceClusterIPRange []string } -func setFeatureGates(renderConfig *TemplateData, opts *renderOpts) error { - featureSet, ok := configv1.FeatureSets[configv1.FeatureSet(opts.generic.FeatureSet)] - if !ok { - return fmt.Errorf("featureSet %q not found", featureSet) - } - allGates := []string{} - for _, enabled := range featureSet.Enabled { - allGates = append(allGates, fmt.Sprintf("%v=true", enabled.FeatureGateAttributes.Name)) - } - for _, disabled := range featureSet.Disabled { - allGates = append(allGates, fmt.Sprintf("%v=false", disabled.FeatureGateAttributes.Name)) - } - renderConfig.FeatureGates = allGates - return nil -} - func setFeatureGatesFromAccessor(renderConfig *TemplateData, featureGates featuregates.FeatureGateAccess) error { currFeatureGates, err := featureGates.CurrentFeatureGates() if err != nil { @@ -260,15 +243,10 @@ func (r *renderOpts) Run() error { featureGates, err := r.generic.FeatureGates() if err != nil { - klog.Warningf(fmt.Sprintf("error getting FeatureGates: %v", err)) - if err := setFeatureGates(&renderConfig, r); err != nil { - return err - } - - } else { - if err := setFeatureGatesFromAccessor(&renderConfig, featureGates); err != nil { - return err - } + return fmt.Errorf("error getting FeatureGates: %v", err) + } + if err := setFeatureGatesFromAccessor(&renderConfig, featureGates); err != nil { + return err } if err := r.manifest.ApplyTo(&renderConfig.ManifestConfig); err != nil { diff --git a/pkg/cmd/render/render_test.go b/pkg/cmd/render/render_test.go index 6750a1069..ddd6e0711 100644 --- a/pkg/cmd/render/render_test.go +++ b/pkg/cmd/render/render_test.go @@ -219,58 +219,9 @@ func TestRenderCommand(t *testing.T) { "--config-output-file=", "--cpc-config-output-file=", }, - expectedErr: nil, - expectedFiles: []string{ - "configs/config.yaml", - "configs/cpc-config.yaml", - "manifests/bootstrap-manifests/kube-controller-manager-pod.yaml", - "manifests/manifests/0000_00_namespace-openshift-infra.yaml", - "manifests/manifests/00_namespace-security-allocation-controller-clusterrole.yaml", - "manifests/manifests/00_namespace-security-allocation-controller-clusterrolebinding.yaml", - "manifests/manifests/00_openshift-kube-controller-manager-ns.yaml", - "manifests/manifests/00_openshift-kube-controller-manager-operator-ns.yaml", - "manifests/manifests/00_podsecurity-admission-label-syncer-controller-clusterrole.yaml", - "manifests/manifests/00_podsecurity-admission-label-syncer-controller-clusterrolebinding.yaml", - "manifests/manifests/secret-csr-signer-signer.yaml", - "manifests/manifests/secret-initial-kube-controller-manager-service-account-private-key.yaml", - }, - expectedContents: map[string]map[string]interface{}{ - "manifests/bootstrap-manifests/kube-controller-manager-pod.yaml": { - "spec.containers[0].args": []interface{}{ - "--openshift-config=/etc/kubernetes/config/kube-controller-manager-config.yaml", - "--kubeconfig=/etc/kubernetes/secrets/kubeconfig", - "--v=2", - "--allocate-node-cidrs=false", - "--authentication-kubeconfig=/etc/kubernetes/secrets/kubeconfig", - "--authorization-kubeconfig=/etc/kubernetes/secrets/kubeconfig", - "--cert-dir=/var/run/kubernetes", - "--cluster-signing-cert-file=/etc/kubernetes/secrets/kubelet-signer.crt", - "--cluster-signing-duration=720h", - "--cluster-signing-key-file=/etc/kubernetes/secrets/kubelet-signer.key", - "--configure-cloud-routes=false", - "--controllers=*", - "--controllers=-bootstrapsigner", - "--controllers=-tokencleaner", - "--controllers=-ttl", - "--enable-dynamic-provisioning=true", - "--feature-gates=OpenShiftPodSecurityAdmission=true", - "--feature-gates=RetroactiveDefaultStorageClass=false", - "--flex-volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec", - "--kube-api-burst=300", - "--kube-api-qps=150", - "--leader-elect-renew-deadline=12s", - "--leader-elect-resource-lock=leases", - "--leader-elect-retry-period=3s", - "--leader-elect=true", - "--pv-recycler-pod-template-filepath-hostpath=", - "--pv-recycler-pod-template-filepath-nfs=", - "--root-ca-file=/etc/kubernetes/secrets/kube-apiserver-complete-server-ca-bundle.crt", - "--secure-port=10257", - "--service-account-private-key-file=/etc/kubernetes/secrets/service-account.key", - "--use-service-account-credentials=true", - }, - }, - }, + expectedErr: fmt.Errorf("error getting FeatureGates: cannot return FeatureGate without payload version"), + expectedFiles: nil, + expectedContents: map[string]map[string]interface{}{}, }, { name: "duplicate-rendered-fg", diff --git a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01.crd.yaml b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01.crd.yaml