diff --git a/config/openshift/base/role.yaml b/config/openshift/base/role.yaml index 4f79636159..bd5822ab79 100644 --- a/config/openshift/base/role.yaml +++ b/config/openshift/base/role.yaml @@ -401,6 +401,7 @@ rules: - config.openshift.io resources: - apiservers + - clusterversions verbs: - get - list diff --git a/docs/AirGapImageConfiguration.md b/docs/AirGapImageConfiguration.md index 841cc65e73..7140777f93 100644 --- a/docs/AirGapImageConfiguration.md +++ b/docs/AirGapImageConfiguration.md @@ -106,34 +106,34 @@ kubectl delete tektoninstallerset #### Images supported in OpenShift Supports all the images listed above in kubernetes and following are specific to OpenShift -| Component | Container/Args name | Environment Variable | -|-----------------------|-----------------------------------|-----------------------------------------------------| -| Pipeline-as-code | pac-controller | `IMAGE_PAC_PAC_CONTROLLER` | -| Pipeline-as-code | pac-webhook | `IMAGE_PAC_PAC_WEBHOOK` | -| Pipeline-as-code | pac-watcher | `IMAGE_PAC_PAC_WATCHER` | -| Console Plugin | console-plugin | `IMAGE_PIPELINES_CONSOLE_PLUGIN` | -| Results | retention-policy-agent | `IMAGE_RESULTS_RETENTION_POLICY_AGENT` | -| Addons | | `IMAGE_ADDONS_BUILD` | -| Addons | | `IMAGE_ADDONS_GENERATE` | -| Addons | | `IMAGE_ADDONS_GEN_ENV_FILE` | -| Addons | | `IMAGE_ADDONS_GIT_RUN` | -| Addons | | `IMAGE_ADDONS_KN` | -| Addons | | `IMAGE_ADDONS_LOAD_SCRIPTS` | -| Addons | | `IMAGE_ADDONS_MAVEN_GENERATE` | -| Addons | | `IMAGE_ADDONS_MAVEN_GOALS` | -| Addons | | `IMAGE_ADDONS_MVN_SETTINGS` | -| Addons | | `IMAGE_ADDONS_OC` | -| Addons | | `IMAGE_ADDONS_PARAM_BUILDER_IMAGE` | -| Addons | | `IMAGE_ADDONS_PARAM_GITINITIMAGE` | -| Addons | | `IMAGE_ADDONS_PARAM_KN_IMAGE` | -| Addons | | `IMAGE_ADDONS_PARAM_MAVEN_IMAGE` | -| Addons | | `IMAGE_ADDONS_PARAM_TKN_IMAGE` | -| Addons | | `IMAGE_ADDONS_PREPARE` | -| Addons | | `IMAGE_ADDONS_REPORT` | -| Addons | | `IMAGE_ADDONS_S2I_BUILD` | -| Addons | | `IMAGE_ADDONS_S2I_GENERATE` | -| Addons | | `IMAGE_ADDONS_SKOPEO_COPY` | -| Addons | | `IMAGE_ADDONS_SKOPEO_RESULTS` | -| Addons | | `IMAGE_ADDONS_TKN` | -| Addons | | `IMAGE_ADDONS_TKN_CLI_SERVE` | -| Addons | | `IMAGE_ADDONS_TKN_CLI_SERVE_INIT_CONFIG` | +| Component | Container/Args name | Environment Variable | +|-----------------------|-----------------------------------|---------------------------------------------------------------------------| +| Pipeline-as-code | pac-controller | `IMAGE_PAC_PAC_CONTROLLER` | +| Pipeline-as-code | pac-webhook | `IMAGE_PAC_PAC_WEBHOOK` | +| Pipeline-as-code | pac-watcher | `IMAGE_PAC_PAC_WATCHER` | +| Console Plugin | console-plugin | `IMAGE_PIPELINES_CONSOLE_PLUGIN`, `IMAGE_PIPELINES_CONSOLE_PLUGIN_LEGACY` | +| Results | retention-policy-agent | `IMAGE_RESULTS_RETENTION_POLICY_AGENT` | +| Addons | | `IMAGE_ADDONS_BUILD` | +| Addons | | `IMAGE_ADDONS_GENERATE` | +| Addons | | `IMAGE_ADDONS_GEN_ENV_FILE` | +| Addons | | `IMAGE_ADDONS_GIT_RUN` | +| Addons | | `IMAGE_ADDONS_KN` | +| Addons | | `IMAGE_ADDONS_LOAD_SCRIPTS` | +| Addons | | `IMAGE_ADDONS_MAVEN_GENERATE` | +| Addons | | `IMAGE_ADDONS_MAVEN_GOALS` | +| Addons | | `IMAGE_ADDONS_MVN_SETTINGS` | +| Addons | | `IMAGE_ADDONS_OC` | +| Addons | | `IMAGE_ADDONS_PARAM_BUILDER_IMAGE` | +| Addons | | `IMAGE_ADDONS_PARAM_GITINITIMAGE` | +| Addons | | `IMAGE_ADDONS_PARAM_KN_IMAGE` | +| Addons | | `IMAGE_ADDONS_PARAM_MAVEN_IMAGE` | +| Addons | | `IMAGE_ADDONS_PARAM_TKN_IMAGE` | +| Addons | | `IMAGE_ADDONS_PREPARE` | +| Addons | | `IMAGE_ADDONS_REPORT` | +| Addons | | `IMAGE_ADDONS_S2I_BUILD` | +| Addons | | `IMAGE_ADDONS_S2I_GENERATE` | +| Addons | | `IMAGE_ADDONS_SKOPEO_COPY` | +| Addons | | `IMAGE_ADDONS_SKOPEO_RESULTS` | +| Addons | | `IMAGE_ADDONS_TKN` | +| Addons | | `IMAGE_ADDONS_TKN_CLI_SERVE` | +| Addons | | `IMAGE_ADDONS_TKN_CLI_SERVE_INIT_CONFIG` | diff --git a/go.mod b/go.mod index ae9b692f41..f21ea31481 100644 --- a/go.mod +++ b/go.mod @@ -13,9 +13,9 @@ require ( github.com/manifestival/manifestival v0.7.2 github.com/markbates/inflect v1.0.4 github.com/openshift-pipelines/pipelines-as-code v0.43.0 - github.com/openshift/api v0.0.0-20260306002634-d3bbdada155c + github.com/openshift/api v0.0.0-20260429122012-1180c0f5c3e9 github.com/openshift/apiserver-library-go v0.0.0-20260303173613-cd3676268d31 - github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d + github.com/openshift/client-go v0.0.0-20260429123927-c81f86abfa6a github.com/openshift/library-go v0.0.0-20260303171201-5d9eb6295ff6 github.com/sigstore/cosign/v2 v2.6.3 github.com/spf13/cobra v1.10.2 diff --git a/go.sum b/go.sum index c1a2ff5f1a..c952f1cb0f 100644 --- a/go.sum +++ b/go.sum @@ -1032,12 +1032,12 @@ github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJw github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M= github.com/openshift-pipelines/pipelines-as-code v0.43.0 h1:xbwfViXC5H5Gjp/MCNDq4ugfQCE+eLiLpwq63zfRAm0= github.com/openshift-pipelines/pipelines-as-code v0.43.0/go.mod h1:mUmrLuQtdzWXcj+EeVJZv+RjkOkWwNDEEldc03spTn8= -github.com/openshift/api v0.0.0-20260306002634-d3bbdada155c h1:YQYiDzOLJzwQunxCaa5OpyNyMLPz4HJ2CLaKqUQOQjQ= -github.com/openshift/api v0.0.0-20260306002634-d3bbdada155c/go.mod h1:pyVjK0nZ4sRs4fuQVQ4rubsJdahI1PB94LnQ8sGdvxo= +github.com/openshift/api v0.0.0-20260429122012-1180c0f5c3e9 h1:lZw6pYY7El1giNk1lYvkp6hLungiqwIOqLlH+Hm7w9g= +github.com/openshift/api v0.0.0-20260429122012-1180c0f5c3e9/go.mod h1:pyVjK0nZ4sRs4fuQVQ4rubsJdahI1PB94LnQ8sGdvxo= github.com/openshift/apiserver-library-go v0.0.0-20260303173613-cd3676268d31 h1:oYPQMrkzyk002L5aN8I2tkUHTEu9lsVrc1qiJmHJdXU= github.com/openshift/apiserver-library-go v0.0.0-20260303173613-cd3676268d31/go.mod h1:mnTsMMTtXSPBQzqBp5HXBjLvliveKenRADFQy9m5jc0= -github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d h1:T+9HFgEEcnu1TDDfsO5JcJC6N0/Kzob5AtG9IpITHJ8= -github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d/go.mod h1:tIA3XSb/WsC/Fg0YNRfs/JrMrloBKPGF+NKVutd7nMI= +github.com/openshift/client-go v0.0.0-20260429123927-c81f86abfa6a h1:4GR6seHvlfv0rADe+LCQx63FqSExx6gaSo8uNiyWq+c= +github.com/openshift/client-go v0.0.0-20260429123927-c81f86abfa6a/go.mod h1:Lm7X7aYbAaKhGsNhgYaowP7hiLKwfN/w0r+Q6VlQoI8= github.com/openshift/library-go v0.0.0-20260303171201-5d9eb6295ff6 h1:xjqy0OolrFdJ+ofI/aD0+2k9+MSk5anP5dXifFt539Q= github.com/openshift/library-go v0.0.0-20260303171201-5d9eb6295ff6/go.mod h1:D797O/ssKTNglbrGchjIguFq+DbyRYdeds5w4/VTrKM= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= diff --git a/operatorhub/openshift/config.yaml b/operatorhub/openshift/config.yaml index b49058050b..8561103c76 100644 --- a/operatorhub/openshift/config.yaml +++ b/operatorhub/openshift/config.yaml @@ -333,6 +333,14 @@ image-substitutions: envKeys: - IMAGE_PIPELINES_CONSOLE_PLUGIN +- image: registry.redhat.io/openshift-pipelines/pipelines-console-plugin-pf5-rhel9@ + replaceLocations: + envTargets: + - deploymentName: openshift-pipelines-operator + containerName: openshift-pipelines-operator-lifecycle + envKeys: + - IMAGE_PIPELINES_CONSOLE_PLUGIN_LEGACY + # add third party images which are not replaced by operator # but pulled directly by tasks here defaultRelatedImages: [] diff --git a/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml b/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml index 36e69afdfa..cfa3a2df00 100644 --- a/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml +++ b/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml @@ -973,6 +973,8 @@ spec: value: registry.redhat.io/ubi9/openjdk-17@sha256:d334d3c36867a1eef7daa598af10b5f620394ca0234b12e71b8b7e99bda9224e - name: IMAGE_PIPELINES_CONSOLE_PLUGIN value: registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel9@ + - name: IMAGE_PIPELINES_CONSOLE_PLUGIN_LEGACY + value: registry.redhat.io/openshift-pipelines/pipelines-console-plugin-pf5-rhel9@ - name: IMAGE_ADDONS_PREPARE_AND_RUN value: registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel9@ - image: registry.redhat.io/openshift-pipelines/pipelines-scheduler-rhel9@" @@ -1230,6 +1232,8 @@ spec: name: IMAGE_ADDONS_MAVEN_GOALS - image: registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel9@ name: IMAGE_PIPELINES_CONSOLE_PLUGIN + - image: registry.redhat.io/openshift-pipelines/pipelines-console-plugin-pf5-rhel9@ + name: IMAGE_PIPELINES_CONSOLE_PLUGIN_LEGACY - image: registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel9@ name: IMAGE_ADDONS_PREPARE_AND_RUN replaces: 1.7.0 diff --git a/pkg/reconciler/openshift/common/common_utils.go b/pkg/reconciler/openshift/common/common_utils.go new file mode 100644 index 0000000000..ab6a3198ca --- /dev/null +++ b/pkg/reconciler/openshift/common/common_utils.go @@ -0,0 +1,49 @@ +/* +Copyright 2026 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package common + +import ( + "context" + "fmt" + + "github.com/Masterminds/semver" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func GetOCPVersion(ctx context.Context) (*semver.Version, error) { + + if sharedConfigClient == nil { + return nil, fmt.Errorf("openshift Client is not initialized yet") + } + + // Fetch the ClusterVersion object (always named "version") + cv, err := sharedConfigClient.ConfigV1().ClusterVersions().Get(ctx, "version", metav1.GetOptions{}) + if err != nil { + // If running on standard Kubernetes, this will return an IsNotFound error. + // Handle gracefully if your operator supports both vanilla K8s and OCP. + return nil, err + } + versionStr := cv.Status.Desired.Version + if versionStr == "" { + return nil, fmt.Errorf("empty OpenShift version in ClusterVersion status") + } + + v, err := semver.NewVersion(versionStr) + if err != nil { + return nil, fmt.Errorf("failed to parse OpenShift version %q: %w", versionStr, err) + } + return v, nil +} diff --git a/pkg/reconciler/openshift/common/common_utils_test.go b/pkg/reconciler/openshift/common/common_utils_test.go new file mode 100644 index 0000000000..494bcf57a3 --- /dev/null +++ b/pkg/reconciler/openshift/common/common_utils_test.go @@ -0,0 +1,44 @@ +/* +Copyright 2026 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package common + +import ( + "testing" + + configv1 "github.com/openshift/api/config/v1" + "github.com/openshift/client-go/config/clientset/versioned/fake" + "gotest.tools/v3/assert" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func Test_GetOCPVersion(t *testing.T) { + cv := &configv1.ClusterVersion{ + ObjectMeta: metav1.ObjectMeta{ + Name: "version", + }, + Status: configv1.ClusterVersionStatus{ + Desired: configv1.Release{ + Version: "v4.21.1", + }, + }, + } + sharedConfigClient = fake.NewClientset(cv) + ocpVersion, err := GetOCPVersion(t.Context()) + if err != nil { + t.Error(err) + } + assert.Equal(t, ocpVersion.String(), "4.21.1") +} diff --git a/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler.go b/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler.go index 8cfe294677..c676d35157 100644 --- a/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler.go +++ b/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler.go @@ -25,10 +25,10 @@ import ( "github.com/go-logr/zapr" mf "github.com/manifestival/manifestival" - "github.com/tektoncd/operator/pkg/apis/operator/v1alpha1" "github.com/tektoncd/operator/pkg/client/clientset/versioned" "github.com/tektoncd/operator/pkg/reconciler/common" + occommon "github.com/tektoncd/operator/pkg/reconciler/openshift/common" "github.com/tektoncd/operator/pkg/reconciler/shared/hash" "go.uber.org/zap" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -41,7 +41,8 @@ const ( // installerSet label value consolePluginReconcileLabelCreatedByValue = "tekton-config-console-plugin-manifests" // pipelines console plugin environment variable key - PipelinesConsolePluginImageEnvironmentKey = "IMAGE_PIPELINES_CONSOLE_PLUGIN" + PipelinesConsolePluginImageEnvironmentKey = "IMAGE_PIPELINES_CONSOLE_PLUGIN" + PipelinesConsolePluginImageEnvironmentKeyLegacy = "IMAGE_PIPELINES_CONSOLE_PLUGIN_LEGACY" // pipelines console plugin container name, used to replace the image from the environment PipelinesConsolePluginContainerName = "pipelines-console-plugin" ) @@ -157,16 +158,31 @@ func (cpr *consolePluginReconciler) updateOnce(ctx context.Context) { cpr.manifest = manifest // update pipelines console image details - consoleImage, found := os.LookupEnv(PipelinesConsolePluginImageEnvironmentKey) + + // Below logic is to pick Console Plugin Image based on the OCP Version. + // OCP versions older than 4.22 uses the legacy Console Plugin. + var envKey string + ocpVersion, err := occommon.GetOCPVersion(ctx) + if err != nil { + cpr.logger.Errorf("error getting OCP version: %q", err) + } + if ocpVersion.Major() == 4 && ocpVersion.Minor() < 22 { + cpr.logger.Infof("Using Legacy Console Plugin on OCP : %v", ocpVersion) + envKey = PipelinesConsolePluginImageEnvironmentKeyLegacy + } else { + envKey = PipelinesConsolePluginImageEnvironmentKey + } + + consoleImage, found := os.LookupEnv(envKey) if found { cpr.pipelinesConsolePluginImage = consoleImage - cpr.logger.Debugw("pipelines console plugin image found from environment", + cpr.logger.Infow("pipelines console plugin image found from environment", "image", consoleImage, - "environmentVariable", PipelinesConsolePluginImageEnvironmentKey, + "environmentVariable", envKey, ) } else { cpr.logger.Warnw("pipelines console plugin image not found from environment, continuing with the default image from the manifest", - "environmentVariable", PipelinesConsolePluginImageEnvironmentKey, + "environmentVariable", envKey, ) } }) diff --git a/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler_test.go b/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler_test.go index 0318dbc482..c1e7a7ca64 100644 --- a/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler_test.go +++ b/pkg/reconciler/openshift/tektonconfig/console_plugin_reconciler_test.go @@ -22,10 +22,13 @@ import ( "sync" "testing" + configv1 "github.com/openshift/api/config/v1" + ocpfake "github.com/openshift/client-go/config/clientset/versioned/fake" "github.com/stretchr/testify/require" "github.com/tektoncd/operator/pkg/apis/operator/v1alpha1" "github.com/tektoncd/operator/pkg/client/clientset/versioned/fake" "github.com/tektoncd/operator/pkg/reconciler/common" + occommon "github.com/tektoncd/operator/pkg/reconciler/openshift/common" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -51,13 +54,19 @@ func generateNameReactor(action k8sTesting.Action) (bool, apimachineryRuntime.Ob func TestPostReconcileManifest(t *testing.T) { defaultConsolePluginImage := "ghcr.io/openshift-pipelines/console-plugin:main" + defaultConsolePluginLegacyImage := "ghcr.io/openshift-pipelines/console-plugin-pf5:main" + defaultOCPVersion := "4.22.0" + t.Setenv("IMAGE_PIPELINES_CONSOLE_PLUGIN_LEGACY", defaultConsolePluginLegacyImage) tests := []struct { - name string - consolePluginImage string - operatorVersion string - targetNamespace string - tcConfig *v1alpha1.Config + name string + consolePluginImage string + consolePluginLegacyImage string + operatorVersion string + targetNamespace string + tcConfig *v1alpha1.Config + ocpVersion string + expectedConsolePluginImage string }{ { name: "test-without-console-plugin-image", @@ -65,16 +74,36 @@ func TestPostReconcileManifest(t *testing.T) { targetNamespace: "foo", }, { - name: "test-with-console-plugin-image", - consolePluginImage: "custom-image:tag1", - operatorVersion: "0.70.0", - targetNamespace: "bar", + name: "test-with-legacy-console-plugin-image", + operatorVersion: "1.14.0", + targetNamespace: "foo", + consolePluginImage: defaultConsolePluginImage, + consolePluginLegacyImage: defaultConsolePluginLegacyImage, + ocpVersion: "4.21.0", + expectedConsolePluginImage: defaultConsolePluginLegacyImage, }, { - name: "test-with-tc-config", - consolePluginImage: "custom-image:tag1", - operatorVersion: "0.70.0", - targetNamespace: "bar", + name: "test-with-new-console-plugin-image", + operatorVersion: "1.14.0", + targetNamespace: "foo", + consolePluginImage: defaultConsolePluginImage, + consolePluginLegacyImage: defaultConsolePluginLegacyImage, + ocpVersion: "4.22.0", + expectedConsolePluginImage: defaultConsolePluginImage, + }, + { + name: "test-with-console-plugin-image", + consolePluginImage: "custom-image:tag1", + operatorVersion: "0.70.0", + targetNamespace: "bar", + expectedConsolePluginImage: "custom-image:tag1", + }, + { + name: "test-with-tc-config", + consolePluginImage: "custom-image:tag1", + operatorVersion: "0.70.0", + targetNamespace: "bar", + expectedConsolePluginImage: "custom-image:tag1", tcConfig: &v1alpha1.Config{ NodeSelector: map[string]string{ "node-role.kubernetes.io/infra": "", @@ -145,6 +174,22 @@ func TestPostReconcileManifest(t *testing.T) { } } } + // Mock CV + if test.ocpVersion == "" { + test.ocpVersion = defaultOCPVersion + } + mockCV := &configv1.ClusterVersion{ + ObjectMeta: metav1.ObjectMeta{Name: "version"}, + Status: configv1.ClusterVersionStatus{ + Desired: configv1.Release{ + Version: test.ocpVersion, + }, + }, + } + + // Openshift Client + openshiftFakeClientSet := ocpfake.NewClientset(mockCV) + occommon.SetSharedAPIServerLister(nil, openshiftFakeClientSet) // reconciler reference postReconcile := &consolePluginReconciler{ @@ -175,9 +220,10 @@ func TestPostReconcileManifest(t *testing.T) { // console plugin image consolePluginImage := defaultConsolePluginImage // update image env variable - if test.consolePluginImage != "" { - t.Setenv("IMAGE_PIPELINES_CONSOLE_PLUGIN", test.consolePluginImage) - consolePluginImage = test.consolePluginImage + if test.consolePluginImage != "" || test.consolePluginLegacyImage != "" { + t.Setenv(PipelinesConsolePluginImageEnvironmentKey, test.consolePluginImage) + t.Setenv(PipelinesConsolePluginImageEnvironmentKeyLegacy, test.consolePluginLegacyImage) + consolePluginImage = test.expectedConsolePluginImage } // TEST: image name err := postReconcile.reconcile(ctx, tektonConfigCR) // perform reconcile diff --git a/vendor/github.com/openshift/api/.coderabbit.yaml b/vendor/github.com/openshift/api/.coderabbit.yaml index a3ee2d122e..4f015d3cb0 100644 --- a/vendor/github.com/openshift/api/.coderabbit.yaml +++ b/vendor/github.com/openshift/api/.coderabbit.yaml @@ -1,3 +1,4 @@ +inheritance: true language: en-US reviews: profile: chill diff --git a/vendor/github.com/openshift/api/.golangci.yaml b/vendor/github.com/openshift/api/.golangci.yaml index 608fb0ed2e..53c9b4009e 100644 --- a/vendor/github.com/openshift/api/.golangci.yaml +++ b/vendor/github.com/openshift/api/.golangci.yaml @@ -111,6 +111,12 @@ linters: # Silence norefs lint for `Ref` field in ClusterAPI as it refers to an OCI image reference, not a kube object reference. path: operator/v1alpha1/types_clusterapi.go text: "noreferences: naming convention \"no-references\": field ClusterAPIInstallerComponentImage.Ref: field names should not contain reference-related words" + - linters: + - kubeapilinter + # PacemakerCluster intentionally marks Conditions as required with XValidation rules + # to enforce specific condition types are always present. + path: etcd/v1/types_pacemakercluster.go + text: "conditions: Conditions field in (PacemakerClusterStatus|PacemakerClusterNodeStatus|PacemakerClusterFencingAgentStatus|PacemakerClusterResourceStatus) is missing the following markers: optional" - linters: - kubeapilinter path: features|payload-command/*.go diff --git a/vendor/github.com/openshift/api/Makefile b/vendor/github.com/openshift/api/Makefile index 9b32b58e43..ac20137fad 100644 --- a/vendor/github.com/openshift/api/Makefile +++ b/vendor/github.com/openshift/api/Makefile @@ -4,7 +4,7 @@ all: build update: update-non-codegen update-codegen RUNTIME ?= podman -RUNTIME_IMAGE_NAME ?= registry.ci.openshift.org/openshift/release:rhel-9-release-golang-1.24-openshift-4.20 +RUNTIME_IMAGE_NAME ?= registry.ci.openshift.org/openshift/release:rhel-9-release-golang-1.25-openshift-4.22 EXCLUDE_DIRS := _output/ dependencymagnet/ hack/ third_party/ tls/ tools/ vendor/ tests/ GO_PACKAGES :=$(addsuffix ...,$(addprefix ./,$(filter-out $(EXCLUDE_DIRS), $(wildcard */)))) diff --git a/vendor/github.com/openshift/api/config/v1/types.go b/vendor/github.com/openshift/api/config/v1/types.go index 3e17ca0ccb..e7106ef7ab 100644 --- a/vendor/github.com/openshift/api/config/v1/types.go +++ b/vendor/github.com/openshift/api/config/v1/types.go @@ -284,7 +284,12 @@ type ClientConnectionOverrides struct { } // GenericControllerConfig provides information to configure a controller +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 type GenericControllerConfig struct { + metav1.TypeMeta `json:",inline"` + // servingInfo is the HTTP serving information for the controller's endpoints ServingInfo HTTPServingInfo `json:"servingInfo"` diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go index 31d8881858..b92a04ed06 100644 --- a/vendor/github.com/openshift/api/config/v1/types_apiserver.go +++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go @@ -34,6 +34,7 @@ type APIServer struct { Status APIServerStatus `json:"status"` } +// +openshift:validation:FeatureGateAwareXValidation:featureGate=TLSAdherence,rule="has(oldSelf.tlsAdherence) ? has(self.tlsAdherence) : true",message="tlsAdherence may not be removed once set" type APIServerSpec struct { // servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates // will be used for serving secure traffic. @@ -62,6 +63,39 @@ type APIServerSpec struct { // The current default is the Intermediate profile. // +optional TLSSecurityProfile *TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + // +openshift:enable:FeatureGate=TLSAdherence + // +optional + TLSAdherence TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. // +optional @@ -175,7 +209,6 @@ type APIServerNamedServingCert struct { } // APIServerEncryption is used to encrypt sensitive resources on the cluster. -// +openshift:validation:FeatureGateAwareXValidation:featureGate=KMSEncryptionProvider,rule="has(self.type) && self.type == 'KMS' ? has(self.kms) : !has(self.kms)",message="kms config is required when encryption type is KMS, and forbidden otherwise" // +union type APIServerEncryption struct { // type defines what encryption type should be used to encrypt resources at the datastore layer. @@ -204,14 +237,13 @@ type APIServerEncryption struct { // managing the lifecyle of the encryption keys outside of the control plane. // This allows integration with an external provider to manage the data encryption keys securely. // - // +openshift:enable:FeatureGate=KMSEncryptionProvider + // +openshift:enable:FeatureGate=KMSEncryption // +unionMember // +optional KMS *KMSConfig `json:"kms,omitempty"` } // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum="";identity;aescbc;aesgcm -// +openshift:validation:FeatureGateAwareEnum:featureGate=KMSEncryptionProvider,enum="";identity;aescbc;aesgcm;KMS // +openshift:validation:FeatureGateAwareEnum:featureGate=KMSEncryption,enum="";identity;aescbc;aesgcm;KMS type EncryptionType string @@ -237,6 +269,35 @@ const ( type APIServerStatus struct { } +// TLSAdherencePolicy defines which components adhere to the TLS security profile. +// Implementors should use the ShouldHonorClusterTLSProfile helper function from library-go +// rather than checking these values directly. +// +kubebuilder:validation:Enum=LegacyAdheringComponentsOnly;StrictAllComponents +type TLSAdherencePolicy string + +const ( + // TLSAdherencePolicyNoOpinion represents an empty/unset value for tlsAdherence. + // This value cannot be explicitly set and is only present when the field is omitted. + // When the field is omitted, the cluster defaults to LegacyAdheringComponentsOnly + // behavior. Components should treat this the same as LegacyAdheringComponentsOnly. + TLSAdherencePolicyNoOpinion TLSAdherencePolicy = "" + + // TLSAdherencePolicyLegacyAdheringComponentsOnly maintains backward-compatible behavior. + // Components that already honor the cluster-wide TLS profile (such as kube-apiserver, + // openshift-apiserver, oauth-apiserver, and others) continue to do so. Components that do + // not already honor it continue to use their individual TLS configurations (e.g., + // IngressController.spec.tlsSecurityProfile, KubeletConfig.spec.tlsSecurityProfile, + // or component defaults). No additional components are required to start honoring the + // cluster-wide profile in this mode. + TLSAdherencePolicyLegacyAdheringComponentsOnly TLSAdherencePolicy = "LegacyAdheringComponentsOnly" + + // TLSAdherencePolicyStrictAllComponents means all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides it. + // This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + TLSAdherencePolicyStrictAllComponents TLSAdherencePolicy = "StrictAllComponents" +) + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). diff --git a/vendor/github.com/openshift/api/config/v1/types_authentication.go b/vendor/github.com/openshift/api/config/v1/types_authentication.go index 64d0f399b0..1a036bbb67 100644 --- a/vendor/github.com/openshift/api/config/v1/types_authentication.go +++ b/vendor/github.com/openshift/api/config/v1/types_authentication.go @@ -618,6 +618,7 @@ type OIDCClientReference struct { // +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDC,rule="has(self.claim)",message="claim is required" // +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUIDAndExtraClaimMappings,rule="has(self.claim)",message="claim is required" // +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.claim) ? !has(self.expression) : has(self.expression)",message="precisely one of claim or expression must be set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? !has(self.prefixPolicy) || self.prefixPolicy != 'Prefix' : true",message="prefixPolicy must not be set to 'Prefix' when expression is set" type UsernameClaimMapping struct { // claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. // claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. @@ -650,11 +651,9 @@ type UsernameClaimMapping struct { // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // @@ -684,7 +683,7 @@ type UsernameClaimMapping struct { // +enum type UsernamePrefixPolicy string -var ( +const ( // NoOpinion let's the cluster assign prefixes. If the username claim is email, there is no prefix // If the username claim is anything else, it is prefixed by the issuerURL NoOpinion UsernamePrefixPolicy = "" @@ -710,12 +709,14 @@ type UsernamePrefix struct { // PrefixedClaimMapping configures a claim mapping // that allows for an optional prefix. +// +openshift:validation:FeatureGateAwareXValidation:featureGate=ExternalOIDCWithUpstreamParity,rule="has(self.expression) && size(self.expression) > 0 ? (!has(self.prefix) || size(self.prefix) == 0) : true",message="prefix must not be set to a non-empty value when expression is set" type PrefixedClaimMapping struct { TokenClaimMapping `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". // @@ -734,10 +735,10 @@ type TokenValidationRuleType string const ( // TokenValidationRuleTypeRequiredClaim indicates that the token must contain a specific claim. // Used as a value for TokenValidationRuleType. - TokenValidationRuleTypeRequiredClaim = "RequiredClaim" + TokenValidationRuleTypeRequiredClaim TokenValidationRuleType = "RequiredClaim" // TokenValidationRuleTypeCEL indicates that the token validation is defined via a CEL expression. // Used as a value for TokenValidationRuleType. - TokenValidationRuleTypeCEL = "CEL" + TokenValidationRuleTypeCEL TokenValidationRuleType = "CEL" ) // TokenClaimValidationRule represents a validation rule based on token claims. diff --git a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go index 5f36f693de..f8d45114a8 100644 --- a/vendor/github.com/openshift/api/config/v1/types_cluster_version.go +++ b/vendor/github.com/openshift/api/config/v1/types_cluster_version.go @@ -283,6 +283,16 @@ type UpdateHistory struct { // ClusterID is string RFC4122 uuid. type ClusterID string +// UpdateMode defines how an update should be processed. +// +enum +// +kubebuilder:validation:Enum=Preflight +type UpdateMode string + +const ( + // UpdateModePreflight allows an update to be checked for compatibility without committing to updating the cluster. + UpdateModePreflight UpdateMode = "Preflight" +) + // ClusterVersionArchitecture enumerates valid cluster architectures. // +kubebuilder:validation:Enum="Multi";"" type ClusterVersionArchitecture string @@ -760,6 +770,22 @@ type Update struct { // +listMapKey=name // +optional AcceptRisks []AcceptRisk `json:"acceptRisks,omitempty"` + + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + // +openshift:enable:FeatureGate=ClusterUpdatePreflight + // +optional + Mode UpdateMode `json:"mode,omitempty"` } // AcceptRisk represents a risk that is considered acceptable. diff --git a/vendor/github.com/openshift/api/config/v1/types_dns.go b/vendor/github.com/openshift/api/config/v1/types_dns.go index 06eb75ccf7..efbdc3ae54 100644 --- a/vendor/github.com/openshift/api/config/v1/types_dns.go +++ b/vendor/github.com/openshift/api/config/v1/types_dns.go @@ -134,7 +134,14 @@ type AWSDNSSpec struct { // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing // operations on the cluster's private hosted zone specified in the cluster DNS config. // When left empty, no role should be assumed. - // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role\/.*$` + // + // The ARN must follow the format: arn::iam:::role/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), + // is a 12-digit numeric identifier for the AWS account, + // is the IAM role name. + // + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov):iam::[0-9]{12}:role/.*$')`,message=`privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/` + // +openshift:validation:FeatureGateAwareXValidation:featureGate=AWSEuropeanSovereignCloudInstall,rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-eusc):iam::[0-9]{12}:role/.*$')`,message=`privateZoneIAMRole must be a valid AWS IAM role ARN in the format: arn::iam:::role/` // +optional PrivateZoneIAMRole string `json:"privateZoneIAMRole"` } diff --git a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go index 369ba1e7a0..c579be3a11 100644 --- a/vendor/github.com/openshift/api/config/v1/types_infrastructure.go +++ b/vendor/github.com/openshift/api/config/v1/types_infrastructure.go @@ -102,11 +102,11 @@ type InfrastructureStatus struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. // +kubebuilder:default=HighlyAvailable - // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=HighlyAvailableArbiter,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External - // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;SingleReplica;DualReplica;External - // +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=HighlyAvailableArbiter;DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;External + // +openshift:validation:FeatureGateAwareEnum:featureGate=DualReplica,enum=HighlyAvailable;HighlyAvailableArbiter;SingleReplica;DualReplica;External // +optional ControlPlaneTopology TopologyMode `json:"controlPlaneTopology"` @@ -787,7 +787,6 @@ type GCPPlatformStatus struct { // // +default={"dnsType": "PlatformDefault"} // +kubebuilder:default={"dnsType": "PlatformDefault"} - // +openshift:enable:FeatureGate=GCPClusterHostedDNSInstall // +optional // +nullable CloudLoadBalancerConfig *CloudLoadBalancerConfig `json:"cloudLoadBalancerConfig,omitempty"` diff --git a/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go b/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go index 3293204fa4..7ab8f782bb 100644 --- a/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go +++ b/vendor/github.com/openshift/api/config/v1/types_kmsencryption.go @@ -1,55 +1,265 @@ package v1 // KMSConfig defines the configuration for the KMS instance -// that will be used with KMSEncryptionProvider encryption -// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'AWS' ? has(self.aws) : !has(self.aws)",message="aws config is required when kms provider type is AWS, and forbidden otherwise" +// that will be used with KMS encryption +// +kubebuilder:validation:XValidation:rule="self.type == 'Vault' ? has(self.vault) : !has(self.vault)",message="vault config is required when kms provider type is Vault, and forbidden otherwise" // +union type KMSConfig struct { // type defines the kind of platform for the KMS provider. - // Available provider types are AWS only. + // Allowed values are Vault. + // When set to Vault, the plugin connects to a HashiCorp Vault server for key management. // // +unionDiscriminator // +required Type KMSProviderType `json:"type"` - // aws defines the key config for using an AWS KMS instance - // for the encryption. The AWS KMS instance is managed + // vault defines the configuration for the Vault KMS plugin. + // The plugin connects to a Vault Enterprise server that is managed // by the user outside the purview of the control plane. + // This field must be set when type is Vault, and must be unset otherwise. // // +unionMember // +optional - AWS *AWSKMSConfig `json:"aws,omitempty"` + Vault VaultKMSConfig `json:"vault,omitempty,omitzero"` + + // --- TOMBSTONE --- + // aws was a field that allowed configuring AWS KMS. + // It was never implemented and has been removed. + // The field name is reserved to prevent reuse. + // + // +optional + // AWS *AWSKMSConfig `json:"aws,omitempty"` } -// AWSKMSConfig defines the KMS config specific to AWS KMS provider -type AWSKMSConfig struct { - // keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. - // The value must adhere to the format `arn:aws:kms:::key/`, where: - // - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - // - `` is a 12-digit numeric identifier for the AWS account. - // - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens. +// --- TOMBSTONE --- +// AWSKMSConfig was a type for AWS KMS configuration that was never implemented. +// The type name is reserved to prevent reuse. +// +// type AWSKMSConfig struct { +// KeyARN string `json:"keyARN"` +// Region string `json:"region"` +// } + +// KMSProviderType is a specific supported KMS provider +// +kubebuilder:validation:Enum=Vault +type KMSProviderType string + +const ( + // VaultKMSProvider represents a supported KMS provider for use with HashiCorp Vault + VaultKMSProvider KMSProviderType = "Vault" + + // --- TOMBSTONE --- + // AWSKMSProvider was a constant for AWS KMS support that was never implemented. + // The constant name is reserved to prevent reuse. + // + // AWSKMSProvider KMSProviderType = "AWS" +) + +// VaultSecretReference references a secret in the openshift-config namespace. +type VaultSecretReference struct { + // name is the metadata.name of the referenced secret in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. // - // +kubebuilder:validation:MaxLength=128 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="self.matches('^arn:aws:kms:[a-z0-9-]+:[0-9]{12}:key/[a-f0-9-]+$')",message="keyARN must follow the format `arn:aws:kms:::key/`. The account ID must be a 12 digit number and the region and key ID should consist only of lowercase hexadecimal characters and hyphens (-)." + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must be a valid DNS subdomain name: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" // +required - KeyARN string `json:"keyARN"` - // region specifies the AWS region where the KMS instance exists, and follows the format - // `--`, e.g.: `us-east-1`. - // Only lowercase letters and hyphens followed by numbers are allowed. + Name string `json:"name,omitempty"` +} + +// VaultConfigMapReference references a ConfigMap in the openshift-config namespace. +type VaultConfigMapReference struct { + // name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. // - // +kubebuilder:validation:MaxLength=64 // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="self.matches('^[a-z0-9]+(-[a-z0-9]+)*$')",message="region must be a valid AWS region, consisting of lowercase characters, digits and hyphens (-) only." + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="name must be a valid DNS subdomain name: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" // +required - Region string `json:"region"` + Name string `json:"name,omitempty"` } -// KMSProviderType is a specific supported KMS provider -// +kubebuilder:validation:Enum=AWS -type KMSProviderType string +// VaultAuthentication defines the authentication method used to authenticate with Vault. +// +kubebuilder:validation:XValidation:rule="self.type == 'AppRole' ? has(self.appRole) : !has(self.appRole)",message="appRole config is required when authentication type is AppRole, and forbidden otherwise" +// +union +type VaultAuthentication struct { + // type defines the authentication method used to authenticate with Vault. + // Allowed values are AppRole. + // When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault. + // + // +unionDiscriminator + // +required + Type VaultAuthenticationType `json:"type,omitempty"` + + // appRole defines the configuration for AppRole authentication. + // This field must be set when type is AppRole, and must be unset otherwise. + // + // +unionMember + // +optional + AppRole VaultAppRoleAuthentication `json:"appRole,omitzero"` +} + +// VaultAuthenticationType defines the authentication method type for Vault. +// +kubebuilder:validation:Enum=AppRole +type VaultAuthenticationType string const ( - // AWSKMSProvider represents a supported KMS provider for use with AWS KMS - AWSKMSProvider KMSProviderType = "AWS" + // VaultAuthenticationTypeAppRole represents AppRole authentication method. + VaultAuthenticationTypeAppRole VaultAuthenticationType = "AppRole" ) + +// VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault. +type VaultAppRoleAuthentication struct { + // secret references a secret in the openshift-config namespace containing + // the AppRole credentials used to authenticate with Vault. + // The secret must contain two keys: "roleID" for the AppRole Role ID and "secretID" for the AppRole Secret ID. + // + // The namespace for the secret is openshift-config. + // + // +required + Secret VaultSecretReference `json:"secret,omitzero"` +} + +// VaultKMSConfig defines the KMS plugin configuration specific to Vault KMS +type VaultKMSConfig struct { + // kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin. + // + // The image must be a fully qualified OCI image pull spec with a SHA256 digest. + // The format is: host[:port][/namespace]/name@sha256: + // where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The total length must be between 75 and 447 characters. + // + // Short names (e.g., "vault-plugin" or "hashicorp/vault-plugin") are not allowed. + // The registry hostname must be included and must contain at least one dot. + // Image tags (e.g., ":latest", ":v1.0.0") are not allowed. + // + // Consult the OpenShift documentation for compatible plugin versions with your cluster version, + // then obtain the image digest for that version from HashiCorp's container registry. + // + // For disconnected environments, mirror the plugin image to an accessible registry + // and reference the mirrored location with its digest. + // + // +kubebuilder:validation:MinLength=75 + // +kubebuilder:validation:MaxLength=447 + // +kubebuilder:validation:XValidation:rule=`(self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$'))`,message="the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long" + // +kubebuilder:validation:XValidation:rule=`(self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?(/[a-zA-Z0-9-_.]+)+$'))`,message="the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme. Short names are not allowed, the registry hostname must be included." + // +required + KMSPluginImage string `json:"kmsPluginImage,omitempty"` + + // vaultAddress specifies the address of the HashiCorp Vault instance. + // The value must be a valid HTTPS URL containing only scheme, host, and optional port. + // Paths, user info, query parameters, and fragments are not allowed. + // + // Format: https://hostname[:port] + // Example: https://vault.example.com:8200 + // + // The value must be between 1 and 512 characters. + // + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getScheme() == 'https'",message="must use the 'https' scheme" + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getEscapedPath() == '' || url(self).getEscapedPath() == '/')",message="must not contain a path" + // +kubebuilder:validation:XValidation:rule="isURL(self) && url(self).getQuery() == {}",message="must not have a query" + // +kubebuilder:validation:XValidation:rule="self.find('#(.+)$') == ''",message="must not have a fragment" + // +kubebuilder:validation:XValidation:rule="self.find('@') == ''",message="must not have user info" + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:MinLength=1 + // +required + VaultAddress string `json:"vaultAddress,omitempty"` + + // vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. + // This is only applicable for Vault Enterprise installations. + // When this field is not set, no namespace is used. + // + // The value must be between 1 and 4096 characters. + // The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="vaultNamespace cannot end with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.contains(' ')",message="vaultNamespace cannot contain spaces" + // +kubebuilder:validation:XValidation:rule="!(self in ['root', 'sys', 'audit', 'auth', 'cubbyhole', 'identity'])",message="vaultNamespace cannot be a reserved string (root, sys, audit, auth, cubbyhole, identity)" + // +optional + VaultNamespace string `json:"vaultNamespace,omitempty"` + + // tls contains the TLS configuration for connecting to the Vault server. + // When this field is not set, system default TLS settings are used. + // +optional + TLS VaultTLSConfig `json:"tls,omitzero"` + + // authentication defines the authentication method used to authenticate with Vault. + // + // +required + Authentication VaultAuthentication `json:"authentication,omitzero"` + + // transitMount specifies the mount path of the Vault Transit engine. + // The value must be between 1 and 1024 characters when specified. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose a reasonable default. These defaults are subject to change over time. + // The current default is "transit". + // + // The mount path cannot start or end with a forward slash, cannot contain spaces, + // and cannot contain consecutive forward slashes. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/')",message="transitMount cannot start with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="transitMount cannot end with a forward slash" + // +kubebuilder:validation:XValidation:rule="!self.contains(' ')",message="transitMount cannot contain spaces" + // +kubebuilder:validation:XValidation:rule="!self.contains('//')",message="transitMount cannot contain consecutive forward slashes" + // +optional + TransitMount string `json:"transitMount,omitempty"` + + // transitKey specifies the name of the encryption key in Vault's Transit engine. + // This key is used to encrypt and decrypt data. + // + // The key name must be between 1 and 512 characters and cannot contain spaces or forward slashes. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule="!self.contains(' ')",message="transitKey cannot contain spaces" + // +kubebuilder:validation:XValidation:rule="!self.contains('/')",message="transitKey cannot contain forward slashes" + // +required + TransitKey string `json:"transitKey,omitempty"` +} + +// VaultTLSConfig contains TLS configuration for connecting to Vault. +// +kubebuilder:validation:MinProperties=1 +type VaultTLSConfig struct { + // caBundle references a ConfigMap in the openshift-config namespace containing + // the CA certificate bundle used to verify the TLS connection to the Vault server. + // The ConfigMap must contain the CA bundle in the key "ca-bundle.crt". + // When this field is not set, the system's trusted CA certificates are used. + // + // The namespace for the ConfigMap is openshift-config. + // + // Example ConfigMap: + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: vault-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // ... + // -----END CERTIFICATE----- + // + // +optional + CABundle VaultConfigMapReference `json:"caBundle,omitzero"` + + // serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. + // This is useful when the Vault server's hostname doesn't match its TLS certificate. + // When this field is not set, the hostname from vaultAddress is used for SNI. + // + // The value must be a valid DNS hostname: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + // + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="serverName must be a valid DNS hostname: contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character" + // +optional + ServerName string `json:"serverName,omitempty"` +} diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index 30b85b78e9..84aae76e22 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -45,7 +45,7 @@ func (in *APIServerEncryption) DeepCopyInto(out *APIServerEncryption) { if in.KMS != nil { in, out := &in.KMS, &out.KMS *out = new(KMSConfig) - (*in).DeepCopyInto(*out) + **out = **in } return } @@ -216,22 +216,6 @@ func (in *AWSIngressSpec) DeepCopy() *AWSIngressSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AWSKMSConfig) DeepCopyInto(out *AWSKMSConfig) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSKMSConfig. -func (in *AWSKMSConfig) DeepCopy() *AWSKMSConfig { - if in == nil { - return nil - } - out := new(AWSKMSConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AWSPlatformSpec) DeepCopyInto(out *AWSPlatformSpec) { *out = *in @@ -2560,6 +2544,7 @@ func (in *GenericAPIServerConfig) DeepCopy() *GenericAPIServerConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GenericControllerConfig) DeepCopyInto(out *GenericControllerConfig) { *out = *in + out.TypeMeta = in.TypeMeta in.ServingInfo.DeepCopyInto(&out.ServingInfo) out.LeaderElection = in.LeaderElection out.Authentication = in.Authentication @@ -3832,11 +3817,7 @@ func (in *IntermediateTLSProfile) DeepCopy() *IntermediateTLSProfile { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KMSConfig) DeepCopyInto(out *KMSConfig) { *out = *in - if in.AWS != nil { - in, out := &in.AWS, &out.AWS - *out = new(AWSKMSConfig) - **out = **in - } + out.Vault = in.Vault return } @@ -6901,6 +6882,107 @@ func (in *VSpherePlatformVCenterSpec) DeepCopy() *VSpherePlatformVCenterSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultAppRoleAuthentication) DeepCopyInto(out *VaultAppRoleAuthentication) { + *out = *in + out.Secret = in.Secret + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAppRoleAuthentication. +func (in *VaultAppRoleAuthentication) DeepCopy() *VaultAppRoleAuthentication { + if in == nil { + return nil + } + out := new(VaultAppRoleAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultAuthentication) DeepCopyInto(out *VaultAuthentication) { + *out = *in + out.AppRole = in.AppRole + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuthentication. +func (in *VaultAuthentication) DeepCopy() *VaultAuthentication { + if in == nil { + return nil + } + out := new(VaultAuthentication) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultConfigMapReference) DeepCopyInto(out *VaultConfigMapReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultConfigMapReference. +func (in *VaultConfigMapReference) DeepCopy() *VaultConfigMapReference { + if in == nil { + return nil + } + out := new(VaultConfigMapReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultKMSConfig) DeepCopyInto(out *VaultKMSConfig) { + *out = *in + out.TLS = in.TLS + out.Authentication = in.Authentication + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultKMSConfig. +func (in *VaultKMSConfig) DeepCopy() *VaultKMSConfig { + if in == nil { + return nil + } + out := new(VaultKMSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultSecretReference) DeepCopyInto(out *VaultSecretReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultSecretReference. +func (in *VaultSecretReference) DeepCopy() *VaultSecretReference { + if in == nil { + return nil + } + out := new(VaultSecretReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VaultTLSConfig) DeepCopyInto(out *VaultTLSConfig) { + *out = *in + out.CABundle = in.CABundle + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultTLSConfig. +func (in *VaultTLSConfig) DeepCopy() *VaultTLSConfig { + if in == nil { + return nil + } + out := new(VaultTLSConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebhookTokenAuthenticator) DeepCopyInto(out *WebhookTokenAuthenticator) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml index eb7c485e03..75233bff73 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.featuregated-crd-manifests.yaml @@ -7,7 +7,7 @@ apiservers.config.openshift.io: Category: "" FeatureGates: - KMSEncryption - - KMSEncryptionProvider + - TLSAdherence FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -144,6 +144,7 @@ clusterversions.config.openshift.io: Category: "" FeatureGates: - ClusterUpdateAcceptRisks + - ClusterUpdatePreflight - ImageStreamImportMode - SignatureStores FilenameOperatorName: cluster-version-operator @@ -204,7 +205,8 @@ dnses.config.openshift.io: CRDName: dnses.config.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - AWSEuropeanSovereignCloudInstall FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_10" @@ -370,9 +372,6 @@ infrastructures.config.openshift.io: - AzureDualStackInstall - DualReplica - DyanmicServiceEndpointIBMCloud - - GCPClusterHostedDNSInstall - - HighlyAvailableArbiter - - HighlyAvailableArbiter+DualReplica - NutanixMultiSubnets - OnPremDNSRecords - VSphereHostVMGroupZonal diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 621dbbebdf..f386a81125 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -137,7 +137,7 @@ func (GenericAPIServerConfig) SwaggerDoc() map[string]string { } var map_GenericControllerConfig = map[string]string{ - "": "GenericControllerConfig provides information to configure a controller", + "": "GenericControllerConfig provides information to configure a controller\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", "servingInfo": "servingInfo is the HTTP serving information for the controller's endpoints", "leaderElection": "leaderElection provides information to elect a leader. Only override this if you have a specific need", "authentication": "authentication allows configuration of authentication for the endpoints", @@ -319,6 +319,7 @@ var map_APIServerSpec = map[string]string{ "additionalCORSAllowedOrigins": "additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth server from JavaScript applications. The values are regular expressions that correspond to the Golang regular expression language.", "encryption": "encryption allows the configuration of encryption of resources at the datastore layer.", "tlsSecurityProfile": "tlsSecurityProfile specifies settings for TLS connections for externally exposed servers.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is the Intermediate profile.", + "tlsAdherence": "tlsAdherence controls if components in the cluster adhere to the TLS security profile configured on this APIServer resource.\n\nValid values are \"LegacyAdheringComponentsOnly\" and \"StrictAllComponents\".\n\nWhen set to \"LegacyAdheringComponentsOnly\", components that already honor the cluster-wide TLS profile continue to do so. Components that do not already honor it continue to use their individual TLS configurations.\n\nWhen set to \"StrictAllComponents\", all components must honor the configured TLS profile unless they have a component-specific TLS configuration that overrides it. This mode is recommended for security-conscious deployments and is required for certain compliance frameworks.\n\nNote: Some components such as Kubelet and IngressController have their own dedicated TLS configuration mechanisms via KubeletConfig and IngressController CRs respectively. When these component-specific TLS configurations are set, they take precedence over the cluster-wide tlsSecurityProfile. When not set, these components fall back to the cluster-wide default.\n\nComponents that encounter an unknown value for tlsAdherence should treat it as \"StrictAllComponents\" and log a warning to ensure forward compatibility while defaulting to the more secure behavior.\n\nThis field is optional. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is LegacyAdheringComponentsOnly.\n\nOnce set, this field may be changed to a different value, but may not be removed.", "audit": "audit specifies the settings for audit configuration to be applied to all OpenShift-provided API servers in the cluster.", } @@ -458,7 +459,7 @@ func (OIDCProvider) SwaggerDoc() map[string]string { var map_PrefixedClaimMapping = map[string]string{ "": "PrefixedClaimMapping configures a claim mapping that allows for an optional prefix.", - "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted (\"\"), no prefix is applied to the cluster identity attribute.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", + "prefix": "prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes.\n\nWhen omitted or set to an empty string (\"\"), no prefix is applied to the cluster identity attribute. Must not be set to a non-empty value when expression is set.\n\nExample: if `prefix` is set to \"myoidc:\" and the `claim` in JWT contains an array of strings \"a\", \"b\" and \"c\", the mapping will result in an array of string \"myoidc:a\", \"myoidc:b\" and \"myoidc:c\".", } func (PrefixedClaimMapping) SwaggerDoc() map[string]string { @@ -549,7 +550,7 @@ func (TokenUserValidationRule) SwaggerDoc() map[string]string { var map_UsernameClaimMapping = map[string]string{ "claim": "claim is an optional field that configures the JWT token claim whose value is assigned to the cluster identity field associated with this mapping. claim is required when the ExternalOIDCWithUpstreamParity feature gate is not enabled. When the ExternalOIDCWithUpstreamParity feature gate is enabled, claim must not be set when expression is set.\n\nclaim must not be an empty string (\"\") and must not exceed 256 characters.", "expression": "expression is an optional CEL expression used to derive the username from JWT claims.\n\nCEL expressions have access to the token claims through a CEL variable, 'claims'.\n\nexpression must be at least 1 character and must not exceed 1024 characters in length. expression must not be set when claim is set.", - "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim.\n\nThe prefix field must be set when prefixPolicy is 'Prefix'.\n\nWhen set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim.\n\nWhen omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", + "prefixPolicy": "prefixPolicy is an optional field that configures how a prefix should be applied to the value of the JWT claim specified in the 'claim' field.\n\nAllowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string).\n\nWhen set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. The prefix field must be set when prefixPolicy is 'Prefix'. Must not be set to 'Prefix' when expression is set. When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'.\n\nAs an example, consider the following scenario:\n\n `prefix` is unset, `issuerURL` is set to `https://myoidc.tld`,\n the JWT claims include \"username\":\"userA\" and \"email\":\"userA@myoidc.tld\",\n and `claim` is set to:\n - \"username\": the mapped value will be \"https://myoidc.tld#userA\"\n - \"email\": the mapped value will be \"userA@myoidc.tld\"", "prefix": "prefix configures the prefix that should be prepended to the value of the JWT claim.\n\nprefix must be set when prefixPolicy is set to 'Prefix' and must be unset otherwise.", } @@ -917,6 +918,7 @@ var map_Update = map[string]string{ "image": "image is a container image location that contains the update. image should be used when the desired version does not exist in availableUpdates or history. When image is set, architecture cannot be specified. If both version and image are set, the version extracted from the referenced image must match the specified version.", "force": "force allows an administrator to update to an image that has failed verification or upgradeable checks that are designed to keep your cluster safe. Only use this if: * you are testing unsigned release images in short-lived test clusters or * you are working around a known bug in the cluster-version\n operator and you have verified the authenticity of the provided\n image yourself.\nThe provided image will run with full administrative access to the cluster. Do not use this flag with images that come from unknown or potentially malicious sources.", "acceptRisks": "acceptRisks is an optional set of names of conditional update risks that are considered acceptable. A conditional update is performed only if all of its risks are acceptable. This list may contain entries that apply to current, previous or future updates. The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. acceptRisks must not contain more than 1000 entries. Entries in this list must be unique.", + "mode": "mode determines how an update should be processed. The only valid value is \"Preflight\". When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. This is the standard update behavior. When set to \"Preflight\", the cluster runs compatibility checks against the target release without performing an actual update. Compatibility results, including any detected risks, are reported in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update recommendation service. This allows administrators to assess update readiness and address issues before committing to the update. Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be verified across multiple minor versions. When mode is set to \"Preflight\", the same rules for version, image, and architecture apply as for normal updates.", } func (Update) SwaggerDoc() map[string]string { @@ -986,7 +988,7 @@ func (ConsoleStatus) SwaggerDoc() map[string]string { var map_AWSDNSSpec = map[string]string{ "": "AWSDNSSpec contains DNS configuration specific to the Amazon Web Services cloud provider.", - "privateZoneIAMRole": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed.", + "privateZoneIAMRole": "privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing operations on the cluster's private hosted zone specified in the cluster DNS config. When left empty, no role should be assumed.\n\nThe ARN must follow the format: arn::iam:::role/, where: is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), is a 12-digit numeric identifier for the AWS account, is the IAM role name.", } func (AWSDNSSpec) SwaggerDoc() map[string]string { @@ -1752,7 +1754,7 @@ var map_InfrastructureStatus = map[string]string{ "etcdDiscoveryDomain": "etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery deprecated: as of 4.7, this field is no longer set or honored. It will be removed in a future release.", "apiServerURL": "apiServerURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API.", "apiServerInternalURI": "apiServerInternalURL is a valid URI with scheme 'https', address and optionally a port (defaulting to 443). apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking.", - "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster.", + "controlPlaneTopology": "controlPlaneTopology expresses the expectations for operands that normally run on control nodes. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation The 'External' mode indicates that the control plane is hosted externally to the cluster and that its components are not visible within the cluster. The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum.", "infrastructureTopology": "infrastructureTopology expresses the expectations for infrastructure services that do not run on control plane nodes, usually indicated by a node selector for a `role` value other than `master`. The default is 'HighlyAvailable', which represents the behavior operators have in a \"normal\" cluster. The 'SingleReplica' mode will be used in single-node deployments and the operators should not configure the operand for highly-available operation NOTE: External topology mode is not applicable for this field.", "cpuPartitioning": "cpuPartitioning expresses if CPU partitioning is a currently enabled feature in the cluster. CPU Partitioning means that this cluster can support partitioning workloads to specific CPU Sets. Valid values are \"None\" and \"AllNodes\". When omitted, the default value is \"None\". The default value of \"None\" indicates that no nodes will be setup with CPU partitioning. The \"AllNodes\" value indicates that all nodes have been setup with CPU partitioning, and can then be further configured via the PerformanceProfile API.", } @@ -2327,24 +2329,76 @@ func (Storage) SwaggerDoc() map[string]string { return map_Storage } -var map_AWSKMSConfig = map[string]string{ - "": "AWSKMSConfig defines the KMS config specific to AWS KMS provider", - "keyARN": "keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. The value must adhere to the format `arn:aws:kms:::key/`, where: - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - `` is a 12-digit numeric identifier for the AWS account. - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens.", - "region": "region specifies the AWS region where the KMS instance exists, and follows the format `--`, e.g.: `us-east-1`. Only lowercase letters and hyphens followed by numbers are allowed.", +var map_KMSConfig = map[string]string{ + "": "KMSConfig defines the configuration for the KMS instance that will be used with KMS encryption", + "type": "type defines the kind of platform for the KMS provider. Allowed values are Vault. When set to Vault, the plugin connects to a HashiCorp Vault server for key management.", + "vault": "vault defines the configuration for the Vault KMS plugin. The plugin connects to a Vault Enterprise server that is managed by the user outside the purview of the control plane. This field must be set when type is Vault, and must be unset otherwise.", } -func (AWSKMSConfig) SwaggerDoc() map[string]string { - return map_AWSKMSConfig +func (KMSConfig) SwaggerDoc() map[string]string { + return map_KMSConfig } -var map_KMSConfig = map[string]string{ - "": "KMSConfig defines the configuration for the KMS instance that will be used with KMSEncryptionProvider encryption", - "type": "type defines the kind of platform for the KMS provider. Available provider types are AWS only.", - "aws": "aws defines the key config for using an AWS KMS instance for the encryption. The AWS KMS instance is managed by the user outside the purview of the control plane.", +var map_VaultAppRoleAuthentication = map[string]string{ + "": "VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault.", + "secret": "secret references a secret in the openshift-config namespace containing the AppRole credentials used to authenticate with Vault. The secret must contain two keys: \"roleID\" for the AppRole Role ID and \"secretID\" for the AppRole Secret ID.\n\nThe namespace for the secret is openshift-config.", } -func (KMSConfig) SwaggerDoc() map[string]string { - return map_KMSConfig +func (VaultAppRoleAuthentication) SwaggerDoc() map[string]string { + return map_VaultAppRoleAuthentication +} + +var map_VaultAuthentication = map[string]string{ + "": "VaultAuthentication defines the authentication method used to authenticate with Vault.", + "type": "type defines the authentication method used to authenticate with Vault. Allowed values are AppRole. When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault.", + "appRole": "appRole defines the configuration for AppRole authentication. This field must be set when type is AppRole, and must be unset otherwise.", +} + +func (VaultAuthentication) SwaggerDoc() map[string]string { + return map_VaultAuthentication +} + +var map_VaultConfigMapReference = map[string]string{ + "": "VaultConfigMapReference references a ConfigMap in the openshift-config namespace.", + "name": "name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. The name must be a valid DNS subdomain name: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultConfigMapReference) SwaggerDoc() map[string]string { + return map_VaultConfigMapReference +} + +var map_VaultKMSConfig = map[string]string{ + "": "VaultKMSConfig defines the KMS plugin configuration specific to Vault KMS", + "kmsPluginImage": "kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin.\n\nThe image must be a fully qualified OCI image pull spec with a SHA256 digest. The format is: host[:port][/namespace]/name@sha256: where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. The total length must be between 75 and 447 characters.\n\nShort names (e.g., \"vault-plugin\" or \"hashicorp/vault-plugin\") are not allowed. The registry hostname must be included and must contain at least one dot. Image tags (e.g., \":latest\", \":v1.0.0\") are not allowed.\n\nConsult the OpenShift documentation for compatible plugin versions with your cluster version, then obtain the image digest for that version from HashiCorp's container registry.\n\nFor disconnected environments, mirror the plugin image to an accessible registry and reference the mirrored location with its digest.", + "vaultAddress": "vaultAddress specifies the address of the HashiCorp Vault instance. The value must be a valid HTTPS URL containing only scheme, host, and optional port. Paths, user info, query parameters, and fragments are not allowed.\n\nFormat: https://hostname[:port] Example: https://vault.example.com:8200\n\nThe value must be between 1 and 512 characters.", + "vaultNamespace": "vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. This is only applicable for Vault Enterprise installations. When this field is not set, no namespace is used.\n\nThe value must be between 1 and 4096 characters. The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity.", + "tls": "tls contains the TLS configuration for connecting to the Vault server. When this field is not set, system default TLS settings are used.", + "authentication": "authentication defines the authentication method used to authenticate with Vault.", + "transitMount": "transitMount specifies the mount path of the Vault Transit engine. The value must be between 1 and 1024 characters when specified.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose a reasonable default. These defaults are subject to change over time. The current default is \"transit\".\n\nThe mount path cannot start or end with a forward slash, cannot contain spaces, and cannot contain consecutive forward slashes.", + "transitKey": "transitKey specifies the name of the encryption key in Vault's Transit engine. This key is used to encrypt and decrypt data.\n\nThe key name must be between 1 and 512 characters and cannot contain spaces or forward slashes.", +} + +func (VaultKMSConfig) SwaggerDoc() map[string]string { + return map_VaultKMSConfig +} + +var map_VaultSecretReference = map[string]string{ + "": "VaultSecretReference references a secret in the openshift-config namespace.", + "name": "name is the metadata.name of the referenced secret in the openshift-config namespace. The name must be a valid DNS subdomain name: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultSecretReference) SwaggerDoc() map[string]string { + return map_VaultSecretReference +} + +var map_VaultTLSConfig = map[string]string{ + "": "VaultTLSConfig contains TLS configuration for connecting to Vault.", + "caBundle": "caBundle references a ConfigMap in the openshift-config namespace containing the CA certificate bundle used to verify the TLS connection to the Vault server. The ConfigMap must contain the CA bundle in the key \"ca-bundle.crt\". When this field is not set, the system's trusted CA certificates are used.\n\nThe namespace for the ConfigMap is openshift-config.\n\nExample ConfigMap:\n apiVersion: v1\n kind: ConfigMap\n metadata:\n name: vault-ca-bundle\n namespace: openshift-config\n data:\n ca-bundle.crt: |", + "serverName": "serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. This is useful when the Vault server's hostname doesn't match its TLS certificate. When this field is not set, the hostname from vaultAddress is used for SNI.\n\nThe value must be a valid DNS hostname: it must contain no more than 253 characters, contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character.", +} + +func (VaultTLSConfig) SwaggerDoc() map[string]string { + return map_VaultTLSConfig } var map_ClusterNetworkEntry = map[string]string{ diff --git a/vendor/github.com/openshift/api/config/v1alpha1/register.go b/vendor/github.com/openshift/api/config/v1alpha1/register.go index 383d19e7e6..1d84b71079 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/register.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/register.go @@ -36,10 +36,6 @@ func addKnownTypes(scheme *runtime.Scheme) error { &InsightsDataGatherList{}, &Backup{}, &BackupList{}, - &ImagePolicy{}, - &ImagePolicyList{}, - &ClusterImagePolicy{}, - &ClusterImagePolicyList{}, &CRIOCredentialProviderConfig{}, &CRIOCredentialProviderConfigList{}, &PKI{}, diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go deleted file mode 100644 index e8d7603d7b..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_image_policy.go +++ /dev/null @@ -1,80 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicy holds cluster-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=clusterimagepolicies,scope=Cluster -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec contains the configuration for the cluster image policy. - // +required - Spec ClusterImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ClusterImagePolicyStatus `json:"status,omitempty"` -} - -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +k8s:deepcopy-gen=true -type ClusterImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterImagePolicyList is a list of ClusterImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ClusterImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ClusterImagePolicy `json:"items"` -} diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go index e72f537f99..083c2d6b55 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/types_cluster_monitoring.go @@ -89,6 +89,19 @@ type ClusterMonitoringSpec struct { // The current default value is `DefaultConfig`. // +optional AlertmanagerConfig AlertmanagerConfig `json:"alertmanagerConfig,omitempty,omitzero"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + // +optional + PrometheusConfig PrometheusConfig `json:"prometheusConfig,omitempty,omitzero"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -107,6 +120,617 @@ type ClusterMonitoringSpec struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // +optional PrometheusOperatorAdmissionWebhookConfig PrometheusOperatorAdmissionWebhookConfig `json:"prometheusOperatorAdmissionWebhookConfig,omitempty,omitzero"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + OpenShiftStateMetricsConfig OpenShiftStateMetricsConfig `json:"openShiftStateMetricsConfig,omitempty,omitzero"` + // telemeterClientConfig is an optional field that can be used to configure the Telemeter Client + // component that runs in the openshift-monitoring namespace. The Telemeter Client collects + // selected monitoring metrics and forwards them to Red Hat for telemetry purposes. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // When set, at least one field must be specified within telemeterClientConfig. + // +optional + TelemeterClientConfig TelemeterClientConfig `json:"telemeterClientConfig,omitempty,omitzero"` + // thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier + // component that runs in the openshift-monitoring namespace. The Thanos Querier provides + // a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory + // requests, and no custom tolerations or topology spread constraints. + // When set, at least one field must be specified within thanosQuerierConfig. + // +optional + ThanosQuerierConfig ThanosQuerierConfig `json:"thanosQuerierConfig,omitempty,omitzero"` + // nodeExporterConfig is an optional field that can be used to configure the node-exporter agent + // that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects + // hardware and OS-level metrics from every node in the cluster. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + NodeExporterConfig NodeExporterConfig `json:"nodeExporterConfig,omitempty,omitzero"` + // monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin + // that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides + // the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the monitoring-plugin as a single-replica Deployment + // on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations + // or topology spread constraints. + // When set, at least one field must be specified within monitoringPluginConfig. + // +optional + MonitoringPluginConfig MonitoringPluginConfig `json:"monitoringPluginConfig,omitempty,omitzero"` +} + +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. +// +kubebuilder:validation:MinProperties=1 +type OpenShiftStateMetricsConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the openshift-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// NodeExporterConfig provides configuration options for the node-exporter agent +// that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects +// hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and +// network statistics. +// At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the node-exporter container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 8m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // --- + // maxItems is set to 5 to stay within the Kubernetes CRD CEL validation cost budget. + // See the MaxItems comment near the ContainerResource type definition for details. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is to tolerate all taints (operator: Exists without any key), + // which is typical for DaemonSets that must run on every node. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // collectors configures which node-exporter metric collectors are enabled. + // collectors is optional. + // Each collector can be individually enabled or disabled. Some collectors may have + // additional configuration options. + // + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. + // +optional + Collectors NodeExporterCollectorConfig `json:"collectors,omitempty,omitzero"` + // maxProcs sets the target number of CPUs on which the node-exporter process will run. + // maxProcs is optional. + // Use this setting to override the default value, which is set either to 4 or to the number + // of CPUs on the host, whichever is smaller. + // The default value is computed at runtime and set via the GOMAXPROCS environment variable before + // node-exporter is launched. + // If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, + // you can change this value to 1, which limits node-exporter to running on one CPU. + // For nodes with a high CPU count, setting the limit to a low number saves resources by preventing + // Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the + // maxProcs value is set too low and there are many metrics to collect. + // The minimum value is 1 and the maximum value is 1024. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is min(4, number of host CPUs). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1024 + MaxProcs int32 `json:"maxProcs,omitempty"` + // ignoredNetworkDevices is a list of regular expression patterns that match network devices + // to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. + // ignoredNetworkDevices is optional. + // + // When omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded + // to minimize the impact on memory usage. + // When set as an empty list, no devices are excluded. + // If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. + // Maximum length for this list is 50. + // Each entry must be at least 1 character and at most 1024 characters long. + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=0 + // +listType=set + // +optional + IgnoredNetworkDevices *[]NodeExporterIgnoredNetworkDevice `json:"ignoredNetworkDevices,omitempty"` +} + +// NodeExporterIgnoredNetworkDevice is a string that is interpreted as a Go regular expression +// pattern by the controller to match network device names to exclude from node-exporter +// metric collection for collectors such as netdev, netclass, and ethtool. +// Invalid regular expressions will cause a controller-level error at runtime. +// Must be at least 1 character and at most 1024 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +type NodeExporterIgnoredNetworkDevice string + +// NodeExporterCollectorCollectionPolicy declares whether a node-exporter collector should collect metrics. +// Valid values are "Collect" and "DoNotCollect". +// +kubebuilder:validation:Enum=Collect;DoNotCollect +// +enum +type NodeExporterCollectorCollectionPolicy string + +const ( + // NodeExporterCollectorCollectionPolicyCollect means the collector is active and will produce metrics. + NodeExporterCollectorCollectionPolicyCollect NodeExporterCollectorCollectionPolicy = "Collect" + // NodeExporterCollectorCollectionPolicyDoNotCollect means the collector is inactive and will not produce metrics. + NodeExporterCollectorCollectionPolicyDoNotCollect NodeExporterCollectorCollectionPolicy = "DoNotCollect" +) + +// NodeExporterNetclassStatsGatherer identifies how the netclass collector gathers device statistics +// (for example via sysfs or netlink, as implemented in node_exporter). +// Valid values are "Sysfs" and "Netlink". +// +kubebuilder:validation:Enum=Sysfs;Netlink +// +enum +type NodeExporterNetclassStatsGatherer string + +const ( + // NodeExporterNetclassStatsGathererSysfs uses the sysfs-based implementation. + NodeExporterNetclassStatsGathererSysfs NodeExporterNetclassStatsGatherer = "Sysfs" + // NodeExporterNetclassStatsGathererNetlink uses the netlink-based implementation. + NodeExporterNetclassStatsGathererNetlink NodeExporterNetclassStatsGatherer = "Netlink" +) + +// NodeExporterCollectorConfig defines settings for individual collectors +// of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. +// At least one collector must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorConfig struct { + // cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. + // cpuFreq is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on + // many-core nodes when collectionPolicy is Collect. + // +optional + CpuFreq NodeExporterCollectorCpufreqConfig `json:"cpuFreq,omitempty,omitzero"` + // tcpStat configures the tcpstat collector, which collects TCP connection statistics. + // tcpStat is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when debugging TCP connection behavior or capacity at the node level. + // +optional + TcpStat NodeExporterCollectorTcpStatConfig `json:"tcpStat,omitempty,omitzero"` + // ethtool configures the ethtool collector, which collects ethernet device statistics. + // ethtool is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters. + // +optional + Ethtool NodeExporterCollectorEthtoolConfig `json:"ethtool,omitempty,omitzero"` + // netDev configures the netdev collector, which collects network device statistics. + // netDev is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled. + // Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces. + // +optional + NetDev NodeExporterCollectorNetDevConfig `json:"netDev,omitempty,omitzero"` + // netClass configures the netclass collector, which collects information about network devices. + // netClass is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled with netlink mode active. + // Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning. + // +optional + NetClass NodeExporterCollectorNetClassConfig `json:"netClass,omitempty,omitzero"` + // buddyInfo configures the buddyinfo collector, which collects statistics about memory + // fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. + // buddyInfo is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only. + // +optional + BuddyInfo NodeExporterCollectorBuddyInfoConfig `json:"buddyInfo,omitempty,omitzero"` + // mountStats configures the mountstats collector, which collects statistics about NFS volume + // I/O activities. + // mountStats is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector may produce metrics with high cardinality. If you enable this + // collector, closely monitor the prometheus-k8s deployment for excessive memory usage. + // Enable when you care about per-mount NFS client statistics. + // +optional + MountStats NodeExporterCollectorMountStatsConfig `json:"mountStats,omitempty,omitzero"` + // ksmd configures the ksmd collector, which collects statistics from the kernel same-page + // merger daemon. + // ksmd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable on nodes where KSM is in use and you want visibility into merging activity. + // +optional + Ksmd NodeExporterCollectorKSMDConfig `json:"ksmd,omitempty,omitzero"` + // processes configures the processes collector, which collects statistics from processes and + // threads running in the system. + // processes is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable for process/thread-level insight; can be expensive on busy nodes. + // +optional + Processes NodeExporterCollectorProcessesConfig `json:"processes,omitempty,omitzero"` + // systemd configures the systemd collector, which collects statistics on the systemd daemon + // and its managed services. + // systemd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector with a long list of selected units may produce metrics with high + // cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment + // for excessive memory usage. + // Enable when you need metrics for specific units; scope units carefully. + // +optional + Systemd NodeExporterCollectorSystemdConfig `json:"systemd,omitempty,omitzero"` +} + +// NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector +// of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. +// It is disabled by default. +type NodeExporterCollectorCpufreqConfig struct { + // collectionPolicy declares whether the cpufreq collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the cpufreq collector is active and CPU frequency statistics are collected. + // When set to "DoNotCollect", the cpufreq collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector +// of the node-exporter agent. The tcpstat collector collects TCP connection statistics. +// It is disabled by default. +type NodeExporterCollectorTcpStatConfig struct { + // collectionPolicy declares whether the tcpstat collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the tcpstat collector is active and TCP connection statistics are collected. + // When set to "DoNotCollect", the tcpstat collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector +// of the node-exporter agent. The ethtool collector collects ethernet device statistics. +// It is disabled by default. +type NodeExporterCollectorEthtoolConfig struct { + // collectionPolicy declares whether the ethtool collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ethtool collector is active and ethernet device statistics are collected. + // When set to "DoNotCollect", the ethtool collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetDevConfig provides configuration for the netdev collector +// of the node-exporter agent. The netdev collector collects network device statistics +// such as bytes, packets, errors, and drops per device. +// It is enabled by default. +type NodeExporterCollectorNetDevConfig struct { + // collectionPolicy declares whether the netdev collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netdev collector is active and network device statistics are collected. + // When set to "DoNotCollect", the netdev collector is inactive and the corresponding metrics become unavailable. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetClassConfig provides configuration for the netclass collector +// of the node-exporter agent. The netclass collector collects information about network devices +// such as network speed, MTU, and carrier status. +// It is enabled by default. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +// +kubebuilder:validation:XValidation:rule="has(self.collectionPolicy) && self.collectionPolicy == 'Collect' ? true : !has(self.collect)",message="collect is forbidden when collectionPolicy is not Collect" +// +union +type NodeExporterCollectorNetClassConfig struct { + // collectionPolicy declares whether the netclass collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netclass collector is active and network class information is collected. + // When set to "DoNotCollect", the netclass collector is inactive and the corresponding metrics become unavailable. + // When set to "DoNotCollect", the collect field must not be set. + // +unionDiscriminator + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the netclass collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + // +unionMember + // +optional + Collect NodeExporterCollectorNetClassCollectConfig `json:"collect,omitzero,omitempty"` +} + +// NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector +// when it is actively collecting metrics. At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorNetClassCollectConfig struct { + // statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). + // statsGatherer is optional. + // Valid values are "Sysfs" and "Netlink". + // When set to "Netlink", the netlink implementation is used; when set to "Sysfs", the sysfs implementation is used. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is Netlink. + // +optional + StatsGatherer NodeExporterNetclassStatsGatherer `json:"statsGatherer,omitempty"` +} + +// NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector +// of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation +// from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. +// It is disabled by default. +type NodeExporterCollectorBuddyInfoConfig struct { + // collectionPolicy declares whether the buddyinfo collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the buddyinfo collector is active and memory fragmentation statistics are collected. + // When set to "DoNotCollect", the buddyinfo collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector +// of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. +// It is disabled by default. +// Enabling this collector may produce metrics with high cardinality. If you enable this +// collector, closely monitor the prometheus-k8s deployment for excessive memory usage. +type NodeExporterCollectorMountStatsConfig struct { + // collectionPolicy declares whether the mountstats collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the mountstats collector is active and NFS volume I/O statistics are collected. + // When set to "DoNotCollect", the mountstats collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector +// of the node-exporter agent. The ksmd collector collects statistics from the kernel +// same-page merger daemon. +// It is disabled by default. +type NodeExporterCollectorKSMDConfig struct { + // collectionPolicy declares whether the ksmd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ksmd collector is active and kernel same-page merger statistics are collected. + // When set to "DoNotCollect", the ksmd collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorProcessesConfig provides configuration for the processes collector +// of the node-exporter agent. The processes collector collects statistics from processes and threads +// running in the system. +// It is disabled by default. +type NodeExporterCollectorProcessesConfig struct { + // collectionPolicy declares whether the processes collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the processes collector is active and process/thread statistics are collected. + // When set to "DoNotCollect", the processes collector is inactive. + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorSystemdConfig provides configuration for the systemd collector +// of the node-exporter agent. The systemd collector collects statistics on the systemd daemon +// and its managed services. +// It is disabled by default. +// Enabling this collector with a long list of selected units may produce metrics with high +// cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment +// for excessive memory usage. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +// +kubebuilder:validation:XValidation:rule="has(self.collectionPolicy) && self.collectionPolicy == 'Collect' ? true : !has(self.collect)",message="collect is forbidden when collectionPolicy is not Collect" +// +union +type NodeExporterCollectorSystemdConfig struct { + // collectionPolicy declares whether the systemd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the systemd collector is active and systemd unit statistics are collected. + // When set to "DoNotCollect", the systemd collector is inactive and the collect field must not be set. + // +unionDiscriminator + // +required + CollectionPolicy NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the systemd collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + // +unionMember + // +optional + Collect NodeExporterCollectorSystemdCollectConfig `json:"collect,omitzero,omitempty"` +} + +// NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector +// when it is actively collecting metrics. At least one field must be specified. +// +kubebuilder:validation:MinProperties=1 +type NodeExporterCollectorSystemdCollectConfig struct { + // units is a list of regular expression patterns that match systemd units to be included + // by the systemd collector. + // units is optional. + // By default, the list is empty, so the collector exposes no metrics for systemd units. + // Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. + // Maximum length for this list is 50. + // Minimum length for this list is 1. + // Entries in this list must be unique. + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:MinItems=1 + // +listType=set + // +optional + Units []NodeExporterSystemdUnit `json:"units,omitempty"` +} + +// NodeExporterSystemdUnit is a string that is interpreted as a Go regular expression +// pattern by the controller to match systemd unit names. +// Invalid regular expressions will cause a controller-level error at runtime. +// Must be at least 1 character and at most 1024 characters. +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=1024 +type NodeExporterSystemdUnit string + +// MonitoringPluginConfig provides configuration options for the monitoring plugin +// that runs as a dynamic plugin of the OpenShift web console. +// The monitoring plugin provides the monitoring UI in the OpenShift web console +// for visualizing metrics, alerts, and dashboards. +// At least one field must be specified; an empty monitoringPluginConfig object is not allowed. +// +kubebuilder:validation:MinProperties=1 +type MonitoringPluginConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the monitoring-plugin container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 10m + // - name: memory + // request: 50Mi + // + // When specified, resources must contain at least 1 entry and must not exceed 5 entries. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines the tolerations required for the monitoring-plugin Pods. + // This field is optional. + // + // When omitted, the monitoring-plugin Pods will not have any tolerations, which + // means they will only be scheduled on nodes with no taints. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +listType=atomic + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // When specified, this list must contain at least 1 entry and must not exceed 10 entries. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } // UserDefinedMonitoring config for user-defined projects. @@ -196,13 +820,13 @@ type AlertmanagerCustomConfig struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` // secrets defines a list of secrets that need to be mounted into the Alertmanager. @@ -222,172 +846,1458 @@ type AlertmanagerCustomConfig struct { // Minimum length for this list is 1. // Entries in this list must be unique. // +optional - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=set - Secrets []SecretName `json:"secrets,omitempty"` - // tolerations defines tolerations for the pods. - // tolerations is optional. - // - // When omitted, this means the user has no opinion and the platform is left - // to choose reasonable defaults. These defaults are subject to change over time. - // Defaults are empty/unset. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=atomic + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=set + Secrets []SecretName `json:"secrets,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and alert data will not persist + // across restarts. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` +} + +// AlertManagerDeployMode defines the deployment state of the platform Alertmanager instance. +// +// Possible values: +// - "Disabled": The Alertmanager instance will not be deployed. +// - "DefaultConfig": The Alertmanager instance will be deployed with default settings. +// - "CustomConfig": The Alertmanager instance will be deployed with custom configuration. +// +kubebuilder:validation:Enum=Disabled;DefaultConfig;CustomConfig +type AlertManagerDeployMode string + +const ( + // AlertManagerModeDisabled means the Alertmanager instance will not be deployed. + AlertManagerDeployModeDisabled AlertManagerDeployMode = "Disabled" + // AlertManagerModeDefaultConfig means the Alertmanager instance will be deployed with default settings. + AlertManagerDeployModeDefaultConfig AlertManagerDeployMode = "DefaultConfig" + // AlertManagerModeCustomConfig means the Alertmanager instance will be deployed with custom configuration. + AlertManagerDeployModeCustomConfig AlertManagerDeployMode = "CustomConfig" +) + +// LogLevel defines the verbosity of logs emitted by Alertmanager. +// Valid values are Error, Warn, Info and Debug. +// +kubebuilder:validation:Enum=Error;Warn;Info;Debug +type LogLevel string + +const ( + // LogLevelError only errors will be logged. + LogLevelError LogLevel = "Error" + // LogLevelWarn, both warnings and errors will be logged. + LogLevelWarn LogLevel = "Warn" + // LogLevelInfo, general information, warnings, and errors will all be logged. + LogLevelInfo LogLevel = "Info" + // LogLevelDebug, detailed debugging information will be logged. + LogLevelDebug LogLevel = "Debug" +) + +// MaxItems on []ContainerResource fields is kept at 5 to stay within the +// Kubernetes CRD CEL validation cost budget (StaticEstimatedCRDCostLimit). +// The quantity() CEL function has a high fixed estimated cost per invocation, +// and the limit-vs-request comparison rule is costed per maxItems per location. +// With multiple structs in ClusterMonitoringSpec embedding []ContainerResource, +// maxItems > 5 causes the total estimated rule cost to exceed the budget. + +// ContainerResource defines a single resource requirement for a container. +// +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.limit)",message="at least one of request or limit must be set" +// +kubebuilder:validation:XValidation:rule="!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) >= 0",message="limit must be greater than or equal to request" +type ContainerResource struct { + // name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). + // This field is required. + // name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.qualifiedName().validate(self).hasValue()",message="name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character" + Name string `json:"name,omitempty"` + + // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). + // This field is optional. + // When limit is specified, request cannot be greater than limit. + // The value must be greater than 0 when specified. + // +optional + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" + Request resource.Quantity `json:"request,omitempty"` + + // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). + // This field is optional. + // When request is specified, limit cannot be less than request. + // The value must be greater than 0 when specified. + // +optional + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:MaxLength=20 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" + Limit resource.Quantity `json:"limit,omitempty"` +} + +// SecretName is a type that represents the name of a Secret in the same namespace. +// It must be at most 253 characters in length. +// +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." +// +kubebuilder:validation:MaxLength=63 +type SecretName string + +// MetricsServerConfig provides configuration options for the Metrics Server instance +// that runs in the `openshift-monitoring` namespace. Use this configuration to control +// how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type MetricsServerConfig struct { + // audit defines the audit configuration used by the Metrics Server instance. + // audit is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + //The current default sets audit.profile to Metadata + // +optional + Audit Audit `json:"audit,omitempty,omitzero"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // verbosity defines the verbosity of log messages for Metrics Server. + // Valid values are Errors, Info, Trace, TraceAll and omitted. + // When set to Errors, only critical messages and errors are logged. + // When set to Info, only basic information messages are logged. + // When set to Trace, information useful for general debugging is logged. + // When set to TraceAll, detailed information about metric scraping is logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Errors` + // +optional + Verbosity VerbosityLevel `json:"verbosity,omitempty,omitzero"` + // resources defines the compute resource requests and limits for the Metrics Server container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance +// Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled. +// +kubebuilder:validation:MinProperties=1 +type PrometheusOperatorConfig struct { + // logLevel defines the verbosity of logs emitted by Prometheus Operator. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus Operator container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook +// component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission +// webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, +// and converts AlertmanagerConfig objects between API versions. +// +kubebuilder:validation:MinProperties=1 +type PrometheusOperatorAdmissionWebhookConfig struct { + // resources defines the compute resource requests and limits for the + // prometheus-operator-admission-webhook container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 5m + // limit: null + // - name: memory + // request: 30Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // topologySpreadConstraints defines rules for how admission webhook Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +// +kubebuilder:validation:MinProperties=1 +type PrometheusConfig struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfig `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + // +kubebuilder:validation:Minimum=10240 + // +kubebuilder:validation:Maximum=1073741824 + // +optional + EnforcedBodySizeLimitBytes int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=50 + // +listType=map + // +listMapKey=key + ExternalLabels []Label `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + // +optional + LogLevel LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + // +optional + // +kubebuilder:validation:MinProperties=1 + // +kubebuilder:validation:MaxProperties=10 + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._/-]+$')",message="must contain only alphanumeric characters, '.', '_', '-', or '/'" + // +kubebuilder:validation:XValidation:rule="self.startsWith('/') || !self.contains('/')",message="must be an absolute path starting with '/' or a simple filename without '/'" + // +kubebuilder:validation:XValidation:rule="!self.startsWith('/dev/') || self in ['/dev/stdout', '/dev/stderr', '/dev/null']",message="only /dev/stdout, /dev/stderr, and /dev/null are allowed as /dev/ paths" + // +kubebuilder:validation:XValidation:rule="!self.contains('//') && !self.endsWith('/') && !self.contains('..')",message="must not contain '//', end with '/', or contain '..'" + QueryLogFile string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + // +optional + RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=5 + // +kubebuilder:validation:MinItems=1 + Resources []ContainerResource `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit). + // +optional + Retention Retention `json:"retention,omitempty,omitzero"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=map + // +listMapKey=topologyKey + // +listMapKey=whenUnsatisfiable + // +optional + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + // +optional + CollectionProfile CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + // +optional + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty,omitzero"` +} + +// AlertmanagerScheme defines the URL scheme to use when communicating with Alertmanager instances. +// +kubebuilder:validation:Enum=HTTP;HTTPS +type AlertmanagerScheme string + +const ( + AlertmanagerSchemeHTTP AlertmanagerScheme = "HTTP" + AlertmanagerSchemeHTTPS AlertmanagerScheme = "HTTPS" +) + +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfig struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." + // +required + Name string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + // +optional + Authorization AuthorizationConfig `json:"authorization,omitempty,omitzero"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:MinLength=2 + // +kubebuilder:validation:XValidation:rule="self.startsWith('/')",message="pathPrefix must start with '/'" + // +kubebuilder:validation:XValidation:rule="!self.endsWith('/')",message="pathPrefix must not end with '/'" + // +kubebuilder:validation:XValidation:rule="self != '/'",message="pathPrefix must not be '/' (would produce double slashes in request path); omit for no prefix" + // +kubebuilder:validation:XValidation:rule="!self.contains('?') && !self.contains('#')",message="pathPrefix must not contain '?' or '#'" + // +optional + PathPrefix string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + // +optional + Scheme AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=255 + // +kubebuilder:validation:items:XValidation:rule="isURL('http://' + self) && size(url('http://' + self).getHostname()) > 0 && size(url('http://' + self).getPort()) > 0 && int(url('http://' + self).getPort()) >= 1 && int(url('http://' + self).getPort()) <= 65535",message="must be a valid 'host:port' where host is a DNS name, IPv4, or IPv6 address (in brackets), and port is 1-65535" + // +listType=set + // +required + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + // +optional + TimeoutSeconds int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` +} + +// Label represents a key/value pair for external labels. +type Label struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Key string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:validation:MinLength=1 + Value string `json:"value,omitempty"` +} + +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpec struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || size(url(self).getHostname()) > 0",message="must have a non-empty hostname" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getQuery().size() == 0",message="query parameters are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*#.*')",message="fragments are not allowed" + // +kubebuilder:validation:XValidation:rule="!self.matches('.*@.*')",message="user information (e.g. user:password@host) is not allowed" + URL string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + // +optional + AuthorizationConfig RemoteWriteAuthorization `json:"authorization,omitzero"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=50 + // +kubebuilder:validation:items:XValidation:rule="self.name.matches('^[a-zA-Z0-9_-]+$')",message="header name must contain only alphanumeric characters, hyphens, and underscores" + // +kubebuilder:validation:items:XValidation:rule="!self.name.matches('(?i)^(host|authorization|content-encoding|content-type|x-prometheus-remote-write-version|user-agent|connection|keep-alive|proxy-authenticate|proxy-authorization|www-authenticate)$')",message="header name must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate)" + // +listType=map + // +listMapKey=name + Headers []PrometheusRemoteWriteHeader `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + // +optional + MetadataConfig MetadataConfig `json:"metadataConfig,omitempty,omitzero"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +optional + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self) && (url(self).getScheme() == 'http' || url(self).getScheme() == 'https')",message="must be a valid URL with http or https scheme" + ProxyURL string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + // +optional + QueueConfig QueueConfig `json:"queueConfig,omitempty,omitzero"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=600 + RemoteTimeoutSeconds int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + // +optional + ExemplarsMode ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // +optional + TLSConfig TLSConfig `json:"tlsConfig,omitempty,omitzero"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +listType=map + // +listMapKey=name + WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"` +} + +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeader struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=4096 + Value *string `json:"value,omitempty"` +} + +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuth struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Username SecretKeySelector `json:"username,omitzero,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + // +required + Password SecretKeySelector `json:"password,omitzero,omitempty"` +} + +// RemoteWriteAuthorizationType defines the authorization method for remote write endpoints. +// +kubebuilder:validation:Enum=BearerToken;BasicAuth;OAuth2;SigV4;SafeAuthorization;ServiceAccount +type RemoteWriteAuthorizationType string + +const ( + // RemoteWriteAuthorizationTypeBearerToken indicates bearer token from a secret. + RemoteWriteAuthorizationTypeBearerToken RemoteWriteAuthorizationType = "BearerToken" + // RemoteWriteAuthorizationTypeBasicAuth indicates HTTP basic authentication. + RemoteWriteAuthorizationTypeBasicAuth RemoteWriteAuthorizationType = "BasicAuth" + // RemoteWriteAuthorizationTypeOAuth2 indicates OAuth2 client credentials. + RemoteWriteAuthorizationTypeOAuth2 RemoteWriteAuthorizationType = "OAuth2" + // RemoteWriteAuthorizationTypeSigV4 indicates AWS Signature Version 4. + RemoteWriteAuthorizationTypeSigV4 RemoteWriteAuthorizationType = "SigV4" + // RemoteWriteAuthorizationTypeSafeAuthorization indicates authorization from a secret (Prometheus SafeAuthorization pattern). + // The secret key contains the credentials (e.g. a Bearer token). Use the safeAuthorization field. + RemoteWriteAuthorizationTypeSafeAuthorization RemoteWriteAuthorizationType = "SafeAuthorization" + // RemoteWriteAuthorizationTypeServiceAccount indicates use of the pod's service account token for machine identity. + // No additional field is required; the operator configures the token path. + RemoteWriteAuthorizationTypeServiceAccount RemoteWriteAuthorizationType = "ServiceAccount" +) + +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BasicAuth' ? has(self.basicAuth) : !has(self.basicAuth)",message="basicAuth is required when type is BasicAuth, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'OAuth2' ? has(self.oauth2) : !has(self.oauth2)",message="oauth2 is required when type is OAuth2, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SigV4' ? has(self.sigv4) : !has(self.sigv4)",message="sigv4 is required when type is SigV4, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'SafeAuthorization' ? has(self.safeAuthorization) : !has(self.safeAuthorization)",message="safeAuthorization is required when type is SafeAuthorization, and forbidden otherwise" +// +union +type RemoteWriteAuthorization struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + // +unionDiscriminator + // +required + Type RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + // +unionMember + // +optional + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // +unionMember + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + // +unionMember + // +optional + BasicAuth BasicAuth `json:"basicAuth,omitempty,omitzero"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + // +unionMember + // +optional + OAuth2 OAuth2 `json:"oauth2,omitempty,omitzero"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + // +unionMember + // +optional + Sigv4 Sigv4 `json:"sigv4,omitempty,omitzero"` +} + +// MetadataConfigSendPolicy defines whether to send metadata with platform defaults or with custom settings. +// +kubebuilder:validation:Enum=Default;Custom +type MetadataConfigSendPolicy string + +const ( + // MetadataConfigSendPolicyDefault indicates metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + MetadataConfigSendPolicyDefault MetadataConfigSendPolicy = "Default" + // MetadataConfigSendPolicyCustom indicates metadata is sent using the settings in the custom field. + MetadataConfigSendPolicyCustom MetadataConfigSendPolicy = "Custom" +) + +// MetadataConfig defines whether and how to send series metadata to remote write storage. +// +kubebuilder:validation:XValidation:rule="self.sendPolicy == 'Default' ? self.custom.sendIntervalSeconds == 0 : true",message="custom is forbidden when sendPolicy is Default" +type MetadataConfig struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + // +required + SendPolicy MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + // +optional + Custom MetadataConfigCustom `json:"custom,omitempty,omitzero"` +} + +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +// +kubebuilder:validation:MinProperties=1 +type MetadataConfigCustom struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=86400 + SendIntervalSeconds int32 `json:"sendIntervalSeconds,omitempty"` +} + +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2 struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientID SecretKeySelector `json:"clientId,omitzero,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + // +required + ClientSecret SecretKeySelector `json:"clientSecret,omitzero,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + // +required + // +kubebuilder:validation:MaxLength=2048 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:XValidation:rule="isURL(self)",message="must be a valid URL" + // +kubebuilder:validation:XValidation:rule="!isURL(self) || url(self).getScheme() == 'http' || url(self).getScheme() == 'https'",message="must use http or https scheme" + TokenURL string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=256 + // +listType=atomic + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + // +optional + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=20 + // +listType=map + // +listMapKey=name + EndpointParams []OAuth2EndpointParam `json:"endpointParams,omitempty"` +} + +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParam struct { + // name is the parameter name. Must be between 1 and 256 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + // +optional + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=2048 + Value *string `json:"value,omitempty"` +} + +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +// +kubebuilder:validation:MinProperties=1 +type QueueConfig struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Capacity int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MaxShards int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=10000 + MinShards int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=100000 + MaxSamplesPerSend int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600 + BatchSendDeadlineSeconds int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MinBackoffMilliseconds int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=3600000 + MaxBackoffMilliseconds int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + // +optional + RateLimitedAction RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +// +kubebuilder:validation:MinProperties=1 +type Sigv4 struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Region string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + // +optional + AccessKey SecretKeySelector `json:"accessKey,omitempty,omitzero"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + // +optional + SecretKey SecretKeySelector `json:"secretKey,omitempty,omitzero"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + Profile string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=512 + // +kubebuilder:validation:XValidation:rule=`self.startsWith('arn:aws') && self.matches('^arn:aws(-[a-z]+)?:iam::[0-9]{12}:role/.