index af20b51a7..0adfde4b4 100644 --- a/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01.crd.yaml +++ b/vendor/github.com/openshift/api/operator/v1/0000_70_cluster-network-operator_01.crd.yaml @@ -268,6 +268,10 @@ spec: format: int32 default: 50 minimum: 1 + maxLogFiles: + description: 'maxLogFiles specifies the maximum number of ACL_audit log files that can be present. Default: 5' + type: integer + format: int32 rateLimit: description: rateLimit is the approximate maximum number of messages to generate per-second per-node. If unset the default of 20 msg/sec is used. type: integer diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index e04498fb6..a3cea6b67 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -543,6 +543,11 @@ type PolicyAuditConfig struct { // +optional MaxFileSize *uint32 `json:"maxFileSize,omitempty"` + // maxLogFiles specifies the maximum number of ACL_audit log files that can be present. + // Default: 5 + // +optional + MaxLogFiles *int32 `json:"maxLogFiles,omitempty"` + // destination is the location for policy log messages. // Regardless of this config, persistent logs will always be dumped to the host // at /var/log/ovn/ however diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 609219c06..b72d5296f 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -3512,6 +3512,11 @@ func (in *PolicyAuditConfig) DeepCopyInto(out *PolicyAuditConfig) { *out = new(uint32) **out = **in } + if in.MaxLogFiles != nil { + in, out := &in.MaxLogFiles, &out.MaxLogFiles + *out = new(int32) + **out = **in + } return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index b93db3608..d87f7b7dc 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -1423,6 +1423,7 @@ func (OpenShiftSDNConfig) SwaggerDoc() map[string]string { var map_PolicyAuditConfig = map[string]string{ "rateLimit": "rateLimit is the approximate maximum number of messages to generate per-second per-node. If unset the default of 20 msg/sec is used.", "maxFileSize": "maxFilesSize is the max size an ACL_audit log file is allowed to reach before rotation occurs Units are in MB and the Default is 50MB", + "maxLogFiles": "maxLogFiles specifies the maximum number of ACL_audit log files that can be present. Default: 5", "destination": "destination is the location for policy log messages. Regardless of this config, persistent logs will always be dumped to the host at /var/log/ovn/ however Additionally syslog output may be configured as follows. Valid values are: - \"libc\" -> to use the libc syslog() function of the host node's journdald process - \"udp:host:port\" -> for sending syslog over UDP - \"unix:file\" -> for using the UNIX domain socket directly - \"null\" -> to discard all messages logged to syslog The default is \"null\"", "syslogFacility": "syslogFacility the RFC5424 facility for generated messages, e.g. \"kern\". Default is \"local0\"", } diff --git a/vendor/github.com/openshift/api/route/v1/generated.proto b/vendor/github.com/openshift/api/route/v1/generated.proto index b2fd879bb..b6bfc1639 100644 --- a/vendor/github.com/openshift/api/route/v1/generated.proto +++ b/vendor/github.com/openshift/api/route/v1/generated.proto @@ -242,6 +242,8 @@ message RouterShard { } // TLSConfig defines config used to secure a route and provide termination +// +// +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" message TLSConfig { // termination indicates termination type. // @@ -272,9 +274,11 @@ message TLSConfig { // insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While // each router may make its own decisions on which ports to expose, this is normally port 80. // - // * Allow - traffic is sent to the server on the insecure port (default) - // * Disable - no traffic is allowed on the insecure port. + // * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + // * None - no traffic is allowed on the insecure port. // * Redirect - clients are redirected to the secure port. + // + // +kubebuilder:validation:Enum=Allow;None;Redirect;"" optional string insecureEdgeTerminationPolicy = 6; } diff --git a/vendor/github.com/openshift/api/route/v1/route.crd.yaml b/vendor/github.com/openshift/api/route/v1/route.crd.yaml index 84aba660b..d4a7dfcf8 100644 --- a/vendor/github.com/openshift/api/route/v1/route.crd.yaml +++ b/vendor/github.com/openshift/api/route/v1/route.crd.yaml @@ -151,32 +151,6 @@ spec: termination: enum: - edge - - anyOf: - - properties: - insecureEdgeTerminationPolicy: - enum: - - "" - - None - - Allow - - Redirect - - not: - properties: - termination: - enum: - - edge - - reencrypt - - anyOf: - - properties: - insecureEdgeTerminationPolicy: - enum: - - "" - - None - - Redirect - - not: - properties: - termination: - enum: - - passthrough description: The tls field provides the ability to configure certificates and termination for the route. properties: caCertificate: @@ -189,7 +163,12 @@ spec: description: destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string insecureEdgeTerminationPolicy: - description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. \n * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port." + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents @@ -204,6 +183,9 @@ spec: required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) : true' to: description: to is an object the route should use as the primary backend. Only the Service kind is allowed, and it will be defaulted to Service. If the weight field (0-256 default 100) is set to zero, no traffic will be sent to this backend. properties: diff --git a/vendor/github.com/openshift/api/route/v1/route.crd.yaml-patch b/vendor/github.com/openshift/api/route/v1/route.crd.yaml-patch index 47fbb5da8..7f09302f3 100644 --- a/vendor/github.com/openshift/api/route/v1/route.crd.yaml-patch +++ b/vendor/github.com/openshift/api/route/v1/route.crd.yaml-patch @@ -65,22 +65,3 @@ properties: termination: enum: ["edge"] - # Any insecure edge-termination policy may be used if we terminate TLS. - - anyOf: - - properties: - insecureEdgeTerminationPolicy: - enum: ["", "None", "Allow", "Redirect"] - - not: - properties: - termination: - enum: ["edge","reencrypt"] - # Any insecure edge-termination policy *except* for "Allow" maybe used when - # using passthrough TLS. - - anyOf: - - properties: - insecureEdgeTerminationPolicy: - enum: ["", "None", "Redirect"] - - not: - properties: - termination: - enum: ["passthrough"] diff --git a/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml b/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml index 68e144b64..0031afdb5 100644 --- a/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml +++ b/vendor/github.com/openshift/api/route/v1/stable.route.testsuite.yaml @@ -20,3 +20,65 @@ tests: name: foo weight: 100 wildcardPolicy: None + - name: "cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" + initial: | + apiVersion: route.openshift.io/v1 + kind: Route + spec: + to: + kind: Service + name: foo + tls: + termination: passthrough + insecureEdgeTerminationPolicy: Allow + expectedError: "cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" + - name: "spec.tls.termination: passthrough is compatible with spec.tls.insecureEdgeTerminationPolicy: Redirect" + initial: | + apiVersion: route.openshift.io/v1 + kind: Route + spec: + host: test.foo + to: + kind: Service + name: foo + tls: + termination: passthrough + insecureEdgeTerminationPolicy: Redirect + expected: | + apiVersion: route.openshift.io/v1 + kind: Route + spec: + host: test.foo + to: + kind: Service + name: foo + weight: 100 + tls: + termination: passthrough + insecureEdgeTerminationPolicy: Redirect + wildcardPolicy: None + - name: "spec.tls.termination: passthrough is compatible with spec.tls.insecureEdgeTerminationPolicy: None" + initial: | + apiVersion: route.openshift.io/v1 + kind: Route + spec: + host: test.foo + to: + kind: Service + name: foo + tls: + termination: passthrough + insecureEdgeTerminationPolicy: None + expected: | + apiVersion: route.openshift.io/v1 + kind: Route + spec: + host: test.foo + to: + kind: Service + name: foo + weight: 100 + tls: + termination: passthrough + insecureEdgeTerminationPolicy: None + wildcardPolicy: None diff --git a/vendor/github.com/openshift/api/route/v1/types.go b/vendor/github.com/openshift/api/route/v1/types.go index eed8d69e6..a48161cf2 100644 --- a/vendor/github.com/openshift/api/route/v1/types.go +++ b/vendor/github.com/openshift/api/route/v1/types.go @@ -246,6 +246,8 @@ type RouterShard struct { } // TLSConfig defines config used to secure a route and provide termination +// +// +kubebuilder:validation:XValidation:rule="has(self.termination) && has(self.insecureEdgeTerminationPolicy) ? !((self.termination=='passthrough') && (self.insecureEdgeTerminationPolicy=='Allow')) : true", message="cannot have both spec.tls.termination: passthrough and spec.tls.insecureEdgeTerminationPolicy: Allow" type TLSConfig struct { // termination indicates termination type. // @@ -276,9 +278,11 @@ type TLSConfig struct { // insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While // each router may make its own decisions on which ports to expose, this is normally port 80. // - // * Allow - traffic is sent to the server on the insecure port (default) - // * Disable - no traffic is allowed on the insecure port. + // * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + // * None - no traffic is allowed on the insecure port. // * Redirect - clients are redirected to the secure port. + // + // +kubebuilder:validation:Enum=Allow;None;Redirect;"" InsecureEdgeTerminationPolicy InsecureEdgeTerminationPolicyType `json:"insecureEdgeTerminationPolicy,omitempty" protobuf:"bytes,6,opt,name=insecureEdgeTerminationPolicy,casttype=InsecureEdgeTerminationPolicyType"` } diff --git a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go index 7cb17d002..eb8971bd2 100644 --- a/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/route/v1/zz_generated.swagger_doc_generated.go @@ -120,7 +120,7 @@ var map_TLSConfig = map[string]string{ "key": "key provides key file contents", "caCertificate": "caCertificate provides the cert authority certificate contents", "destinationCACertificate": "destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.", - "insecureEdgeTerminationPolicy": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80.\n\n* Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", + "insecureEdgeTerminationPolicy": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80.\n\n* Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.", } func (TLSConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/library-go/pkg/operator/render/options/generic.go b/vendor/github.com/openshift/library-go/pkg/operator/render/options/generic.go index d9ae99fe8..80124be21 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/render/options/generic.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/render/options/generic.go @@ -30,7 +30,6 @@ type GenericOptions struct { AssetInputDir string AssetOutputDir string - FeatureSet string PayloadVersion string } @@ -54,7 +53,6 @@ func (o *GenericOptions) AddFlags(fs *pflag.FlagSet, configGVK schema.GroupVersi fs.StringSliceVar(&o.AdditionalConfigOverrideFiles, "config-override-files", o.AdditionalConfigOverrideFiles, fmt.Sprintf("Additional sparse %s files for customiziation through the installer, merged into the default config in the given order.", gvkOutput{configGVK})) fs.StringVar(&o.ConfigOutputFile, "config-output-file", o.ConfigOutputFile, fmt.Sprintf("Output path for the %s yaml file.", gvkOutput{configGVK})) - fs.StringVar(&o.FeatureSet, "feature-set", o.FeatureSet, "Enables features that are not part of the default feature set.") fs.StringSliceVar(&o.RenderedManifestInputFilenames, "rendered-manifest-files", o.RenderedManifestInputFilenames, "files or directories containing yaml or json manifests that will be created via cluster-bootstrapping.") fs.StringVar(&o.PayloadVersion, "payload-version", o.PayloadVersion, "Version that will eventually be placed into ClusterOperator.status. This normally comes from the CVO set via env var: OPERATOR_IMAGE_VERSION.") @@ -97,12 +95,6 @@ func (o *GenericOptions) Validate() error { } } - switch configv1.FeatureSet(o.FeatureSet) { - case configv1.Default, configv1.TechPreviewNoUpgrade, configv1.CustomNoUpgrade, configv1.LatencySensitive: - default: - return fmt.Errorf("invalid feature-set specified: %q", o.FeatureSet) - } - return nil } @@ -197,7 +189,7 @@ func (o *GenericOptions) FeatureGateManifests() (RenderedManifests, error) { func (o *GenericOptions) FeatureSetName() (configv1.FeatureSet, error) { if len(o.RenderedManifestInputFilenames) == 0 { - return configv1.FeatureSet(o.FeatureSet), nil + return configv1.Default, nil } manifests, err := o.FeatureGateManifests() diff --git a/vendor/modules.txt b/vendor/modules.txt index 408f5e78a..c5cc3ffcb 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -198,7 +198,7 @@ github.com/modern-go/reflect2 # github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 ## explicit github.com/munnerz/goautoneg -# github.com/openshift/api v0.0.0-20230503133300-8bbcb7ca7183 +# github.com/openshift/api v0.0.0-20230509100629-894b49f57a15 ## explicit; go 1.20 github.com/openshift/api github.com/openshift/api/apiserver @@ -303,7 +303,7 @@ github.com/openshift/client-go/route/applyconfigurations/route/v1 github.com/openshift/client-go/route/clientset/versioned github.com/openshift/client-go/route/clientset/versioned/scheme github.com/openshift/client-go/route/clientset/versioned/typed/route/v1 -# github.com/openshift/library-go v0.0.0-20230503173034-95ca3c14e50a +# github.com/openshift/library-go v0.0.0-20230510144506-e749b54aff20 ## explicit; go 1.20 github.com/openshift/library-go/pkg/assets github.com/openshift/library-go/pkg/authorization/hardcodedauthorizer