+$')`,message="must be a valid AWS IAM role ARN (e.g., arn:aws:iam::123456789012:role/MyRole)" + RoleArn string `json:"roleArn,omitempty"` +} + +// RelabelConfig represents a relabeling rule. +type RelabelConfig struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9_-]+$')",message="must contain only alphanumeric characters, hyphens, and underscores" + Name string `json:"name,omitempty"` + + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + // +optional + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:items:MinLength=1 + // +kubebuilder:validation:items:MaxLength=128 + // +kubebuilder:validation:items:XValidation:rule="!self.startsWith('__')",message="label names beginning with '__' (two underscores) are reserved for internal Prometheus use and are not allowed" + // +listType=set + SourceLabels []string `json:"sourceLabels,omitempty"` + + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=5 + Separator string `json:"separator,omitempty"` + + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1000 + Regex string `json:"regex,omitempty"` + + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + // +required + Action RelabelActionConfig `json:"action,omitzero"` +} + +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Replace' ? has(self.replace) : !has(self.replace)",message="replace is required when type is Replace, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'HashMod' ? has(self.hashMod) : !has(self.hashMod)",message="hashMod is required when type is HashMod, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Lowercase' ? has(self.lowercase) : !has(self.lowercase)",message="lowercase is required when type is Lowercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'Uppercase' ? has(self.uppercase) : !has(self.uppercase)",message="uppercase is required when type is Uppercase, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'KeepEqual' ? has(self.keepEqual) : !has(self.keepEqual)",message="keepEqual is required when type is KeepEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'DropEqual' ? has(self.dropEqual) : !has(self.dropEqual)",message="dropEqual is required when type is DropEqual, and forbidden otherwise" +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'LabelMap' ? has(self.labelMap) : !has(self.labelMap)",message="labelMap is required when type is LabelMap, and forbidden otherwise" +// +union +type RelabelActionConfig struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + // +required + // +unionDiscriminator + Type RelabelAction `json:"type,omitempty"` + + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + // +unionMember + // +optional + Replace ReplaceActionConfig `json:"replace,omitempty,omitzero"` + + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + // +unionMember + // +optional + HashMod HashModActionConfig `json:"hashMod,omitempty,omitzero"` + + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + // +unionMember + // +optional + LabelMap LabelMapActionConfig `json:"labelMap,omitempty,omitzero"` + + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Lowercase LowercaseActionConfig `json:"lowercase,omitempty,omitzero"` + + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + // +unionMember + // +optional + Uppercase UppercaseActionConfig `json:"uppercase,omitempty,omitzero"` + + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + KeepEqual KeepEqualActionConfig `json:"keepEqual,omitempty,omitzero"` + + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + // +unionMember + // +optional + DropEqual DropEqualActionConfig `json:"dropEqual,omitempty,omitzero"` +} + +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfig struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=255 + Replacement *string `json:"replacement,omitempty"` +} + +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfig struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` + + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + // +required + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=1000000 + Modulus int64 `json:"modulus,omitempty"` +} + +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfig struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfig struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfig struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=128 + TargetLabel string `json:"targetLabel,omitempty"` +} + +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfig struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + Replacement string `json:"replacement,omitempty"` +} + +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +// +kubebuilder:validation:MinProperties=1 +// +kubebuilder:validation:XValidation:rule="(has(self.cert) && has(self.key)) || (!has(self.cert) && !has(self.key))",message="cert and key must both be specified together for mutual TLS, or both be omitted" +type TLSConfig struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + // +optional + CA SecretKeySelector `json:"ca,omitempty,omitzero"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. // +optional - Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed - // across topology domains such as zones, nodes, or other user-defined labels. - // topologySpreadConstraints is optional. - // This helps improve high availability and resource efficiency by avoiding placing - // too many replicas in the same failure domain. - // - // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. - // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. - // Default is empty list. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // Entries must have unique topologyKey and whenUnsatisfiable pairs. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=map - // +listMapKey=topologyKey - // +listMapKey=whenUnsatisfiable + Cert SecretKeySelector `json:"cert,omitempty,omitzero"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. // +optional - TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. - // If omitted, the Pod uses ephemeral storage and alert data will not persist - // across restarts. - // This field is optional. + Key SecretKeySelector `json:"key,omitempty,omitzero"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid DNS subdomain (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" + ServerName string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". // +optional - VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` + CertificateVerification CertificateVerificationType `json:"certificateVerification,omitempty"` } -// AlertManagerDeployMode defines the deployment state of the platform Alertmanager instance. -// -// Possible values: -// - "Disabled": The Alertmanager instance will not be deployed. -// - "DefaultConfig": The Alertmanager instance will be deployed with default settings. -// - "CustomConfig": The Alertmanager instance will be deployed with custom configuration. -// +kubebuilder:validation:Enum=Disabled;DefaultConfig;CustomConfig -type AlertManagerDeployMode string +// CertificateVerificationType defines the TLS certificate verification policy. +// +kubebuilder:validation:Enum=Verify;SkipVerify +type CertificateVerificationType string const ( - // AlertManagerModeDisabled means the Alertmanager instance will not be deployed. - AlertManagerDeployModeDisabled AlertManagerDeployMode = "Disabled" - // AlertManagerModeDefaultConfig means the Alertmanager instance will be deployed with default settings. - AlertManagerDeployModeDefaultConfig AlertManagerDeployMode = "DefaultConfig" - // AlertManagerModeCustomConfig means the Alertmanager instance will be deployed with custom configuration. - AlertManagerDeployModeCustomConfig AlertManagerDeployMode = "CustomConfig" + // CertificateVerificationVerify performs certificate verification (secure, recommended). + CertificateVerificationVerify CertificateVerificationType = "Verify" + // CertificateVerificationSkipVerify skips certificate verification (insecure, use with caution). + CertificateVerificationSkipVerify CertificateVerificationType = "SkipVerify" ) -// logLevel defines the verbosity of logs emitted by Alertmanager. -// Valid values are Error, Warn, Info and Debug. -// +kubebuilder:validation:Enum=Error;Warn;Info;Debug -type LogLevel string +// AuthorizationType defines the type of authentication to use. +// +kubebuilder:validation:Enum=BearerToken +type AuthorizationType string const ( - // Error only errors will be logged. - LogLevelError LogLevel = "Error" - // Warn, both warnings and errors will be logged. - LogLevelWarn LogLevel = "Warn" - // Info, general information, warnings, and errors will all be logged. - LogLevelInfo LogLevel = "Info" - // Debug, detailed debugging information will be logged. - LogLevelDebug LogLevel = "Debug" + // AuthorizationTypeBearerToken indicates bearer token authentication. + AuthorizationTypeBearerToken AuthorizationType = "BearerToken" ) -// ContainerResource defines a single resource requirement for a container. -// +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.limit)",message="at least one of request or limit must be set" -// +kubebuilder:validation:XValidation:rule="!(has(self.request) && has(self.limit)) || quantity(self.limit).compareTo(quantity(self.request)) >= 0",message="limit must be greater than or equal to request" -type ContainerResource struct { - // name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). - // This field is required. - // name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character. +// AuthorizationConfig defines the authentication method for Alertmanager connections. +// +kubebuilder:validation:XValidation:rule="has(self.type) && self.type == 'BearerToken' ? has(self.bearerToken) : !has(self.bearerToken)",message="bearerToken is required when type is BearerToken" +// +union +type AuthorizationConfig struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + // +unionDiscriminator + // +required + Type AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + // +optional + BearerToken SecretKeySelector `json:"bearerToken,omitempty,omitzero"` +} + +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +// +structType=atomic +type SecretKeySelector struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. // +required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 - // +kubebuilder:validation:XValidation:rule="!format.qualifiedName().validate(self).hasValue()",message="name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character" + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="must be a valid secret name (lowercase alphanumeric characters, '-' or '.', start and end with alphanumeric)" Name string `json:"name,omitempty"` - - // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). - // This field is optional. - // When limit is specified, request cannot be greater than limit. - // +optional - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:MaxLength=20 + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + // +required // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="request must be a positive, non-zero quantity" - Request resource.Quantity `json:"request,omitempty"` + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="must contain only alphanumeric characters, '-', '_', or '.'" + Key string `json:"key,omitempty"` +} - // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). - // This field is optional. - // When request is specified, limit cannot be less than request. - // The value must be greater than 0 when specified. +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +// +kubebuilder:validation:MinProperties=1 +type Retention struct { + // durationInDays specifies how many days Prometheus will retain metrics data. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 15. + // Minimum value is 1 day. + // Maximum value is 365 days (1 year). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=365 // +optional - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:MaxLength=20 - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:XValidation:rule="isQuantity(self) && quantity(self).isGreaterThan(quantity('0'))",message="limit must be a positive, non-zero quantity" - Limit resource.Quantity `json:"limit,omitempty"` + DurationInDays int32 `json:"durationInDays,omitempty"` + // sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // When the limit is reached, Prometheus will delete oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + // Minimum value is 1 GiB. + // Maximum value is 16384 GiB (16 TiB). + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=16384 + // +optional + SizeInGiB int32 `json:"sizeInGiB,omitempty"` } -// SecretName is a type that represents the name of a Secret in the same namespace. -// It must be at most 253 characters in length. -// +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character." -// +kubebuilder:validation:MaxLength=63 -type SecretName string +// RelabelAction defines the action to perform in a relabeling rule. +// +kubebuilder:validation:Enum=Replace;Keep;Drop;HashMod;LabelMap;LabelDrop;LabelKeep;Lowercase;Uppercase;KeepEqual;DropEqual +type RelabelAction string -// MetricsServerConfig provides configuration options for the Metrics Server instance -// that runs in the `openshift-monitoring` namespace. Use this configuration to control -// how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled. +const ( + // RelabelActionReplace: match regex against concatenated source_labels; set target_label to replacement with ${1}, ${2}, ... substituted. No replacement if regex does not match. + RelabelActionReplace RelabelAction = "Replace" + // RelabelActionLowercase: map the concatenated source_labels to their lower case. + RelabelActionLowercase RelabelAction = "Lowercase" + // RelabelActionUppercase: map the concatenated source_labels to their upper case. + RelabelActionUppercase RelabelAction = "Uppercase" + // RelabelActionKeep: drop targets for which regex does not match the concatenated source_labels. + RelabelActionKeep RelabelAction = "Keep" + // RelabelActionDrop: drop targets for which regex matches the concatenated source_labels. + RelabelActionDrop RelabelAction = "Drop" + // RelabelActionKeepEqual: drop targets for which the concatenated source_labels do not match target_label. + RelabelActionKeepEqual RelabelAction = "KeepEqual" + // RelabelActionDropEqual: drop targets for which the concatenated source_labels do match target_label. + RelabelActionDropEqual RelabelAction = "DropEqual" + // RelabelActionHashMod: set target_label to the modulus of a hash of the concatenated source_labels. + RelabelActionHashMod RelabelAction = "HashMod" + // RelabelActionLabelMap: match regex against all source label names; copy matching label values to new names given by replacement with ${1}, ${2}, ... substituted. + RelabelActionLabelMap RelabelAction = "LabelMap" + // RelabelActionLabelDrop: match regex against all label names; any label that matches is removed. + RelabelActionLabelDrop RelabelAction = "LabelDrop" + // RelabelActionLabelKeep: match regex against all label names; any label that does not match is removed. + RelabelActionLabelKeep RelabelAction = "LabelKeep" +) + +// CollectionProfile defines the metrics collection profile for Prometheus. +// +kubebuilder:validation:Enum=Full;Minimal +type CollectionProfile string + +const ( + // CollectionProfileFull means Prometheus collects all metrics that are exposed by the platform components. + CollectionProfileFull CollectionProfile = "Full" + // CollectionProfileMinimal means Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + CollectionProfileMinimal CollectionProfile = "Minimal" +) + +// TelemeterClientConfig provides configuration options for the Telemeter Client component +// that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected +// monitoring metrics and forwards them to Red Hat for telemetry purposes. +// At least one field must be specified. // +kubebuilder:validation:MinProperties=1 -type MetricsServerConfig struct { - // audit defines the audit configuration used by the Metrics Server instance. - // audit is optional. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - //The current default sets audit.profile to Metadata - // +optional - Audit Audit `json:"audit,omitempty,omitzero"` - // nodeSelector defines the nodes on which the Pods are scheduled +type TelemeterClientConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left // to choose reasonable defaults. These defaults are subject to change over time. // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. // +optional // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // tolerations defines tolerations for the pods. - // tolerations is optional. - // - // When omitted, this means the user has no opinion and the platform is left - // to choose reasonable defaults. These defaults are subject to change over time. - // Defaults are empty/unset. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=atomic - // +optional - Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // verbosity defines the verbosity of log messages for Metrics Server. - // Valid values are Errors, Info, Trace, TraceAll and omitted. - // When set to Errors, only critical messages and errors are logged. - // When set to Info, only basic information messages are logged. - // When set to Trace, information useful for general debugging is logged. - // When set to TraceAll, detailed information about metric scraping is logged. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - // The current default value is `Errors` - // +optional - Verbosity VerbosityLevel `json:"verbosity,omitempty,omitzero"` - // resources defines the compute resource requests and limits for the Metrics Server container. + // resources defines the compute resource requests and limits for the Telemeter Client container. // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. // When not specified, defaults are used by the platform. Requests cannot exceed limits. // This field is optional. @@ -396,21 +2306,34 @@ type MetricsServerConfig struct { // The current default values are: // resources: // - name: cpu - // request: 4m + // request: 1m // limit: null // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` - // topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MinItems=1 + // +listType=atomic + // +optional + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -431,23 +2354,12 @@ type MetricsServerConfig struct { TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } -// PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance -// Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled. +// ThanosQuerierConfig provides configuration options for the Thanos Querier component +// that runs in the `openshift-monitoring` namespace. +// At least one field must be specified; an empty thanosQuerierConfig object is not allowed. // +kubebuilder:validation:MinProperties=1 -type PrometheusOperatorConfig struct { - // logLevel defines the verbosity of logs emitted by Prometheus Operator. - // This field allows users to control the amount and severity of logs generated, which can be useful - // for debugging issues or reducing noise in production environments. - // Allowed values are Error, Warn, Info, and Debug. - // When set to Error, only errors will be logged. - // When set to Warn, both warnings and errors will be logged. - // When set to Info, general information, warnings, and errors will all be logged. - // When set to Debug, detailed debugging information will be logged. - // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. - // The current default value is `Info`. - // +optional - LogLevel LogLevel `json:"logLevel,omitempty"` - // nodeSelector defines the nodes on which the Pods are scheduled +type ThanosQuerierConfig struct { + // nodeSelector defines the nodes on which the Pods are scheduled. // nodeSelector is optional. // // When omitted, this means the user has no opinion and the platform is left @@ -458,27 +2370,27 @@ type PrometheusOperatorConfig struct { // +kubebuilder:validation:MinProperties=1 // +kubebuilder:validation:MaxProperties=10 NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // resources defines the compute resource requests and limits for the Prometheus Operator container. - // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. - // When not specified, defaults are used by the platform. Requests cannot exceed limits. - // This field is optional. + // resources defines the compute resource requests and limits for the Thanos Querier container. + // resources is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Requests cannot exceed limits. // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ // This is a simplified API that maps to Kubernetes ResourceRequirements. // The current default values are: // resources: // - name: cpu - // request: 4m - // limit: null + // request: 5m // - name: memory - // request: 40Mi - // limit: null - // Maximum length for this list is 10. + // request: 12Mi + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. // +optional // +listType=map // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 + // +kubebuilder:validation:MaxItems=5 // +kubebuilder:validation:MinItems=1 Resources []ContainerResource `json:"resources,omitempty"` // tolerations defines tolerations for the pods. @@ -494,58 +2406,7 @@ type PrometheusOperatorConfig struct { // +listType=atomic // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed - // across topology domains such as zones, nodes, or other user-defined labels. - // topologySpreadConstraints is optional. - // This helps improve high availability and resource efficiency by avoiding placing - // too many replicas in the same failure domain. - // - // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. - // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. - // Default is empty list. - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // Entries must have unique topologyKey and whenUnsatisfiable pairs. - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - // +listType=map - // +listMapKey=topologyKey - // +listMapKey=whenUnsatisfiable - // +optional - TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` -} - -// PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook -// component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission -// webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, -// and converts AlertmanagerConfig objects between API versions. -// +kubebuilder:validation:MinProperties=1 -type PrometheusOperatorAdmissionWebhookConfig struct { - // resources defines the compute resource requests and limits for the - // prometheus-operator-admission-webhook container. - // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. - // When not specified, defaults are used by the platform. Requests cannot exceed limits. - // This field is optional. - // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - // This is a simplified API that maps to Kubernetes ResourceRequirements. - // The current default values are: - // resources: - // - name: cpu - // request: 5m - // limit: null - // - name: memory - // request: 30Mi - // limit: null - // Maximum length for this list is 10. - // Minimum length for this list is 1. - // Each resource name must be unique within this list. - // +optional - // +listType=map - // +listMapKey=name - // +kubebuilder:validation:MaxItems=10 - // +kubebuilder:validation:MinItems=1 - Resources []ContainerResource `json:"resources,omitempty"` - // topologySpreadConstraints defines rules for how admission webhook Pods should be distributed + // topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed // across topology domains such as zones, nodes, or other user-defined labels. // topologySpreadConstraints is optional. // This helps improve high availability and resource efficiency by avoiding placing @@ -553,7 +2414,7 @@ type PrometheusOperatorAdmissionWebhookConfig struct { // // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. - // Default is empty list. + // Defaults are empty/unset. // Maximum length for this list is 10. // Minimum length for this list is 1. // Entries must have unique topologyKey and whenUnsatisfiable pairs. @@ -596,6 +2457,27 @@ const ( VerbosityLevelTraceAll VerbosityLevel = "TraceAll" ) +// ExemplarsMode defines whether exemplars are sent via remote write. +// +kubebuilder:validation:Enum=Send;DoNotSend +type ExemplarsMode string + +const ( + // ExemplarsModeSend means exemplars are sent via remote write. + ExemplarsModeSend ExemplarsMode = "Send" + // ExemplarsModeDoNotSend means exemplars are not sent via remote write. + ExemplarsModeDoNotSend ExemplarsMode = "DoNotSend" +) + +// RateLimitedAction defines what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). +// Omission of this field means do not retry. When set, the only valid value is Retry. +// +kubebuilder:validation:Enum=Retry +type RateLimitedAction string + +const ( + // RateLimitedActionRetry means requests will be retried on HTTP 429 responses. + RateLimitedActionRetry RateLimitedAction = "Retry" +) + // Audit profile configurations type Audit struct { // profile is a required field for configuring the audit log level of the Kubernetes Metrics Server. diff --git a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go b/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go deleted file mode 100644 index 977ca3dde3..0000000000 --- a/vendor/github.com/openshift/api/config/v1alpha1/types_image_policy.go +++ /dev/null @@ -1,289 +0,0 @@ -package v1alpha1 - -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicy holds namespace-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +kubebuilder:object:root=true -// +kubebuilder:resource:path=imagepolicies,scope=Namespaced -// +kubebuilder:subresource:status -// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/1457 -// +openshift:file-pattern=cvoRunLevel=0000_10,operatorName=config-operator,operatorOrdering=01 -// +openshift:enable:FeatureGate=SigstoreImageVerification -// +openshift:compatibility-gen:level=4 -type ImagePolicy struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ObjectMeta `json:"metadata,omitempty"` - - // spec holds user settable values for configuration - // +required - Spec ImagePolicySpec `json:"spec"` - // status contains the observed state of the resource. - // +optional - Status ImagePolicyStatus `json:"status,omitempty"` -} - -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpec struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - // +required - // +kubebuilder:validation:MaxItems=256 - // +listType=set - Scopes []ImageScope `json:"scopes"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - // +required - Policy ImageSigstoreVerificationPolicy `json:"policy"` -} - -// +kubebuilder:validation:XValidation:rule="size(self.split('/')[0].split('.')) == 1 ? self.split('/')[0].split('.')[0].split(':')[0] == 'localhost' : true",message="invalid image scope format, scope must contain a fully qualified domain name or 'localhost'" -// +kubebuilder:validation:XValidation:rule=`self.contains('*') ? self.matches('^\\*(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+$') : true`,message="invalid image scope with wildcard, a wildcard can only be at the start of the domain and is only supported for subdomain matching, not path matching" -// +kubebuilder:validation:XValidation:rule=`!self.contains('*') ? self.matches('^((((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?)(?::([\\w][\\w.-]{0,127}))?(?:@([A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}))?$') : true`,message="invalid repository namespace or image specification in the image scope" -// +kubebuilder:validation:MaxLength=512 -type ImageScope string - -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicy struct { - // rootOfTrust specifies the root of trust for the policy. - // +required - RootOfTrust PolicyRootOfTrust `json:"rootOfTrust"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - // +optional - SignedIdentity PolicyIdentity `json:"signedIdentity,omitempty"` -} - -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -// +union -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'PublicKey' ? has(self.publicKey) : !has(self.publicKey)",message="publicKey is required when policyType is PublicKey, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="has(self.policyType) && self.policyType == 'FulcioCAWithRekor' ? has(self.fulcioCAWithRekor) : !has(self.fulcioCAWithRekor)",message="fulcioCAWithRekor is required when policyType is FulcioCAWithRekor, and forbidden otherwise" -// +openshift:validation:FeatureGateAwareXValidation:featureGate=SigstoreImageVerificationPKI,rule="has(self.policyType) && self.policyType == 'PKI' ? has(self.pki) : !has(self.pki)",message="pki is required when policyType is PKI, and forbidden otherwise" -type PolicyRootOfTrust struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - // +unionDiscriminator - // +required - PolicyType PolicyType `json:"policyType"` - // publicKey defines the root of trust based on a sigstore public key. - // +optional - PublicKey *ImagePolicyPublicKeyRootOfTrust `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - // +optional - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrust `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - // +optional - // +openshift:enable:FeatureGate=SigstoreImageVerificationPKI - PKI *ImagePolicyPKIRootOfTrust `json:"pki,omitempty"` -} - -// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=PublicKey;FulcioCAWithRekor -// +openshift:validation:FeatureGateAwareEnum:featureGate=SigstoreImageVerificationPKI,enum=PublicKey;FulcioCAWithRekor;PKI -type PolicyType string - -const ( - PublicKeyRootOfTrust PolicyType = "PublicKey" - FulcioCAWithRekorRootOfTrust PolicyType = "FulcioCAWithRekor" - PKIRootOfTrust PolicyType = "PKI" -) - -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrust struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - KeyData []byte `json:"keyData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +optional - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrust struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - FulcioCAData []byte `json:"fulcioCAData"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - RekorKeyData []byte `json:"rekorKeyData"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - // +required - FulcioSubject PolicyFulcioSubject `json:"fulcioSubject"` -} - -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubject struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - // +required - // +kubebuilder:validation:XValidation:rule="isURL(self)",message="oidcIssuer must be a valid URL" - OIDCIssuer string `json:"oidcIssuer"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - // +required - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address" - SignedEmail string `json:"signedEmail"` -} - -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrust struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - // +required - // +kubebuilder:validation:MaxLength=8192 - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caRootsData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caRootsData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caRootsData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - CertificateAuthorityRootsData []byte `json:"caRootsData"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - // +optional - // +kubebuilder:validation:XValidation:rule="string(self).startsWith('-----BEGIN CERTIFICATE-----')",message="the caIntermediatesData must start with base64 encoding of '-----BEGIN CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).endsWith('-----END CERTIFICATE-----\\n') || string(self).endsWith('-----END CERTIFICATE-----')",message="the caIntermediatesData must end with base64 encoding of '-----END CERTIFICATE-----'." - // +kubebuilder:validation:XValidation:rule="string(self).findAll('-----BEGIN CERTIFICATE-----').size() == string(self).findAll('-----END CERTIFICATE-----').size()",message="caIntermediatesData must be base64 encoding of valid PEM format data contain the same number of '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' markers." - // +kubebuilder:validation:MaxLength=8192 - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - // +required - PKICertificateSubject PKICertificateSubject `json:"pkiCertificateSubject"` -} - -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -// +kubebuilder:validation:XValidation:rule="has(self.email) || has(self.hostname)", message="at least one of email or hostname must be set in pkiCertificateSubject" -// +openshift:enable:FeatureGate=SigstoreImageVerificationPKI -type PKICertificateSubject struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - // +optional - // +kubebuilder:validation:MaxLength:=320 - // +kubebuilder:validation:XValidation:rule=`self.matches('^\\S+@\\S+$')`,message="invalid email address in pkiCertificateSubject" - Email string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - // +optional - // +kubebuilder:validation:MaxLength:=253 - // +kubebuilder:validation:XValidation:rule="self.startsWith('*.') ? !format.dns1123Subdomain().validate(self.replace('*.', '', 1)).hasValue() : !format.dns1123Subdomain().validate(self).hasValue()",message="hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.'. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk." - Hostname string `json:"hostname,omitempty"` -} - -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'ExactRepository') ? has(self.exactRepository) : !has(self.exactRepository)",message="exactRepository is required when matchPolicy is ExactRepository, and forbidden otherwise" -// +kubebuilder:validation:XValidation:rule="(has(self.matchPolicy) && self.matchPolicy == 'RemapIdentity') ? has(self.remapIdentity) : !has(self.remapIdentity)",message="remapIdentity is required when matchPolicy is RemapIdentity, and forbidden otherwise" -// +union -type PolicyIdentity struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - // +unionDiscriminator - // +required - MatchPolicy IdentityMatchPolicy `json:"matchPolicy"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - // +optional - PolicyMatchExactRepository *PolicyMatchExactRepository `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - // +optional - PolicyMatchRemapIdentity *PolicyMatchRemapIdentity `json:"remapIdentity,omitempty"` -} - -// +kubebuilder:validation:MaxLength=512 -// +kubebuilder:validation:XValidation:rule=`self.matches('.*:([\\w][\\w.-]{0,127})$')? self.matches('^(localhost:[0-9]+)$'): true`,message="invalid repository or prefix in the signedIdentity, should not include the tag or digest" -// +kubebuilder:validation:XValidation:rule=`self.matches('^(((?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+(?::[0-9]+)?)|(localhost(?::[0-9]+)?))(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$')`,message="invalid repository or prefix in the signedIdentity" -type IdentityRepositoryPrefix string - -type PolicyMatchExactRepository struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - // +required - Repository IdentityRepositoryPrefix `json:"repository"` -} - -type PolicyMatchRemapIdentity struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - Prefix IdentityRepositoryPrefix `json:"prefix"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - // +required - SignedPrefix IdentityRepositoryPrefix `json:"signedPrefix"` -} - -// IdentityMatchPolicy defines the type of matching for "matchPolicy". -// +kubebuilder:validation:Enum=MatchRepoDigestOrExact;MatchRepository;ExactRepository;RemapIdentity -type IdentityMatchPolicy string - -const ( - IdentityMatchPolicyMatchRepoDigestOrExact IdentityMatchPolicy = "MatchRepoDigestOrExact" - IdentityMatchPolicyMatchRepository IdentityMatchPolicy = "MatchRepository" - IdentityMatchPolicyExactRepository IdentityMatchPolicy = "ExactRepository" - IdentityMatchPolicyRemapIdentity IdentityMatchPolicy = "RemapIdentity" -) - -// +k8s:deepcopy-gen=true -type ImagePolicyStatus struct { - // conditions provide details on the status of this API Resource. - // +listType=map - // +listMapKey=type - // +optional - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ImagePolicyList is a list of ImagePolicy resources -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -// +openshift:compatibility-gen:level=4 -type ImagePolicyList struct { - metav1.TypeMeta `json:",inline"` - - // metadata is the standard list's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - metav1.ListMeta `json:"metadata"` - - Items []ImagePolicy `json:"items"` -} - -const ( - // ImagePolicyPending indicates that the customer resource contains a policy that cannot take effect. It is either overwritten by a global policy or the image scope is not valid. - ImagePolicyPending = "Pending" - // ImagePolicyApplied indicates that the policy has been applied - ImagePolicyApplied = "Applied" -) diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go index e28a94dbef..f0f0a86de6 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.deepcopy.go @@ -11,6 +11,29 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalAlertmanagerConfig) DeepCopyInto(out *AdditionalAlertmanagerConfig) { + *out = *in + out.Authorization = in.Authorization + if in.StaticConfigs != nil { + in, out := &in.StaticConfigs, &out.StaticConfigs + *out = make([]string, len(*in)) + copy(*out, *in) + } + out.TLSConfig = in.TLSConfig + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalAlertmanagerConfig. +func (in *AdditionalAlertmanagerConfig) DeepCopy() *AdditionalAlertmanagerConfig { + if in == nil { + return nil + } + out := new(AdditionalAlertmanagerConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AlertmanagerConfig) DeepCopyInto(out *AlertmanagerConfig) { *out = *in @@ -98,6 +121,23 @@ func (in *Audit) DeepCopy() *Audit { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthorizationConfig) DeepCopyInto(out *AuthorizationConfig) { + *out = *in + out.BearerToken = in.BearerToken + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationConfig. +func (in *AuthorizationConfig) DeepCopy() *AuthorizationConfig { + if in == nil { + return nil + } + out := new(AuthorizationConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Backup) DeepCopyInto(out *Backup) { *out = *in @@ -192,6 +232,24 @@ func (in *BackupStatus) DeepCopy() *BackupStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BasicAuth) DeepCopyInto(out *BasicAuth) { + *out = *in + out.Username = in.Username + out.Password = in.Password + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuth. +func (in *BasicAuth) DeepCopy() *BasicAuth { + if in == nil { + return nil + } + out := new(BasicAuth) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CRIOCredentialProviderConfig) DeepCopyInto(out *CRIOCredentialProviderConfig) { *out = *in @@ -318,112 +376,6 @@ func (in *CertificateConfig) DeepCopy() *CertificateConfig { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicy) DeepCopyInto(out *ClusterImagePolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicy. -func (in *ClusterImagePolicy) DeepCopy() *ClusterImagePolicy { - if in == nil { - return nil - } - out := new(ClusterImagePolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyList) DeepCopyInto(out *ClusterImagePolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterImagePolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyList. -func (in *ClusterImagePolicyList) DeepCopy() *ClusterImagePolicyList { - if in == nil { - return nil - } - out := new(ClusterImagePolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterImagePolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicySpec) DeepCopyInto(out *ClusterImagePolicySpec) { - *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) - } - in.Policy.DeepCopyInto(&out.Policy) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicySpec. -func (in *ClusterImagePolicySpec) DeepCopy() *ClusterImagePolicySpec { - if in == nil { - return nil - } - out := new(ClusterImagePolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterImagePolicyStatus) DeepCopyInto(out *ClusterImagePolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterImagePolicyStatus. -func (in *ClusterImagePolicyStatus) DeepCopy() *ClusterImagePolicyStatus { - if in == nil { - return nil - } - out := new(ClusterImagePolicyStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterMonitoring) DeepCopyInto(out *ClusterMonitoring) { *out = *in @@ -490,9 +442,15 @@ func (in *ClusterMonitoringSpec) DeepCopyInto(out *ClusterMonitoringSpec) { *out = *in out.UserDefined = in.UserDefined in.AlertmanagerConfig.DeepCopyInto(&out.AlertmanagerConfig) + in.PrometheusConfig.DeepCopyInto(&out.PrometheusConfig) in.MetricsServerConfig.DeepCopyInto(&out.MetricsServerConfig) in.PrometheusOperatorConfig.DeepCopyInto(&out.PrometheusOperatorConfig) in.PrometheusOperatorAdmissionWebhookConfig.DeepCopyInto(&out.PrometheusOperatorAdmissionWebhookConfig) + in.OpenShiftStateMetricsConfig.DeepCopyInto(&out.OpenShiftStateMetricsConfig) + in.TelemeterClientConfig.DeepCopyInto(&out.TelemeterClientConfig) + in.ThanosQuerierConfig.DeepCopyInto(&out.ThanosQuerierConfig) + in.NodeExporterConfig.DeepCopyInto(&out.NodeExporterConfig) + in.MonitoringPluginConfig.DeepCopyInto(&out.MonitoringPluginConfig) return } @@ -574,6 +532,22 @@ func (in *DefaultCertificateConfig) DeepCopy() *DefaultCertificateConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DropEqualActionConfig) DeepCopyInto(out *DropEqualActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropEqualActionConfig. +func (in *DropEqualActionConfig) DeepCopy() *DropEqualActionConfig { + if in == nil { + return nil + } + out := new(DropEqualActionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ECDSAKeyConfig) DeepCopyInto(out *ECDSAKeyConfig) { *out = *in @@ -634,68 +608,57 @@ func (in *GatherConfig) DeepCopy() *GatherConfig { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicy) DeepCopyInto(out *ImagePolicy) { +func (in *HashModActionConfig) DeepCopyInto(out *HashModActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicy. -func (in *ImagePolicy) DeepCopy() *ImagePolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HashModActionConfig. +func (in *HashModActionConfig) DeepCopy() *HashModActionConfig { if in == nil { return nil } - out := new(ImagePolicy) + out := new(HashModActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopyInto(out *ImagePolicyFulcioCAWithRekorRootOfTrust) { +func (in *InsightsDataGather) DeepCopyInto(out *InsightsDataGather) { *out = *in - if in.FulcioCAData != nil { - in, out := &in.FulcioCAData, &out.FulcioCAData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.FulcioSubject = in.FulcioSubject + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyFulcioCAWithRekorRootOfTrust. -func (in *ImagePolicyFulcioCAWithRekorRootOfTrust) DeepCopy() *ImagePolicyFulcioCAWithRekorRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGather. +func (in *InsightsDataGather) DeepCopy() *InsightsDataGather { if in == nil { return nil } - out := new(ImagePolicyFulcioCAWithRekorRootOfTrust) + out := new(InsightsDataGather) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *InsightsDataGather) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { +func (in *InsightsDataGatherList) DeepCopyInto(out *InsightsDataGatherList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]ImagePolicy, len(*in)) + *out = make([]InsightsDataGather, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -703,18 +666,18 @@ func (in *ImagePolicyList) DeepCopyInto(out *ImagePolicyList) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyList. -func (in *ImagePolicyList) DeepCopy() *ImagePolicyList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherList. +func (in *InsightsDataGatherList) DeepCopy() *InsightsDataGatherList { if in == nil { return nil } - out := new(ImagePolicyList) + out := new(InsightsDataGatherList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ImagePolicyList) DeepCopyObject() runtime.Object { +func (in *InsightsDataGatherList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -722,235 +685,155 @@ func (in *ImagePolicyList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPKIRootOfTrust) DeepCopyInto(out *ImagePolicyPKIRootOfTrust) { +func (in *InsightsDataGatherSpec) DeepCopyInto(out *InsightsDataGatherSpec) { *out = *in - if in.CertificateAuthorityRootsData != nil { - in, out := &in.CertificateAuthorityRootsData, &out.CertificateAuthorityRootsData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CertificateAuthorityIntermediatesData != nil { - in, out := &in.CertificateAuthorityIntermediatesData, &out.CertificateAuthorityIntermediatesData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.PKICertificateSubject = in.PKICertificateSubject + in.GatherConfig.DeepCopyInto(&out.GatherConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPKIRootOfTrust. -func (in *ImagePolicyPKIRootOfTrust) DeepCopy() *ImagePolicyPKIRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherSpec. +func (in *InsightsDataGatherSpec) DeepCopy() *InsightsDataGatherSpec { if in == nil { return nil } - out := new(ImagePolicyPKIRootOfTrust) + out := new(InsightsDataGatherSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopyInto(out *ImagePolicyPublicKeyRootOfTrust) { +func (in *InsightsDataGatherStatus) DeepCopyInto(out *InsightsDataGatherStatus) { *out = *in - if in.KeyData != nil { - in, out := &in.KeyData, &out.KeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.RekorKeyData != nil { - in, out := &in.RekorKeyData, &out.RekorKeyData - *out = make([]byte, len(*in)) - copy(*out, *in) - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyPublicKeyRootOfTrust. -func (in *ImagePolicyPublicKeyRootOfTrust) DeepCopy() *ImagePolicyPublicKeyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherStatus. +func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { if in == nil { return nil } - out := new(ImagePolicyPublicKeyRootOfTrust) + out := new(InsightsDataGatherStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicySpec) DeepCopyInto(out *ImagePolicySpec) { +func (in *KeepEqualActionConfig) DeepCopyInto(out *KeepEqualActionConfig) { *out = *in - if in.Scopes != nil { - in, out := &in.Scopes, &out.Scopes - *out = make([]ImageScope, len(*in)) - copy(*out, *in) - } - in.Policy.DeepCopyInto(&out.Policy) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicySpec. -func (in *ImagePolicySpec) DeepCopy() *ImagePolicySpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeepEqualActionConfig. +func (in *KeepEqualActionConfig) DeepCopy() *KeepEqualActionConfig { if in == nil { return nil } - out := new(ImagePolicySpec) + out := new(KeepEqualActionConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImagePolicyStatus) DeepCopyInto(out *ImagePolicyStatus) { +func (in *KeyConfig) DeepCopyInto(out *KeyConfig) { *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + out.RSA = in.RSA + out.ECDSA = in.ECDSA return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePolicyStatus. -func (in *ImagePolicyStatus) DeepCopy() *ImagePolicyStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyConfig. +func (in *KeyConfig) DeepCopy() *KeyConfig { if in == nil { return nil } - out := new(ImagePolicyStatus) + out := new(KeyConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ImageSigstoreVerificationPolicy) DeepCopyInto(out *ImageSigstoreVerificationPolicy) { +func (in *Label) DeepCopyInto(out *Label) { *out = *in - in.RootOfTrust.DeepCopyInto(&out.RootOfTrust) - in.SignedIdentity.DeepCopyInto(&out.SignedIdentity) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageSigstoreVerificationPolicy. -func (in *ImageSigstoreVerificationPolicy) DeepCopy() *ImageSigstoreVerificationPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Label. +func (in *Label) DeepCopy() *Label { if in == nil { return nil } - out := new(ImageSigstoreVerificationPolicy) + out := new(Label) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGather) DeepCopyInto(out *InsightsDataGather) { +func (in *LabelMapActionConfig) DeepCopyInto(out *LabelMapActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGather. -func (in *InsightsDataGather) DeepCopy() *InsightsDataGather { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LabelMapActionConfig. +func (in *LabelMapActionConfig) DeepCopy() *LabelMapActionConfig { if in == nil { return nil } - out := new(InsightsDataGather) + out := new(LabelMapActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *InsightsDataGather) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherList) DeepCopyInto(out *InsightsDataGatherList) { +func (in *LowercaseActionConfig) DeepCopyInto(out *LowercaseActionConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]InsightsDataGather, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherList. -func (in *InsightsDataGatherList) DeepCopy() *InsightsDataGatherList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LowercaseActionConfig. +func (in *LowercaseActionConfig) DeepCopy() *LowercaseActionConfig { if in == nil { return nil } - out := new(InsightsDataGatherList) + out := new(LowercaseActionConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *InsightsDataGatherList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherSpec) DeepCopyInto(out *InsightsDataGatherSpec) { +func (in *MetadataConfig) DeepCopyInto(out *MetadataConfig) { *out = *in - in.GatherConfig.DeepCopyInto(&out.GatherConfig) + out.Custom = in.Custom return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherSpec. -func (in *InsightsDataGatherSpec) DeepCopy() *InsightsDataGatherSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfig. +func (in *MetadataConfig) DeepCopy() *MetadataConfig { if in == nil { return nil } - out := new(InsightsDataGatherSpec) + out := new(MetadataConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *InsightsDataGatherStatus) DeepCopyInto(out *InsightsDataGatherStatus) { +func (in *MetadataConfigCustom) DeepCopyInto(out *MetadataConfigCustom) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InsightsDataGatherStatus. -func (in *InsightsDataGatherStatus) DeepCopy() *InsightsDataGatherStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataConfigCustom. +func (in *MetadataConfigCustom) DeepCopy() *MetadataConfigCustom { if in == nil { return nil } - out := new(InsightsDataGatherStatus) + out := new(MetadataConfigCustom) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *KeyConfig) DeepCopyInto(out *KeyConfig) { - *out = *in - out.RSA = in.RSA - out.ECDSA = in.ECDSA - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyConfig. -func (in *KeyConfig) DeepCopy() *KeyConfig { - if in == nil { - return nil - } - out := new(KeyConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { +func (in *MetricsServerConfig) DeepCopyInto(out *MetricsServerConfig) { *out = *in out.Audit = in.Audit if in.NodeSelector != nil { @@ -995,286 +878,334 @@ func (in *MetricsServerConfig) DeepCopy() *MetricsServerConfig { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKI) DeepCopyInto(out *PKI) { +func (in *MonitoringPluginConfig) DeepCopyInto(out *MonitoringPluginConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKI. -func (in *PKI) DeepCopy() *PKI { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitoringPluginConfig. +func (in *MonitoringPluginConfig) DeepCopy() *MonitoringPluginConfig { if in == nil { return nil } - out := new(PKI) + out := new(MonitoringPluginConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PKI) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorBuddyInfoConfig) DeepCopyInto(out *NodeExporterCollectorBuddyInfoConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorBuddyInfoConfig. +func (in *NodeExporterCollectorBuddyInfoConfig) DeepCopy() *NodeExporterCollectorBuddyInfoConfig { + if in == nil { + return nil } - return nil + out := new(NodeExporterCollectorBuddyInfoConfig) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKICertificateManagement) DeepCopyInto(out *PKICertificateManagement) { +func (in *NodeExporterCollectorConfig) DeepCopyInto(out *NodeExporterCollectorConfig) { *out = *in - out.Custom = in.Custom + out.CpuFreq = in.CpuFreq + out.TcpStat = in.TcpStat + out.Ethtool = in.Ethtool + out.NetDev = in.NetDev + out.NetClass = in.NetClass + out.BuddyInfo = in.BuddyInfo + out.MountStats = in.MountStats + out.Ksmd = in.Ksmd + out.Processes = in.Processes + in.Systemd.DeepCopyInto(&out.Systemd) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateManagement. -func (in *PKICertificateManagement) DeepCopy() *PKICertificateManagement { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorConfig. +func (in *NodeExporterCollectorConfig) DeepCopy() *NodeExporterCollectorConfig { if in == nil { return nil } - out := new(PKICertificateManagement) + out := new(NodeExporterCollectorConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKICertificateSubject) DeepCopyInto(out *PKICertificateSubject) { +func (in *NodeExporterCollectorCpufreqConfig) DeepCopyInto(out *NodeExporterCollectorCpufreqConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateSubject. -func (in *PKICertificateSubject) DeepCopy() *PKICertificateSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorCpufreqConfig. +func (in *NodeExporterCollectorCpufreqConfig) DeepCopy() *NodeExporterCollectorCpufreqConfig { if in == nil { return nil } - out := new(PKICertificateSubject) + out := new(NodeExporterCollectorCpufreqConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKIList) DeepCopyInto(out *PKIList) { +func (in *NodeExporterCollectorEthtoolConfig) DeepCopyInto(out *NodeExporterCollectorEthtoolConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PKI, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIList. -func (in *PKIList) DeepCopy() *PKIList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorEthtoolConfig. +func (in *NodeExporterCollectorEthtoolConfig) DeepCopy() *NodeExporterCollectorEthtoolConfig { if in == nil { return nil } - out := new(PKIList) + out := new(NodeExporterCollectorEthtoolConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PKIList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeExporterCollectorKSMDConfig) DeepCopyInto(out *NodeExporterCollectorKSMDConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorKSMDConfig. +func (in *NodeExporterCollectorKSMDConfig) DeepCopy() *NodeExporterCollectorKSMDConfig { + if in == nil { + return nil } - return nil + out := new(NodeExporterCollectorKSMDConfig) + in.DeepCopyInto(out) + return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKIProfile) DeepCopyInto(out *PKIProfile) { +func (in *NodeExporterCollectorMountStatsConfig) DeepCopyInto(out *NodeExporterCollectorMountStatsConfig) { *out = *in - out.Defaults = in.Defaults - out.SignerCertificates = in.SignerCertificates - out.ServingCertificates = in.ServingCertificates - out.ClientCertificates = in.ClientCertificates return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIProfile. -func (in *PKIProfile) DeepCopy() *PKIProfile { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorMountStatsConfig. +func (in *NodeExporterCollectorMountStatsConfig) DeepCopy() *NodeExporterCollectorMountStatsConfig { if in == nil { return nil } - out := new(PKIProfile) + out := new(NodeExporterCollectorMountStatsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKISpec) DeepCopyInto(out *PKISpec) { +func (in *NodeExporterCollectorNetClassCollectConfig) DeepCopyInto(out *NodeExporterCollectorNetClassCollectConfig) { *out = *in - out.CertificateManagement = in.CertificateManagement return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKISpec. -func (in *PKISpec) DeepCopy() *PKISpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetClassCollectConfig. +func (in *NodeExporterCollectorNetClassCollectConfig) DeepCopy() *NodeExporterCollectorNetClassCollectConfig { if in == nil { return nil } - out := new(PKISpec) + out := new(NodeExporterCollectorNetClassCollectConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { +func (in *NodeExporterCollectorNetClassConfig) DeepCopyInto(out *NodeExporterCollectorNetClassConfig) { *out = *in + out.Collect = in.Collect return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. -func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetClassConfig. +func (in *NodeExporterCollectorNetClassConfig) DeepCopy() *NodeExporterCollectorNetClassConfig { if in == nil { return nil } - out := new(PersistentVolumeClaimReference) + out := new(NodeExporterCollectorNetClassConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { +func (in *NodeExporterCollectorNetDevConfig) DeepCopyInto(out *NodeExporterCollectorNetDevConfig) { *out = *in - out.Claim = in.Claim return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. -func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorNetDevConfig. +func (in *NodeExporterCollectorNetDevConfig) DeepCopy() *NodeExporterCollectorNetDevConfig { if in == nil { return nil } - out := new(PersistentVolumeConfig) + out := new(NodeExporterCollectorNetDevConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyFulcioSubject) DeepCopyInto(out *PolicyFulcioSubject) { +func (in *NodeExporterCollectorProcessesConfig) DeepCopyInto(out *NodeExporterCollectorProcessesConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyFulcioSubject. -func (in *PolicyFulcioSubject) DeepCopy() *PolicyFulcioSubject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorProcessesConfig. +func (in *NodeExporterCollectorProcessesConfig) DeepCopy() *NodeExporterCollectorProcessesConfig { if in == nil { return nil } - out := new(PolicyFulcioSubject) + out := new(NodeExporterCollectorProcessesConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyIdentity) DeepCopyInto(out *PolicyIdentity) { +func (in *NodeExporterCollectorSystemdCollectConfig) DeepCopyInto(out *NodeExporterCollectorSystemdCollectConfig) { *out = *in - if in.PolicyMatchExactRepository != nil { - in, out := &in.PolicyMatchExactRepository, &out.PolicyMatchExactRepository - *out = new(PolicyMatchExactRepository) - **out = **in - } - if in.PolicyMatchRemapIdentity != nil { - in, out := &in.PolicyMatchRemapIdentity, &out.PolicyMatchRemapIdentity - *out = new(PolicyMatchRemapIdentity) - **out = **in + if in.Units != nil { + in, out := &in.Units, &out.Units + *out = make([]NodeExporterSystemdUnit, len(*in)) + copy(*out, *in) } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyIdentity. -func (in *PolicyIdentity) DeepCopy() *PolicyIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSystemdCollectConfig. +func (in *NodeExporterCollectorSystemdCollectConfig) DeepCopy() *NodeExporterCollectorSystemdCollectConfig { if in == nil { return nil } - out := new(PolicyIdentity) + out := new(NodeExporterCollectorSystemdCollectConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchExactRepository) DeepCopyInto(out *PolicyMatchExactRepository) { +func (in *NodeExporterCollectorSystemdConfig) DeepCopyInto(out *NodeExporterCollectorSystemdConfig) { *out = *in + in.Collect.DeepCopyInto(&out.Collect) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchExactRepository. -func (in *PolicyMatchExactRepository) DeepCopy() *PolicyMatchExactRepository { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorSystemdConfig. +func (in *NodeExporterCollectorSystemdConfig) DeepCopy() *NodeExporterCollectorSystemdConfig { if in == nil { return nil } - out := new(PolicyMatchExactRepository) + out := new(NodeExporterCollectorSystemdConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyMatchRemapIdentity) DeepCopyInto(out *PolicyMatchRemapIdentity) { +func (in *NodeExporterCollectorTcpStatConfig) DeepCopyInto(out *NodeExporterCollectorTcpStatConfig) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyMatchRemapIdentity. -func (in *PolicyMatchRemapIdentity) DeepCopy() *PolicyMatchRemapIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterCollectorTcpStatConfig. +func (in *NodeExporterCollectorTcpStatConfig) DeepCopy() *NodeExporterCollectorTcpStatConfig { if in == nil { return nil } - out := new(PolicyMatchRemapIdentity) + out := new(NodeExporterCollectorTcpStatConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PolicyRootOfTrust) DeepCopyInto(out *PolicyRootOfTrust) { +func (in *NodeExporterConfig) DeepCopyInto(out *NodeExporterConfig) { *out = *in - if in.PublicKey != nil { - in, out := &in.PublicKey, &out.PublicKey - *out = new(ImagePolicyPublicKeyRootOfTrust) - (*in).DeepCopyInto(*out) + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } } - if in.FulcioCAWithRekor != nil { - in, out := &in.FulcioCAWithRekor, &out.FulcioCAWithRekor - *out = new(ImagePolicyFulcioCAWithRekorRootOfTrust) - (*in).DeepCopyInto(*out) + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - if in.PKI != nil { - in, out := &in.PKI, &out.PKI - *out = new(ImagePolicyPKIRootOfTrust) - (*in).DeepCopyInto(*out) + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.Collectors.DeepCopyInto(&out.Collectors) + if in.IgnoredNetworkDevices != nil { + in, out := &in.IgnoredNetworkDevices, &out.IgnoredNetworkDevices + *out = new([]NodeExporterIgnoredNetworkDevice) + if **in != nil { + in, out := *in, *out + *out = make([]NodeExporterIgnoredNetworkDevice, len(*in)) + copy(*out, *in) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRootOfTrust. -func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeExporterConfig. +func (in *NodeExporterConfig) DeepCopy() *NodeExporterConfig { if in == nil { return nil } - out := new(PolicyRootOfTrust) + out := new(NodeExporterConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *PrometheusOperatorAdmissionWebhookConfig) { +func (in *OAuth2) DeepCopyInto(out *OAuth2) { *out = *in - if in.Resources != nil { - in, out := &in.Resources, &out.Resources - *out = make([]ContainerResource, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + out.ClientID = in.ClientID + out.ClientSecret = in.ClientSecret + if in.Scopes != nil { + in, out := &in.Scopes, &out.Scopes + *out = make([]string, len(*in)) + copy(*out, *in) } - if in.TopologySpreadConstraints != nil { - in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]v1.TopologySpreadConstraint, len(*in)) + if in.EndpointParams != nil { + in, out := &in.EndpointParams, &out.EndpointParams + *out = make([]OAuth2EndpointParam, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1282,18 +1213,39 @@ func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *Prometheus return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorAdmissionWebhookConfig. -func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopy() *PrometheusOperatorAdmissionWebhookConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2. +func (in *OAuth2) DeepCopy() *OAuth2 { if in == nil { return nil } - out := new(PrometheusOperatorAdmissionWebhookConfig) + out := new(OAuth2) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) { +func (in *OAuth2EndpointParam) DeepCopyInto(out *OAuth2EndpointParam) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2EndpointParam. +func (in *OAuth2EndpointParam) DeepCopy() *OAuth2EndpointParam { + if in == nil { + return nil + } + out := new(OAuth2EndpointParam) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenShiftStateMetricsConfig) DeepCopyInto(out *OpenShiftStateMetricsConfig) { *out = *in if in.NodeSelector != nil { in, out := &in.NodeSelector, &out.NodeSelector @@ -1326,92 +1278,594 @@ func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorConfig. -func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenShiftStateMetricsConfig. +func (in *OpenShiftStateMetricsConfig) DeepCopy() *OpenShiftStateMetricsConfig { if in == nil { return nil } - out := new(PrometheusOperatorConfig) + out := new(OpenShiftStateMetricsConfig) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RSAKeyConfig) DeepCopyInto(out *RSAKeyConfig) { +func (in *PKI) DeepCopyInto(out *PKI) { *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RSAKeyConfig. -func (in *RSAKeyConfig) DeepCopy() *RSAKeyConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKI. +func (in *PKI) DeepCopy() *PKI { if in == nil { return nil } - out := new(RSAKeyConfig) + out := new(PKI) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKI) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RetentionNumberConfig) DeepCopyInto(out *RetentionNumberConfig) { +func (in *PKICertificateManagement) DeepCopyInto(out *PKICertificateManagement) { *out = *in + out.Custom = in.Custom return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionNumberConfig. -func (in *RetentionNumberConfig) DeepCopy() *RetentionNumberConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKICertificateManagement. +func (in *PKICertificateManagement) DeepCopy() *PKICertificateManagement { if in == nil { return nil } - out := new(RetentionNumberConfig) + out := new(PKICertificateManagement) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RetentionPolicy) DeepCopyInto(out *RetentionPolicy) { +func (in *PKIList) DeepCopyInto(out *PKIList) { *out = *in - if in.RetentionNumber != nil { - in, out := &in.RetentionNumber, &out.RetentionNumber - *out = new(RetentionNumberConfig) - **out = **in - } - if in.RetentionSize != nil { - in, out := &in.RetentionSize, &out.RetentionSize - *out = new(RetentionSizeConfig) - **out = **in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PKI, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionPolicy. -func (in *RetentionPolicy) DeepCopy() *RetentionPolicy { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIList. +func (in *PKIList) DeepCopy() *PKIList { if in == nil { return nil } - out := new(RetentionPolicy) + out := new(PKIList) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PKIList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RetentionSizeConfig) DeepCopyInto(out *RetentionSizeConfig) { +func (in *PKIProfile) DeepCopyInto(out *PKIProfile) { *out = *in + out.Defaults = in.Defaults + out.SignerCertificates = in.SignerCertificates + out.ServingCertificates = in.ServingCertificates + out.ClientCertificates = in.ClientCertificates return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionSizeConfig. -func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKIProfile. +func (in *PKIProfile) DeepCopy() *PKIProfile { if in == nil { return nil } - out := new(RetentionSizeConfig) + out := new(PKIProfile) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Storage) DeepCopyInto(out *Storage) { +func (in *PKISpec) DeepCopyInto(out *PKISpec) { + *out = *in + out.CertificateManagement = in.CertificateManagement + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKISpec. +func (in *PKISpec) DeepCopy() *PKISpec { + if in == nil { + return nil + } + out := new(PKISpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeClaimReference) DeepCopyInto(out *PersistentVolumeClaimReference) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeClaimReference. +func (in *PersistentVolumeClaimReference) DeepCopy() *PersistentVolumeClaimReference { + if in == nil { + return nil + } + out := new(PersistentVolumeClaimReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PersistentVolumeConfig) DeepCopyInto(out *PersistentVolumeConfig) { + *out = *in + out.Claim = in.Claim + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistentVolumeConfig. +func (in *PersistentVolumeConfig) DeepCopy() *PersistentVolumeConfig { + if in == nil { + return nil + } + out := new(PersistentVolumeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) { + *out = *in + if in.AdditionalAlertmanagerConfigs != nil { + in, out := &in.AdditionalAlertmanagerConfigs, &out.AdditionalAlertmanagerConfigs + *out = make([]AdditionalAlertmanagerConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExternalLabels != nil { + in, out := &in.ExternalLabels, &out.ExternalLabels + *out = make([]Label, len(*in)) + copy(*out, *in) + } + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.RemoteWrite != nil { + in, out := &in.RemoteWrite, &out.RemoteWrite + *out = make([]RemoteWriteSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.Retention = in.Retention + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.VolumeClaimTemplate != nil { + in, out := &in.VolumeClaimTemplate, &out.VolumeClaimTemplate + *out = new(v1.PersistentVolumeClaim) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig. +func (in *PrometheusConfig) DeepCopy() *PrometheusConfig { + if in == nil { + return nil + } + out := new(PrometheusConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopyInto(out *PrometheusOperatorAdmissionWebhookConfig) { + *out = *in + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorAdmissionWebhookConfig. +func (in *PrometheusOperatorAdmissionWebhookConfig) DeepCopy() *PrometheusOperatorAdmissionWebhookConfig { + if in == nil { + return nil + } + out := new(PrometheusOperatorAdmissionWebhookConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusOperatorConfig) DeepCopyInto(out *PrometheusOperatorConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusOperatorConfig. +func (in *PrometheusOperatorConfig) DeepCopy() *PrometheusOperatorConfig { + if in == nil { + return nil + } + out := new(PrometheusOperatorConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrometheusRemoteWriteHeader) DeepCopyInto(out *PrometheusRemoteWriteHeader) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusRemoteWriteHeader. +func (in *PrometheusRemoteWriteHeader) DeepCopy() *PrometheusRemoteWriteHeader { + if in == nil { + return nil + } + out := new(PrometheusRemoteWriteHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *QueueConfig) DeepCopyInto(out *QueueConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueueConfig. +func (in *QueueConfig) DeepCopy() *QueueConfig { + if in == nil { + return nil + } + out := new(QueueConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RSAKeyConfig) DeepCopyInto(out *RSAKeyConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RSAKeyConfig. +func (in *RSAKeyConfig) DeepCopy() *RSAKeyConfig { + if in == nil { + return nil + } + out := new(RSAKeyConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelActionConfig) DeepCopyInto(out *RelabelActionConfig) { + *out = *in + in.Replace.DeepCopyInto(&out.Replace) + out.HashMod = in.HashMod + out.LabelMap = in.LabelMap + out.Lowercase = in.Lowercase + out.Uppercase = in.Uppercase + out.KeepEqual = in.KeepEqual + out.DropEqual = in.DropEqual + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelActionConfig. +func (in *RelabelActionConfig) DeepCopy() *RelabelActionConfig { + if in == nil { + return nil + } + out := new(RelabelActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RelabelConfig) DeepCopyInto(out *RelabelConfig) { + *out = *in + if in.SourceLabels != nil { + in, out := &in.SourceLabels, &out.SourceLabels + *out = make([]string, len(*in)) + copy(*out, *in) + } + in.Action.DeepCopyInto(&out.Action) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RelabelConfig. +func (in *RelabelConfig) DeepCopy() *RelabelConfig { + if in == nil { + return nil + } + out := new(RelabelConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteAuthorization) DeepCopyInto(out *RemoteWriteAuthorization) { + *out = *in + if in.SafeAuthorization != nil { + in, out := &in.SafeAuthorization, &out.SafeAuthorization + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } + out.BearerToken = in.BearerToken + out.BasicAuth = in.BasicAuth + in.OAuth2.DeepCopyInto(&out.OAuth2) + out.Sigv4 = in.Sigv4 + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteAuthorization. +func (in *RemoteWriteAuthorization) DeepCopy() *RemoteWriteAuthorization { + if in == nil { + return nil + } + out := new(RemoteWriteAuthorization) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { + *out = *in + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]PrometheusRemoteWriteHeader, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + out.MetadataConfig = in.MetadataConfig + out.QueueConfig = in.QueueConfig + out.TLSConfig = in.TLSConfig + if in.WriteRelabelConfigs != nil { + in, out := &in.WriteRelabelConfigs, &out.WriteRelabelConfigs + *out = make([]RelabelConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteWriteSpec. +func (in *RemoteWriteSpec) DeepCopy() *RemoteWriteSpec { + if in == nil { + return nil + } + out := new(RemoteWriteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReplaceActionConfig) DeepCopyInto(out *ReplaceActionConfig) { + *out = *in + if in.Replacement != nil { + in, out := &in.Replacement, &out.Replacement + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplaceActionConfig. +func (in *ReplaceActionConfig) DeepCopy() *ReplaceActionConfig { + if in == nil { + return nil + } + out := new(ReplaceActionConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Retention) DeepCopyInto(out *Retention) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Retention. +func (in *Retention) DeepCopy() *Retention { + if in == nil { + return nil + } + out := new(Retention) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RetentionNumberConfig) DeepCopyInto(out *RetentionNumberConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionNumberConfig. +func (in *RetentionNumberConfig) DeepCopy() *RetentionNumberConfig { + if in == nil { + return nil + } + out := new(RetentionNumberConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RetentionPolicy) DeepCopyInto(out *RetentionPolicy) { + *out = *in + if in.RetentionNumber != nil { + in, out := &in.RetentionNumber, &out.RetentionNumber + *out = new(RetentionNumberConfig) + **out = **in + } + if in.RetentionSize != nil { + in, out := &in.RetentionSize, &out.RetentionSize + *out = new(RetentionSizeConfig) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionPolicy. +func (in *RetentionPolicy) DeepCopy() *RetentionPolicy { + if in == nil { + return nil + } + out := new(RetentionPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RetentionSizeConfig) DeepCopyInto(out *RetentionSizeConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetentionSizeConfig. +func (in *RetentionSizeConfig) DeepCopy() *RetentionSizeConfig { + if in == nil { + return nil + } + out := new(RetentionSizeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretKeySelector) DeepCopyInto(out *SecretKeySelector) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeySelector. +func (in *SecretKeySelector) DeepCopy() *SecretKeySelector { + if in == nil { + return nil + } + out := new(SecretKeySelector) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Sigv4) DeepCopyInto(out *Sigv4) { + *out = *in + out.AccessKey = in.AccessKey + out.SecretKey = in.SecretKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Sigv4. +func (in *Sigv4) DeepCopy() *Sigv4 { + if in == nil { + return nil + } + out := new(Sigv4) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Storage) DeepCopyInto(out *Storage) { *out = *in if in.PersistentVolume != nil { in, out := &in.PersistentVolume, &out.PersistentVolume @@ -1431,6 +1885,129 @@ func (in *Storage) DeepCopy() *Storage { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { + *out = *in + out.CA = in.CA + out.Cert = in.Cert + out.Key = in.Key + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig. +func (in *TLSConfig) DeepCopy() *TLSConfig { + if in == nil { + return nil + } + out := new(TLSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TelemeterClientConfig) DeepCopyInto(out *TelemeterClientConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TelemeterClientConfig. +func (in *TelemeterClientConfig) DeepCopy() *TelemeterClientConfig { + if in == nil { + return nil + } + out := new(TelemeterClientConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ThanosQuerierConfig) DeepCopyInto(out *ThanosQuerierConfig) { + *out = *in + if in.NodeSelector != nil { + in, out := &in.NodeSelector, &out.NodeSelector + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ContainerResource, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tolerations != nil { + in, out := &in.Tolerations, &out.Tolerations + *out = make([]v1.Toleration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]v1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ThanosQuerierConfig. +func (in *ThanosQuerierConfig) DeepCopy() *ThanosQuerierConfig { + if in == nil { + return nil + } + out := new(ThanosQuerierConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UppercaseActionConfig) DeepCopyInto(out *UppercaseActionConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UppercaseActionConfig. +func (in *UppercaseActionConfig) DeepCopy() *UppercaseActionConfig { + if in == nil { + return nil + } + out := new(UppercaseActionConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserDefinedMonitoring) DeepCopyInto(out *UserDefinedMonitoring) { *out = *in diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml index dc2d249a99..b2a1241937 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.featuregated-crd-manifests.yaml @@ -44,30 +44,6 @@ criocredentialproviderconfigs.config.openshift.io: - CRIOCredentialProviderConfig Version: v1alpha1 -clusterimagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: clusterimagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ClusterImagePolicy - Labels: {} - PluralName: clusterimagepolicies - PrinterColumns: [] - Scope: Cluster - ShortNames: null - TopLevelFeatureGates: - - SigstoreImageVerification - Version: v1alpha1 - clustermonitorings.config.openshift.io: Annotations: description: Cluster Monitoring Operators configuration API @@ -92,30 +68,6 @@ clustermonitorings.config.openshift.io: - ClusterMonitoringConfig Version: v1alpha1 -imagepolicies.config.openshift.io: - Annotations: {} - ApprovedPRNumber: https://github.com/openshift/api/pull/1457 - CRDName: imagepolicies.config.openshift.io - Capability: "" - Category: "" - FeatureGates: - - SigstoreImageVerification - - SigstoreImageVerificationPKI - FilenameOperatorName: config-operator - FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_10" - GroupName: config.openshift.io - HasStatus: true - KindName: ImagePolicy - Labels: {} - PluralName: imagepolicies - PrinterColumns: [] - Scope: Namespaced - ShortNames: null - TopLevelFeatureGates: - - SigstoreImageVerification - Version: v1alpha1 - insightsdatagathers.config.openshift.io: Annotations: {} ApprovedPRNumber: https://github.com/openshift/api/pull/1245 diff --git a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go index e43dc7b236..45e803f588 100644 --- a/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1alpha1/zz_generated.swagger_doc_generated.go @@ -80,42 +80,19 @@ func (RetentionSizeConfig) SwaggerDoc() map[string]string { return map_RetentionSizeConfig } -var map_ClusterImagePolicy = map[string]string{ - "": "ClusterImagePolicy holds cluster-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec contains the configuration for the cluster image policy.", - "status": "status contains the observed state of the resource.", -} - -func (ClusterImagePolicy) SwaggerDoc() map[string]string { - return map_ClusterImagePolicy -} - -var map_ClusterImagePolicyList = map[string]string{ - "": "ClusterImagePolicyList is a list of ClusterImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", -} - -func (ClusterImagePolicyList) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyList -} - -var map_ClusterImagePolicySpec = map[string]string{ - "": "CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", -} - -func (ClusterImagePolicySpec) SwaggerDoc() map[string]string { - return map_ClusterImagePolicySpec +var map_AdditionalAlertmanagerConfig = map[string]string{ + "": "AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. The `AdditionalAlertmanagerConfig` resource defines settings for how a component communicates with additional Alertmanager instances.", + "name": "name is a unique identifier for this Alertmanager configuration entry. The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, hyphens, or periods, and must start and end with an alphanumeric character. Minimum length is 1 character (empty string is invalid). Maximum length is 253 characters.", + "authorization": "authorization configures the authentication method for Alertmanager connections. Supports bearer token authentication. When omitted, no authentication is used.", + "pathPrefix": "pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. For example, if your Alertmanager is behind a reverse proxy at \"/alertmanager/\", set this to \"/alertmanager\" so requests go to \"/alertmanager/api/v1/alerts\" instead of \"/api/v1/alerts\". This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. When no prefix is needed, omit this field; do not set it to \"/\" as that would produce paths with double slashes (e.g. \"//api/v1/alerts\"). Must start with \"/\", must not end with \"/\", and must not be exactly \"/\". Must not contain query strings (\"?\") or fragments (\"#\").", + "scheme": "scheme defines the URL scheme to use when communicating with Alertmanager instances. Possible values are `HTTP` or `HTTPS`. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `HTTP`.", + "staticConfigs": "staticConfigs is a list of statically configured Alertmanager endpoints in the form of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address (in brackets) followed by a colon and a valid port number (1-65535). Examples: \"alertmanager.example.com:9093\", \"192.168.1.100:9093\", \"[::1]:9093\" At least one endpoint must be specified (minimum 1, maximum 10 endpoints). Each entry must be unique and non-empty (empty string is invalid).", + "timeoutSeconds": "timeoutSeconds defines the timeout in seconds for requests to Alertmanager. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Currently the default is 10 seconds. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "tlsConfig": "tlsConfig defines the TLS settings to use for Alertmanager connections. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", } -var map_ClusterImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", -} - -func (ClusterImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ClusterImagePolicyStatus +func (AdditionalAlertmanagerConfig) SwaggerDoc() map[string]string { + return map_AdditionalAlertmanagerConfig } var map_AlertmanagerConfig = map[string]string{ @@ -132,11 +109,11 @@ var map_AlertmanagerCustomConfig = map[string]string{ "": "AlertmanagerCustomConfig represents the configuration for a custom Alertmanager deployment. alertmanagerCustomConfig provides configuration options for the default Alertmanager instance that runs in the `openshift-monitoring` namespace. Use this configuration to control whether the default Alertmanager is deployed, how it logs, and how its pods are scheduled.", "logLevel": "logLevel defines the verbosity of logs emitted by Alertmanager. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", - "resources": "resources defines the compute resource requests and limits for the Alertmanager container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Alertmanager container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "secrets": "secrets defines a list of secrets that need to be mounted into the Alertmanager. The secrets must reside within the same namespace as the Alertmanager object. They will be added as volumes named secret- and mounted at /etc/alertmanager/secrets/ within the 'alertmanager' container of the Alertmanager Pods.\n\nThese secrets can be used to authenticate Alertmanager with endpoint receivers. For example, you can use secrets to: - Provide certificates for TLS authentication with receivers that require private CA certificates - Store credentials for Basic HTTP authentication with receivers that require password-based auth - Store any other authentication credentials needed by your alert receivers\n\nThis field is optional. Maximum length for this list is 10. Minimum length for this list is 1. Entries in this list must be unique.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Alertmanager Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", - "volumeClaimTemplate": "volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class, volume size, and name. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts. This field is optional.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and alert data will not persist across restarts.", } func (AlertmanagerCustomConfig) SwaggerDoc() map[string]string { @@ -152,6 +129,26 @@ func (Audit) SwaggerDoc() map[string]string { return map_Audit } +var map_AuthorizationConfig = map[string]string{ + "": "AuthorizationConfig defines the authentication method for Alertmanager connections.", + "type": "type specifies the authentication type to use. Valid value is \"BearerToken\" (bearer token authentication). When set to BearerToken, the bearerToken field must be specified.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise. The secret must exist in the openshift-monitoring namespace.", +} + +func (AuthorizationConfig) SwaggerDoc() map[string]string { + return map_AuthorizationConfig +} + +var map_BasicAuth = map[string]string{ + "": "BasicAuth defines basic authentication settings for the remote write endpoint URL.", + "username": "username defines the secret reference containing the username for basic authentication. The secret must exist in the openshift-monitoring namespace.", + "password": "password defines the secret reference containing the password for basic authentication. The secret must exist in the openshift-monitoring namespace.", +} + +func (BasicAuth) SwaggerDoc() map[string]string { + return map_BasicAuth +} + var map_ClusterMonitoring = map[string]string{ "": "ClusterMonitoring is the Custom Resource object which holds the current status of Cluster Monitoring Operator. CMO is a central component of the monitoring stack.\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. ClusterMonitoring is the Schema for the Cluster Monitoring Operators API", "metadata": "metadata is the standard object metadata.", @@ -177,9 +174,15 @@ var map_ClusterMonitoringSpec = map[string]string{ "": "ClusterMonitoringSpec defines the desired state of Cluster Monitoring Operator", "userDefined": "userDefined set the deployment mode for user-defined monitoring in addition to the default platform monitoring. userDefined is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is `Disabled`.", "alertmanagerConfig": "alertmanagerConfig allows users to configure how the default Alertmanager instance should be deployed in the `openshift-monitoring` namespace. alertmanagerConfig is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `DefaultConfig`.", + "prometheusConfig": "prometheusConfig provides configuration options for the default platform Prometheus instance that runs in the `openshift-monitoring` namespace. This configuration applies only to the platform Prometheus instance; user-workload Prometheus instances are configured separately.\n\nThis field allows you to customize how the platform Prometheus is deployed and operated, including:\n - Pod scheduling (node selectors, tolerations, topology spread constraints)\n - Resource allocation (CPU, memory requests/limits)\n - Retention policies (how long metrics are stored)\n - External integrations (remote write, additional alertmanagers)\n\nThis field is optional. When omitted, the platform chooses reasonable defaults, which may change over time.", "metricsServerConfig": "metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorConfig": "prometheusOperatorConfig is an optional field that can be used to configure the Prometheus Operator component. Specifically, it can configure how the Prometheus Operator instance is deployed, pod scheduling, and resource allocation. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", "prometheusOperatorAdmissionWebhookConfig": "prometheusOperatorAdmissionWebhookConfig is an optional field that can be used to configure the admission webhook component of Prometheus Operator that runs in the openshift-monitoring namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects to ensure they are semantically valid, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "openShiftStateMetricsConfig": "openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "telemeterClientConfig": "telemeterClientConfig is an optional field that can be used to configure the Telemeter Client component that runs in the openshift-monitoring namespace. The Telemeter Client collects selected monitoring metrics and forwards them to Red Hat for telemetry purposes. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. When set, at least one field must be specified within telemeterClientConfig.", + "thanosQuerierConfig": "thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier component that runs in the openshift-monitoring namespace. The Thanos Querier provides a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory requests, and no custom tolerations or topology spread constraints. When set, at least one field must be specified within thanosQuerierConfig.", + "nodeExporterConfig": "nodeExporterConfig is an optional field that can be used to configure the node-exporter agent that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects hardware and OS-level metrics from every node in the cluster. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "monitoringPluginConfig": "monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default deploys the monitoring-plugin as a single-replica Deployment on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations or topology spread constraints. When set, at least one field must be specified within monitoringPluginConfig.", } func (ClusterMonitoringSpec) SwaggerDoc() map[string]string { @@ -197,7 +200,7 @@ func (ClusterMonitoringStatus) SwaggerDoc() map[string]string { var map_ContainerResource = map[string]string{ "": "ContainerResource defines a single resource requirement for a container.", "name": "name of the resource (e.g. \"cpu\", \"memory\", \"hugepages-2Mi\"). This field is required. name must consist only of alphanumeric characters, `-`, `_` and `.` and must start and end with an alphanumeric character.", - "request": "request is the minimum amount of the resource required (e.g. \"2Mi\", \"1Gi\"). This field is optional. When limit is specified, request cannot be greater than limit.", + "request": "request is the minimum amount of the resource required (e.g. \"2Mi\", \"1Gi\"). This field is optional. When limit is specified, request cannot be greater than limit. The value must be greater than 0 when specified.", "limit": "limit is the maximum amount of the resource allowed (e.g. \"2Mi\", \"1Gi\"). This field is optional. When request is specified, limit cannot be less than request. The value must be greater than 0 when specified.", } @@ -205,13 +208,88 @@ func (ContainerResource) SwaggerDoc() map[string]string { return map_ContainerResource } +var map_DropEqualActionConfig = map[string]string{ + "": "DropEqualActionConfig configures the DropEqual action. Drops targets for which the concatenated source_labels do match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. Must be between 1 and 128 characters in length.", +} + +func (DropEqualActionConfig) SwaggerDoc() map[string]string { + return map_DropEqualActionConfig +} + +var map_HashModActionConfig = map[string]string{ + "": "HashModActionConfig configures the HashMod action. target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus).", + "targetLabel": "targetLabel is the label name where the hash modulus result is written. Must be between 1 and 128 characters in length.", + "modulus": "modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). Required when using the HashMod action so the intended behavior is explicit. Must be between 1 and 1000000.", +} + +func (HashModActionConfig) SwaggerDoc() map[string]string { + return map_HashModActionConfig +} + +var map_KeepEqualActionConfig = map[string]string{ + "": "KeepEqualActionConfig configures the KeepEqual action. Drops targets for which the concatenated source_labels do not match the value of target_label. Requires Prometheus >= v2.41.0.", + "targetLabel": "targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. Must be between 1 and 128 characters in length.", +} + +func (KeepEqualActionConfig) SwaggerDoc() map[string]string { + return map_KeepEqualActionConfig +} + +var map_Label = map[string]string{ + "": "Label represents a key/value pair for external labels.", + "key": "key is the name of the label. Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. Must be between 1 and 128 characters in length.", + "value": "value is the value of the label. Must be between 1 and 128 characters in length.", +} + +func (Label) SwaggerDoc() map[string]string { + return map_Label +} + +var map_LabelMapActionConfig = map[string]string{ + "": "LabelMapActionConfig configures the LabelMap action. Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted.", + "replacement": "replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names.", +} + +func (LabelMapActionConfig) SwaggerDoc() map[string]string { + return map_LabelMapActionConfig +} + +var map_LowercaseActionConfig = map[string]string{ + "": "LowercaseActionConfig configures the Lowercase action. Maps the concatenated source_labels to their lower case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the lower-cased value is written. Must be between 1 and 128 characters in length.", +} + +func (LowercaseActionConfig) SwaggerDoc() map[string]string { + return map_LowercaseActionConfig +} + +var map_MetadataConfig = map[string]string{ + "": "MetadataConfig defines whether and how to send series metadata to remote write storage.", + "sendPolicy": "sendPolicy specifies whether to send metadata and how it is configured. Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). Custom: send metadata using the settings in the custom field.", + "custom": "custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default.", +} + +func (MetadataConfig) SwaggerDoc() map[string]string { + return map_MetadataConfig +} + +var map_MetadataConfigCustom = map[string]string{ + "": "MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds).", + "sendIntervalSeconds": "sendIntervalSeconds is the interval in seconds at which metadata is sent. When omitted, the platform chooses a reasonable default (e.g. 30 seconds). Minimum value is 1 second. Maximum value is 86400 seconds (24 hours).", +} + +func (MetadataConfigCustom) SwaggerDoc() map[string]string { + return map_MetadataConfigCustom +} + var map_MetricsServerConfig = map[string]string{ "": "MetricsServerConfig provides configuration options for the Metrics Server instance that runs in the `openshift-monitoring` namespace. Use this configuration to control how the Metrics Server instance is deployed, how it logs, and how its pods are scheduled.", "audit": "audit defines the audit configuration used by the Metrics Server instance. audit is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default sets audit.profile to Metadata", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "verbosity": "verbosity defines the verbosity of log messages for Metrics Server. Valid values are Errors, Info, Trace, TraceAll and omitted. When set to Errors, only critical messages and errors are logged. When set to Info, only basic information messages are logged. When set to Trace, information useful for general debugging is logged. When set to TraceAll, detailed information about metric scraping is logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Errors`", - "resources": "resources defines the compute resource requests and limits for the Metrics Server container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Metrics Server container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Metrics Server Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -219,9 +297,219 @@ func (MetricsServerConfig) SwaggerDoc() map[string]string { return map_MetricsServerConfig } +var map_MonitoringPluginConfig = map[string]string{ + "": "MonitoringPluginConfig provides configuration options for the monitoring plugin that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. At least one field must be specified; an empty monitoringPluginConfig object is not allowed.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the monitoring-plugin container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 10m\n - name: memory\n request: 50Mi\n\nWhen specified, resources must contain at least 1 entry and must not exceed 5 entries.", + "tolerations": "tolerations defines the tolerations required for the monitoring-plugin Pods. This field is optional.\n\nWhen omitted, the monitoring-plugin Pods will not have any tolerations, which means they will only be scheduled on nodes with no taints. When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. When specified, this list must contain at least 1 entry and must not exceed 10 entries.", +} + +func (MonitoringPluginConfig) SwaggerDoc() map[string]string { + return map_MonitoringPluginConfig +} + +var map_NodeExporterCollectorBuddyInfoConfig = map[string]string{ + "": "NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the buddyinfo collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the buddyinfo collector is active and memory fragmentation statistics are collected. When set to \"DoNotCollect\", the buddyinfo collector is inactive.", +} + +func (NodeExporterCollectorBuddyInfoConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorBuddyInfoConfig +} + +var map_NodeExporterCollectorConfig = map[string]string{ + "": "NodeExporterCollectorConfig defines settings for individual collectors of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. At least one collector must be specified.", + "cpuFreq": "cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. cpuFreq is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on many-core nodes when collectionPolicy is Collect.", + "tcpStat": "tcpStat configures the tcpstat collector, which collects TCP connection statistics. tcpStat is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when debugging TCP connection behavior or capacity at the node level.", + "ethtool": "ethtool configures the ethtool collector, which collects ethernet device statistics. ethtool is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters.", + "netDev": "netDev configures the netdev collector, which collects network device statistics. netDev is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is enabled. Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces.", + "netClass": "netClass configures the netclass collector, which collects information about network devices. netClass is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is enabled with netlink mode active. Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning.", + "buddyInfo": "buddyInfo configures the buddyinfo collector, which collects statistics about memory fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. buddyInfo is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only.", + "mountStats": "mountStats configures the mountstats collector, which collects statistics about NFS volume I/O activities. mountStats is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enabling this collector may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. Enable when you care about per-mount NFS client statistics.", + "ksmd": "ksmd configures the ksmd collector, which collects statistics from the kernel same-page merger daemon. ksmd is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable on nodes where KSM is in use and you want visibility into merging activity.", + "processes": "processes configures the processes collector, which collects statistics from processes and threads running in the system. processes is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enable for process/thread-level insight; can be expensive on busy nodes.", + "systemd": "systemd configures the systemd collector, which collects statistics on the systemd daemon and its managed services. systemd is optional. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is disabled. Enabling this collector with a long list of selected units may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. Enable when you need metrics for specific units; scope units carefully.", +} + +func (NodeExporterCollectorConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorConfig +} + +var map_NodeExporterCollectorCpufreqConfig = map[string]string{ + "": "NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the cpufreq collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the cpufreq collector is active and CPU frequency statistics are collected. When set to \"DoNotCollect\", the cpufreq collector is inactive.", +} + +func (NodeExporterCollectorCpufreqConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorCpufreqConfig +} + +var map_NodeExporterCollectorEthtoolConfig = map[string]string{ + "": "NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector of the node-exporter agent. The ethtool collector collects ethernet device statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the ethtool collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the ethtool collector is active and ethernet device statistics are collected. When set to \"DoNotCollect\", the ethtool collector is inactive.", +} + +func (NodeExporterCollectorEthtoolConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorEthtoolConfig +} + +var map_NodeExporterCollectorKSMDConfig = map[string]string{ + "": "NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector of the node-exporter agent. The ksmd collector collects statistics from the kernel same-page merger daemon. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the ksmd collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the ksmd collector is active and kernel same-page merger statistics are collected. When set to \"DoNotCollect\", the ksmd collector is inactive.", +} + +func (NodeExporterCollectorKSMDConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorKSMDConfig +} + +var map_NodeExporterCollectorMountStatsConfig = map[string]string{ + "": "NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. It is disabled by default. Enabling this collector may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage.", + "collectionPolicy": "collectionPolicy declares whether the mountstats collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the mountstats collector is active and NFS volume I/O statistics are collected. When set to \"DoNotCollect\", the mountstats collector is inactive.", +} + +func (NodeExporterCollectorMountStatsConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorMountStatsConfig +} + +var map_NodeExporterCollectorNetClassCollectConfig = map[string]string{ + "": "NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector when it is actively collecting metrics. At least one field must be specified.", + "statsGatherer": "statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). statsGatherer is optional. Valid values are \"Sysfs\" and \"Netlink\". When set to \"Netlink\", the netlink implementation is used; when set to \"Sysfs\", the sysfs implementation is used. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is Netlink.", +} + +func (NodeExporterCollectorNetClassCollectConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetClassCollectConfig +} + +var map_NodeExporterCollectorNetClassConfig = map[string]string{ + "": "NodeExporterCollectorNetClassConfig provides configuration for the netclass collector of the node-exporter agent. The netclass collector collects information about network devices such as network speed, MTU, and carrier status. It is enabled by default. When collectionPolicy is DoNotCollect, the collect field must not be set.", + "collectionPolicy": "collectionPolicy declares whether the netclass collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the netclass collector is active and network class information is collected. When set to \"DoNotCollect\", the netclass collector is inactive and the corresponding metrics become unavailable. When set to \"DoNotCollect\", the collect field must not be set.", + "collect": "collect contains configuration options that apply only when the netclass collector is actively collecting metrics (i.e. when collectionPolicy is Collect). collect is optional and may be omitted even when collectionPolicy is Collect. collect may only be set when collectionPolicy is Collect. When set, at least one field must be specified within collect.", +} + +func (NodeExporterCollectorNetClassConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetClassConfig +} + +var map_NodeExporterCollectorNetDevConfig = map[string]string{ + "": "NodeExporterCollectorNetDevConfig provides configuration for the netdev collector of the node-exporter agent. The netdev collector collects network device statistics such as bytes, packets, errors, and drops per device. It is enabled by default.", + "collectionPolicy": "collectionPolicy declares whether the netdev collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the netdev collector is active and network device statistics are collected. When set to \"DoNotCollect\", the netdev collector is inactive and the corresponding metrics become unavailable.", +} + +func (NodeExporterCollectorNetDevConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorNetDevConfig +} + +var map_NodeExporterCollectorProcessesConfig = map[string]string{ + "": "NodeExporterCollectorProcessesConfig provides configuration for the processes collector of the node-exporter agent. The processes collector collects statistics from processes and threads running in the system. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the processes collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the processes collector is active and process/thread statistics are collected. When set to \"DoNotCollect\", the processes collector is inactive.", +} + +func (NodeExporterCollectorProcessesConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorProcessesConfig +} + +var map_NodeExporterCollectorSystemdCollectConfig = map[string]string{ + "": "NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector when it is actively collecting metrics. At least one field must be specified.", + "units": "units is a list of regular expression patterns that match systemd units to be included by the systemd collector. units is optional. By default, the list is empty, so the collector exposes no metrics for systemd units. Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. Maximum length for this list is 50. Minimum length for this list is 1. Entries in this list must be unique.", +} + +func (NodeExporterCollectorSystemdCollectConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSystemdCollectConfig +} + +var map_NodeExporterCollectorSystemdConfig = map[string]string{ + "": "NodeExporterCollectorSystemdConfig provides configuration for the systemd collector of the node-exporter agent. The systemd collector collects statistics on the systemd daemon and its managed services. It is disabled by default. Enabling this collector with a long list of selected units may produce metrics with high cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment for excessive memory usage. When collectionPolicy is DoNotCollect, the collect field must not be set.", + "collectionPolicy": "collectionPolicy declares whether the systemd collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the systemd collector is active and systemd unit statistics are collected. When set to \"DoNotCollect\", the systemd collector is inactive and the collect field must not be set.", + "collect": "collect contains configuration options that apply only when the systemd collector is actively collecting metrics (i.e. when collectionPolicy is Collect). collect is optional and may be omitted even when collectionPolicy is Collect. collect may only be set when collectionPolicy is Collect. When set, at least one field must be specified within collect.", +} + +func (NodeExporterCollectorSystemdConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorSystemdConfig +} + +var map_NodeExporterCollectorTcpStatConfig = map[string]string{ + "": "NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector of the node-exporter agent. The tcpstat collector collects TCP connection statistics. It is disabled by default.", + "collectionPolicy": "collectionPolicy declares whether the tcpstat collector collects metrics. This field is required. Valid values are \"Collect\" and \"DoNotCollect\". When set to \"Collect\", the tcpstat collector is active and TCP connection statistics are collected. When set to \"DoNotCollect\", the tcpstat collector is inactive.", +} + +func (NodeExporterCollectorTcpStatConfig) SwaggerDoc() map[string]string { + return map_NodeExporterCollectorTcpStatConfig +} + +var map_NodeExporterConfig = map[string]string{ + "": "NodeExporterConfig provides configuration options for the node-exporter agent that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and network statistics. At least one field must be specified.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the node-exporter container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 8m\n limit: null\n - name: memory\n request: 32Mi\n limit: null", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is to tolerate all taints (operator: Exists without any key), which is typical for DaemonSets that must run on every node. Maximum length for this list is 10. Minimum length for this list is 1.", + "collectors": "collectors configures which node-exporter metric collectors are enabled. collectors is optional. Each collector can be individually enabled or disabled. Some collectors may have additional configuration options.\n\nWhen omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "maxProcs": "maxProcs sets the target number of CPUs on which the node-exporter process will run. maxProcs is optional. Use this setting to override the default value, which is set either to 4 or to the number of CPUs on the host, whichever is smaller. The default value is computed at runtime and set via the GOMAXPROCS environment variable before node-exporter is launched. If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, you can change this value to 1, which limits node-exporter to running on one CPU. For nodes with a high CPU count, setting the limit to a low number saves resources by preventing Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the maxProcs value is set too low and there are many metrics to collect. The minimum value is 1 and the maximum value is 1024. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default is min(4, number of host CPUs).", + "ignoredNetworkDevices": "ignoredNetworkDevices is a list of regular expression patterns that match network devices to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. ignoredNetworkDevices is optional.\n\nWhen omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded to minimize the impact on memory usage. When set as an empty list, no devices are excluded. If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. Maximum length for this list is 50. Each entry must be at least 1 character and at most 1024 characters long.", +} + +func (NodeExporterConfig) SwaggerDoc() map[string]string { + return map_NodeExporterConfig +} + +var map_OAuth2 = map[string]string{ + "": "OAuth2 defines OAuth2 authentication settings for the remote write endpoint.", + "clientId": "clientId defines the secret reference containing the OAuth2 client ID. The secret must exist in the openshift-monitoring namespace.", + "clientSecret": "clientSecret defines the secret reference containing the OAuth2 client secret. The secret must exist in the openshift-monitoring namespace.", + "tokenUrl": "tokenUrl is the URL to fetch the token from. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "scopes": "scopes is a list of OAuth2 scopes to request. When omitted, no scopes are requested. Maximum of 20 scopes can be specified. Each scope must be between 1 and 256 characters.", + "endpointParams": "endpointParams defines additional parameters to append to the token URL. When omitted, no additional parameters are sent. Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key).", +} + +func (OAuth2) SwaggerDoc() map[string]string { + return map_OAuth2 +} + +var map_OAuth2EndpointParam = map[string]string{ + "": "OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL.", + "name": "name is the parameter name. Must be between 1 and 256 characters.", + "value": "value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the external system expects a parameter with an empty value (e.g. ?parameter=\"\"). Must be between 0 and 2048 characters when present (aligned with common URL length recommendations).", +} + +func (OAuth2EndpointParam) SwaggerDoc() map[string]string { + return map_OAuth2EndpointParam +} + +var map_OpenShiftStateMetricsConfig = map[string]string{ + "": "OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the openshift-state-metrics container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 32Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", +} + +func (OpenShiftStateMetricsConfig) SwaggerDoc() map[string]string { + return map_OpenShiftStateMetricsConfig +} + +var map_PrometheusConfig = map[string]string{ + "": "PrometheusConfig provides configuration options for the Prometheus instance. Use this configuration to control Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations.", + "additionalAlertmanagerConfigs": "additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from the Prometheus component. This is useful for organizations that need to:\n - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks)\n - Route different types of alerts to different teams or systems\n - Integrate with existing enterprise alerting infrastructure\n - Maintain separate alert routing for compliance or organizational requirements\nWhen omitted, no additional Alertmanager instances are configured (default behavior). When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "enforcedBodySizeLimitBytes": "enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. If a scraped target's body response is larger than the limit, the scrape will fail. This helps protect Prometheus from targets that return excessively large responses. The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). When omitted, the Cluster Monitoring Operator automatically calculates an appropriate limit based on cluster capacity. Set an explicit value to override the automatic calculation. Minimum value is 10240 (10kB). Maximum value is 1073741824 (1GB).", + "externalLabels": "externalLabels defines labels to be attached to time series and alerts when communicating with external systems such as federation, remote storage, and Alertmanager. These labels are not stored with metrics on disk; they are only added when data leaves Prometheus (e.g., during federation queries, remote write, or alert notifications). At least 1 label must be specified when set, with a maximum of 50 labels allowed. Each label key must be unique within this list. When omitted, no external labels are applied.", + "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least one key-value pair (minimum of 1) and must not contain more than 10 entries.", + "queryLogFile": "queryLogFile specifies the file to which PromQL queries are logged. This setting can be either a filename, in which case the queries are saved to an `emptyDir` volume at `/var/log/prometheus`, or a full path to a location where an `emptyDir` volume will be mounted and the queries saved. Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but writing to any other `/dev/` path is not supported. Relative paths are also not supported. By default, PromQL queries are not logged. Must be an absolute path starting with `/` or a simple filename without path separators. Must not contain consecutive slashes, end with a slash, or include '..' path traversal. Must contain only alphanumeric characters, '.', '_', '-', or '/'. Must be between 1 and 255 characters in length.", + "remoteWrite": "remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. Remote write allows Prometheus to send metrics it collects to external long-term storage systems. When omitted, no remote write endpoints are configured. When provided, at least one configuration must be specified (minimum 1, maximum 10 items). Entries must have unique names (name is the list key).", + "resources": "resources defines the compute resource requests and limits for the Prometheus container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "retention": "retention configures how long Prometheus retains metrics data and how much storage it can use. When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit).", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10 Minimum length for this list is 1", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1 Entries must have unique topologyKey and whenUnsatisfiable pairs.", + "collectionProfile": "collectionProfile defines the metrics collection profile that Prometheus uses to collect metrics from the platform components. Supported values are `Full` or `Minimal`. In the `Full` profile (default), Prometheus collects all metrics that are exposed by the platform components. In the `Minimal` profile, Prometheus only collects metrics necessary for the default platform alerts, recording rules, telemetry and console dashboards. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is `Full`.", + "volumeClaimTemplate": "volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to configure the persistent volume claim, including storage class and volume size. If omitted, the Pod uses ephemeral storage and Prometheus data will not persist across restarts.", +} + +func (PrometheusConfig) SwaggerDoc() map[string]string { + return map_PrometheusConfig +} + var map_PrometheusOperatorAdmissionWebhookConfig = map[string]string{ "": "PrometheusOperatorAdmissionWebhookConfig provides configuration options for the admission webhook component of Prometheus Operator that runs in the `openshift-monitoring` namespace. The admission webhook validates PrometheusRule and AlertmanagerConfig objects, mutates PrometheusRule annotations, and converts AlertmanagerConfig objects between API versions.", - "resources": "resources defines the compute resource requests and limits for the prometheus-operator-admission-webhook container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n limit: null\n - name: memory\n request: 30Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the prometheus-operator-admission-webhook container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n limit: null\n - name: memory\n request: 30Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how admission webhook Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -233,7 +521,7 @@ var map_PrometheusOperatorConfig = map[string]string{ "": "PrometheusOperatorConfig provides configuration options for the Prometheus Operator instance Use this configuration to control how the Prometheus Operator instance is deployed, how it logs, and how its pods are scheduled.", "logLevel": "logLevel defines the verbosity of logs emitted by Prometheus Operator. This field allows users to control the amount and severity of logs generated, which can be useful for debugging issues or reducing noise in production environments. Allowed values are Error, Warn, Info, and Debug. When set to Error, only errors will be logged. When set to Warn, both warnings and errors will be logged. When set to Info, general information, warnings, and errors will all be logged. When set to Debug, detailed debugging information will be logged. When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. The current default value is `Info`.", "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", - "resources": "resources defines the compute resource requests and limits for the Prometheus Operator container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 10. Minimum length for this list is 1. Each resource name must be unique within this list.", + "resources": "resources defines the compute resource requests and limits for the Prometheus Operator container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 4m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Prometheus Operator Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } @@ -242,191 +530,228 @@ func (PrometheusOperatorConfig) SwaggerDoc() map[string]string { return map_PrometheusOperatorConfig } -var map_UserDefinedMonitoring = map[string]string{ - "": "UserDefinedMonitoring config for user-defined projects.", - "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", +var map_PrometheusRemoteWriteHeader = map[string]string{ + "": "PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. Validation is enforced on the Headers field in RemoteWriteSpec.", + "name": "name is the HTTP header name. Must not be a reserved header (see type documentation). Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters.", + "value": "value is the HTTP header value. Must be at most 4096 characters.", } -func (UserDefinedMonitoring) SwaggerDoc() map[string]string { - return map_UserDefinedMonitoring +func (PrometheusRemoteWriteHeader) SwaggerDoc() map[string]string { + return map_PrometheusRemoteWriteHeader } -var map_CRIOCredentialProviderConfig = map[string]string{ - "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", - "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", +var map_QueueConfig = map[string]string{ + "": "QueueConfig allows tuning configuration for remote write queue parameters. Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429.", + "capacity": "capacity is the number of samples to buffer per shard before we start dropping them. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 10000. Minimum value is 1. Maximum value is 1000000.", + "maxShards": "maxShards is the maximum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 200. Minimum value is 1. Maximum value is 10000.", + "minShards": "minShards is the minimum number of shards, i.e. amount of concurrency. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1. Minimum value is 1. Maximum value is 10000.", + "maxSamplesPerSend": "maxSamplesPerSend is the maximum number of samples per send. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 1000. Minimum value is 1. Maximum value is 100000.", + "batchSendDeadlineSeconds": "batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 3600 seconds (1 hour).", + "minBackoffMilliseconds": "minBackoffMilliseconds is the minimum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "maxBackoffMilliseconds": "maxBackoffMilliseconds is the maximum retry delay in milliseconds. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 millisecond. Maximum value is 3600000 milliseconds (1 hour).", + "rateLimitedAction": "rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). When omitted, no retries are performed on rate limit responses. When set to \"Retry\", Prometheus will retry such requests using the backoff settings above. Valid value when set is \"Retry\".", } -func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfig +func (QueueConfig) SwaggerDoc() map[string]string { + return map_QueueConfig } -var map_CRIOCredentialProviderConfigList = map[string]string{ - "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_RelabelActionConfig = map[string]string{ + "": "RelabelActionConfig represents the action to perform and its configuration. Exactly one action-specific configuration must be specified based on the action type.", + "type": "type specifies the action to perform on the matched labels. Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep.\n\nWhen set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place.\n\nWhen set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0.\n\nWhen set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0.\n\nWhen set to Keep, targets for which regex does not match the concatenated source_labels are dropped.\n\nWhen set to Drop, targets for which regex matches the concatenated source_labels are dropped.\n\nWhen set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0.\n\nWhen set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels.\n\nWhen set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted.\n\nWhen set to LabelDrop, regex is matched against all label names; any label that matches is removed.\n\nWhen set to LabelKeep, regex is matched against all label names; any label that does not match is removed.", + "replace": "replace configures the Replace action. Required when type is Replace, and forbidden otherwise.", + "hashMod": "hashMod configures the HashMod action. Required when type is HashMod, and forbidden otherwise.", + "labelMap": "labelMap configures the LabelMap action. Required when type is LabelMap, and forbidden otherwise.", + "lowercase": "lowercase configures the Lowercase action. Required when type is Lowercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "uppercase": "uppercase configures the Uppercase action. Required when type is Uppercase, and forbidden otherwise. Requires Prometheus >= v2.36.0.", + "keepEqual": "keepEqual configures the KeepEqual action. Required when type is KeepEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", + "dropEqual": "dropEqual configures the DropEqual action. Required when type is DropEqual, and forbidden otherwise. Requires Prometheus >= v2.41.0.", } -func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigList +func (RelabelActionConfig) SwaggerDoc() map[string]string { + return map_RelabelActionConfig } -var map_CRIOCredentialProviderConfigSpec = map[string]string{ - "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", - "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", +var map_RelabelConfig = map[string]string{ + "": "RelabelConfig represents a relabeling rule.", + "name": "name is a unique identifier for this relabel configuration. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "sourceLabels": "sourceLabels specifies which label names to extract from each series for this relabeling rule. The values of these labels are joined together using the configured separator, and the resulting string is then matched against the regular expression. If a referenced label does not exist on a series, Prometheus substitutes an empty string. When omitted, the rule operates without extracting source labels (useful for actions like labelmap). Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. Each entry must be unique. Label names beginning with \"__\" (two underscores) are reserved for internal Prometheus use and are not allowed. Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.).", + "separator": "separator is the character sequence used to join source label values. Common examples: \";\", \",\", \"::\", \"|||\". When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \";\". Must be between 1 and 5 characters in length when specified.", + "regex": "regex is the regular expression to match against the concatenated source label values. Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"(.*)\" to match everything. Must be between 1 and 1000 characters in length when specified.", + "action": "action defines the action to perform on the matched labels and its configuration. Exactly one action-specific configuration must be specified based on the action type.", } -func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigSpec +func (RelabelConfig) SwaggerDoc() map[string]string { + return map_RelabelConfig } -var map_CRIOCredentialProviderConfigStatus = map[string]string{ - "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", - "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", +var map_RemoteWriteAuthorization = map[string]string{ + "": "RemoteWriteAuthorization defines the authorization method for a remote write endpoint. Exactly one of the nested configs must be set according to the type discriminator.", + "type": "type specifies the authorization method to use. Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount.\n\nWhen set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field.\n\nWhen set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set.\n\nWhen set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set.\n\nWhen set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set.\n\nWhen set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field.\n\nWhen set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path.", + "safeAuthorization": "safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). Required when type is \"SafeAuthorization\", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace.", + "bearerToken": "bearerToken defines the secret reference containing the bearer token. Required when type is \"BearerToken\", and forbidden otherwise.", + "basicAuth": "basicAuth defines HTTP basic authentication credentials. Required when type is \"BasicAuth\", and forbidden otherwise.", + "oauth2": "oauth2 defines OAuth2 client credentials authentication. Required when type is \"OAuth2\", and forbidden otherwise.", + "sigv4": "sigv4 defines AWS Signature Version 4 authentication. Required when type is \"SigV4\", and forbidden otherwise.", } -func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { - return map_CRIOCredentialProviderConfigStatus +func (RemoteWriteAuthorization) SwaggerDoc() map[string]string { + return map_RemoteWriteAuthorization } -var map_ImagePolicy = map[string]string{ - "": "ImagePolicy holds namespace-wide configuration for image signature verification\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", - "spec": "spec holds user settable values for configuration", - "status": "status contains the observed state of the resource.", +var map_RemoteWriteSpec = map[string]string{ + "": "RemoteWriteSpec represents configuration for remote write endpoints.", + "url": "url is the URL of the remote write endpoint. Must be a valid URL with http or https scheme and a non-empty hostname. Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. Empty string is invalid. Must be between 1 and 2048 characters in length.", + "name": "name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). This name is used in metrics and logging to differentiate remote write queues. Must contain only alphanumeric characters, hyphens, and underscores. Must be between 1 and 63 characters in length.", + "authorization": "authorization defines the authorization method for the remote write endpoint. When omitted, no authorization is performed. When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config).", + "headers": "headers specifies the custom HTTP headers to be sent along with each remote write request. Sending custom headers makes the configuration of a proxy in between optional and helps the receiver recognize the given source better. Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. When omitted, no custom headers are sent. Maximum of 50 headers can be specified. Each header name must be unique. Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate).", + "metadataConfig": "metadataConfig configures the sending of series metadata to remote storage. When omitted, no metadata is sent. When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds).", + "proxyUrl": "proxyUrl defines an optional proxy URL. If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. When omitted, no proxy is used. Must be a valid URL with http or https scheme. Must be between 1 and 2048 characters in length.", + "queueConfig": "queueConfig allows tuning configuration for remote write queue parameters. When omitted, default queue configuration is used.", + "remoteTimeoutSeconds": "remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. Minimum value is 1 second. Maximum value is 600 seconds (10 minutes).", + "exemplarsMode": "exemplarsMode controls whether exemplars are sent via remote write. Valid values are \"Send\", \"DoNotSend\" and omitted. When set to \"Send\", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. When omitted or set to \"DoNotSend\", exemplars are not sent.", + "tlsConfig": "tlsConfig defines TLS authentication settings for the remote write endpoint. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time.", + "writeRelabelConfigs": "writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. When omitted, no relabeling is performed and all metrics are sent as-is. Minimum of 1 and maximum of 10 relabeling rules can be specified. Each rule must have a unique name.", } -func (ImagePolicy) SwaggerDoc() map[string]string { - return map_ImagePolicy +func (RemoteWriteSpec) SwaggerDoc() map[string]string { + return map_RemoteWriteSpec } -var map_ImagePolicyFulcioCAWithRekorRootOfTrust = map[string]string{ - "": "ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key.", - "fulcioCAData": "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "fulcioSubject": "fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration.", +var map_ReplaceActionConfig = map[string]string{ + "": "ReplaceActionConfig configures the Replace action. Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match.", + "targetLabel": "targetLabel is the label name where the replacement result is written. Must be between 1 and 128 characters in length.", + "replacement": "replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. Use \"$1\" for the first capture group, \"$2\" for the second, etc. Use an empty string (\"\") to explicitly clear the target label value. Must be between 0 and 255 characters in length.", } -func (ImagePolicyFulcioCAWithRekorRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyFulcioCAWithRekorRootOfTrust +func (ReplaceActionConfig) SwaggerDoc() map[string]string { + return map_ReplaceActionConfig } -var map_ImagePolicyList = map[string]string{ - "": "ImagePolicyList is a list of ImagePolicy resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", - "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", +var map_Retention = map[string]string{ + "": "Retention configures how long Prometheus retains metrics data and how much storage it can use.", + "durationInDays": "durationInDays specifies how many days Prometheus will retain metrics data. Prometheus automatically deletes data older than this duration. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is 15. Minimum value is 1 day. Maximum value is 365 days (1 year).", + "sizeInGiB": "sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus can use for data blocks and the write-ahead log (WAL). When the limit is reached, Prometheus will delete oldest data first. When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. Minimum value is 1 GiB. Maximum value is 16384 GiB (16 TiB).", } -func (ImagePolicyList) SwaggerDoc() map[string]string { - return map_ImagePolicyList +func (Retention) SwaggerDoc() map[string]string { + return map_Retention } -var map_ImagePolicyPKIRootOfTrust = map[string]string{ - "": "ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates.", - "caRootsData": "caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. ", - "caIntermediatesData": "caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. caIntermediatesData requires caRootsData to be set. ", - "pkiCertificateSubject": "pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", +var map_SecretKeySelector = map[string]string{ + "": "SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace.", + "name": "name is the name of the secret in the `openshift-monitoring` namespace to select from. Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). Must be between 1 and 253 characters in length.", + "key": "key is the key of the secret to select from. Must consist of alphanumeric characters, '-', '_', or '.'. Must be between 1 and 253 characters in length.", } -func (ImagePolicyPKIRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPKIRootOfTrust +func (SecretKeySelector) SwaggerDoc() map[string]string { + return map_SecretKeySelector } -var map_ImagePolicyPublicKeyRootOfTrust = map[string]string{ - "": "ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key.", - "keyData": "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", - "rekorKeyData": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", +var map_Sigv4 = map[string]string{ + "": "Sigv4 defines AWS Signature Version 4 authentication settings. At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication.", + "region": "region is the AWS region. When omitted, the region is derived from the environment or instance metadata. Must be between 1 and 128 characters.", + "accessKey": "accessKey defines the secret reference containing the AWS access key ID. The secret must exist in the openshift-monitoring namespace. When omitted, the access key is derived from the environment or instance metadata.", + "secretKey": "secretKey defines the secret reference containing the AWS secret access key. The secret must exist in the openshift-monitoring namespace. When omitted, the secret key is derived from the environment or instance metadata.", + "profile": "profile is the named AWS profile used to authenticate. When omitted, the default profile is used. Must be between 1 and 128 characters.", + "roleArn": "roleArn is the AWS Role ARN, an alternative to using AWS API keys. When omitted, API keys are used for authentication. Must be a valid AWS ARN format (e.g., \"arn:aws:iam::123456789012:role/MyRole\"). Must be between 1 and 512 characters.", } -func (ImagePolicyPublicKeyRootOfTrust) SwaggerDoc() map[string]string { - return map_ImagePolicyPublicKeyRootOfTrust +func (Sigv4) SwaggerDoc() map[string]string { + return map_Sigv4 } -var map_ImagePolicySpec = map[string]string{ - "": "ImagePolicySpec is the specification of the ImagePolicy CRD.", - "scopes": "scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the \"Docker Registry HTTP API V2\". Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. For additional details about the format, please refer to the document explaining the docker transport field, which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker", - "policy": "policy contains configuration to allow scopes to be verified, and defines how images not matching the verification policy will be treated.", +var map_TLSConfig = map[string]string{ + "": "TLSConfig represents TLS configuration for Alertmanager connections. At least one TLS configuration option must be specified. For mutual TLS (mTLS), both cert and key must be specified together, or both omitted.", + "ca": "ca is an optional CA certificate to use for TLS connections. When omitted, the system's default CA bundle is used.", + "cert": "cert is an optional client certificate to use for mutual TLS connections. When omitted, no client certificate is presented.", + "key": "key is an optional client key to use for mutual TLS connections. When omitted, no client key is used.", + "serverName": "serverName is an optional server name to use for TLS connections. When specified, must be a valid DNS subdomain as per RFC 1123. When omitted, the server name is derived from the URL. Must be between 1 and 253 characters in length.", + "certificateVerification": "certificateVerification determines the policy for TLS certificate verification. Allowed values are \"Verify\" (performs certificate verification, secure) and \"SkipVerify\" (skips verification, insecure). When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The default value is \"Verify\".", } -func (ImagePolicySpec) SwaggerDoc() map[string]string { - return map_ImagePolicySpec +func (TLSConfig) SwaggerDoc() map[string]string { + return map_TLSConfig } -var map_ImagePolicyStatus = map[string]string{ - "conditions": "conditions provide details on the status of this API Resource.", +var map_TelemeterClientConfig = map[string]string{ + "": "TelemeterClientConfig provides configuration options for the Telemeter Client component that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected monitoring metrics and forwards them to Red Hat for telemetry purposes. At least one field must be specified.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the Telemeter Client container. This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. When not specified, defaults are used by the platform. Requests cannot exceed limits. This field is optional. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 1m\n limit: null\n - name: memory\n request: 40Mi\n limit: null\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Default is empty list. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } -func (ImagePolicyStatus) SwaggerDoc() map[string]string { - return map_ImagePolicyStatus +func (TelemeterClientConfig) SwaggerDoc() map[string]string { + return map_TelemeterClientConfig } -var map_ImageSigstoreVerificationPolicy = map[string]string{ - "": "ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list.", - "rootOfTrust": "rootOfTrust specifies the root of trust for the policy.", - "signedIdentity": "signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is \"MatchRepoDigestOrExact\".", +var map_ThanosQuerierConfig = map[string]string{ + "": "ThanosQuerierConfig provides configuration options for the Thanos Querier component that runs in the `openshift-monitoring` namespace. At least one field must be specified; an empty thanosQuerierConfig object is not allowed.", + "nodeSelector": "nodeSelector defines the nodes on which the Pods are scheduled. nodeSelector is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default value is `kubernetes.io/os: linux`. When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries.", + "resources": "resources defines the compute resource requests and limits for the Thanos Querier container. resources is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Requests cannot exceed limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ This is a simplified API that maps to Kubernetes ResourceRequirements. The current default values are:\n resources:\n - name: cpu\n request: 5m\n - name: memory\n request: 12Mi\nMaximum length for this list is 5. Minimum length for this list is 1. Each resource name must be unique within this list.", + "tolerations": "tolerations defines tolerations for the pods. tolerations is optional.\n\nWhen omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1.", + "topologySpreadConstraints": "topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed across topology domains such as zones, nodes, or other user-defined labels. topologySpreadConstraints is optional. This helps improve high availability and resource efficiency by avoiding placing too many replicas in the same failure domain.\n\nWhen omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. This field maps directly to the `topologySpreadConstraints` field in the Pod spec. Defaults are empty/unset. Maximum length for this list is 10. Minimum length for this list is 1. Entries must have unique topologyKey and whenUnsatisfiable pairs.", } -func (ImageSigstoreVerificationPolicy) SwaggerDoc() map[string]string { - return map_ImageSigstoreVerificationPolicy +func (ThanosQuerierConfig) SwaggerDoc() map[string]string { + return map_ThanosQuerierConfig } -var map_PKICertificateSubject = map[string]string{ - "": "PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued.", - "email": "email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. The email should be a valid email address and at most 320 characters in length.", - "hostname": "hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk.", +var map_UppercaseActionConfig = map[string]string{ + "": "UppercaseActionConfig configures the Uppercase action. Maps the concatenated source_labels to their upper case and writes to target_label. Requires Prometheus >= v2.36.0.", + "targetLabel": "targetLabel is the label name where the upper-cased value is written. Must be between 1 and 128 characters in length.", } -func (PKICertificateSubject) SwaggerDoc() map[string]string { - return map_PKICertificateSubject +func (UppercaseActionConfig) SwaggerDoc() map[string]string { + return map_UppercaseActionConfig } -var map_PolicyFulcioSubject = map[string]string{ - "": "PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration.", - "oidcIssuer": "oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. Example: \"https://expected.OIDC.issuer/\"", - "signedEmail": "signedEmail holds the email address the the Fulcio certificate is issued for. Example: \"expected-signing-user@example.com\"", +var map_UserDefinedMonitoring = map[string]string{ + "": "UserDefinedMonitoring config for user-defined projects.", + "mode": "mode defines the different configurations of UserDefinedMonitoring Valid values are Disabled and NamespaceIsolated Disabled disables monitoring for user-defined projects. This restricts the default monitoring stack, installed in the openshift-monitoring project, to monitor only platform namespaces, which prevents any custom monitoring configurations or resources from being applied to user-defined namespaces. NamespaceIsolated enables monitoring for user-defined projects with namespace-scoped tenancy. This ensures that metrics, alerts, and monitoring data are isolated at the namespace level. The current default value is `Disabled`.", } -func (PolicyFulcioSubject) SwaggerDoc() map[string]string { - return map_PolicyFulcioSubject +func (UserDefinedMonitoring) SwaggerDoc() map[string]string { + return map_UserDefinedMonitoring } -var map_PolicyIdentity = map[string]string{ - "": "PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is \"MatchRepoDigestOrExact\".", - "matchPolicy": "matchPolicy sets the type of matching to be used. Valid values are \"MatchRepoDigestOrExact\", \"MatchRepository\", \"ExactRepository\", \"RemapIdentity\". When omitted, the default value is \"MatchRepoDigestOrExact\". If set matchPolicy to ExactRepository, then the exactRepository must be specified. If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. \"MatchRepoDigestOrExact\" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. \"MatchRepository\" means that the identity in the signature must be in the same repository as the image identity. \"ExactRepository\" means that the identity in the signature must be in the same repository as a specific identity specified by \"repository\". \"RemapIdentity\" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the \"prefix\" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix.", - "exactRepository": "exactRepository is required if matchPolicy is set to \"ExactRepository\".", - "remapIdentity": "remapIdentity is required if matchPolicy is set to \"RemapIdentity\".", +var map_CRIOCredentialProviderConfig = map[string]string{ + "": "CRIOCredentialProviderConfig holds cluster-wide singleton resource configurations for CRI-O credential provider, the name of this instance is \"cluster\". CRI-O credential provider is a binary shipped with CRI-O that provides a way to obtain container image pull credentials from external sources. For example, it can be used to fetch mirror registry credentials from secrets resources in the cluster within the same namespace the pod will be running in. CRIOCredentialProviderConfig configuration specifies the pod image sources registries that should trigger the CRI-O credential provider execution, which will resolve the CRI-O mirror configurations and obtain the necessary credentials for pod creation. Note: Configuration changes will only take effect after the kubelet restarts, which is automatically managed by the cluster during rollout.\n\nThe resource is a singleton named \"cluster\".\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "spec": "spec defines the desired configuration of the CRI-O Credential Provider. This field is required and must be provided when creating the resource.", + "status": "status represents the current state of the CRIOCredentialProviderConfig. When omitted or nil, it indicates that the status has not yet been set by the controller. The controller will populate this field with validation conditions and operational state.", } -func (PolicyIdentity) SwaggerDoc() map[string]string { - return map_PolicyIdentity +func (CRIOCredentialProviderConfig) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfig } -var map_PolicyMatchExactRepository = map[string]string{ - "repository": "repository is the reference of the image identity to be matched. The value should be a repository name (by omitting the tag or digest) in a registry implementing the \"Docker Registry HTTP API V2\". For example, docker.io/library/busybox", +var map_CRIOCredentialProviderConfigList = map[string]string{ + "": "CRIOCredentialProviderConfigList contains a list of CRIOCredentialProviderConfig resources\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", } -func (PolicyMatchExactRepository) SwaggerDoc() map[string]string { - return map_PolicyMatchExactRepository +func (CRIOCredentialProviderConfigList) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigList } -var map_PolicyMatchRemapIdentity = map[string]string{ - "prefix": "prefix is the prefix of the image identity to be matched. If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", - "signedPrefix": "signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as \"prefix\". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox.", +var map_CRIOCredentialProviderConfigSpec = map[string]string{ + "": "CRIOCredentialProviderConfigSpec defines the desired configuration of the CRI-O Credential Provider.", + "matchImages": "matchImages is a list of string patterns used to determine whether the CRI-O credential provider should be invoked for a given image. This list is passed to the kubelet CredentialProviderConfig, and if any pattern matches the requested image, CRI-O credential provider will be invoked to obtain credentials for pulling that image or its mirrors. Depending on the platform, the CRI-O credential provider may be installed alongside an existing platform specific provider. Conflicts between the existing platform specific provider image match configuration and this list will be handled by the following precedence rule: credentials from built-in kubelet providers (e.g., ECR, GCR, ACR) take precedence over those from the CRIOCredentialProviderConfig when both match the same image. To avoid uncertainty, it is recommended to avoid configuring your private image patterns to overlap with existing platform specific provider config(e.g., the entries from https://github.com/openshift/machine-config-operator/blob/main/templates/common/aws/files/etc-kubernetes-credential-providers-ecr-credential-provider.yaml). You can check the resource's Status conditions to see if any entries were ignored due to exact matches with known built-in provider patterns.\n\nThis field is optional, the items of the list must contain between 1 and 50 entries. The list is treated as a set, so duplicate entries are not allowed.\n\nFor more details, see: https://kubernetes.io/docs/tasks/administer-cluster/kubelet-credential-provider/ https://github.com/cri-o/crio-credential-provider#architecture\n\nEach entry in matchImages is a pattern which can optionally contain a port and a path. Each entry must be no longer than 512 characters. Wildcards ('*') are supported for full subdomain labels, such as '*.k8s.io' or 'k8s.*.io', and for top-level domains, such as 'k8s.*' (which matches 'k8s.io' or 'k8s.net'). A global wildcard '*' (matching any domain) is not allowed. Wildcards may replace an entire hostname label (e.g., *.example.com), but they cannot appear within a label (e.g., f*oo.example.com) and are not allowed in the port or path. For example, 'example.*.com' is valid, but 'exa*mple.*.com' is not. Each wildcard matches only a single domain label, so '*.io' does **not** match '*.k8s.io'.\n\nA match exists between an image and a matchImage when all of the below are true: Both contain the same number of domain parts and each part matches. The URL path of an matchImages must be a prefix of the target image URL path. If the matchImages contains a port, then the port must match in the image as well.\n\nExample values of matchImages: - 123456789.dkr.ecr.us-east-1.amazonaws.com - *.azurecr.io - gcr.io - *.*.registry.io - registry.io:8080/path", } -func (PolicyMatchRemapIdentity) SwaggerDoc() map[string]string { - return map_PolicyMatchRemapIdentity +func (CRIOCredentialProviderConfigSpec) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigSpec } -var map_PolicyRootOfTrust = map[string]string{ - "": "PolicyRootOfTrust defines the root of trust based on the selected policyType.", - "policyType": "policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. \"PublicKey\" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. \"FulcioCAWithRekor\" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. \"PKI\" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate.", - "publicKey": "publicKey defines the root of trust based on a sigstore public key.", - "fulcioCAWithRekor": "fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. For more information about Fulcio and Rekor, please refer to the document at: https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor", - "pki": "pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates.", +var map_CRIOCredentialProviderConfigStatus = map[string]string{ + "": "CRIOCredentialProviderConfigStatus defines the observed state of CRIOCredentialProviderConfig", + "conditions": "conditions represent the latest available observations of the configuration state. When omitted, it indicates that no conditions have been reported yet. The maximum number of conditions is 16. Conditions are stored as a map keyed by condition type, ensuring uniqueness.\n\nExpected condition types include: \"Validated\": indicates whether the matchImages configuration is valid", } -func (PolicyRootOfTrust) SwaggerDoc() map[string]string { - return map_PolicyRootOfTrust +func (CRIOCredentialProviderConfigStatus) SwaggerDoc() map[string]string { + return map_CRIOCredentialProviderConfigStatus } var map_GatherConfig = map[string]string{ diff --git a/vendor/github.com/openshift/api/envtest-releases.yaml b/vendor/github.com/openshift/api/envtest-releases.yaml index e495e02796..ea376ded55 100644 --- a/vendor/github.com/openshift/api/envtest-releases.yaml +++ b/vendor/github.com/openshift/api/envtest-releases.yaml @@ -1,4 +1,30 @@ releases: + v1.28.15: + envtest-v1.28.15-darwin-amd64.tar.gz: + hash: 79e04e7e264e6907da73d27c04d50be7bfa702b059e66f21331c9c8e16daa6ff960e750c1910804b7aa2a5bd79488a5bd082b76a7bab003e613a2cdbb2a8b80d + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-darwin-amd64.tar.gz + envtest-v1.28.15-darwin-arm64.tar.gz: + hash: 9646d169cf5161793ded60fa2ffde705d8fdde7c7c77833be9a77909f5804b909f28d56b2b0b93bd200d8057db3e37da9fe1683368ae38777ea62609135d0b4d + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-darwin-arm64.tar.gz + envtest-v1.28.15-linux-amd64.tar.gz: + hash: bc7e3deabbb3c7ee5e572e1392041af9d2fa40a51eb88dcabdaf57ff2a476e81efbd837a87f1f0849a5083dcb7c0b4b2fc16107da4cf3308805eee377fb383c1 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-linux-amd64.tar.gz + envtest-v1.28.15-linux-arm64.tar.gz: + hash: 17ec8d5f7de118b66d1621d8b25b4f0a891e4a641d5e845d14c0da4cb2e258b6bf788fe6b5334b27beb12d9e67f7c8f2c2ded6023bf9a7e79ac3b483b8cdfcc2 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.28.15-linux-arm64.tar.gz + v1.29.7: + envtest-v1.29.7-darwin-amd64.tar.gz: + hash: 4a97f9162ee882632aafda20e562dfb4011879f9ec6c8ffa4922e566933fc35292171cc837b50860e2e91238d820931a1fb8c3280541a180f6e9057178c71889 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-darwin-amd64.tar.gz + envtest-v1.29.7-darwin-arm64.tar.gz: + hash: e810e04c14b1bba79c90c755ecb8b13094132a86339e78d1fe39029b9825b90b663d538b29d6ab4d905c22728efdf278881ee3f434f2215bc77157dee90a2bde + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-darwin-arm64.tar.gz + envtest-v1.29.7-linux-amd64.tar.gz: + hash: 91dcf683c95541691b8b9fdd332b0d3df56f8969b57c14797e990b9861ad71b2954f402913b5579f6afb99dce19817ba49542e2e276c7f70aeeb857a5ec1d57c + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-linux-amd64.tar.gz + envtest-v1.29.7-linux-arm64.tar.gz: + hash: 912333dee15e9cc068ebc5ef25591e16b9732cc70c23435efa72af352cffa9c25236d3982db910bd3a06172e9d57fc0d50585996f17c66ae1b80f0e2d3ef37b5 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.29.7-linux-arm64.tar.gz v1.30.3: envtest-v1.30.3-darwin-amd64.tar.gz: hash: 81ab2ad5841522976d9a5fc58642b745cf308230b0f2e634acfb2d5c8f288ef837f7b82144a5e91db607d86885101e06dd473a68bcac0d71be2297edc4aaa92e @@ -77,3 +103,16 @@ releases: envtest-v1.34.1-linux-arm64.tar.gz: hash: e2ee7e47ceeba56624fd869922ab9851200482ef835c09fe3dd57c9806a992a7e1f56641906510ebb095514953aa8a3af68d45a82be45b94981a50e894ac6e42 selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.34.1-linux-arm64.tar.gz + v1.35.1: + envtest-v1.35.1-darwin-amd64.tar.gz: + hash: 8b788ca564d0d2d49000b572b9c83a87f71978b7dcbb0c969dde5bf8923869dcb5860b8f905af9a3772431ba7e575c4215d1bcfa5d2857bd8db440272f252ddd + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-darwin-amd64.tar.gz + envtest-v1.35.1-darwin-arm64.tar.gz: + hash: d650d7a96c69efdc7321579d597b9dbd9ef71df5ea1e0f00815edb31eb0f4a40599fe223b9d0f2a114be32657ff842136a3ab65e646b08a0fce50d6871bcec71 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-darwin-arm64.tar.gz + envtest-v1.35.1-linux-amd64.tar.gz: + hash: 70e4e66f842d53cce174a3499feb04e0493ada374148c687da4e7ddc0e20e10dd6fa5e2cd765bd80b7d3dca3cd8388460503a0335e15f71212b333386fb3c2b1 + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-linux-amd64.tar.gz + envtest-v1.35.1-linux-arm64.tar.gz: + hash: 309308f9c66f9e2e5192c65a333a388faaaa903841f26f8a96b8f13a5eb3039bcbb818ef6ddbb5803a9cfa9b25e37249a0aed5d472badb25539696569923f87f + selfLink: https://storage.googleapis.com/openshift-kubebuilder-tools/envtest-v1.35.1-linux-arm64.tar.gz diff --git a/vendor/github.com/openshift/api/etcd/install.go b/vendor/github.com/openshift/api/etcd/install.go index 7e7474152c..659816d814 100644 --- a/vendor/github.com/openshift/api/etcd/install.go +++ b/vendor/github.com/openshift/api/etcd/install.go @@ -5,6 +5,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" v1alpha1 "github.com/openshift/api/etcd/v1alpha1" + v1 "github.com/openshift/api/etcd/v1" ) const ( @@ -12,7 +13,7 @@ const ( ) var ( - schemeBuilder = runtime.NewSchemeBuilder(v1alpha1.Install) + schemeBuilder = runtime.NewSchemeBuilder(v1.Install, v1alpha1.Install) // Install is a function which adds every version of this group to a scheme Install = schemeBuilder.AddToScheme ) diff --git a/vendor/github.com/openshift/api/etcd/v1/Makefile b/vendor/github.com/openshift/api/etcd/v1/Makefile new file mode 100644 index 0000000000..6fa6435a24 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/Makefile @@ -0,0 +1,3 @@ +.PHONY: test +test: + make -C ../../tests test GINKGO_EXTRA_ARGS=--focus="etcd.openshift.io/v1" diff --git a/vendor/github.com/openshift/api/etcd/v1/doc.go b/vendor/github.com/openshift/api/etcd/v1/doc.go new file mode 100644 index 0000000000..fe483fffd4 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/doc.go @@ -0,0 +1,6 @@ +// +k8s:deepcopy-gen=package,register +// +k8s:defaulter-gen=TypeMeta +// +k8s:openapi-gen=true +// +openshift:featuregated-schema-gen=true +// +groupName=etcd.openshift.io +package v1 diff --git a/vendor/github.com/openshift/api/etcd/v1/register.go b/vendor/github.com/openshift/api/etcd/v1/register.go new file mode 100644 index 0000000000..1b59263043 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/register.go @@ -0,0 +1,39 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +var ( + GroupName = "etcd.openshift.io" + GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} + schemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // Install is a function which adds this version to a scheme + Install = schemeBuilder.AddToScheme + + // SchemeGroupVersion generated code relies on this name + // Deprecated + SchemeGroupVersion = GroupVersion + // AddToScheme exists solely to keep the old generators creating valid code + // DEPRECATED + AddToScheme = schemeBuilder.AddToScheme +) + +// Resource generated code relies on this being here, but it logically belongs to the group +// DEPRECATED +func Resource(resource string) schema.GroupResource { + return schema.GroupResource{Group: GroupName, Resource: resource} +} + +func addKnownTypes(scheme *runtime.Scheme) error { + metav1.AddToGroupVersion(scheme, GroupVersion) + + scheme.AddKnownTypes(GroupVersion, + &PacemakerCluster{}, + &PacemakerClusterList{}, + ) + + return nil +} diff --git a/vendor/github.com/openshift/api/etcd/v1/types_pacemakercluster.go b/vendor/github.com/openshift/api/etcd/v1/types_pacemakercluster.go new file mode 100644 index 0000000000..a481f5e1bd --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/types_pacemakercluster.go @@ -0,0 +1,737 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// PacemakerCluster is used in Two Node OpenShift with Fencing deployments to monitor the health +// of etcd running under pacemaker. + +// Cluster-level condition types for PacemakerCluster.status.conditions +const ( + // ClusterHealthyConditionType tracks the overall health of the pacemaker cluster. + // This is an aggregate condition that reflects the health of all cluster-level conditions and node health. + // Specifically, it aggregates the following conditions: + // - ClusterInServiceConditionType + // - ClusterNodeCountAsExpectedConditionType + // - NodeHealthyConditionType (for each node) + // When True, the cluster is healthy with reason "ClusterHealthy". + // When False, the cluster is unhealthy with reason "ClusterUnhealthy". + ClusterHealthyConditionType = "Healthy" + + // ClusterInServiceConditionType tracks whether the cluster is in service (not in maintenance mode). + // Maintenance mode is a cluster-wide setting that prevents pacemaker from starting or stopping resources. + // When True, the cluster is in service with reason "InService". This is the normal operating state. + // When False, the cluster is in maintenance mode with reason "InMaintenance". This is an unexpected state. + ClusterInServiceConditionType = "InService" + + // ClusterNodeCountAsExpectedConditionType tracks whether the cluster has the expected number of nodes. + // For Two Node OpenShift with Fencing, we are expecting exactly 2 nodes. + // When True, the expected number of nodes are present with reason "AsExpected". + // When False, the node count is incorrect with reason "InsufficientNodes" or "ExcessiveNodes". + ClusterNodeCountAsExpectedConditionType = "NodeCountAsExpected" +) + +// ClusterHealthy condition reasons +const ( + // ClusterHealthyReasonHealthy means the pacemaker cluster is healthy and operating normally. + ClusterHealthyReasonHealthy = "ClusterHealthy" + + // ClusterHealthyReasonUnhealthy means the pacemaker cluster has issues that need investigation. + ClusterHealthyReasonUnhealthy = "ClusterUnhealthy" +) + +// ClusterInService condition reasons +const ( + // ClusterInServiceReasonInService means the cluster is in service (not in maintenance mode). + // This is the normal operating state. + ClusterInServiceReasonInService = "InService" + + // ClusterInServiceReasonInMaintenance means the cluster is in maintenance mode. + // In maintenance mode, pacemaker will not start or stop any resources. Entering and exiting this state requires + // manual user intervention, and is unexpected during normal cluster operation. + ClusterInServiceReasonInMaintenance = "InMaintenance" +) + +// ClusterNodeCountAsExpected condition reasons +const ( + // ClusterNodeCountAsExpectedReasonAsExpected means the expected number of nodes are present. + // For Two Node OpenShift with Fencing, we are expecting exactly 2 nodes. This is the expected healthy state. + ClusterNodeCountAsExpectedReasonAsExpected = "AsExpected" + + // ClusterNodeCountAsExpectedReasonInsufficientNodes means fewer nodes than expected are present. + // For Two Node OpenShift with Fencing, this means that less than 2 nodes are present. Under normal operation, this will only happen during + // a node replacement operation. It's also possible to enter this state with manual user intervention, but + // will also require user intervention to restore normal functionality. + ClusterNodeCountAsExpectedReasonInsufficientNodes = "InsufficientNodes" + + // ClusterNodeCountAsExpectedReasonExcessiveNodes means more nodes than expected are present. + // For Two Node OpenShift with Fencing, this means more than 2 nodes are present. This should be investigated as it is unexpected and should + // never happen during normal cluster operation. It is possible to enter this state with manual user intervention, + // but will also require user intervention to restore normal functionality. + ClusterNodeCountAsExpectedReasonExcessiveNodes = "ExcessiveNodes" +) + +// Node-level condition types for PacemakerCluster.status.nodes[].conditions +const ( + // NodeHealthyConditionType tracks the overall health of a node in the pacemaker cluster. + // This is an aggregate condition that reflects the health of all node-level conditions and resource health. + // Specifically, it aggregates the following conditions: + // - NodeOnlineConditionType + // - NodeInServiceConditionType + // - NodeActiveConditionType + // - NodeReadyConditionType + // - NodeCleanConditionType + // - NodeMemberConditionType + // - NodeFencingAvailableConditionType + // - NodeFencingHealthyConditionType + // - ResourceHealthyConditionType (for each resource in the node's resources list) + // When True, the node is healthy with reason "NodeHealthy". + // When False, the node is unhealthy with reason "NodeUnhealthy". + NodeHealthyConditionType = "Healthy" + + // NodeOnlineConditionType tracks whether a node is online. + // When True, the node is online with reason "Online". This is the normal operating state. + // When False, the node is offline with reason "Offline". This can occur during reboots, failures, maintenance, or replacement. + NodeOnlineConditionType = "Online" + + // NodeInServiceConditionType tracks whether a node is in service (not in maintenance mode). + // A node in maintenance mode is ignored by pacemaker while maintenance mode is active. + // When True, the node is in service with reason "InService". This is the normal operating state. + // When False, the node is in maintenance mode with reason "InMaintenance". This is an unexpected state. + NodeInServiceConditionType = "InService" + + // NodeActiveConditionType tracks whether a node is active (not in standby mode). + // When a node enters standby mode, pacemaker moves its resources to other nodes in the cluster. + // In Two Node OpenShift with Fencing, we do not use standby mode during normal operation. + // When True, the node is active with reason "Active". This is the normal operating state. + // When False, the node is in standby mode with reason "Standby". This is an unexpected state. + NodeActiveConditionType = "Active" + + // NodeReadyConditionType tracks whether a node is ready (not in a pending state). + // A node in a pending state is in the process of joining or leaving the cluster. + // When True, the node is ready with reason "Ready". This is the normal operating state. + // When False, the node is pending with reason "Pending". This is expected to be temporary. + NodeReadyConditionType = "Ready" + + // NodeCleanConditionType tracks whether a node is in a clean state. + // An unclean state means that pacemaker was unable to confirm the node's state, which signifies issues + // in fencing, communication, or configuration. + // When True, the node is clean with reason "Clean". This is the normal operating state. + // When False, the node is unclean with reason "Unclean". This is an unexpected state. + NodeCleanConditionType = "Clean" + + // NodeMemberConditionType tracks whether a node is a member of the cluster. + // Some configurations may use remote nodes or ping nodes, which are nodes that are not members. + // For Two Node OpenShift with Fencing, we expect both nodes to be members. + // When True, the node is a member with reason "Member". This is the normal operating state. + // When False, the node is not a member with reason "NotMember". This is an unexpected state. + NodeMemberConditionType = "Member" + + // NodeFencingAvailableConditionType tracks whether a node can be fenced by at least one fencing agent. + // For Two Node OpenShift with Fencing, each node needs at least one healthy fencing agent to ensure + // that the cluster can recover from a node failure via STONITH (Shoot The Other Node In The Head). + // When True, at least one fencing agent is healthy with reason "FencingAvailable". + // When False, all fencing agents are unhealthy with reason "FencingUnavailable". This is a critical + // state that should degrade the operator. + NodeFencingAvailableConditionType = "FencingAvailable" + + // NodeFencingHealthyConditionType tracks whether all fencing agents for a node are healthy. + // This is an aggregate condition that reflects the health of all fencing agents targeting this node. + // When True, all fencing agents are healthy with reason "FencingHealthy". + // When False, one or more fencing agents are unhealthy with reason "FencingUnhealthy". Warning events + // should be emitted for failing agents, but the operator should not be degraded if FencingAvailable is True. + NodeFencingHealthyConditionType = "FencingHealthy" +) + +// NodeHealthy condition reasons +const ( + // NodeHealthyReasonHealthy means the node is healthy and operating normally. + NodeHealthyReasonHealthy = "NodeHealthy" + + // NodeHealthyReasonUnhealthy means the node has issues that need investigation. + NodeHealthyReasonUnhealthy = "NodeUnhealthy" +) + +// NodeOnline condition reasons +const ( + // NodeOnlineReasonOnline means the node is online. This is the normal operating state. + NodeOnlineReasonOnline = "Online" + + // NodeOnlineReasonOffline means the node is offline. + NodeOnlineReasonOffline = "Offline" +) + +// NodeInService condition reasons +const ( + // NodeInServiceReasonInService means the node is in service (not in maintenance mode). + // This is the normal operating state. + NodeInServiceReasonInService = "InService" + + // NodeInServiceReasonInMaintenance means the node is in maintenance mode. + // This is an unexpected state. + NodeInServiceReasonInMaintenance = "InMaintenance" +) + +// NodeActive condition reasons +const ( + // NodeActiveReasonActive means the node is active (not in standby mode). + // This is the normal operating state. + NodeActiveReasonActive = "Active" + + // NodeActiveReasonStandby means the node is in standby mode. + // This is an unexpected state. + NodeActiveReasonStandby = "Standby" +) + +// NodeReady condition reasons +const ( + // NodeReadyReasonReady means the node is ready (not in a pending state). + // This is the normal operating state. + NodeReadyReasonReady = "Ready" + + // NodeReadyReasonPending means the node is joining or leaving the cluster. + // This state is expected to be temporary. + NodeReadyReasonPending = "Pending" +) + +// NodeClean condition reasons +const ( + // NodeCleanReasonClean means the node is in a clean state. + // This is the normal operating state. + NodeCleanReasonClean = "Clean" + + // NodeCleanReasonUnclean means the node is in an unclean state. + // Pacemaker was unable to confirm the node's state, which signifies issues in fencing, communication, or configuration. + // This is an unexpected state. + NodeCleanReasonUnclean = "Unclean" +) + +// NodeMember condition reasons +const ( + // NodeMemberReasonMember means the node is a member of the cluster. + // For Two Node OpenShift with Fencing, we expect both nodes to be members. This is the normal operating state. + NodeMemberReasonMember = "Member" + + // NodeMemberReasonNotMember means the node is not a member of the cluster. + // This is an unexpected state. + NodeMemberReasonNotMember = "NotMember" +) + +// NodeFencingAvailable condition reasons +const ( + // NodeFencingAvailableReasonAvailable means at least one fencing agent for this node is healthy. + // The cluster can fence this node if needed. This is the normal operating state. + NodeFencingAvailableReasonAvailable = "FencingAvailable" + + // NodeFencingAvailableReasonUnavailable means all fencing agents for this node are unhealthy. + // The cluster cannot fence this node, which compromises high availability. + // This is a critical state that should degrade the operator. + NodeFencingAvailableReasonUnavailable = "FencingUnavailable" +) + +// NodeFencingHealthy condition reasons +const ( + // NodeFencingHealthyReasonHealthy means all fencing agents for this node are healthy. + // This is the ideal operating state with full redundancy. + NodeFencingHealthyReasonHealthy = "FencingHealthy" + + // NodeFencingHealthyReasonUnhealthy means one or more fencing agents for this node are unhealthy. + // Warning events should be emitted for failing agents, but the operator should not be degraded + // if FencingAvailable is still True. + NodeFencingHealthyReasonUnhealthy = "FencingUnhealthy" +) + +// Resource-level condition types for PacemakerCluster.status.nodes[].resources[].conditions +const ( + // ResourceHealthyConditionType tracks the overall health of a pacemaker resource. + // This is an aggregate condition that reflects the health of all resource-level conditions. + // Specifically, it aggregates the following conditions: + // - ResourceInServiceConditionType + // - ResourceManagedConditionType + // - ResourceEnabledConditionType + // - ResourceOperationalConditionType + // - ResourceActiveConditionType + // - ResourceStartedConditionType + // - ResourceSchedulableConditionType + // When True, the resource is healthy with reason "ResourceHealthy". + // When False, the resource is unhealthy with reason "ResourceUnhealthy". + ResourceHealthyConditionType = "Healthy" + + // ResourceInServiceConditionType tracks whether a resource is in service (not in maintenance mode). + // Resources in maintenance mode are not monitored or moved by pacemaker. + // In Two Node OpenShift with Fencing, we do not expect any resources to be in maintenance mode. + // When True, the resource is in service with reason "InService". This is the normal operating state. + // When False, the resource is in maintenance mode with reason "InMaintenance". This is an unexpected state. + ResourceInServiceConditionType = "InService" + + // ResourceManagedConditionType tracks whether a resource is managed by pacemaker. + // Resources that are not managed by pacemaker are effectively invisible to the pacemaker HA logic. + // For Two Node OpenShift with Fencing, all resources are expected to be managed. + // When True, the resource is managed with reason "Managed". This is the normal operating state. + // When False, the resource is not managed with reason "Unmanaged". This is an unexpected state. + ResourceManagedConditionType = "Managed" + + // ResourceEnabledConditionType tracks whether a resource is enabled. + // Resources that are disabled are stopped and not automatically managed or started by the cluster. + // In Two Node OpenShift with Fencing, we do not expect any resources to be disabled. + // When True, the resource is enabled with reason "Enabled". This is the normal operating state. + // When False, the resource is disabled with reason "Disabled". This is an unexpected state. + ResourceEnabledConditionType = "Enabled" + + // ResourceOperationalConditionType tracks whether a resource is operational (not failed). + // A failed resource is one that is not able to start or is in an error state. + // When True, the resource is operational with reason "Operational". This is the normal operating state. + // When False, the resource has failed with reason "Failed". This is an unexpected state. + ResourceOperationalConditionType = "Operational" + + // ResourceActiveConditionType tracks whether a resource is active. + // An active resource is running on a cluster node. + // In Two Node OpenShift with Fencing, all resources are expected to be active. + // When True, the resource is active with reason "Active". This is the normal operating state. + // When False, the resource is not active with reason "Inactive". This is an unexpected state. + ResourceActiveConditionType = "Active" + + // ResourceStartedConditionType tracks whether a resource is started. + // It's normal for a resource like etcd to become stopped in the event of a quorum loss event because + // the pacemaker recovery logic will fence a node and restore etcd quorum on the surviving node as a cluster-of-one. + // A resource that stays stopped for an extended period of time is an unexpected state and should be investigated. + // When True, the resource is started with reason "Started". This is the normal operating state. + // When False, the resource is not started with reason "Stopped". This is expected to be temporary. + ResourceStartedConditionType = "Started" + + // ResourceSchedulableConditionType tracks whether a resource is schedulable (not blocked). + // A resource that is not schedulable is unable to start or move to a different node. + // In Two Node OpenShift with Fencing, we do not expect any resources to be unschedulable. + // When True, the resource is schedulable with reason "Schedulable". This is the normal operating state. + // When False, the resource is not schedulable with reason "Unschedulable". This is an unexpected state. + ResourceSchedulableConditionType = "Schedulable" +) + +// ResourceHealthy condition reasons +const ( + // ResourceHealthyReasonHealthy means the resource is healthy and operating normally. + ResourceHealthyReasonHealthy = "ResourceHealthy" + + // ResourceHealthyReasonUnhealthy means the resource has issues that need investigation. + ResourceHealthyReasonUnhealthy = "ResourceUnhealthy" +) + +// ResourceInService condition reasons +const ( + // ResourceInServiceReasonInService means the resource is in service (not in maintenance mode). + // This is the normal operating state. + ResourceInServiceReasonInService = "InService" + + // ResourceInServiceReasonInMaintenance means the resource is in maintenance mode. + // Resources in maintenance mode are not monitored or moved by pacemaker. This is an unexpected state. + ResourceInServiceReasonInMaintenance = "InMaintenance" +) + +// ResourceManaged condition reasons +const ( + // ResourceManagedReasonManaged means the resource is managed by pacemaker. + // This is the normal operating state. + ResourceManagedReasonManaged = "Managed" + + // ResourceManagedReasonUnmanaged means the resource is not managed by pacemaker. + // Resources that are not managed by pacemaker are effectively invisible to the pacemaker HA logic. + // This is an unexpected state. + ResourceManagedReasonUnmanaged = "Unmanaged" +) + +// ResourceEnabled condition reasons +const ( + // ResourceEnabledReasonEnabled means the resource is enabled. + // This is the normal operating state. + ResourceEnabledReasonEnabled = "Enabled" + + // ResourceEnabledReasonDisabled means the resource is disabled. + // Resources that are disabled are stopped and not automatically managed or started by the cluster. + // This is an unexpected state. + ResourceEnabledReasonDisabled = "Disabled" +) + +// ResourceOperational condition reasons +const ( + // ResourceOperationalReasonOperational means the resource is operational (not failed). + // This is the normal operating state. + ResourceOperationalReasonOperational = "Operational" + + // ResourceOperationalReasonFailed means the resource has failed. + // A failed resource is one that is not able to start or is in an error state. This is an unexpected state. + ResourceOperationalReasonFailed = "Failed" +) + +// ResourceActive condition reasons +const ( + // ResourceActiveReasonActive means the resource is active. + // An active resource is running on a cluster node. This is the normal operating state. + ResourceActiveReasonActive = "Active" + + // ResourceActiveReasonInactive means the resource is not active. + // This is an unexpected state. + ResourceActiveReasonInactive = "Inactive" +) + +// ResourceStarted condition reasons +const ( + // ResourceStartedReasonStarted means the resource is started. + // This is the normal operating state. + ResourceStartedReasonStarted = "Started" + + // ResourceStartedReasonStopped means the resource is stopped. + // It's normal for a resource like etcd to become stopped in the event of a quorum loss event because + // the pacemaker recovery logic will fence a node and restore etcd quorum on the surviving node as a cluster-of-one. + // A resource that stays stopped for an extended period of time is an unexpected state and should be investigated. + ResourceStartedReasonStopped = "Stopped" +) + +// ResourceSchedulable condition reasons +const ( + // ResourceSchedulableReasonSchedulable means the resource is schedulable (not blocked). + // This is the normal operating state. + ResourceSchedulableReasonSchedulable = "Schedulable" + + // ResourceSchedulableReasonUnschedulable means the resource is not schedulable (blocked). + // A resource that is not schedulable is unable to start or move to a different node. This is an unexpected state. + ResourceSchedulableReasonUnschedulable = "Unschedulable" +) + +// PacemakerNodeAddressType represents the type of a node address. +// Currently only InternalIP is supported. +// +kubebuilder:validation:Enum=InternalIP +// +enum +type PacemakerNodeAddressType string + +const ( + // PacemakerNodeInternalIP is an internal IP address assigned to the node. + // This is typically the IP address used for intra-cluster communication. + PacemakerNodeInternalIP PacemakerNodeAddressType = "InternalIP" +) + +// PacemakerNodeAddress contains information for a node's address. +// This is similar to corev1.NodeAddress but adds validation for IP addresses. +type PacemakerNodeAddress struct { + // type is the type of node address. + // Currently only "InternalIP" is supported. + // +required + Type PacemakerNodeAddressType `json:"type,omitempty"` + + // address is the node address. + // For InternalIP, this must be a valid global unicast IPv4 or IPv6 address in canonical form. + // Canonical form means the shortest standard representation (e.g., "192.168.1.1" not "192.168.001.001", + // or "2001:db8::1" not "2001:0db8::1"). Maximum length is 39 characters (full IPv6 address). + // Global unicast includes private/RFC1918 addresses but excludes loopback, link-local, and multicast. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=39 + // +kubebuilder:validation:XValidation:rule="isIP(self) && ip.isCanonical(self) && ip(self).isGlobalUnicast()",message="must be a valid global unicast IPv4 or IPv6 address in canonical form" + // +required + Address string `json:"address,omitempty"` +} + +// PacemakerClusterResourceName represents the name of a pacemaker resource. +// Fencing agents are tracked separately in the fencingAgents field. +// +kubebuilder:validation:Enum=Kubelet;Etcd +// +enum +type PacemakerClusterResourceName string + +// PacemakerClusterResourceName values +const ( + // PacemakerClusterResourceNameKubelet is the kubelet pacemaker resource. + // The kubelet resource is a prerequisite for etcd in Two Node OpenShift with Fencing deployments. + PacemakerClusterResourceNameKubelet PacemakerClusterResourceName = "Kubelet" + + // PacemakerClusterResourceNameEtcd is the etcd pacemaker resource. + // The etcd resource may temporarily transition to stopped during pacemaker quorum-recovery operations. + PacemakerClusterResourceNameEtcd PacemakerClusterResourceName = "Etcd" +) + +// FencingMethod represents the method used by a fencing agent to isolate failed nodes. +// Valid values are "Redfish" and "IPMI". +// +kubebuilder:validation:Enum=Redfish;IPMI +// +enum +type FencingMethod string + +// FencingMethod values +const ( + // FencingMethodRedfish uses Redfish, a standard RESTful API for server management. + FencingMethodRedfish FencingMethod = "Redfish" + + // FencingMethodIPMI uses IPMI (Intelligent Platform Management Interface), a hardware management interface. + FencingMethodIPMI FencingMethod = "IPMI" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// PacemakerCluster represents the current state of the pacemaker cluster as reported by the pcs status command. +// PacemakerCluster is a cluster-scoped singleton resource. The name of this instance is "cluster". This +// resource provides a view into the health and status of a pacemaker-managed cluster in Two Node OpenShift with Fencing deployments. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +// +kubebuilder:object:root=true +// +kubebuilder:resource:path=pacemakerclusters,scope=Cluster,singular=pacemakercluster +// +kubebuilder:subresource:status +// +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/2544 +// +openshift:file-pattern=cvoRunLevel=0000_25,operatorName=etcd,operatorOrdering=01,operatorComponent=two-node-fencing +// +openshift:enable:FeatureGate=DualReplica +// +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="PacemakerCluster must be named 'cluster'" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.status) || has(self.status)",message="status may not be removed once set" +type PacemakerCluster struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard object's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + // +required + metav1.ObjectMeta `json:"metadata,omitempty"` + + // status contains the actual pacemaker cluster status information collected from the cluster. + // The goal of this status is to be able to quickly identify if pacemaker is in a healthy state. + // In Two Node OpenShift with Fencing, a healthy pacemaker cluster has 2 nodes, both of which have healthy kubelet, etcd, and fencing resources. + // This field is optional on creation - the status collector populates it immediately after creating + // the resource via the status subresource. + // +optional + Status PacemakerClusterStatus `json:"status,omitzero"` +} + +// PacemakerClusterStatus contains the actual pacemaker cluster status information. As part of validating the status +// object, we need to ensure that the lastUpdated timestamp may not be set to an earlier timestamp than the current value. +// The validation rule checks if oldSelf has lastUpdated before comparing, to handle the initial status creation case. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.lastUpdated) || self.lastUpdated >= oldSelf.lastUpdated",message="lastUpdated may not be set to an earlier timestamp" +type PacemakerClusterStatus struct { + // conditions represent the observations of the pacemaker cluster's current state. + // Known condition types are: "Healthy", "InService", "NodeCountAsExpected". + // The "Healthy" condition is an aggregate that tracks the overall health of the cluster. + // The "InService" condition tracks whether the cluster is in service (not in maintenance mode). + // The "NodeCountAsExpected" condition tracks whether the expected number of nodes are present. + // Each of these conditions is required, so the array must contain at least 3 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=3 + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'NodeCountAsExpected')",message="conditions must contain a condition of type NodeCountAsExpected" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // lastUpdated is the timestamp when this status was last updated. This is useful for identifying + // stale status reports. It must be a valid timestamp in RFC3339 format. Once set, this field cannot + // be removed and cannot be set to an earlier timestamp than the current value. + // +kubebuilder:validation:Format=date-time + // +required + LastUpdated metav1.Time `json:"lastUpdated,omitempty,omitzero"` + + // nodes provides detailed status for each control-plane node in the Pacemaker cluster. + // While Pacemaker supports up to 32 nodes, the limit is set to 5 (max OpenShift control-plane nodes). + // For Two Node OpenShift with Fencing, exactly 2 nodes are expected in a healthy cluster. + // An empty list indicates a catastrophic failure where Pacemaker reports no nodes. + // +listType=map + // +listMapKey=nodeName + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=5 + // +required + Nodes *[]PacemakerClusterNodeStatus `json:"nodes,omitempty"` +} + +// PacemakerClusterNodeStatus represents the status of a single node in the pacemaker cluster including +// the node's conditions and the health of critical resources running on that node. +type PacemakerClusterNodeStatus struct { + // conditions represent the observations of the node's current state. + // Known condition types are: "Healthy", "Online", "InService", "Active", "Ready", "Clean", "Member", + // "FencingAvailable", "FencingHealthy". + // The "Healthy" condition is an aggregate that tracks the overall health of the node. + // The "Online" condition tracks whether the node is online. + // The "InService" condition tracks whether the node is in service (not in maintenance mode). + // The "Active" condition tracks whether the node is active (not in standby mode). + // The "Ready" condition tracks whether the node is ready (not in a pending state). + // The "Clean" condition tracks whether the node is in a clean (status known) state. + // The "Member" condition tracks whether the node is a member of the cluster. + // The "FencingAvailable" condition tracks whether this node can be fenced by at least one healthy agent. + // The "FencingHealthy" condition tracks whether all fencing agents for this node are healthy. + // Each of these conditions is required, so the array must contain at least 9 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=9 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Online')",message="conditions must contain a condition of type Online" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Active')",message="conditions must contain a condition of type Active" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Ready')",message="conditions must contain a condition of type Ready" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Clean')",message="conditions must contain a condition of type Clean" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Member')",message="conditions must contain a condition of type Member" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'FencingAvailable')",message="conditions must contain a condition of type FencingAvailable" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'FencingHealthy')",message="conditions must contain a condition of type FencingHealthy" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // nodeName is the name of the node. This is expected to match the Kubernetes node's name, which must be a lowercase + // RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with + // an alphanumeric character, and be at most 253 characters in length. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:validation:XValidation:rule="!format.dns1123Subdomain().validate(self).hasValue()",message="nodeName must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character" + // +required + NodeName string `json:"nodeName,omitempty"` + + // addresses is a list of IP addresses for the node. + // Pacemaker allows multiple IP addresses for Corosync communication between nodes. + // The first address in this list is used for IP-based peer URLs for etcd membership. + // Each address must be a valid global unicast IPv4 or IPv6 address in canonical form + // (e.g., "192.168.1.1" not "192.168.001.001", or "2001:db8::1" not "2001:0db8::1"). + // This excludes loopback, link-local, and multicast addresses. + // +listType=atomic + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=8 + // +required + Addresses []PacemakerNodeAddress `json:"addresses,omitempty"` + + // resources contains the status of pacemaker resources scheduled on this node. + // Each resource entry includes the resource name and its health conditions. + // For Two Node OpenShift with Fencing, we track Kubelet and Etcd resources per node. + // Both resources are required to be present, so the array must contain at least 2 items. + // Valid resource names are "Kubelet" and "Etcd". + // Fencing agents are tracked separately in the fencingAgents field. + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=2 + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="self.exists(r, r.name == 'Kubelet')",message="resources must contain a resource named Kubelet" + // +kubebuilder:validation:XValidation:rule="self.exists(r, r.name == 'Etcd')",message="resources must contain a resource named Etcd" + // +required + Resources []PacemakerClusterResourceStatus `json:"resources,omitempty"` + + // fencingAgents contains the status of fencing agents that can fence this node. + // Unlike resources (which are scheduled to run on this node), fencing agents are mapped + // to the node they can fence (their target), not the node where monitoring operations run. + // Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. + // A node is considered fence-capable if at least one fencing agent is healthy. + // A healthy node is expected to have at least 1 fencing agent, but the list may be empty + // when fencing agent discovery fails. + // Names must be unique within this array. + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=0 + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="fencing agent names must be unique" + // +required + FencingAgents []PacemakerClusterFencingAgentStatus `json:"fencingAgents,omitempty"` +} + +// PacemakerClusterFencingAgentStatus represents the status of a fencing agent that can fence a node. +// Fencing agents are STONITH (Shoot The Other Node In The Head) devices used to isolate failed nodes. +// Unlike regular pacemaker resources, fencing agents are mapped to their target node (the node they +// can fence), not the node where their monitoring operations are scheduled. +type PacemakerClusterFencingAgentStatus struct { + // conditions represent the observations of the fencing agent's current state. + // Known condition types are: "Healthy", "InService", "Managed", "Enabled", "Operational", + // "Active", "Started", "Schedulable". + // The "Healthy" condition is an aggregate that tracks the overall health of the fencing agent. + // The "InService" condition tracks whether the fencing agent is in service (not in maintenance mode). + // The "Managed" condition tracks whether the fencing agent is managed by pacemaker. + // The "Enabled" condition tracks whether the fencing agent is enabled. + // The "Operational" condition tracks whether the fencing agent is operational (not failed). + // The "Active" condition tracks whether the fencing agent is active (available to be used). + // The "Started" condition tracks whether the fencing agent is started. + // The "Schedulable" condition tracks whether the fencing agent is schedulable (not blocked). + // Each of these conditions is required, so the array must contain at least 8 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=8 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Managed')",message="conditions must contain a condition of type Managed" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Enabled')",message="conditions must contain a condition of type Enabled" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Operational')",message="conditions must contain a condition of type Operational" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Active')",message="conditions must contain a condition of type Active" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Started')",message="conditions must contain a condition of type Started" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Schedulable')",message="conditions must contain a condition of type Schedulable" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // name is the unique identifier for this fencing agent (e.g., "master-0_redfish"). + // The name must be unique within the fencingAgents array for this node. + // It may contain alphanumeric characters, dots, hyphens, and underscores. + // Maximum length is 300 characters, providing headroom beyond the typical format of + // _ (253 for RFC 1123 node name + 1 underscore + type). + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=300 + // +kubebuilder:validation:XValidation:rule="self.matches('^[a-zA-Z0-9._-]+$')",message="name must contain only alphanumeric characters, dots, hyphens, and underscores" + // +required + Name string `json:"name,omitempty"` + + // method is the fencing method used by this agent. + // Valid values are "Redfish" and "IPMI". + // Redfish is a standard RESTful API for server management. + // IPMI (Intelligent Platform Management Interface) is a hardware management interface. + // +required + Method FencingMethod `json:"method,omitempty"` +} + +// PacemakerClusterResourceStatus represents the status of a pacemaker resource scheduled on a node. +// A pacemaker resource is a unit of work managed by pacemaker. In pacemaker terminology, resources are services or +// applications that pacemaker monitors, starts, stops, and moves between nodes to maintain high availability. +// For Two Node OpenShift with Fencing, we track two resources per node: +// - Kubelet (the Kubernetes node agent and a prerequisite for etcd) +// - Etcd (the distributed key-value store) +// +// Fencing agents are tracked separately in the fencingAgents field because they are mapped to +// their target node (the node they can fence), not the node where monitoring operations are scheduled. +type PacemakerClusterResourceStatus struct { + // conditions represent the observations of the resource's current state. + // Known condition types are: "Healthy", "InService", "Managed", "Enabled", "Operational", + // "Active", "Started", "Schedulable". + // The "Healthy" condition is an aggregate that tracks the overall health of the resource. + // The "InService" condition tracks whether the resource is in service (not in maintenance mode). + // The "Managed" condition tracks whether the resource is managed by pacemaker. + // The "Enabled" condition tracks whether the resource is enabled. + // The "Operational" condition tracks whether the resource is operational (not failed). + // The "Active" condition tracks whether the resource is active (available to be used). + // The "Started" condition tracks whether the resource is started. + // The "Schedulable" condition tracks whether the resource is schedulable (not blocked). + // Each of these conditions is required, so the array must contain at least 8 items. + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=8 + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Healthy')",message="conditions must contain a condition of type Healthy" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'InService')",message="conditions must contain a condition of type InService" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Managed')",message="conditions must contain a condition of type Managed" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Enabled')",message="conditions must contain a condition of type Enabled" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Operational')",message="conditions must contain a condition of type Operational" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Active')",message="conditions must contain a condition of type Active" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Started')",message="conditions must contain a condition of type Started" + // +kubebuilder:validation:XValidation:rule="self.exists(c, c.type == 'Schedulable')",message="conditions must contain a condition of type Schedulable" + // +required + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // name is the name of the pacemaker resource. + // Valid values are "Kubelet" and "Etcd". + // The Kubelet resource is a prerequisite for etcd in Two Node OpenShift with Fencing deployments. + // The Etcd resource may temporarily transition to stopped during pacemaker quorum-recovery operations. + // Fencing agents are tracked separately in the node's fencingAgents field. + // +required + Name PacemakerClusterResourceName `json:"name,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// PacemakerClusterList contains a list of PacemakerCluster objects. PacemakerCluster is a cluster-scoped singleton +// resource; only one instance named "cluster" may exist. This list type exists only to satisfy Kubernetes API +// conventions. +// +// Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +// +openshift:compatibility-gen:level=1 +type PacemakerClusterList struct { + metav1.TypeMeta `json:",inline"` + + // metadata is the standard list's metadata. + // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + metav1.ListMeta `json:"metadata,omitempty"` + + // items is a list of PacemakerCluster objects. + Items []PacemakerCluster `json:"items"` +} diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/etcd/v1/zz_generated.deepcopy.go new file mode 100644 index 0000000000..c529240e40 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.deepcopy.go @@ -0,0 +1,210 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Code generated by codegen. DO NOT EDIT. + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerCluster) DeepCopyInto(out *PacemakerCluster) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerCluster. +func (in *PacemakerCluster) DeepCopy() *PacemakerCluster { + if in == nil { + return nil + } + out := new(PacemakerCluster) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PacemakerCluster) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterFencingAgentStatus) DeepCopyInto(out *PacemakerClusterFencingAgentStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterFencingAgentStatus. +func (in *PacemakerClusterFencingAgentStatus) DeepCopy() *PacemakerClusterFencingAgentStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterFencingAgentStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterList) DeepCopyInto(out *PacemakerClusterList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]PacemakerCluster, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterList. +func (in *PacemakerClusterList) DeepCopy() *PacemakerClusterList { + if in == nil { + return nil + } + out := new(PacemakerClusterList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PacemakerClusterList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterNodeStatus) DeepCopyInto(out *PacemakerClusterNodeStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Addresses != nil { + in, out := &in.Addresses, &out.Addresses + *out = make([]PacemakerNodeAddress, len(*in)) + copy(*out, *in) + } + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]PacemakerClusterResourceStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.FencingAgents != nil { + in, out := &in.FencingAgents, &out.FencingAgents + *out = make([]PacemakerClusterFencingAgentStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterNodeStatus. +func (in *PacemakerClusterNodeStatus) DeepCopy() *PacemakerClusterNodeStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterNodeStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterResourceStatus) DeepCopyInto(out *PacemakerClusterResourceStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterResourceStatus. +func (in *PacemakerClusterResourceStatus) DeepCopy() *PacemakerClusterResourceStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterResourceStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerClusterStatus) DeepCopyInto(out *PacemakerClusterStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]metav1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.LastUpdated.DeepCopyInto(&out.LastUpdated) + if in.Nodes != nil { + in, out := &in.Nodes, &out.Nodes + *out = new([]PacemakerClusterNodeStatus) + if **in != nil { + in, out := *in, *out + *out = make([]PacemakerClusterNodeStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerClusterStatus. +func (in *PacemakerClusterStatus) DeepCopy() *PacemakerClusterStatus { + if in == nil { + return nil + } + out := new(PacemakerClusterStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PacemakerNodeAddress) DeepCopyInto(out *PacemakerNodeAddress) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PacemakerNodeAddress. +func (in *PacemakerNodeAddress) DeepCopy() *PacemakerNodeAddress { + if in == nil { + return nil + } + out := new(PacemakerNodeAddress) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/etcd/v1/zz_generated.featuregated-crd-manifests.yaml new file mode 100644 index 0000000000..1a11a877c4 --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.featuregated-crd-manifests.yaml @@ -0,0 +1,23 @@ +pacemakerclusters.etcd.openshift.io: + Annotations: {} + ApprovedPRNumber: https://github.com/openshift/api/pull/2544 + CRDName: pacemakerclusters.etcd.openshift.io + Capability: "" + Category: "" + FeatureGates: + - DualReplica + FilenameOperatorName: etcd + FilenameOperatorOrdering: "01" + FilenameRunLevel: "0000_25" + GroupName: etcd.openshift.io + HasStatus: true + KindName: PacemakerCluster + Labels: {} + PluralName: pacemakerclusters + PrinterColumns: [] + Scope: Cluster + ShortNames: null + TopLevelFeatureGates: + - DualReplica + Version: v1 + diff --git a/vendor/github.com/openshift/api/etcd/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/etcd/v1/zz_generated.swagger_doc_generated.go new file mode 100644 index 0000000000..e9e47b47cf --- /dev/null +++ b/vendor/github.com/openshift/api/etcd/v1/zz_generated.swagger_doc_generated.go @@ -0,0 +1,89 @@ +package v1 + +// This file contains a collection of methods that can be used from go-restful to +// generate Swagger API documentation for its models. Please read this PR for more +// information on the implementation: https://github.com/emicklei/go-restful/pull/215 +// +// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if +// they are on one line! For multiple line or blocks that you want to ignore use ---. +// Any context after a --- is ignored. +// +// Those methods can be generated by using hack/update-swagger-docs.sh + +// AUTO-GENERATED FUNCTIONS START HERE +var map_PacemakerCluster = map[string]string{ + "": "PacemakerCluster represents the current state of the pacemaker cluster as reported by the pcs status command. PacemakerCluster is a cluster-scoped singleton resource. The name of this instance is \"cluster\". This resource provides a view into the health and status of a pacemaker-managed cluster in Two Node OpenShift with Fencing deployments.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "status": "status contains the actual pacemaker cluster status information collected from the cluster. The goal of this status is to be able to quickly identify if pacemaker is in a healthy state. In Two Node OpenShift with Fencing, a healthy pacemaker cluster has 2 nodes, both of which have healthy kubelet, etcd, and fencing resources. This field is optional on creation - the status collector populates it immediately after creating the resource via the status subresource.", +} + +func (PacemakerCluster) SwaggerDoc() map[string]string { + return map_PacemakerCluster +} + +var map_PacemakerClusterFencingAgentStatus = map[string]string{ + "": "PacemakerClusterFencingAgentStatus represents the status of a fencing agent that can fence a node. Fencing agents are STONITH (Shoot The Other Node In The Head) devices used to isolate failed nodes. Unlike regular pacemaker resources, fencing agents are mapped to their target node (the node they can fence), not the node where their monitoring operations are scheduled.", + "conditions": "conditions represent the observations of the fencing agent's current state. Known condition types are: \"Healthy\", \"InService\", \"Managed\", \"Enabled\", \"Operational\", \"Active\", \"Started\", \"Schedulable\". The \"Healthy\" condition is an aggregate that tracks the overall health of the fencing agent. The \"InService\" condition tracks whether the fencing agent is in service (not in maintenance mode). The \"Managed\" condition tracks whether the fencing agent is managed by pacemaker. The \"Enabled\" condition tracks whether the fencing agent is enabled. The \"Operational\" condition tracks whether the fencing agent is operational (not failed). The \"Active\" condition tracks whether the fencing agent is active (available to be used). The \"Started\" condition tracks whether the fencing agent is started. The \"Schedulable\" condition tracks whether the fencing agent is schedulable (not blocked). Each of these conditions is required, so the array must contain at least 8 items.", + "name": "name is the unique identifier for this fencing agent (e.g., \"master-0_redfish\"). The name must be unique within the fencingAgents array for this node. It may contain alphanumeric characters, dots, hyphens, and underscores. Maximum length is 300 characters, providing headroom beyond the typical format of _ (253 for RFC 1123 node name + 1 underscore + type).", + "method": "method is the fencing method used by this agent. Valid values are \"Redfish\" and \"IPMI\". Redfish is a standard RESTful API for server management. IPMI (Intelligent Platform Management Interface) is a hardware management interface.", +} + +func (PacemakerClusterFencingAgentStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterFencingAgentStatus +} + +var map_PacemakerClusterList = map[string]string{ + "": "PacemakerClusterList contains a list of PacemakerCluster objects. PacemakerCluster is a cluster-scoped singleton resource; only one instance named \"cluster\" may exist. This list type exists only to satisfy Kubernetes API conventions.\n\nCompatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).", + "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", + "items": "items is a list of PacemakerCluster objects.", +} + +func (PacemakerClusterList) SwaggerDoc() map[string]string { + return map_PacemakerClusterList +} + +var map_PacemakerClusterNodeStatus = map[string]string{ + "": "PacemakerClusterNodeStatus represents the status of a single node in the pacemaker cluster including the node's conditions and the health of critical resources running on that node.", + "conditions": "conditions represent the observations of the node's current state. Known condition types are: \"Healthy\", \"Online\", \"InService\", \"Active\", \"Ready\", \"Clean\", \"Member\", \"FencingAvailable\", \"FencingHealthy\". The \"Healthy\" condition is an aggregate that tracks the overall health of the node. The \"Online\" condition tracks whether the node is online. The \"InService\" condition tracks whether the node is in service (not in maintenance mode). The \"Active\" condition tracks whether the node is active (not in standby mode). The \"Ready\" condition tracks whether the node is ready (not in a pending state). The \"Clean\" condition tracks whether the node is in a clean (status known) state. The \"Member\" condition tracks whether the node is a member of the cluster. The \"FencingAvailable\" condition tracks whether this node can be fenced by at least one healthy agent. The \"FencingHealthy\" condition tracks whether all fencing agents for this node are healthy. Each of these conditions is required, so the array must contain at least 9 items.", + "nodeName": "nodeName is the name of the node. This is expected to match the Kubernetes node's name, which must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with an alphanumeric character, and be at most 253 characters in length.", + "addresses": "addresses is a list of IP addresses for the node. Pacemaker allows multiple IP addresses for Corosync communication between nodes. The first address in this list is used for IP-based peer URLs for etcd membership. Each address must be a valid global unicast IPv4 or IPv6 address in canonical form (e.g., \"192.168.1.1\" not \"192.168.001.001\", or \"2001:db8::1\" not \"2001:0db8::1\"). This excludes loopback, link-local, and multicast addresses.", + "resources": "resources contains the status of pacemaker resources scheduled on this node. Each resource entry includes the resource name and its health conditions. For Two Node OpenShift with Fencing, we track Kubelet and Etcd resources per node. Both resources are required to be present, so the array must contain at least 2 items. Valid resource names are \"Kubelet\" and \"Etcd\". Fencing agents are tracked separately in the fencingAgents field.", + "fencingAgents": "fencingAgents contains the status of fencing agents that can fence this node. Unlike resources (which are scheduled to run on this node), fencing agents are mapped to the node they can fence (their target), not the node where monitoring operations run. Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. A node is considered fence-capable if at least one fencing agent is healthy. A healthy node is expected to have at least 1 fencing agent, but the list may be empty when fencing agent discovery fails. Names must be unique within this array.", +} + +func (PacemakerClusterNodeStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterNodeStatus +} + +var map_PacemakerClusterResourceStatus = map[string]string{ + "": "PacemakerClusterResourceStatus represents the status of a pacemaker resource scheduled on a node. A pacemaker resource is a unit of work managed by pacemaker. In pacemaker terminology, resources are services or applications that pacemaker monitors, starts, stops, and moves between nodes to maintain high availability. For Two Node OpenShift with Fencing, we track two resources per node:\n - Kubelet (the Kubernetes node agent and a prerequisite for etcd)\n - Etcd (the distributed key-value store)\n\nFencing agents are tracked separately in the fencingAgents field because they are mapped to their target node (the node they can fence), not the node where monitoring operations are scheduled.", + "conditions": "conditions represent the observations of the resource's current state. Known condition types are: \"Healthy\", \"InService\", \"Managed\", \"Enabled\", \"Operational\", \"Active\", \"Started\", \"Schedulable\". The \"Healthy\" condition is an aggregate that tracks the overall health of the resource. The \"InService\" condition tracks whether the resource is in service (not in maintenance mode). The \"Managed\" condition tracks whether the resource is managed by pacemaker. The \"Enabled\" condition tracks whether the resource is enabled. The \"Operational\" condition tracks whether the resource is operational (not failed). The \"Active\" condition tracks whether the resource is active (available to be used). The \"Started\" condition tracks whether the resource is started. The \"Schedulable\" condition tracks whether the resource is schedulable (not blocked). Each of these conditions is required, so the array must contain at least 8 items.", + "name": "name is the name of the pacemaker resource. Valid values are \"Kubelet\" and \"Etcd\". The Kubelet resource is a prerequisite for etcd in Two Node OpenShift with Fencing deployments. The Etcd resource may temporarily transition to stopped during pacemaker quorum-recovery operations. Fencing agents are tracked separately in the node's fencingAgents field.", +} + +func (PacemakerClusterResourceStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterResourceStatus +} + +var map_PacemakerClusterStatus = map[string]string{ + "": "PacemakerClusterStatus contains the actual pacemaker cluster status information. As part of validating the status object, we need to ensure that the lastUpdated timestamp may not be set to an earlier timestamp than the current value. The validation rule checks if oldSelf has lastUpdated before comparing, to handle the initial status creation case.", + "conditions": "conditions represent the observations of the pacemaker cluster's current state. Known condition types are: \"Healthy\", \"InService\", \"NodeCountAsExpected\". The \"Healthy\" condition is an aggregate that tracks the overall health of the cluster. The \"InService\" condition tracks whether the cluster is in service (not in maintenance mode). The \"NodeCountAsExpected\" condition tracks whether the expected number of nodes are present. Each of these conditions is required, so the array must contain at least 3 items.", + "lastUpdated": "lastUpdated is the timestamp when this status was last updated. This is useful for identifying stale status reports. It must be a valid timestamp in RFC3339 format. Once set, this field cannot be removed and cannot be set to an earlier timestamp than the current value.", + "nodes": "nodes provides detailed status for each control-plane node in the Pacemaker cluster. While Pacemaker supports up to 32 nodes, the limit is set to 5 (max OpenShift control-plane nodes). For Two Node OpenShift with Fencing, exactly 2 nodes are expected in a healthy cluster. An empty list indicates a catastrophic failure where Pacemaker reports no nodes.", +} + +func (PacemakerClusterStatus) SwaggerDoc() map[string]string { + return map_PacemakerClusterStatus +} + +var map_PacemakerNodeAddress = map[string]string{ + "": "PacemakerNodeAddress contains information for a node's address. This is similar to corev1.NodeAddress but adds validation for IP addresses.", + "type": "type is the type of node address. Currently only \"InternalIP\" is supported.", + "address": "address is the node address. For InternalIP, this must be a valid global unicast IPv4 or IPv6 address in canonical form. Canonical form means the shortest standard representation (e.g., \"192.168.1.1\" not \"192.168.001.001\", or \"2001:db8::1\" not \"2001:0db8::1\"). Maximum length is 39 characters (full IPv6 address). Global unicast includes private/RFC1918 addresses but excludes loopback, link-local, and multicast.", +} + +func (PacemakerNodeAddress) SwaggerDoc() map[string]string { + return map_PacemakerNodeAddress +} + +// AUTO-GENERATED FUNCTIONS END HERE diff --git a/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go b/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go index ab06d0e390..b627413474 100644 --- a/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go +++ b/vendor/github.com/openshift/api/etcd/v1alpha1/types_pacemakercluster.go @@ -609,11 +609,12 @@ type PacemakerClusterNodeStatus struct { // to the node they can fence (their target), not the node where monitoring operations run. // Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. // A node is considered fence-capable if at least one fencing agent is healthy. - // Expected to have 1 fencing agent per node, but up to 8 are supported for redundancy. + // A healthy node is expected to have at least 1 fencing agent, but the list may be empty + // when fencing agent discovery fails. // Names must be unique within this array. // +listType=map // +listMapKey=name - // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MinItems=0 // +kubebuilder:validation:MaxItems=8 // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="fencing agent names must be unique" // +required diff --git a/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go index 62e1c3ebd7..dc6f224288 100644 --- a/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/etcd/v1alpha1/zz_generated.swagger_doc_generated.go @@ -48,7 +48,7 @@ var map_PacemakerClusterNodeStatus = map[string]string{ "nodeName": "nodeName is the name of the node. This is expected to match the Kubernetes node's name, which must be a lowercase RFC 1123 subdomain consisting of lowercase alphanumeric characters, '-' or '.', starting and ending with an alphanumeric character, and be at most 253 characters in length.", "addresses": "addresses is a list of IP addresses for the node. Pacemaker allows multiple IP addresses for Corosync communication between nodes. The first address in this list is used for IP-based peer URLs for etcd membership. Each address must be a valid global unicast IPv4 or IPv6 address in canonical form (e.g., \"192.168.1.1\" not \"192.168.001.001\", or \"2001:db8::1\" not \"2001:0db8::1\"). This excludes loopback, link-local, and multicast addresses.", "resources": "resources contains the status of pacemaker resources scheduled on this node. Each resource entry includes the resource name and its health conditions. For Two Node OpenShift with Fencing, we track Kubelet and Etcd resources per node. Both resources are required to be present, so the array must contain at least 2 items. Valid resource names are \"Kubelet\" and \"Etcd\". Fencing agents are tracked separately in the fencingAgents field.", - "fencingAgents": "fencingAgents contains the status of fencing agents that can fence this node. Unlike resources (which are scheduled to run on this node), fencing agents are mapped to the node they can fence (their target), not the node where monitoring operations run. Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. A node is considered fence-capable if at least one fencing agent is healthy. Expected to have 1 fencing agent per node, but up to 8 are supported for redundancy. Names must be unique within this array.", + "fencingAgents": "fencingAgents contains the status of fencing agents that can fence this node. Unlike resources (which are scheduled to run on this node), fencing agents are mapped to the node they can fence (their target), not the node where monitoring operations run. Each fencing agent entry includes a unique name, fencing type, target node, and health conditions. A node is considered fence-capable if at least one fencing agent is healthy. A healthy node is expected to have at least 1 fencing agent, but the list may be empty when fencing agent discovery fails. Names must be unique within this array.", } func (PacemakerClusterNodeStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/features.md b/vendor/github.com/openshift/api/features.md index 45074e6497..24149f56e9 100644 --- a/vendor/github.com/openshift/api/features.md +++ b/vendor/github.com/openshift/api/features.md @@ -8,29 +8,31 @@ | ShortCertRotation| | | | | | | | | | ClusterAPIComputeInstall| | | Enabled | Enabled | | | | | | ClusterAPIControlPlaneInstall| | | Enabled | Enabled | | | | | +| ClusterUpdatePreflight| | | Enabled | Enabled | | | | | +| ConfidentialCluster| | | Enabled | Enabled | | | | | | Example2| | | Enabled | Enabled | | | | | | ExternalOIDCExternalClaimsSourcing| | | Enabled | Enabled | | | | | | ExternalSnapshotMetadata| | | Enabled | Enabled | | | | | -| KMSEncryptionProvider| | | Enabled | Enabled | | | | | | MachineAPIMigrationVSphere| | | Enabled | Enabled | | | | | | NetworkConnect| | | Enabled | Enabled | | | | | | NewOLMBoxCutterRuntime| | | | Enabled | | | | Enabled | | NewOLMCatalogdAPIV1Metas| | | | Enabled | | | | Enabled | +| NewOLMConfigAPI| | | | Enabled | | | | Enabled | +| NewOLMOwnSingleNamespace| | | | Enabled | | | | Enabled | | NewOLMPreflightPermissionChecks| | | | Enabled | | | | Enabled | | NoRegistryClusterInstall| | | | Enabled | | | | Enabled | | ProvisioningRequestAvailable| | | Enabled | Enabled | | | | | +| VSphereMultiVCenterDay2| | | Enabled | Enabled | | | | | | AWSClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | | AWSClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AWSDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | | AWSDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | -| AWSServiceLBNetworkSecurityGroup| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSEuropeanSovereignCloudInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AdditionalStorageConfig| | | Enabled | Enabled | | | Enabled | Enabled | | AutomatedEtcdBackup| | | Enabled | Enabled | | | Enabled | Enabled | -| AzureClusterHostedDNSInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AzureDedicatedHosts| | | Enabled | Enabled | | | Enabled | Enabled | | AzureDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | | AzureMultiDisk| | | Enabled | Enabled | | | Enabled | Enabled | -| BootImageSkewEnforcement| | | Enabled | Enabled | | | Enabled | Enabled | | BootcNodeManagement| | | Enabled | Enabled | | | Enabled | Enabled | | CBORServingAndStorage| | | Enabled | Enabled | | | Enabled | Enabled | | CRDCompatibilityRequirementOperator| | | Enabled | Enabled | | | Enabled | Enabled | @@ -51,18 +53,14 @@ | ConfigurablePKI| | | Enabled | Enabled | | | Enabled | Enabled | | DNSNameResolver| | | Enabled | Enabled | | | Enabled | Enabled | | DRAPartitionableDevices| | | Enabled | Enabled | | | Enabled | Enabled | -| DualReplica| | | Enabled | Enabled | | | Enabled | Enabled | | DyanmicServiceEndpointIBMCloud| | | Enabled | Enabled | | | Enabled | Enabled | | EVPN| | | Enabled | Enabled | | | Enabled | Enabled | | EtcdBackendQuota| | | Enabled | Enabled | | | Enabled | Enabled | -| EventTTL| | | Enabled | Enabled | | | Enabled | Enabled | | Example| | | Enabled | Enabled | | | Enabled | Enabled | | ExternalOIDCWithUpstreamParity| | | Enabled | Enabled | | | Enabled | Enabled | -| GCPClusterHostedDNS| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpoints| | | Enabled | Enabled | | | Enabled | Enabled | | GCPCustomAPIEndpointsInstall| | | Enabled | Enabled | | | Enabled | Enabled | | GCPDualStackInstall| | | Enabled | Enabled | | | Enabled | Enabled | -| GatewayAPIWithoutOLM| | | Enabled | Enabled | | | Enabled | Enabled | | HyperShiftOnlyDynamicResourceAllocation| Enabled | | Enabled | | Enabled | | Enabled | | | ImageModeStatusReporting| | | Enabled | Enabled | | | Enabled | Enabled | | IngressControllerDynamicConfigurationManager| | | Enabled | Enabled | | | Enabled | Enabled | @@ -77,49 +75,43 @@ | MultiDiskSetup| | | Enabled | Enabled | | | Enabled | Enabled | | MutatingAdmissionPolicy| | | Enabled | Enabled | | | Enabled | Enabled | | NewOLM| | Enabled | | Enabled | | Enabled | | Enabled | -| NewOLMOwnSingleNamespace| | Enabled | | Enabled | | Enabled | | Enabled | | NewOLMWebhookProviderOpenshiftServiceCA| | Enabled | | Enabled | | Enabled | | Enabled | +| NoOverlayMode| | | Enabled | Enabled | | | Enabled | Enabled | | NutanixMultiSubnets| | | Enabled | Enabled | | | Enabled | Enabled | | OSStreams| | | Enabled | Enabled | | | Enabled | Enabled | | OVNObservability| | | Enabled | Enabled | | | Enabled | Enabled | | OnPremDNSRecords| | | Enabled | Enabled | | | Enabled | Enabled | | SELinuxMount| | | Enabled | Enabled | | | Enabled | Enabled | | SignatureStores| | | Enabled | Enabled | | | Enabled | Enabled | +| TLSAdherence| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereConfigurableMaxAllowedBlockVolumesPerNode| | | Enabled | Enabled | | | Enabled | Enabled | -| VSphereHostVMGroupZonal| | | Enabled | Enabled | | | Enabled | Enabled | | VSphereMixedNodeEnv| | | Enabled | Enabled | | | Enabled | Enabled | | VolumeGroupSnapshot| | | Enabled | Enabled | | | Enabled | Enabled | +| AWSServiceLBNetworkSecurityGroup| | Enabled | Enabled | Enabled | | Enabled | Enabled | Enabled | +| AzureClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | AzureWorkloadIdentity| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| BootImageSkewEnforcement| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | BuildCSIVolumes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ConsolePluginContentSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| DualReplica| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| EventTTL| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDC| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ExternalOIDCWithUIDAndExtraClaimMappings| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GCPClusterHostedDNSInstall| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GatewayAPI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| GatewayAPIController| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| HighlyAvailableArbiter| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| GatewayAPIWithoutOLM| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ImageStreamImportMode| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ImageVolume| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsConfig| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | InsightsOnDemandDataGather| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | KMSv1| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| MachineConfigNodes| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesAWS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesAzure| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ManagedBootImagesCPMS| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| ManagedBootImagesvSphere| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MetricsCollectionProfiles| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | MutableCSINodeAllocatableCount| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | OpenShiftPodSecurityAdmission| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| PinnedImages| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | RouteExternalCertificate| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | ServiceAccountTokenNodeBinding| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | SigstoreImageVerification| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | SigstoreImageVerificationPKI| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | StoragePerformantSecurityPolicy| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | UpgradeStatus| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UserNamespacesPodSecurityStandards| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | -| UserNamespacesSupport| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | +| VSphereHostVMGroupZonal| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereMultiDisk| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | | VSphereMultiNetworks| Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | Enabled | diff --git a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go index be5476344b..cbbe0b337c 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/types_machineset.go @@ -129,6 +129,14 @@ type MachineSetStatus struct { // observedGeneration reflects the generation of the most recently observed MachineSet. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` + // labelSelector is a label selector, in string format, for Machines corresponding to the MachineSet. + // It is exposed via the scale subresource as status.selector. + // When omitted, the MachineSet controller has not yet reconciled spec.selector into status.labelSelector. + // When present, it must not be empty and must not exceed 4096 characters. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + // +optional + LabelSelector string `json:"labelSelector,omitempty"` // In the event that there is a terminal problem reconciling the // replicas, both ErrorReason and ErrorMessage will be set. ErrorReason // will be populated with a succinct value suitable for machine diff --git a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go index 2c4a9030cc..e686cad25a 100644 --- a/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/machine/v1beta1/zz_generated.swagger_doc_generated.go @@ -748,6 +748,7 @@ var map_MachineSetStatus = map[string]string{ "readyReplicas": "The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is \"Ready\".", "availableReplicas": "The number of available replicas (ready for at least minReadySeconds) for this MachineSet.", "observedGeneration": "observedGeneration reflects the generation of the most recently observed MachineSet.", + "labelSelector": "labelSelector is a label selector, in string format, for Machines corresponding to the MachineSet. It is exposed via the scale subresource as status.selector. When omitted, the MachineSet controller has not yet reconciled spec.selector into status.labelSelector. When present, it must not be empty and must not exceed 4096 characters.", "errorReason": "In the event that there is a terminal problem reconciling the replicas, both ErrorReason and ErrorMessage will be set. ErrorReason will be populated with a succinct value suitable for machine interpretation, while ErrorMessage will contain a more verbose string suitable for logging and human consumption.\n\nThese fields should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachineTemplate's spec or the configuration of the machine controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the machine controller, or the responsible machine controller itself being critically misconfigured.\n\nAny transient errors that occur during the reconciliation of Machines can be added as events to the MachineSet object and/or logged in the controller's output.", "conditions": "conditions defines the current state of the MachineSet", "authoritativeAPI": "authoritativeAPI is the API that is authoritative for this resource. Valid values are MachineAPI, ClusterAPI and Migrating. This value is updated by the migration controller to reflect the authoritative API. Machine API and Cluster API controllers use this value to determine whether or not to reconcile the resource. When set to Migrating, the migration controller is currently performing the handover of authority from one API to the other.", diff --git a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go index 53c71aabb6..52f5db78d5 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go +++ b/vendor/github.com/openshift/api/operator/v1/types_csi_cluster_driver.go @@ -163,7 +163,15 @@ type AWSCSIDriverConfigSpec struct { // kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, // rather than the default KMS key used by AWS. // The value may be either the ARN or Alias ARN of a KMS key. - // +kubebuilder:validation:Pattern:=`^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)\/.*$` + // + // The ARN must follow the format: arn::kms:::(key|alias)/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc), + // is the AWS region, + // is a 12-digit numeric identifier for the AWS account, + // is the KMS key ID or alias name. + // + // +openshift:validation:FeatureGateAwareXValidation:featureGate="",rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$')`,message=`kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/` + // +openshift:validation:FeatureGateAwareXValidation:featureGate=AWSEuropeanSovereignCloudInstall,rule=`matches(self, '^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b|aws-iso-e|aws-iso-f|aws-eusc):kms:[a-z0-9-]+:[0-9]{12}:(key|alias)/.*$')`,message=`kmsKeyARN must be a valid AWS KMS key ARN in the format: arn::kms:::(key|alias)/` // +optional KMSKeyARN string `json:"kmsKeyARN,omitempty"` diff --git a/vendor/github.com/openshift/api/operator/v1/types_ingress.go b/vendor/github.com/openshift/api/operator/v1/types_ingress.go index d54352f2ce..0c5cf919e1 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_ingress.go +++ b/vendor/github.com/openshift/api/operator/v1/types_ingress.go @@ -2068,8 +2068,51 @@ type IngressControllerTuningOptions struct { // +kubebuilder:validation:Type:=string // +optional ReloadInterval metav1.Duration `json:"reloadInterval,omitempty"` + + // configurationManagement specifies how OpenShift router should update + // the HAProxy configuration. The following values are valid for this + // field: + // + // * "ForkAndReload". + // * "Dynamic". + // + // Omitting this field means that the user has no opinion and the + // platform may choose a reasonable default. This default is subject to + // change over time. The current default is "ForkAndReload". + // + // "ForkAndReload" means that OpenShift router should rewrite the + // HAProxy configuration file and instruct HAProxy to fork and reload. + // This is OpenShift router's traditional approach. + // + // "Dynamic" means that OpenShift router may use HAProxy's control + // socket for some configuration updates and fall back to fork and + // reload for other configuration updates. This is a newer approach, + // which may be less mature than ForkAndReload. This setting can + // improve load-balancing fairness and metrics accuracy and reduce CPU + // and memory usage if HAProxy has frequent configuration updates for + // route and endpoints updates. + // + // Note: The "Dynamic" option is currently experimental and should not + // be enabled on production clusters. + // + // +openshift:enable:FeatureGate=IngressControllerDynamicConfigurationManager + // +optional + ConfigurationManagement IngressControllerConfigurationManagement `json:"configurationManagement,omitempty"` } +// IngressControllerConfigurationManagement specifies whether always to use +// fork-and-reload to update the HAProxy configuration or whether to use +// HAProxy's control socket for some configuration updates. +// +// +enum +// +kubebuilder:validation:Enum=Dynamic;ForkAndReload +type IngressControllerConfigurationManagement string + +const ( + IngressControllerConfigurationManagementDynamic IngressControllerConfigurationManagement = "Dynamic" + IngressControllerConfigurationManagementForkAndReload IngressControllerConfigurationManagement = "ForkAndReload" +) + // HTTPEmptyRequestsPolicy indicates how HTTP connections for which no request // is received should be handled. // +kubebuilder:validation:Enum=Respond;Ignore diff --git a/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go b/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go index f5836af0f8..f0c1e01c78 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go +++ b/vendor/github.com/openshift/api/operator/v1/types_machineconfiguration.go @@ -47,7 +47,6 @@ type MachineConfigurationSpec struct { // and the platform is left to choose a reasonable default, which is subject to change over time. // The default for each machine manager mode is All for GCP and AWS platforms, and None for all // other platforms. - // +openshift:enable:FeatureGate=ManagedBootImages // +optional ManagedBootImages ManagedBootImages `json:"managedBootImages"` @@ -288,7 +287,6 @@ type MachineConfigurationStatus struct { // managedBootImagesStatus reflects what the latest cluster-validated boot image configuration is // and will be used by Machine Config Controller while performing boot image updates. - // +openshift:enable:FeatureGate=ManagedBootImages // +optional ManagedBootImagesStatus ManagedBootImages `json:"managedBootImagesStatus"` @@ -367,7 +365,7 @@ type ManagedBootImages struct { // MachineManager describes a target machine resource that is registered for boot image updates. It stores identifying information // such as the resource type and the API Group of the resource. It also provides granular control via the selection field. -// +openshift:validation:FeatureGateAwareXValidation:requiredFeatureGate=ManagedBootImages;ManagedBootImagesCPMS,rule="self.resource != 'controlplanemachinesets' || self.selection.mode == 'All' || self.selection.mode == 'None'", message="Only All or None selection mode is permitted for ControlPlaneMachineSets" +// +openshift:validation:FeatureGateAwareXValidation:requiredFeatureGate=ManagedBootImagesCPMS,rule="self.resource != 'controlplanemachinesets' || self.selection.mode == 'All' || self.selection.mode == 'None'", message="Only All or None selection mode is permitted for ControlPlaneMachineSets" type MachineManager struct { // resource is the machine management resource's type. // Valid values are machinesets and controlplanemachinesets. @@ -431,8 +429,8 @@ const ( // MachineManagerManagedResourceType is a string enum used in the MachineManager type to describe the resource // type to be registered. -// +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=ManagedBootImages,enum=machinesets -// +openshift:validation:FeatureGateAwareEnum:requiredFeatureGate=ManagedBootImages;ManagedBootImagesCPMS,enum=machinesets;controlplanemachinesets +// +openshift:validation:FeatureGateAwareEnum:featureGate="",enum=machinesets +// +openshift:validation:FeatureGateAwareEnum:featureGate=ManagedBootImagesCPMS,enum=machinesets;controlplanemachinesets type MachineManagerMachineSetsResourceType string const ( diff --git a/vendor/github.com/openshift/api/operator/v1/types_network.go b/vendor/github.com/openshift/api/operator/v1/types_network.go index 1cf56f549b..cd2e2f9e38 100644 --- a/vendor/github.com/openshift/api/operator/v1/types_network.go +++ b/vendor/github.com/openshift/api/operator/v1/types_network.go @@ -398,6 +398,12 @@ type OpenShiftSDNConfig struct { // ovnKubernetesConfig contains the configuration parameters for networks // using the ovn-kubernetes network project +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?transport.orValue('') == 'NoOverlay' ? self.?routeAdvertisements.orValue('') == 'Enabled' : true",message="routeAdvertisements must be Enabled when transport is NoOverlay" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?transport.orValue('') == 'NoOverlay' ? has(self.noOverlayConfig) : !has(self.noOverlayConfig)",message="noOverlayConfig must be set if transport is NoOverlay, and is forbidden otherwise" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self.?noOverlayConfig.routing.orValue('') == 'Managed' ? has(self.bgpManagedConfig) : true",message="bgpManagedConfig is required when noOverlayConfig.routing is Managed" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(self.transport) || self.transport == 'Geneve' || has(oldSelf.transport)",message="transport can only be set to Geneve after installation" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.transport) || has(self.transport)",message="transport may not be removed once set" +// +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="!has(oldSelf.noOverlayConfig) || has(self.noOverlayConfig)",message="noOverlayConfig may not be removed once set" type OVNKubernetesConfig struct { // mtu is the MTU to use for the tunnel interface. This must be 100 // bytes smaller than the uplink mtu. @@ -466,6 +472,38 @@ type OVNKubernetesConfig struct { // current default is "Disabled". // +optional RouteAdvertisements RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + + // transport sets the transport mode for pods on the default network. + // Allowed values are "NoOverlay" and "Geneve". + // "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + // "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + // When omitted, this means the user has no opinion and the platform chooses + // a reasonable default which is subject to change over time. + // The current default is "Geneve". + // "NoOverlay" can only be set at installation time and cannot be changed afterwards. + // "Geneve" may be set explicitly at any time to lock in the current default. + // +openshift:enable:FeatureGate=NoOverlayMode + // +kubebuilder:validation:Enum=NoOverlay;Geneve + // +openshift:validation:FeatureGateAwareXValidation:featureGate=NoOverlayMode,rule="self == oldSelf",message="transport is immutable once set" + // +optional + Transport TransportOption `json:"transport,omitempty"` + + // noOverlayConfig contains configuration for no-overlay mode. + // This configuration applies to the default network only. + // It is required when transport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + // +openshift:enable:FeatureGate=NoOverlayMode + // +optional + NoOverlayConfig NoOverlayConfig `json:"noOverlayConfig,omitzero,omitempty"` + + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + // It is required when noOverlayConfig.routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // This field can be set at installation time or on day 2, and can be modified at any time. + // +openshift:enable:FeatureGate=NoOverlayMode + // +optional + BGPManagedConfig BGPManagedConfig `json:"bgpManagedConfig,omitzero,omitempty"` } type IPv4OVNKubernetesConfig struct { @@ -896,3 +934,80 @@ type AdditionalRoutingCapabilities struct { // +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x == y))" Providers []RoutingCapabilitiesProvider `json:"providers"` } + +// TransportOption is the type for network transport options +type TransportOption string + +// SNATOption is the type for SNAT configuration options +type SNATOption string + +// RoutingOption is the type for routing configuration options +type RoutingOption string + +// BGPTopology is the type for BGP topology configuration +type BGPTopology string + +const ( + // TransportOptionNoOverlay indicates the network operates in no-overlay mode + TransportOptionNoOverlay TransportOption = "NoOverlay" + // TransportOptionGeneve indicates the network uses Geneve overlay + TransportOptionGeneve TransportOption = "Geneve" + + // SNATEnabled indicates outbound SNAT is enabled + SNATEnabled SNATOption = "Enabled" + // SNATDisabled indicates outbound SNAT is disabled + SNATDisabled SNATOption = "Disabled" + + // RoutingManaged indicates routing is managed by OVN-Kubernetes + RoutingManaged RoutingOption = "Managed" + // RoutingUnmanaged indicates routing is managed by users + RoutingUnmanaged RoutingOption = "Unmanaged" + + // BGPTopologyFullMesh indicates a full mesh BGP topology where every node peers directly with every other node + BGPTopologyFullMesh BGPTopology = "FullMesh" +) + +// NoOverlayConfig contains configuration options for networks operating in no-overlay mode. +type NoOverlayConfig struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // This field can be set to any value at installation time and can be changed afterwards. + // +kubebuilder:validation:Enum=Enabled;Disabled + // +required + OutboundSNAT SNATOption `json:"outboundSNAT,omitempty"` + + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // This field is immutable once set. + // +kubebuilder:validation:Enum=Managed;Unmanaged + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="routing is immutable once set" + // +required + Routing RoutingOption `json:"routing,omitempty"` +} + +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfig struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=4294967295 + // +default=64512 + // +optional + ASNumber int64 `json:"asNumber,omitempty"` + + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node peers directly with every other node via BGP. + // This field is required when BGPManagedConfig is specified. + // +kubebuilder:validation:Enum=FullMesh + // +required + BGPTopology BGPTopology `json:"bgpTopology,omitempty"` +} diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go index 3bc6b81de4..3d3c8f4f82 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.deepcopy.go @@ -390,6 +390,22 @@ func (in *AzureDiskEncryptionSet) DeepCopy() *AzureDiskEncryptionSet { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BGPManagedConfig) DeepCopyInto(out *BGPManagedConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BGPManagedConfig. +func (in *BGPManagedConfig) DeepCopy() *BGPManagedConfig { + if in == nil { + return nil + } + out := new(BGPManagedConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BootImageSkewEnforcementConfig) DeepCopyInto(out *BootImageSkewEnforcementConfig) { *out = *in @@ -3665,6 +3681,22 @@ func (in *NetworkStatus) DeepCopy() *NetworkStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NoOverlayConfig) DeepCopyInto(out *NoOverlayConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NoOverlayConfig. +func (in *NoOverlayConfig) DeepCopy() *NoOverlayConfig { + if in == nil { + return nil + } + out := new(NoOverlayConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NodeDisruptionPolicyClusterStatus) DeepCopyInto(out *NodeDisruptionPolicyClusterStatus) { *out = *in @@ -4158,6 +4190,8 @@ func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { *out = new(IPv6OVNKubernetesConfig) **out = **in } + out.NoOverlayConfig = in.NoOverlayConfig + out.BGPManagedConfig = in.BGPManagedConfig return } diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml index 51a758804d..aaf0972908 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.featuregated-crd-manifests.yaml @@ -69,6 +69,7 @@ clustercsidrivers.operator.openshift.io: Capability: "" Category: "" FeatureGates: + - AWSEuropeanSovereignCloudInstall - VSphereConfigurableMaxAllowedBlockVolumesPerNode FilenameOperatorName: csi-driver FilenameOperatorOrdering: "01" @@ -175,7 +176,8 @@ ingresscontrollers.operator.openshift.io: CRDName: ingresscontrollers.operator.openshift.io Capability: Ingress Category: "" - FeatureGates: [] + FeatureGates: + - IngressControllerDynamicConfigurationManager FilenameOperatorName: ingress FilenameOperatorOrdering: "00" FilenameRunLevel: "0000_50" @@ -305,8 +307,7 @@ machineconfigurations.operator.openshift.io: FeatureGates: - BootImageSkewEnforcement - IrreconcilableMachineConfig - - ManagedBootImages - - ManagedBootImages+ManagedBootImagesCPMS + - ManagedBootImagesCPMS FilenameOperatorName: machine-config FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_80" @@ -327,7 +328,8 @@ networks.operator.openshift.io: CRDName: networks.operator.openshift.io Capability: "" Category: "" - FeatureGates: [] + FeatureGates: + - NoOverlayMode FilenameOperatorName: network FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_70" diff --git a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go index 64aac26eb3..c3ed726028 100644 --- a/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1/zz_generated.swagger_doc_generated.go @@ -466,7 +466,7 @@ func (Theme) SwaggerDoc() map[string]string { var map_AWSCSIDriverConfigSpec = map[string]string{ "": "AWSCSIDriverConfigSpec defines properties that can be configured for the AWS CSI driver.", - "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.", + "kmsKeyARN": "kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, rather than the default KMS key used by AWS. The value may be either the ARN or Alias ARN of a KMS key.\n\nThe ARN must follow the format: arn::kms:::(key|alias)/, where: is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc), is the AWS region, is a 12-digit numeric identifier for the AWS account, is the KMS key ID or alias name.", "efsVolumeMetrics": "efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver.", } @@ -1121,6 +1121,7 @@ var map_IngressControllerTuningOptions = map[string]string{ "healthCheckInterval": "healthCheckInterval defines how long the router waits between two consecutive health checks on its configured backends. This value is applied globally as a default for all routes, but may be overridden per-route by the route annotation \"router.openshift.io/haproxy.health.check.interval\".\n\nExpects an unsigned duration string of decimal numbers, each with optional fraction and a unit suffix, eg \"300ms\", \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\".\n\nSetting this to less than 5s can cause excess traffic due to too frequent TCP health checks and accompanying SYN packet storms. Alternatively, setting this too high can result in increased latency, due to backend servers that are no longer available, but haven't yet been detected as such.\n\nAn empty or zero healthCheckInterval means no opinion and IngressController chooses a default, which is subject to change over time. Currently the default healthCheckInterval value is 5s.\n\nCurrently the minimum allowed value is 1s and the maximum allowed value is 2147483647ms (24.85 days). Both are subject to change over time.", "maxConnections": "maxConnections defines the maximum number of simultaneous connections that can be established per HAProxy process. Increasing this value allows each ingress controller pod to handle more connections but at the cost of additional system resources being consumed.\n\nPermitted values are: empty, 0, -1, and the range 2000-2000000.\n\nIf this field is empty or 0, the IngressController will use the default value of 50000, but the default is subject to change in future releases.\n\nIf the value is -1 then HAProxy will dynamically compute a maximum value based on the available ulimits in the running container. Selecting -1 (i.e., auto) will result in a large value being computed (~520000 on OpenShift >=4.10 clusters) and therefore each HAProxy process will incur significant memory usage compared to the current default of 50000.\n\nSetting a value that is greater than the current operating system limit will prevent the HAProxy process from starting.\n\nIf you choose a discrete value (e.g., 750000) and the router pod is migrated to a new node, there's no guarantee that that new node has identical ulimits configured. In such a scenario the pod would fail to start. If you have nodes with different ulimits configured (e.g., different tuned profiles) and you choose a discrete value then the guidance is to use -1 and let the value be computed dynamically at runtime.\n\nYou can monitor memory usage for router containers with the following metric: 'container_memory_working_set_bytes{container=\"router\",namespace=\"openshift-ingress\"}'.\n\nYou can monitor memory usage of individual HAProxy processes in router containers with the following metric: 'container_memory_working_set_bytes{container=\"router\",namespace=\"openshift-ingress\"}/container_processes{container=\"router\",namespace=\"openshift-ingress\"}'.", "reloadInterval": "reloadInterval defines the minimum interval at which the router is allowed to reload to accept new changes. Increasing this value can prevent the accumulation of HAProxy processes, depending on the scenario. Increasing this interval can also lessen load imbalance on a backend's servers when using the roundrobin balancing algorithm. Alternatively, decreasing this value may decrease latency since updates to HAProxy's configuration can take effect more quickly.\n\nThe value must be a time duration value; see . Currently, the minimum value allowed is 1s, and the maximum allowed value is 120s. Minimum and maximum allowed values may change in future versions of OpenShift. Note that if a duration outside of these bounds is provided, the value of reloadInterval will be capped/floored and not rejected (e.g. a duration of over 120s will be capped to 120s; the IngressController will not reject and replace this disallowed value with the default).\n\nA zero value for reloadInterval tells the IngressController to choose the default, which is currently 5s and subject to change without notice.\n\nThis field expects an unsigned duration string of decimal numbers, each with optional fraction and a unit suffix, e.g. \"300ms\", \"1.5h\" or \"2h45m\". Valid time units are \"ns\", \"us\" (or \"µs\" U+00B5 or \"μs\" U+03BC), \"ms\", \"s\", \"m\", \"h\".\n\nNote: Setting a value significantly larger than the default of 5s can cause latency in observing updates to routes and their endpoints. HAProxy's configuration will be reloaded less frequently, and newly created routes will not be served until the subsequent reload.", + "configurationManagement": "configurationManagement specifies how OpenShift router should update the HAProxy configuration. The following values are valid for this field:\n\n* \"ForkAndReload\". * \"Dynamic\".\n\nOmitting this field means that the user has no opinion and the platform may choose a reasonable default. This default is subject to change over time. The current default is \"ForkAndReload\".\n\n\"ForkAndReload\" means that OpenShift router should rewrite the HAProxy configuration file and instruct HAProxy to fork and reload. This is OpenShift router's traditional approach.\n\n\"Dynamic\" means that OpenShift router may use HAProxy's control socket for some configuration updates and fall back to fork and reload for other configuration updates. This is a newer approach, which may be less mature than ForkAndReload. This setting can improve load-balancing fairness and metrics accuracy and reduce CPU and memory usage if HAProxy has frequent configuration updates for route and endpoints updates.\n\nNote: The \"Dynamic\" option is currently experimental and should not be enabled on production clusters.", } func (IngressControllerTuningOptions) SwaggerDoc() map[string]string { @@ -1669,6 +1670,16 @@ func (AdditionalRoutingCapabilities) SwaggerDoc() map[string]string { return map_AdditionalRoutingCapabilities } +var map_BGPManagedConfig = map[string]string{ + "": "BGPManagedConfig contains configuration options for BGP when routing is \"Managed\".", + "asNumber": "asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) to be used in the generated FRR configuration. Valid values are 1 to 4294967295. When omitted, this defaults to 64512.", + "bgpTopology": "bgpTopology defines the BGP topology to be used. Allowed values are \"FullMesh\". When set to \"FullMesh\", every node peers directly with every other node via BGP. This field is required when BGPManagedConfig is specified.", +} + +func (BGPManagedConfig) SwaggerDoc() map[string]string { + return map_BGPManagedConfig +} + var map_ClusterNetworkEntry = map[string]string{ "": "ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. If the HostPrefix field is not used by the plugin, it can be left unset. Not all network providers support multiple ClusterNetworks", } @@ -1896,6 +1907,16 @@ func (NetworkStatus) SwaggerDoc() map[string]string { return map_NetworkStatus } +var map_NoOverlayConfig = map[string]string{ + "": "NoOverlayConfig contains configuration options for networks operating in no-overlay mode.", + "outboundSNAT": "outboundSNAT defines the SNAT behavior for outbound traffic from pods. Allowed values are \"Enabled\" and \"Disabled\". When set to \"Enabled\", SNAT is performed on outbound traffic from pods. When set to \"Disabled\", SNAT is not performed and pod IPs are preserved in outbound traffic. This field is required when the network operates in no-overlay mode. This field can be set to any value at installation time and can be changed afterwards.", + "routing": "routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. Allowed values are \"Managed\" and \"Unmanaged\". When set to \"Managed\", OVN-Kubernetes manages the pod network routing configuration through BGP. When set to \"Unmanaged\", users are responsible for configuring the pod network routing. This field is required when the network operates in no-overlay mode. This field is immutable once set.", +} + +func (NoOverlayConfig) SwaggerDoc() map[string]string { + return map_NoOverlayConfig +} + var map_OVNKubernetesConfig = map[string]string{ "": "ovnKubernetesConfig contains the configuration parameters for networks using the ovn-kubernetes network project", "mtu": "mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400", @@ -1910,6 +1931,9 @@ var map_OVNKubernetesConfig = map[string]string{ "ipv4": "ipv4 allows users to configure IP settings for IPv4 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "ipv6": "ipv6 allows users to configure IP settings for IPv6 connections. When ommitted, this means no opinions and the default configuration is used. Check individual fields within ipv4 for details of default values.", "routeAdvertisements": "routeAdvertisements determines if the functionality to advertise cluster network routes through a dynamic routing protocol, such as BGP, is enabled or not. This functionality is configured through the ovn-kubernetes RouteAdvertisements CRD. Requires the 'FRR' routing capability provider to be enabled as an additional routing capability. Allowed values are \"Enabled\", \"Disabled\" and ommited. When omitted, this means the user has no opinion and the platform is left to choose reasonable defaults. These defaults are subject to change over time. The current default is \"Disabled\".", + "transport": "transport sets the transport mode for pods on the default network. Allowed values are \"NoOverlay\" and \"Geneve\". \"NoOverlay\" avoids tunnel encapsulation, routing pod traffic directly between nodes. \"Geneve\" encapsulates pod traffic using Geneve tunnels between nodes. When omitted, this means the user has no opinion and the platform chooses a reasonable default which is subject to change over time. The current default is \"Geneve\". \"NoOverlay\" can only be set at installation time and cannot be changed afterwards. \"Geneve\" may be set explicitly at any time to lock in the current default.", + "noOverlayConfig": "noOverlayConfig contains configuration for no-overlay mode. This configuration applies to the default network only. It is required when transport is \"NoOverlay\". When omitted, this means the user does not configure no-overlay mode options.", + "bgpManagedConfig": "bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) in no-overlay mode that specify routing=\"Managed\" in their noOverlayConfig. It is required when noOverlayConfig.routing is set to \"Managed\". When omitted, this means the user does not configure BGP for managed routing. This field can be set at installation time or on day 2, and can be modified at any time.", } func (OVNKubernetesConfig) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go b/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go index 5816f93628..719893f8a5 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/types_clusterapi.go @@ -20,6 +20,7 @@ import ( // Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. // +openshift:compatibility-gen:level=4 // +kubebuilder:validation:XValidation:rule="self.metadata.name == 'cluster'",message="clusterapi is a singleton, .metadata.name must be 'cluster'" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.status) || has(self.status)",message="status may not be removed once set" type ClusterAPI struct { metav1.TypeMeta `json:",inline"` @@ -78,6 +79,7 @@ type RevisionName string // ClusterAPIStatus describes the current state of the capi-operator. // +kubebuilder:validation:XValidation:rule="self.revisions.exists(r, r.name == self.desiredRevision && self.revisions.all(s, s.revision <= r.revision))",message="desiredRevision must be the name of the revision with the highest revision number" // +kubebuilder:validation:XValidation:rule="!has(self.currentRevision) || self.revisions.exists(r, r.name == self.currentRevision)",message="currentRevision must correspond to an entry in the revisions list" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.observedRevisionGeneration) || has(self.observedRevisionGeneration)",message="observedRevisionGeneration may not be unset once set" type ClusterAPIStatus struct { // currentRevision is the name of the most recently fully applied revision. // It is written by the installer controller. If it is absent, it indicates @@ -111,6 +113,15 @@ type ClusterAPIStatus struct { // +kubebuilder:validation:XValidation:rule="self.all(new, oldSelf.exists(old, old.name == new.name) || oldSelf.all(old, new.revision > old.revision))",message="new revisions must have a revision number greater than all existing revisions" // +kubebuilder:validation:XValidation:rule="oldSelf.all(old, !self.exists(new, new.name == old.name) || self.exists(new, new == old))",message="existing revisions are immutable, but may be removed" Revisions []ClusterAPIInstallerRevision `json:"revisions,omitempty"` + + // observedRevisionGeneration is the generation of the ClusterAPI object that was last observed by the revision controller. + // If specified it must be greater than or equal to 1, and less than 2^53. It may not decrease or be unset once set. + // + // +optional + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=9007199254740991 + // +kubebuilder:validation:XValidation:rule="self >= oldSelf",message="observedRevisionGeneration may not decrease" + ObservedRevisionGeneration int64 `json:"observedRevisionGeneration,omitempty"` } // +structType=atomic @@ -144,6 +155,17 @@ type ClusterAPIInstallerRevision struct { // +optional UnmanagedCustomResourceDefinitions []string `json:"unmanagedCustomResourceDefinitions,omitempty"` + // manifestSubstitutions is a list of envsubst style substitutions which + // will be applied to manifests in the revision during rendering. If + // defined it must not be empty, and may not contain more than 32 items. + // Each manifest substitution must have a unique key. + // +optional + // +listType=map + // +listMapKey=key + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=32 + ManifestSubstitutions []ClusterAPIInstallerRevisionManifestSubstitution `json:"manifestSubstitutions,omitempty"` + // components is a list of components which will be installed by this // revision. Components will be installed in the order they are listed. If // omitted no components will be installed. @@ -157,6 +179,29 @@ type ClusterAPIInstallerRevision struct { Components []ClusterAPIInstallerComponent `json:"components,omitempty"` } +// ClusterAPIInstallerRevisionManifestSubstitution defines an envsubst style +// substitution which will be applied to manifests in a revision during +// rendering. +type ClusterAPIInstallerRevisionManifestSubstitution struct { + // key is the name of the envsubst variable to substitute. It must be a + // valid envsubst variable name, consisting of letters, digits, and + // underscores, and must start with a letter or underscore. The key must + // not be empty, and must not exceed 255 characters. + // +required + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[A-Za-z_][A-Za-z0-9_]*$')",message="key must start with a letter or underscore, followed by letters, digits, or underscores" + Key string `json:"key,omitempty"` + + // value is the value to substitute for the envsubst variable. It may be + // empty, in which case the variable will be substituted with an empty + // string. The value must not exceed 4096 characters. + // +required + // +kubebuilder:validation:MinLength=0 + // +kubebuilder:validation:MaxLength=4096 + Value *string `json:"value,omitempty"` +} + // InstallerComponentType is the type of component to install. // +kubebuilder:validation:Enum=Image // +enum @@ -168,9 +213,24 @@ const ( ) // ClusterAPIInstallerComponent defines a component which will be installed by this revision. +type ClusterAPIInstallerComponent struct { + // name is the human-readable name of the component. The value has no + // effect, and will not be set if the component does not define a name in + // its manifests. If set it must consist of alphanumeric characters, or + // '-', and may not exceed 255 characters. + // +optional + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +kubebuilder:validation:XValidation:rule="self.matches('^[A-Za-z0-9-]+$')",message="name must consist of alphanumeric characters or '-'" + Name string `json:"name,omitempty"` + + ClusterAPIInstallerComponentSource `json:",inline"` +} + +// ClusterAPIInstallerComponentSource defines the source of a component which will be installed by this revision. // +union // +kubebuilder:validation:XValidation:rule="self.type == 'Image' ? has(self.image) : !has(self.image)",message="image is required when type is Image, and forbidden otherwise" -type ClusterAPIInstallerComponent struct { +type ClusterAPIInstallerComponentSource struct { // type is the source type of the component. // The only valid value is Image. // When set to Image, the image field must be set and will define an image source for the component. diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go index 1f3fd281e1..3c3dc8e7a5 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.deepcopy.go @@ -61,7 +61,7 @@ func (in *ClusterAPI) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterAPIInstallerComponent) DeepCopyInto(out *ClusterAPIInstallerComponent) { *out = *in - out.Image = in.Image + out.ClusterAPIInstallerComponentSource = in.ClusterAPIInstallerComponentSource return } @@ -91,6 +91,23 @@ func (in *ClusterAPIInstallerComponentImage) DeepCopy() *ClusterAPIInstallerComp return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterAPIInstallerComponentSource) DeepCopyInto(out *ClusterAPIInstallerComponentSource) { + *out = *in + out.Image = in.Image + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAPIInstallerComponentSource. +func (in *ClusterAPIInstallerComponentSource) DeepCopy() *ClusterAPIInstallerComponentSource { + if in == nil { + return nil + } + out := new(ClusterAPIInstallerComponentSource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterAPIInstallerRevision) DeepCopyInto(out *ClusterAPIInstallerRevision) { *out = *in @@ -99,6 +116,13 @@ func (in *ClusterAPIInstallerRevision) DeepCopyInto(out *ClusterAPIInstallerRevi *out = make([]string, len(*in)) copy(*out, *in) } + if in.ManifestSubstitutions != nil { + in, out := &in.ManifestSubstitutions, &out.ManifestSubstitutions + *out = make([]ClusterAPIInstallerRevisionManifestSubstitution, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Components != nil { in, out := &in.Components, &out.Components *out = make([]ClusterAPIInstallerComponent, len(*in)) @@ -117,6 +141,27 @@ func (in *ClusterAPIInstallerRevision) DeepCopy() *ClusterAPIInstallerRevision { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterAPIInstallerRevisionManifestSubstitution) DeepCopyInto(out *ClusterAPIInstallerRevisionManifestSubstitution) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAPIInstallerRevisionManifestSubstitution. +func (in *ClusterAPIInstallerRevisionManifestSubstitution) DeepCopy() *ClusterAPIInstallerRevisionManifestSubstitution { + if in == nil { + return nil + } + out := new(ClusterAPIInstallerRevisionManifestSubstitution) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterAPIList) DeepCopyInto(out *ClusterAPIList) { *out = *in diff --git a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go index 92cef1421a..bf4117768d 100644 --- a/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/operator/v1alpha1/zz_generated.swagger_doc_generated.go @@ -147,9 +147,8 @@ func (ClusterAPI) SwaggerDoc() map[string]string { } var map_ClusterAPIInstallerComponent = map[string]string{ - "": "ClusterAPIInstallerComponent defines a component which will be installed by this revision.", - "type": "type is the source type of the component. The only valid value is Image. When set to Image, the image field must be set and will define an image source for the component.", - "image": "image defines an image source for a component. The image must contain a /capi-operator-installer directory containing the component manifests.", + "": "ClusterAPIInstallerComponent defines a component which will be installed by this revision.", + "name": "name is the human-readable name of the component. The value has no effect, and will not be set if the component does not define a name in its manifests. If set it must consist of alphanumeric characters, or '-', and may not exceed 255 characters.", } func (ClusterAPIInstallerComponent) SwaggerDoc() map[string]string { @@ -166,11 +165,22 @@ func (ClusterAPIInstallerComponentImage) SwaggerDoc() map[string]string { return map_ClusterAPIInstallerComponentImage } +var map_ClusterAPIInstallerComponentSource = map[string]string{ + "": "ClusterAPIInstallerComponentSource defines the source of a component which will be installed by this revision.", + "type": "type is the source type of the component. The only valid value is Image. When set to Image, the image field must be set and will define an image source for the component.", + "image": "image defines an image source for a component. The image must contain a /capi-operator-installer directory containing the component manifests.", +} + +func (ClusterAPIInstallerComponentSource) SwaggerDoc() map[string]string { + return map_ClusterAPIInstallerComponentSource +} + var map_ClusterAPIInstallerRevision = map[string]string{ "name": "name is the name of a revision.", "revision": "revision is a monotonically increasing number that is assigned to a revision.", "contentID": "contentID uniquely identifies the content of this revision. The contentID must be between 1 and 255 characters long.", "unmanagedCustomResourceDefinitions": "unmanagedCustomResourceDefinitions is a list of the names of ClusterResourceDefinition (CRD) objects which are included in this revision, but which should not be installed or updated. If not set, all CRDs in the revision will be managed by the CAPI operator.", + "manifestSubstitutions": "manifestSubstitutions is a list of envsubst style substitutions which will be applied to manifests in the revision during rendering. If defined it must not be empty, and may not contain more than 32 items. Each manifest substitution must have a unique key.", "components": "components is a list of components which will be installed by this revision. Components will be installed in the order they are listed. If omitted no components will be installed.\n\nThe maximum number of components is 32.", } @@ -178,6 +188,16 @@ func (ClusterAPIInstallerRevision) SwaggerDoc() map[string]string { return map_ClusterAPIInstallerRevision } +var map_ClusterAPIInstallerRevisionManifestSubstitution = map[string]string{ + "": "ClusterAPIInstallerRevisionManifestSubstitution defines an envsubst style substitution which will be applied to manifests in a revision during rendering.", + "key": "key is the name of the envsubst variable to substitute. It must be a valid envsubst variable name, consisting of letters, digits, and underscores, and must start with a letter or underscore. The key must not be empty, and must not exceed 255 characters.", + "value": "value is the value to substitute for the envsubst variable. It may be empty, in which case the variable will be substituted with an empty string. The value must not exceed 4096 characters.", +} + +func (ClusterAPIInstallerRevisionManifestSubstitution) SwaggerDoc() map[string]string { + return map_ClusterAPIInstallerRevisionManifestSubstitution +} + var map_ClusterAPIList = map[string]string{ "": "ClusterAPIList contains a list of ClusterAPI configurations\n\nCompatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.", "metadata": "metadata is the standard list's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", @@ -198,10 +218,11 @@ func (ClusterAPISpec) SwaggerDoc() map[string]string { } var map_ClusterAPIStatus = map[string]string{ - "": "ClusterAPIStatus describes the current state of the capi-operator.", - "currentRevision": "currentRevision is the name of the most recently fully applied revision. It is written by the installer controller. If it is absent, it indicates that no revision has been fully applied yet. If set, currentRevision must correspond to an entry in the revisions list.", - "desiredRevision": "desiredRevision is the name of the desired revision. It is written by the revision controller. It must be set to the name of the entry in the revisions list with the highest revision number.", - "revisions": "revisions is a list of all currently active revisions. A revision is active until the installer controller updates currentRevision to a later revision. It is written by the revision controller.\n\nThe maximum number of revisions is 16. All revisions must have a unique name. All revisions must have a unique revision number. When adding a revision, the revision number must be greater than the highest revision number in the list. Revisions are immutable, although they can be deleted.", + "": "ClusterAPIStatus describes the current state of the capi-operator.", + "currentRevision": "currentRevision is the name of the most recently fully applied revision. It is written by the installer controller. If it is absent, it indicates that no revision has been fully applied yet. If set, currentRevision must correspond to an entry in the revisions list.", + "desiredRevision": "desiredRevision is the name of the desired revision. It is written by the revision controller. It must be set to the name of the entry in the revisions list with the highest revision number.", + "revisions": "revisions is a list of all currently active revisions. A revision is active until the installer controller updates currentRevision to a later revision. It is written by the revision controller.\n\nThe maximum number of revisions is 16. All revisions must have a unique name. All revisions must have a unique revision number. When adding a revision, the revision number must be greater than the highest revision number in the list. Revisions are immutable, although they can be deleted.", + "observedRevisionGeneration": "observedRevisionGeneration is the generation of the ClusterAPI object that was last observed by the revision controller. If specified it must be greater than or equal to 1, and less than 2^53. It may not decrease or be unset once set.", } func (ClusterAPIStatus) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/api/quota/v1/generated.proto b/vendor/github.com/openshift/api/quota/v1/generated.proto index fb7fed242a..998c594732 100644 --- a/vendor/github.com/openshift/api/quota/v1/generated.proto +++ b/vendor/github.com/openshift/api/quota/v1/generated.proto @@ -51,7 +51,7 @@ message AppliedClusterResourceQuotaList { // +kubebuilder:resource:path=clusterresourcequotas,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=apiserver,operatorOrdering=01 // +openshift:compatibility-gen:level=1 // +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true message ClusterResourceQuota { diff --git a/vendor/github.com/openshift/api/quota/v1/types.go b/vendor/github.com/openshift/api/quota/v1/types.go index 0cfb85f87e..9f60962146 100644 --- a/vendor/github.com/openshift/api/quota/v1/types.go +++ b/vendor/github.com/openshift/api/quota/v1/types.go @@ -17,7 +17,7 @@ import ( // +kubebuilder:resource:path=clusterresourcequotas,scope=Cluster // +kubebuilder:subresource:status // +openshift:api-approved.openshift.io=https://github.com/openshift/api/pull/470 -// +openshift:file-pattern=cvoRunLevel=0000_03,operatorName=config-operator,operatorOrdering=01 +// +openshift:file-pattern=cvoRunLevel=0000_00,operatorName=apiserver,operatorOrdering=01 // +openshift:compatibility-gen:level=1 // +kubebuilder:metadata:annotations=release.openshift.io/bootstrap-required=true type ClusterResourceQuota struct { diff --git a/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml index b0fae46f7d..1a56a512d7 100644 --- a/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/quota/v1/zz_generated.featuregated-crd-manifests.yaml @@ -6,9 +6,9 @@ clusterresourcequotas.quota.openshift.io: Capability: "" Category: "" FeatureGates: [] - FilenameOperatorName: config-operator + FilenameOperatorName: apiserver FilenameOperatorOrdering: "01" - FilenameRunLevel: "0000_03" + FilenameRunLevel: "0000_00" GroupName: quota.openshift.io HasStatus: true KindName: ClusterResourceQuota diff --git a/vendor/github.com/openshift/api/security/v1/generated.proto b/vendor/github.com/openshift/api/security/v1/generated.proto index 933de5450e..bb8a37fc0f 100644 --- a/vendor/github.com/openshift/api/security/v1/generated.proto +++ b/vendor/github.com/openshift/api/security/v1/generated.proto @@ -246,7 +246,7 @@ message SecurityContextConstraints { optional bool allowPrivilegedContainer = 3; // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable // +listType=atomic @@ -302,7 +302,6 @@ message SecurityContextConstraints { // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. // When omitted, the default value is "AllowHostLevel". - // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" // +kubebuilder:default:="AllowHostLevel" // +default="AllowHostLevel" @@ -358,7 +357,7 @@ message SecurityContextConstraints { // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable diff --git a/vendor/github.com/openshift/api/security/v1/types.go b/vendor/github.com/openshift/api/security/v1/types.go index fb491480d7..a875902138 100644 --- a/vendor/github.com/openshift/api/security/v1/types.go +++ b/vendor/github.com/openshift/api/security/v1/types.go @@ -57,7 +57,7 @@ type SecurityContextConstraints struct { // allowPrivilegedContainer determines if a container can request to be run as privileged. AllowPrivilegedContainer bool `json:"allowPrivilegedContainer" protobuf:"varint,3,opt,name=allowPrivilegedContainer"` // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. // +nullable // +listType=atomic @@ -103,7 +103,6 @@ type SecurityContextConstraints struct { // When "AllowHostLevel" is set, a pod author may set `hostUsers` to either `true` or `false`. // When "RequirePodLevel" is set, a pod author must set `hostUsers` to `false`. // When omitted, the default value is "AllowHostLevel". - // +openshift:enable:FeatureGate=UserNamespacesPodSecurityStandards // +kubebuilder:validation:Enum="AllowHostLevel";"RequirePodLevel" // +kubebuilder:default:="AllowHostLevel" // +default="AllowHostLevel" @@ -151,7 +150,7 @@ type SecurityContextConstraints struct { // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. // +nullable diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml index 178c970780..86f78058a2 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.featuregated-crd-manifests.yaml @@ -5,8 +5,7 @@ securitycontextconstraints.security.openshift.io: CRDName: securitycontextconstraints.security.openshift.io Capability: "" Category: "" - FeatureGates: - - UserNamespacesPodSecurityStandards + FeatureGates: [] FilenameOperatorName: config-operator FilenameOperatorOrdering: "01" FilenameRunLevel: "0000_03" diff --git a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go index 29cddf7e64..67882a66e9 100644 --- a/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/security/v1/zz_generated.swagger_doc_generated.go @@ -171,7 +171,7 @@ var map_SecurityContextConstraints = map[string]string{ "metadata": "metadata is the standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata", "priority": "priority influences the sort order of SCCs when evaluating which SCCs to try first for a given pod request based on access in the Users and Groups fields. The higher the int, the higher priority. An unset value is considered a 0 priority. If scores for multiple SCCs are equal they will be sorted from most restrictive to least restrictive. If both priorities and restrictions are equal the SCCs will be sorted by name.", "allowPrivilegedContainer": "allowPrivilegedContainer determines if a container can request to be run as privileged.", - "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities.", + "defaultAddCapabilities": "defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capability in both DefaultAddCapabilities and RequiredDropCapabilities.", "requiredDropCapabilities": "requiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.", "allowedCapabilities": "allowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field maybe added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. To allow all capabilities you may use '*'.", "allowHostDirVolumePlugin": "allowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin", @@ -191,7 +191,7 @@ var map_SecurityContextConstraints = map[string]string{ "readOnlyRootFilesystem": "readOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the SCC should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.", "users": "The users who have permissions to use this security context constraints", "groups": "The groups that have permission to use this security context constraints", - "seccompProfiles": "seccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specifid by the pod or container.\tThe wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.", + "seccompProfiles": "seccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specified by the pod or container.\tThe wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.", "allowedUnsafeSysctls": "allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.\n\nExamples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc.", "forbiddenSysctls": "forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in \"*\" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.\n\nExamples: e.g. \"foo/*\" forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", \"foo.baz\", etc.", } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go index 5b674ae05d..42392a353e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/apiserverspec.go @@ -2,6 +2,10 @@ package v1 +import ( + configv1 "github.com/openshift/api/config/v1" +) + // APIServerSpecApplyConfiguration represents a declarative configuration of the APIServerSpec type for use // with apply. type APIServerSpecApplyConfiguration struct { @@ -26,6 +30,37 @@ type APIServerSpecApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. // The current default is the Intermediate profile. TLSSecurityProfile *TLSSecurityProfileApplyConfiguration `json:"tlsSecurityProfile,omitempty"` + // tlsAdherence controls if components in the cluster adhere to the TLS security profile + // configured on this APIServer resource. + // + // Valid values are "LegacyAdheringComponentsOnly" and "StrictAllComponents". + // + // When set to "LegacyAdheringComponentsOnly", components that already honor the + // cluster-wide TLS profile continue to do so. Components that do not already honor + // it continue to use their individual TLS configurations. + // + // When set to "StrictAllComponents", all components must honor the configured TLS + // profile unless they have a component-specific TLS configuration that overrides + // it. This mode is recommended for security-conscious deployments and is required + // for certain compliance frameworks. + // + // Note: Some components such as Kubelet and IngressController have their own + // dedicated TLS configuration mechanisms via KubeletConfig and IngressController + // CRs respectively. When these component-specific TLS configurations are set, + // they take precedence over the cluster-wide tlsSecurityProfile. When not set, + // these components fall back to the cluster-wide default. + // + // Components that encounter an unknown value for tlsAdherence should treat it + // as "StrictAllComponents" and log a warning to ensure forward compatibility + // while defaulting to the more secure behavior. + // + // This field is optional. + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is LegacyAdheringComponentsOnly. + // + // Once set, this field may be changed to a different value, but may not be removed. + TLSAdherence *configv1.TLSAdherencePolicy `json:"tlsAdherence,omitempty"` // audit specifies the settings for audit configuration to be applied to all OpenShift-provided // API servers in the cluster. Audit *AuditApplyConfiguration `json:"audit,omitempty"` @@ -79,6 +114,14 @@ func (b *APIServerSpecApplyConfiguration) WithTLSSecurityProfile(value *TLSSecur return b } +// WithTLSAdherence sets the TLSAdherence field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSAdherence field is set to the value of the last call. +func (b *APIServerSpecApplyConfiguration) WithTLSAdherence(value configv1.TLSAdherencePolicy) *APIServerSpecApplyConfiguration { + b.TLSAdherence = &value + return b +} + // WithAudit sets the Audit field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the Audit field is set to the value of the last call. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go index ec57615082..457cb43aca 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awsdnsspec.go @@ -10,6 +10,11 @@ type AWSDNSSpecApplyConfiguration struct { // privateZoneIAMRole contains the ARN of an IAM role that should be assumed when performing // operations on the cluster's private hosted zone specified in the cluster DNS config. // When left empty, no role should be assumed. + // + // The ARN must follow the format: arn::iam:::role/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, or aws-eusc), + // is a 12-digit numeric identifier for the AWS account, + // is the IAM role name. PrivateZoneIAMRole *string `json:"privateZoneIAMRole,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go deleted file mode 100644 index 483e570da2..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/awskmsconfig.go +++ /dev/null @@ -1,42 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1 - -// AWSKMSConfigApplyConfiguration represents a declarative configuration of the AWSKMSConfig type for use -// with apply. -// -// AWSKMSConfig defines the KMS config specific to AWS KMS provider -type AWSKMSConfigApplyConfiguration struct { - // keyARN specifies the Amazon Resource Name (ARN) of the AWS KMS key used for encryption. - // The value must adhere to the format `arn:aws:kms:::key/`, where: - // - `` is the AWS region consisting of lowercase letters and hyphens followed by a number. - // - `` is a 12-digit numeric identifier for the AWS account. - // - `` is a unique identifier for the KMS key, consisting of lowercase hexadecimal characters and hyphens. - KeyARN *string `json:"keyARN,omitempty"` - // region specifies the AWS region where the KMS instance exists, and follows the format - // `--`, e.g.: `us-east-1`. - // Only lowercase letters and hyphens followed by numbers are allowed. - Region *string `json:"region,omitempty"` -} - -// AWSKMSConfigApplyConfiguration constructs a declarative configuration of the AWSKMSConfig type for use with -// apply. -func AWSKMSConfig() *AWSKMSConfigApplyConfiguration { - return &AWSKMSConfigApplyConfiguration{} -} - -// WithKeyARN sets the KeyARN field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the KeyARN field is set to the value of the last call. -func (b *AWSKMSConfigApplyConfiguration) WithKeyARN(value string) *AWSKMSConfigApplyConfiguration { - b.KeyARN = &value - return b -} - -// WithRegion sets the Region field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Region field is set to the value of the last call. -func (b *AWSKMSConfigApplyConfiguration) WithRegion(value string) *AWSKMSConfigApplyConfiguration { - b.Region = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go index f5c63c6ae9..c01827c113 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/infrastructurestatus.go @@ -42,6 +42,8 @@ type InfrastructureStatusApplyConfiguration struct { // and the operators should not configure the operand for highly-available operation // The 'External' mode indicates that the control plane is hosted externally to the cluster and that // its components are not visible within the cluster. + // The 'HighlyAvailableArbiter' mode indicates that the control plane will consist of 2 control-plane nodes + // that run conventional services and 1 smaller sized arbiter node that runs a bare minimum of services to maintain quorum. ControlPlaneTopology *configv1.TopologyMode `json:"controlPlaneTopology,omitempty"` // infrastructureTopology expresses the expectations for infrastructure services that do not run on control // plane nodes, usually indicated by a node selector for a `role` value diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go index 3590aae241..8eac52ddda 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/kmsconfig.go @@ -10,15 +10,17 @@ import ( // with apply. // // KMSConfig defines the configuration for the KMS instance -// that will be used with KMSEncryptionProvider encryption +// that will be used with KMS encryption type KMSConfigApplyConfiguration struct { // type defines the kind of platform for the KMS provider. - // Available provider types are AWS only. + // Allowed values are Vault. + // When set to Vault, the plugin connects to a HashiCorp Vault server for key management. Type *configv1.KMSProviderType `json:"type,omitempty"` - // aws defines the key config for using an AWS KMS instance - // for the encryption. The AWS KMS instance is managed + // vault defines the configuration for the Vault KMS plugin. + // The plugin connects to a Vault Enterprise server that is managed // by the user outside the purview of the control plane. - AWS *AWSKMSConfigApplyConfiguration `json:"aws,omitempty"` + // This field must be set when type is Vault, and must be unset otherwise. + Vault *VaultKMSConfigApplyConfiguration `json:"vault,omitempty"` } // KMSConfigApplyConfiguration constructs a declarative configuration of the KMSConfig type for use with @@ -35,10 +37,10 @@ func (b *KMSConfigApplyConfiguration) WithType(value configv1.KMSProviderType) * return b } -// WithAWS sets the AWS field in the declarative configuration to the given value +// WithVault sets the Vault field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the AWS field is set to the value of the last call. -func (b *KMSConfigApplyConfiguration) WithAWS(value *AWSKMSConfigApplyConfiguration) *KMSConfigApplyConfiguration { - b.AWS = value +// If called multiple times, the Vault field is set to the value of the last call. +func (b *KMSConfigApplyConfiguration) WithVault(value *VaultKMSConfigApplyConfiguration) *KMSConfigApplyConfiguration { + b.Vault = value return b } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go index d9b0e87914..08ebf26a86 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/prefixedclaimmapping.go @@ -11,7 +11,8 @@ type PrefixedClaimMappingApplyConfiguration struct { TokenClaimMappingApplyConfiguration `json:",inline"` // prefix is an optional field that configures the prefix that will be applied to the cluster identity attribute during the process of mapping JWT claims to cluster identity attributes. // - // When omitted (""), no prefix is applied to the cluster identity attribute. + // When omitted or set to an empty string (""), no prefix is applied to the cluster identity attribute. + // Must not be set to a non-empty value when expression is set. // // Example: if `prefix` is set to "myoidc:" and the `claim` in JWT contains an array of strings "a", "b" and "c", the mapping will result in an array of string "myoidc:a", "myoidc:b" and "myoidc:c". Prefix *string `json:"prefix,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go index 6151b6b13a..db1128deb5 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/update.go @@ -47,6 +47,19 @@ type UpdateApplyConfiguration struct { // acceptRisks must not contain more than 1000 entries. // Entries in this list must be unique. AcceptRisks []AcceptRiskApplyConfiguration `json:"acceptRisks,omitempty"` + // mode determines how an update should be processed. + // The only valid value is "Preflight". + // When omitted, the cluster performs a normal update by applying the specified version or image to the cluster. + // This is the standard update behavior. + // When set to "Preflight", the cluster runs compatibility checks against the target release without + // performing an actual update. Compatibility results, including any detected risks, are reported + // in status.conditionalUpdates and status.conditionalUpdateRisks alongside risks from the update + // recommendation service. + // This allows administrators to assess update readiness and address issues before committing to the update. + // Preflight mode is particularly useful for skip-level updates where upgrade compatibility needs to be + // verified across multiple minor versions. + // When mode is set to "Preflight", the same rules for version, image, and architecture apply as for normal updates. + Mode *configv1.UpdateMode `json:"mode,omitempty"` } // UpdateApplyConfiguration constructs a declarative configuration of the Update type for use with @@ -99,3 +112,11 @@ func (b *UpdateApplyConfiguration) WithAcceptRisks(values ...*AcceptRiskApplyCon } return b } + +// WithMode sets the Mode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Mode field is set to the value of the last call. +func (b *UpdateApplyConfiguration) WithMode(value configv1.UpdateMode) *UpdateApplyConfiguration { + b.Mode = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go index d33d6d71d8..8676ae891f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/usernameclaimmapping.go @@ -29,11 +29,9 @@ type UsernameClaimMappingApplyConfiguration struct { // Allowed values are 'Prefix', 'NoPrefix', and omitted (not provided or an empty string). // // When set to 'Prefix', the value specified in the prefix field will be prepended to the value of the JWT claim. - // // The prefix field must be set when prefixPolicy is 'Prefix'. - // + // Must not be set to 'Prefix' when expression is set. // When set to 'NoPrefix', no prefix will be prepended to the value of the JWT claim. - // // When omitted, this means no opinion and the platform is left to choose any prefixes that are applied which is subject to change over time. // Currently, the platform prepends `{issuerURL}#` to the value of the JWT claim when the claim is not 'email'. // diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go new file mode 100644 index 0000000000..ab924194cb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultapproleauthentication.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultAppRoleAuthenticationApplyConfiguration represents a declarative configuration of the VaultAppRoleAuthentication type for use +// with apply. +// +// VaultAppRoleAuthentication defines the configuration for AppRole authentication with Vault. +type VaultAppRoleAuthenticationApplyConfiguration struct { + // secret references a secret in the openshift-config namespace containing + // the AppRole credentials used to authenticate with Vault. + // The secret must contain two keys: "roleID" for the AppRole Role ID and "secretID" for the AppRole Secret ID. + // + // The namespace for the secret is openshift-config. + Secret *VaultSecretReferenceApplyConfiguration `json:"secret,omitempty"` +} + +// VaultAppRoleAuthenticationApplyConfiguration constructs a declarative configuration of the VaultAppRoleAuthentication type for use with +// apply. +func VaultAppRoleAuthentication() *VaultAppRoleAuthenticationApplyConfiguration { + return &VaultAppRoleAuthenticationApplyConfiguration{} +} + +// WithSecret sets the Secret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Secret field is set to the value of the last call. +func (b *VaultAppRoleAuthenticationApplyConfiguration) WithSecret(value *VaultSecretReferenceApplyConfiguration) *VaultAppRoleAuthenticationApplyConfiguration { + b.Secret = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go new file mode 100644 index 0000000000..466bbc7970 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultauthentication.go @@ -0,0 +1,43 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + configv1 "github.com/openshift/api/config/v1" +) + +// VaultAuthenticationApplyConfiguration represents a declarative configuration of the VaultAuthentication type for use +// with apply. +// +// VaultAuthentication defines the authentication method used to authenticate with Vault. +type VaultAuthenticationApplyConfiguration struct { + // type defines the authentication method used to authenticate with Vault. + // Allowed values are AppRole. + // When set to AppRole, the plugin uses AppRole credentials to authenticate with Vault. + Type *configv1.VaultAuthenticationType `json:"type,omitempty"` + // appRole defines the configuration for AppRole authentication. + // This field must be set when type is AppRole, and must be unset otherwise. + AppRole *VaultAppRoleAuthenticationApplyConfiguration `json:"appRole,omitempty"` +} + +// VaultAuthenticationApplyConfiguration constructs a declarative configuration of the VaultAuthentication type for use with +// apply. +func VaultAuthentication() *VaultAuthenticationApplyConfiguration { + return &VaultAuthenticationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *VaultAuthenticationApplyConfiguration) WithType(value configv1.VaultAuthenticationType) *VaultAuthenticationApplyConfiguration { + b.Type = &value + return b +} + +// WithAppRole sets the AppRole field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AppRole field is set to the value of the last call. +func (b *VaultAuthenticationApplyConfiguration) WithAppRole(value *VaultAppRoleAuthenticationApplyConfiguration) *VaultAuthenticationApplyConfiguration { + b.AppRole = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go new file mode 100644 index 0000000000..cb0e46af85 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultconfigmapreference.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultConfigMapReferenceApplyConfiguration represents a declarative configuration of the VaultConfigMapReference type for use +// with apply. +// +// VaultConfigMapReference references a ConfigMap in the openshift-config namespace. +type VaultConfigMapReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced ConfigMap in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + Name *string `json:"name,omitempty"` +} + +// VaultConfigMapReferenceApplyConfiguration constructs a declarative configuration of the VaultConfigMapReference type for use with +// apply. +func VaultConfigMapReference() *VaultConfigMapReferenceApplyConfiguration { + return &VaultConfigMapReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *VaultConfigMapReferenceApplyConfiguration) WithName(value string) *VaultConfigMapReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmsconfig.go new file mode 100644 index 0000000000..7602f33e3b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultkmsconfig.go @@ -0,0 +1,125 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultKMSConfigApplyConfiguration represents a declarative configuration of the VaultKMSConfig type for use +// with apply. +// +// VaultKMSConfig defines the KMS plugin configuration specific to Vault KMS +type VaultKMSConfigApplyConfiguration struct { + // kmsPluginImage specifies the container image for the HashiCorp Vault KMS plugin. + // + // The image must be a fully qualified OCI image pull spec with a SHA256 digest. + // The format is: host[:port][/namespace]/name@sha256: + // where the digest must be 64 characters long and consist only of lowercase hexadecimal characters, a-f and 0-9. + // The total length must be between 75 and 447 characters. + // + // Short names (e.g., "vault-plugin" or "hashicorp/vault-plugin") are not allowed. + // The registry hostname must be included and must contain at least one dot. + // Image tags (e.g., ":latest", ":v1.0.0") are not allowed. + // + // Consult the OpenShift documentation for compatible plugin versions with your cluster version, + // then obtain the image digest for that version from HashiCorp's container registry. + // + // For disconnected environments, mirror the plugin image to an accessible registry + // and reference the mirrored location with its digest. + KMSPluginImage *string `json:"kmsPluginImage,omitempty"` + // vaultAddress specifies the address of the HashiCorp Vault instance. + // The value must be a valid HTTPS URL containing only scheme, host, and optional port. + // Paths, user info, query parameters, and fragments are not allowed. + // + // Format: https://hostname[:port] + // Example: https://vault.example.com:8200 + // + // The value must be between 1 and 512 characters. + VaultAddress *string `json:"vaultAddress,omitempty"` + // vaultNamespace specifies the Vault namespace where the Transit secrets engine is mounted. + // This is only applicable for Vault Enterprise installations. + // When this field is not set, no namespace is used. + // + // The value must be between 1 and 4096 characters. + // The namespace cannot end with a forward slash, cannot contain spaces, and cannot be one of the reserved strings: root, sys, audit, auth, cubbyhole, or identity. + VaultNamespace *string `json:"vaultNamespace,omitempty"` + // tls contains the TLS configuration for connecting to the Vault server. + // When this field is not set, system default TLS settings are used. + TLS *VaultTLSConfigApplyConfiguration `json:"tls,omitempty"` + // authentication defines the authentication method used to authenticate with Vault. + Authentication *VaultAuthenticationApplyConfiguration `json:"authentication,omitempty"` + // transitMount specifies the mount path of the Vault Transit engine. + // The value must be between 1 and 1024 characters when specified. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose a reasonable default. These defaults are subject to change over time. + // The current default is "transit". + // + // The mount path cannot start or end with a forward slash, cannot contain spaces, + // and cannot contain consecutive forward slashes. + TransitMount *string `json:"transitMount,omitempty"` + // transitKey specifies the name of the encryption key in Vault's Transit engine. + // This key is used to encrypt and decrypt data. + // + // The key name must be between 1 and 512 characters and cannot contain spaces or forward slashes. + TransitKey *string `json:"transitKey,omitempty"` +} + +// VaultKMSConfigApplyConfiguration constructs a declarative configuration of the VaultKMSConfig type for use with +// apply. +func VaultKMSConfig() *VaultKMSConfigApplyConfiguration { + return &VaultKMSConfigApplyConfiguration{} +} + +// WithKMSPluginImage sets the KMSPluginImage field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KMSPluginImage field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithKMSPluginImage(value string) *VaultKMSConfigApplyConfiguration { + b.KMSPluginImage = &value + return b +} + +// WithVaultAddress sets the VaultAddress field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VaultAddress field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithVaultAddress(value string) *VaultKMSConfigApplyConfiguration { + b.VaultAddress = &value + return b +} + +// WithVaultNamespace sets the VaultNamespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VaultNamespace field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithVaultNamespace(value string) *VaultKMSConfigApplyConfiguration { + b.VaultNamespace = &value + return b +} + +// WithTLS sets the TLS field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLS field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithTLS(value *VaultTLSConfigApplyConfiguration) *VaultKMSConfigApplyConfiguration { + b.TLS = value + return b +} + +// WithAuthentication sets the Authentication field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authentication field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithAuthentication(value *VaultAuthenticationApplyConfiguration) *VaultKMSConfigApplyConfiguration { + b.Authentication = value + return b +} + +// WithTransitMount sets the TransitMount field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TransitMount field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithTransitMount(value string) *VaultKMSConfigApplyConfiguration { + b.TransitMount = &value + return b +} + +// WithTransitKey sets the TransitKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TransitKey field is set to the value of the last call. +func (b *VaultKMSConfigApplyConfiguration) WithTransitKey(value string) *VaultKMSConfigApplyConfiguration { + b.TransitKey = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go new file mode 100644 index 0000000000..5918611ed7 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaultsecretreference.go @@ -0,0 +1,28 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultSecretReferenceApplyConfiguration represents a declarative configuration of the VaultSecretReference type for use +// with apply. +// +// VaultSecretReference references a secret in the openshift-config namespace. +type VaultSecretReferenceApplyConfiguration struct { + // name is the metadata.name of the referenced secret in the openshift-config namespace. + // The name must be a valid DNS subdomain name: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + Name *string `json:"name,omitempty"` +} + +// VaultSecretReferenceApplyConfiguration constructs a declarative configuration of the VaultSecretReference type for use with +// apply. +func VaultSecretReference() *VaultSecretReferenceApplyConfiguration { + return &VaultSecretReferenceApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *VaultSecretReferenceApplyConfiguration) WithName(value string) *VaultSecretReferenceApplyConfiguration { + b.Name = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go new file mode 100644 index 0000000000..9fba4e1a42 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1/vaulttlsconfig.go @@ -0,0 +1,58 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +// VaultTLSConfigApplyConfiguration represents a declarative configuration of the VaultTLSConfig type for use +// with apply. +// +// VaultTLSConfig contains TLS configuration for connecting to Vault. +type VaultTLSConfigApplyConfiguration struct { + // caBundle references a ConfigMap in the openshift-config namespace containing + // the CA certificate bundle used to verify the TLS connection to the Vault server. + // The ConfigMap must contain the CA bundle in the key "ca-bundle.crt". + // When this field is not set, the system's trusted CA certificates are used. + // + // The namespace for the ConfigMap is openshift-config. + // + // Example ConfigMap: + // apiVersion: v1 + // kind: ConfigMap + // metadata: + // name: vault-ca-bundle + // namespace: openshift-config + // data: + // ca-bundle.crt: | + // -----BEGIN CERTIFICATE----- + // ... + // -----END CERTIFICATE----- + CABundle *VaultConfigMapReferenceApplyConfiguration `json:"caBundle,omitempty"` + // serverName specifies the Server Name Indication (SNI) to use when connecting to Vault via TLS. + // This is useful when the Vault server's hostname doesn't match its TLS certificate. + // When this field is not set, the hostname from vaultAddress is used for SNI. + // + // The value must be a valid DNS hostname: it must contain no more than 253 characters, + // contain only lowercase alphanumeric characters, '-' or '.', and start and end with an alphanumeric character. + ServerName *string `json:"serverName,omitempty"` +} + +// VaultTLSConfigApplyConfiguration constructs a declarative configuration of the VaultTLSConfig type for use with +// apply. +func VaultTLSConfig() *VaultTLSConfigApplyConfiguration { + return &VaultTLSConfigApplyConfiguration{} +} + +// WithCABundle sets the CABundle field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CABundle field is set to the value of the last call. +func (b *VaultTLSConfigApplyConfiguration) WithCABundle(value *VaultConfigMapReferenceApplyConfiguration) *VaultTLSConfigApplyConfiguration { + b.CABundle = value + return b +} + +// WithServerName sets the ServerName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServerName field is set to the value of the last call. +func (b *VaultTLSConfigApplyConfiguration) WithServerName(value string) *VaultTLSConfigApplyConfiguration { + b.ServerName = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go new file mode 100644 index 0000000000..6a699cd82a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/additionalalertmanagerconfig.go @@ -0,0 +1,119 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// AdditionalAlertmanagerConfigApplyConfiguration represents a declarative configuration of the AdditionalAlertmanagerConfig type for use +// with apply. +// +// AdditionalAlertmanagerConfig represents configuration for additional Alertmanager instances. +// The `AdditionalAlertmanagerConfig` resource defines settings for how a +// component communicates with additional Alertmanager instances. +type AdditionalAlertmanagerConfigApplyConfiguration struct { + // name is a unique identifier for this Alertmanager configuration entry. + // The name must be a valid DNS subdomain (RFC 1123): lowercase alphanumeric characters, + // hyphens, or periods, and must start and end with an alphanumeric character. + // Minimum length is 1 character (empty string is invalid). + // Maximum length is 253 characters. + Name *string `json:"name,omitempty"` + // authorization configures the authentication method for Alertmanager connections. + // Supports bearer token authentication. When omitted, no authentication is used. + Authorization *AuthorizationConfigApplyConfiguration `json:"authorization,omitempty"` + // pathPrefix defines an optional URL path prefix to prepend to the Alertmanager API endpoints. + // For example, if your Alertmanager is behind a reverse proxy at "/alertmanager/", + // set this to "/alertmanager" so requests go to "/alertmanager/api/v1/alerts" instead of "/api/v1/alerts". + // This is commonly needed when Alertmanager is deployed behind ingress controllers or load balancers. + // When no prefix is needed, omit this field; do not set it to "/" as that would produce paths with double slashes (e.g. "//api/v1/alerts"). + // Must start with "/", must not end with "/", and must not be exactly "/". + // Must not contain query strings ("?") or fragments ("#"). + PathPrefix *string `json:"pathPrefix,omitempty"` + // scheme defines the URL scheme to use when communicating with Alertmanager + // instances. + // Possible values are `HTTP` or `HTTPS`. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is `HTTP`. + Scheme *configv1alpha1.AlertmanagerScheme `json:"scheme,omitempty"` + // staticConfigs is a list of statically configured Alertmanager endpoints in the form + // of `:`. Each entry must be a valid hostname, IPv4 address, or IPv6 address + // (in brackets) followed by a colon and a valid port number (1-65535). + // Examples: "alertmanager.example.com:9093", "192.168.1.100:9093", "[::1]:9093" + // At least one endpoint must be specified (minimum 1, maximum 10 endpoints). + // Each entry must be unique and non-empty (empty string is invalid). + StaticConfigs []string `json:"staticConfigs,omitempty"` + // timeoutSeconds defines the timeout in seconds for requests to Alertmanager. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Currently the default is 10 seconds. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + TimeoutSeconds *int32 `json:"timeoutSeconds,omitempty"` + // tlsConfig defines the TLS settings to use for Alertmanager connections. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` +} + +// AdditionalAlertmanagerConfigApplyConfiguration constructs a declarative configuration of the AdditionalAlertmanagerConfig type for use with +// apply. +func AdditionalAlertmanagerConfig() *AdditionalAlertmanagerConfigApplyConfiguration { + return &AdditionalAlertmanagerConfigApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithName(value string) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Name = &value + return b +} + +// WithAuthorization sets the Authorization field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Authorization field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithAuthorization(value *AuthorizationConfigApplyConfiguration) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Authorization = value + return b +} + +// WithPathPrefix sets the PathPrefix field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PathPrefix field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithPathPrefix(value string) *AdditionalAlertmanagerConfigApplyConfiguration { + b.PathPrefix = &value + return b +} + +// WithScheme sets the Scheme field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Scheme field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithScheme(value configv1alpha1.AlertmanagerScheme) *AdditionalAlertmanagerConfigApplyConfiguration { + b.Scheme = &value + return b +} + +// WithStaticConfigs adds the given value to the StaticConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the StaticConfigs field. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithStaticConfigs(values ...string) *AdditionalAlertmanagerConfigApplyConfiguration { + for i := range values { + b.StaticConfigs = append(b.StaticConfigs, values[i]) + } + return b +} + +// WithTimeoutSeconds sets the TimeoutSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TimeoutSeconds field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithTimeoutSeconds(value int32) *AdditionalAlertmanagerConfigApplyConfiguration { + b.TimeoutSeconds = &value + return b +} + +// WithTLSConfig sets the TLSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSConfig field is set to the value of the last call. +func (b *AdditionalAlertmanagerConfigApplyConfiguration) WithTLSConfig(value *TLSConfigApplyConfiguration) *AdditionalAlertmanagerConfigApplyConfiguration { + b.TLSConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go index ebc4e4a6be..c47130a180 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/alertmanagercustomconfig.go @@ -47,7 +47,7 @@ type AlertmanagerCustomConfigApplyConfiguration struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` @@ -90,12 +90,10 @@ type AlertmanagerCustomConfigApplyConfiguration struct { // Minimum length for this list is 1. // Entries must have unique topologyKey and whenUnsatisfiable pairs. TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // volumeClaimTemplate Defines persistent storage for Alertmanager. Use this setting to - // configure the persistent volume claim, including storage class, volume - // size, and name. + // volumeClaimTemplate defines persistent storage for Alertmanager. Use this setting to + // configure the persistent volume claim, including storage class and volume size. // If omitted, the Pod uses ephemeral storage and alert data will not persist // across restarts. - // This field is optional. VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` } diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go new file mode 100644 index 0000000000..87d7c7eefe --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/authorizationconfig.go @@ -0,0 +1,44 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// AuthorizationConfigApplyConfiguration represents a declarative configuration of the AuthorizationConfig type for use +// with apply. +// +// AuthorizationConfig defines the authentication method for Alertmanager connections. +type AuthorizationConfigApplyConfiguration struct { + // type specifies the authentication type to use. + // Valid value is "BearerToken" (bearer token authentication). + // When set to BearerToken, the bearerToken field must be specified. + Type *configv1alpha1.AuthorizationType `json:"type,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + // The secret must exist in the openshift-monitoring namespace. + BearerToken *SecretKeySelectorApplyConfiguration `json:"bearerToken,omitempty"` +} + +// AuthorizationConfigApplyConfiguration constructs a declarative configuration of the AuthorizationConfig type for use with +// apply. +func AuthorizationConfig() *AuthorizationConfigApplyConfiguration { + return &AuthorizationConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *AuthorizationConfigApplyConfiguration) WithType(value configv1alpha1.AuthorizationType) *AuthorizationConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithBearerToken sets the BearerToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BearerToken field is set to the value of the last call. +func (b *AuthorizationConfigApplyConfiguration) WithBearerToken(value *SecretKeySelectorApplyConfiguration) *AuthorizationConfigApplyConfiguration { + b.BearerToken = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go new file mode 100644 index 0000000000..efad66668a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/basicauth.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// BasicAuthApplyConfiguration represents a declarative configuration of the BasicAuth type for use +// with apply. +// +// BasicAuth defines basic authentication settings for the remote write endpoint URL. +type BasicAuthApplyConfiguration struct { + // username defines the secret reference containing the username for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + Username *SecretKeySelectorApplyConfiguration `json:"username,omitempty"` + // password defines the secret reference containing the password for basic authentication. + // The secret must exist in the openshift-monitoring namespace. + Password *SecretKeySelectorApplyConfiguration `json:"password,omitempty"` +} + +// BasicAuthApplyConfiguration constructs a declarative configuration of the BasicAuth type for use with +// apply. +func BasicAuth() *BasicAuthApplyConfiguration { + return &BasicAuthApplyConfiguration{} +} + +// WithUsername sets the Username field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Username field is set to the value of the last call. +func (b *BasicAuthApplyConfiguration) WithUsername(value *SecretKeySelectorApplyConfiguration) *BasicAuthApplyConfiguration { + b.Username = value + return b +} + +// WithPassword sets the Password field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Password field is set to the value of the last call. +func (b *BasicAuthApplyConfiguration) WithPassword(value *SecretKeySelectorApplyConfiguration) *BasicAuthApplyConfiguration { + b.Password = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 19a6917f99..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,277 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - internal "github.com/openshift/client-go/config/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ClusterImagePolicyApplyConfiguration represents a declarative configuration of the ClusterImagePolicy type for use -// with apply. -// -// # ClusterImagePolicy holds cluster-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type ClusterImagePolicyApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec contains the configuration for the cluster image policy. - Spec *ClusterImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - // status contains the observed state of the resource. - Status *ClusterImagePolicyStatusApplyConfiguration `json:"status,omitempty"` -} - -// ClusterImagePolicy constructs a declarative configuration of the ClusterImagePolicy type for use with -// apply. -func ClusterImagePolicy(name string) *ClusterImagePolicyApplyConfiguration { - b := &ClusterImagePolicyApplyConfiguration{} - b.WithName(name) - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") - return b -} - -// ExtractClusterImagePolicyFrom extracts the applied configuration owned by fieldManager from -// clusterImagePolicy for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractClusterImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractClusterImagePolicyFrom(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string, subresource string) (*ClusterImagePolicyApplyConfiguration, error) { - b := &ClusterImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(clusterImagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ClusterImagePolicy"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(clusterImagePolicy.Name) - - b.WithKind("ClusterImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") - return b, nil -} - -// ExtractClusterImagePolicy extracts the applied configuration owned by fieldManager from -// clusterImagePolicy. If no managedFields are found in clusterImagePolicy for fieldManager, a -// ClusterImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// clusterImagePolicy must be a unmodified ClusterImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractClusterImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractClusterImagePolicy(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "") -} - -// ExtractClusterImagePolicyStatus extracts the applied configuration owned by fieldManager from -// clusterImagePolicy for the status subresource. -func ExtractClusterImagePolicyStatus(clusterImagePolicy *configv1alpha1.ClusterImagePolicy, fieldManager string) (*ClusterImagePolicyApplyConfiguration, error) { - return ExtractClusterImagePolicyFrom(clusterImagePolicy, fieldManager, "status") -} - -func (b ClusterImagePolicyApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithKind(value string) *ClusterImagePolicyApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithAPIVersion(value string) *ClusterImagePolicyApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithName(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithGenerateName(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithNamespace(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithUID(value types.UID) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithResourceVersion(value string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithGeneration(value int64) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *ClusterImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *ClusterImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *ClusterImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *ClusterImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ClusterImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *ClusterImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithSpec(value *ClusterImagePolicySpecApplyConfiguration) *ClusterImagePolicyApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *ClusterImagePolicyApplyConfiguration) WithStatus(value *ClusterImagePolicyStatusApplyConfiguration) *ClusterImagePolicyApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *ClusterImagePolicyApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go deleted file mode 100644 index 135aa592aa..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicyspec.go +++ /dev/null @@ -1,53 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// ClusterImagePolicySpecApplyConfiguration represents a declarative configuration of the ClusterImagePolicySpec type for use -// with apply. -// -// CLusterImagePolicySpec is the specification of the ClusterImagePolicy custom resource. -type ClusterImagePolicySpecApplyConfiguration struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - Scopes []configv1alpha1.ImageScope `json:"scopes,omitempty"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` -} - -// ClusterImagePolicySpecApplyConfiguration constructs a declarative configuration of the ClusterImagePolicySpec type for use with -// apply. -func ClusterImagePolicySpec() *ClusterImagePolicySpecApplyConfiguration { - return &ClusterImagePolicySpecApplyConfiguration{} -} - -// WithScopes adds the given value to the Scopes field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Scopes field. -func (b *ClusterImagePolicySpecApplyConfiguration) WithScopes(values ...configv1alpha1.ImageScope) *ClusterImagePolicySpecApplyConfiguration { - for i := range values { - b.Scopes = append(b.Scopes, values[i]) - } - return b -} - -// WithPolicy sets the Policy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Policy field is set to the value of the last call. -func (b *ClusterImagePolicySpecApplyConfiguration) WithPolicy(value *ImageSigstoreVerificationPolicyApplyConfiguration) *ClusterImagePolicySpecApplyConfiguration { - b.Policy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go deleted file mode 100644 index e01b2cac34..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clusterimagepolicystatus.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ClusterImagePolicyStatusApplyConfiguration represents a declarative configuration of the ClusterImagePolicyStatus type for use -// with apply. -type ClusterImagePolicyStatusApplyConfiguration struct { - // conditions provide details on the status of this API Resource. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// ClusterImagePolicyStatusApplyConfiguration constructs a declarative configuration of the ClusterImagePolicyStatus type for use with -// apply. -func ClusterImagePolicyStatus() *ClusterImagePolicyStatusApplyConfiguration { - return &ClusterImagePolicyStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *ClusterImagePolicyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *ClusterImagePolicyStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go index 53f29c3fdc..35ec6d14e6 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/clustermonitoringspec.go @@ -18,6 +18,18 @@ type ClusterMonitoringSpecApplyConfiguration struct { // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. // The current default value is `DefaultConfig`. AlertmanagerConfig *AlertmanagerConfigApplyConfiguration `json:"alertmanagerConfig,omitempty"` + // prometheusConfig provides configuration options for the default platform Prometheus instance + // that runs in the `openshift-monitoring` namespace. This configuration applies only to the + // platform Prometheus instance; user-workload Prometheus instances are configured separately. + // + // This field allows you to customize how the platform Prometheus is deployed and operated, including: + // - Pod scheduling (node selectors, tolerations, topology spread constraints) + // - Resource allocation (CPU, memory requests/limits) + // - Retention policies (how long metrics are stored) + // - External integrations (remote write, additional alertmanagers) + // + // This field is optional. When omitted, the platform chooses reasonable defaults, which may change over time. + PrometheusConfig *PrometheusConfigApplyConfiguration `json:"prometheusConfig,omitempty"` // metricsServerConfig is an optional field that can be used to configure the Kubernetes Metrics Server that runs in the openshift-monitoring namespace. // Specifically, it can configure how the Metrics Server instance is deployed, pod scheduling, its audit policy and log verbosity. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. @@ -33,6 +45,39 @@ type ClusterMonitoringSpecApplyConfiguration struct { // between API versions. // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. PrometheusOperatorAdmissionWebhookConfig *PrometheusOperatorAdmissionWebhookConfigApplyConfiguration `json:"prometheusOperatorAdmissionWebhookConfig,omitempty"` + // openShiftStateMetricsConfig is an optional field that can be used to configure the openshift-state-metrics + // agent that runs in the openshift-monitoring namespace. The openshift-state-metrics agent generates metrics + // about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + OpenShiftStateMetricsConfig *OpenShiftStateMetricsConfigApplyConfiguration `json:"openShiftStateMetricsConfig,omitempty"` + // telemeterClientConfig is an optional field that can be used to configure the Telemeter Client + // component that runs in the openshift-monitoring namespace. The Telemeter Client collects + // selected monitoring metrics and forwards them to Red Hat for telemetry purposes. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // When set, at least one field must be specified within telemeterClientConfig. + TelemeterClientConfig *TelemeterClientConfigApplyConfiguration `json:"telemeterClientConfig,omitempty"` + // thanosQuerierConfig is an optional field that can be used to configure the Thanos Querier + // component that runs in the openshift-monitoring namespace. The Thanos Querier provides + // a global query view by aggregating and deduplicating metrics from multiple Prometheus instances. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the Thanos Querier on linux nodes with 5m CPU and 12Mi memory + // requests, and no custom tolerations or topology spread constraints. + // When set, at least one field must be specified within thanosQuerierConfig. + ThanosQuerierConfig *ThanosQuerierConfigApplyConfiguration `json:"thanosQuerierConfig,omitempty"` + // nodeExporterConfig is an optional field that can be used to configure the node-exporter agent + // that runs as a DaemonSet in the openshift-monitoring namespace. The node-exporter agent collects + // hardware and OS-level metrics from every node in the cluster. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + NodeExporterConfig *NodeExporterConfigApplyConfiguration `json:"nodeExporterConfig,omitempty"` + // monitoringPluginConfig is an optional field that can be used to configure the monitoring plugin + // that runs as a dynamic plugin of the OpenShift web console. The monitoring plugin provides + // the monitoring UI in the OpenShift web console for visualizing metrics, alerts, and dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default deploys the monitoring-plugin as a single-replica Deployment + // on linux nodes with 10m CPU and 50Mi memory requests, and no custom tolerations + // or topology spread constraints. + // When set, at least one field must be specified within monitoringPluginConfig. + MonitoringPluginConfig *MonitoringPluginConfigApplyConfiguration `json:"monitoringPluginConfig,omitempty"` } // ClusterMonitoringSpecApplyConfiguration constructs a declarative configuration of the ClusterMonitoringSpec type for use with @@ -57,6 +102,14 @@ func (b *ClusterMonitoringSpecApplyConfiguration) WithAlertmanagerConfig(value * return b } +// WithPrometheusConfig sets the PrometheusConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the PrometheusConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithPrometheusConfig(value *PrometheusConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.PrometheusConfig = value + return b +} + // WithMetricsServerConfig sets the MetricsServerConfig field in the declarative configuration to the given value // and returns the receiver, so that objects can be built by chaining "With" function invocations. // If called multiple times, the MetricsServerConfig field is set to the value of the last call. @@ -80,3 +133,43 @@ func (b *ClusterMonitoringSpecApplyConfiguration) WithPrometheusOperatorAdmissio b.PrometheusOperatorAdmissionWebhookConfig = value return b } + +// WithOpenShiftStateMetricsConfig sets the OpenShiftStateMetricsConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OpenShiftStateMetricsConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithOpenShiftStateMetricsConfig(value *OpenShiftStateMetricsConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.OpenShiftStateMetricsConfig = value + return b +} + +// WithTelemeterClientConfig sets the TelemeterClientConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TelemeterClientConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithTelemeterClientConfig(value *TelemeterClientConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.TelemeterClientConfig = value + return b +} + +// WithThanosQuerierConfig sets the ThanosQuerierConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ThanosQuerierConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithThanosQuerierConfig(value *ThanosQuerierConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.ThanosQuerierConfig = value + return b +} + +// WithNodeExporterConfig sets the NodeExporterConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NodeExporterConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithNodeExporterConfig(value *NodeExporterConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.NodeExporterConfig = value + return b +} + +// WithMonitoringPluginConfig sets the MonitoringPluginConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MonitoringPluginConfig field is set to the value of the last call. +func (b *ClusterMonitoringSpecApplyConfiguration) WithMonitoringPluginConfig(value *MonitoringPluginConfigApplyConfiguration) *ClusterMonitoringSpecApplyConfiguration { + b.MonitoringPluginConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go index d600828b01..2240e1b154 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/containerresource.go @@ -9,6 +9,12 @@ import ( // ContainerResourceApplyConfiguration represents a declarative configuration of the ContainerResource type for use // with apply. // +// MaxItems on []ContainerResource fields is kept at 5 to stay within the +// Kubernetes CRD CEL validation cost budget (StaticEstimatedCRDCostLimit). +// The quantity() CEL function has a high fixed estimated cost per invocation, +// and the limit-vs-request comparison rule is costed per maxItems per location. +// With multiple structs in ClusterMonitoringSpec embedding []ContainerResource, +// maxItems > 5 causes the total estimated rule cost to exceed the budget. // ContainerResource defines a single resource requirement for a container. type ContainerResourceApplyConfiguration struct { // name of the resource (e.g. "cpu", "memory", "hugepages-2Mi"). @@ -18,6 +24,7 @@ type ContainerResourceApplyConfiguration struct { // request is the minimum amount of the resource required (e.g. "2Mi", "1Gi"). // This field is optional. // When limit is specified, request cannot be greater than limit. + // The value must be greater than 0 when specified. Request *resource.Quantity `json:"request,omitempty"` // limit is the maximum amount of the resource allowed (e.g. "2Mi", "1Gi"). // This field is optional. diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go new file mode 100644 index 0000000000..1e0a8e0014 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/dropequalactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// DropEqualActionConfigApplyConfiguration represents a declarative configuration of the DropEqualActionConfig type for use +// with apply. +// +// DropEqualActionConfig configures the DropEqual action. +// Drops targets for which the concatenated source_labels do match the value of target_label. +// Requires Prometheus >= v2.41.0. +type DropEqualActionConfigApplyConfiguration struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that match are dropped. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// DropEqualActionConfigApplyConfiguration constructs a declarative configuration of the DropEqualActionConfig type for use with +// apply. +func DropEqualActionConfig() *DropEqualActionConfigApplyConfiguration { + return &DropEqualActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *DropEqualActionConfigApplyConfiguration) WithTargetLabel(value string) *DropEqualActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go new file mode 100644 index 0000000000..453795b42b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/hashmodactionconfig.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// HashModActionConfigApplyConfiguration represents a declarative configuration of the HashModActionConfig type for use +// with apply. +// +// HashModActionConfig configures the HashMod action. +// target_label is set to the modulus of a hash of the concatenated source_labels (target = hash % modulus). +type HashModActionConfigApplyConfiguration struct { + // targetLabel is the label name where the hash modulus result is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` + // modulus is the divisor applied to the hash of the concatenated source label values (target = hash % modulus). + // Required when using the HashMod action so the intended behavior is explicit. + // Must be between 1 and 1000000. + Modulus *int64 `json:"modulus,omitempty"` +} + +// HashModActionConfigApplyConfiguration constructs a declarative configuration of the HashModActionConfig type for use with +// apply. +func HashModActionConfig() *HashModActionConfigApplyConfiguration { + return &HashModActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *HashModActionConfigApplyConfiguration) WithTargetLabel(value string) *HashModActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} + +// WithModulus sets the Modulus field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Modulus field is set to the value of the last call. +func (b *HashModActionConfigApplyConfiguration) WithModulus(value int64) *HashModActionConfigApplyConfiguration { + b.Modulus = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go deleted file mode 100644 index 68a813c1af..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,279 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - internal "github.com/openshift/client-go/config/applyconfigurations/internal" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - managedfields "k8s.io/apimachinery/pkg/util/managedfields" - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ImagePolicyApplyConfiguration represents a declarative configuration of the ImagePolicy type for use -// with apply. -// -// # ImagePolicy holds namespace-wide configuration for image signature verification -// -// Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support. -type ImagePolicyApplyConfiguration struct { - v1.TypeMetaApplyConfiguration `json:",inline"` - // metadata is the standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` - // spec holds user settable values for configuration - Spec *ImagePolicySpecApplyConfiguration `json:"spec,omitempty"` - // status contains the observed state of the resource. - Status *ImagePolicyStatusApplyConfiguration `json:"status,omitempty"` -} - -// ImagePolicy constructs a declarative configuration of the ImagePolicy type for use with -// apply. -func ImagePolicy(name, namespace string) *ImagePolicyApplyConfiguration { - b := &ImagePolicyApplyConfiguration{} - b.WithName(name) - b.WithNamespace(namespace) - b.WithKind("ImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") - return b -} - -// ExtractImagePolicyFrom extracts the applied configuration owned by fieldManager from -// imagePolicy for the specified subresource. Pass an empty string for subresource to extract -// the main resource. Common subresources include "status", "scale", etc. -// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractImagePolicyFrom provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractImagePolicyFrom(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string, subresource string) (*ImagePolicyApplyConfiguration, error) { - b := &ImagePolicyApplyConfiguration{} - err := managedfields.ExtractInto(imagePolicy, internal.Parser().Type("com.github.openshift.api.config.v1alpha1.ImagePolicy"), fieldManager, b, subresource) - if err != nil { - return nil, err - } - b.WithName(imagePolicy.Name) - b.WithNamespace(imagePolicy.Namespace) - - b.WithKind("ImagePolicy") - b.WithAPIVersion("config.openshift.io/v1alpha1") - return b, nil -} - -// ExtractImagePolicy extracts the applied configuration owned by fieldManager from -// imagePolicy. If no managedFields are found in imagePolicy for fieldManager, a -// ImagePolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), -// APIVersion and Kind populated. It is possible that no managed fields were found for because other -// field managers have taken ownership of all the fields previously owned by fieldManager, or because -// the fieldManager never owned fields any fields. -// imagePolicy must be a unmodified ImagePolicy API object that was retrieved from the Kubernetes API. -// ExtractImagePolicy provides a way to perform a extract/modify-in-place/apply workflow. -// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously -// applied if another fieldManager has updated or force applied any of the previously applied fields. -func ExtractImagePolicy(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return ExtractImagePolicyFrom(imagePolicy, fieldManager, "") -} - -// ExtractImagePolicyStatus extracts the applied configuration owned by fieldManager from -// imagePolicy for the status subresource. -func ExtractImagePolicyStatus(imagePolicy *configv1alpha1.ImagePolicy, fieldManager string) (*ImagePolicyApplyConfiguration, error) { - return ExtractImagePolicyFrom(imagePolicy, fieldManager, "status") -} - -func (b ImagePolicyApplyConfiguration) IsApplyConfiguration() {} - -// WithKind sets the Kind field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Kind field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithKind(value string) *ImagePolicyApplyConfiguration { - b.TypeMetaApplyConfiguration.Kind = &value - return b -} - -// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the APIVersion field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithAPIVersion(value string) *ImagePolicyApplyConfiguration { - b.TypeMetaApplyConfiguration.APIVersion = &value - return b -} - -// WithName sets the Name field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Name field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithName(value string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Name = &value - return b -} - -// WithGenerateName sets the GenerateName field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the GenerateName field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithGenerateName(value string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.GenerateName = &value - return b -} - -// WithNamespace sets the Namespace field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Namespace field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithNamespace(value string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Namespace = &value - return b -} - -// WithUID sets the UID field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the UID field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithUID(value types.UID) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.UID = &value - return b -} - -// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the ResourceVersion field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithResourceVersion(value string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.ResourceVersion = &value - return b -} - -// WithGeneration sets the Generation field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Generation field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithGeneration(value int64) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.Generation = &value - return b -} - -// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the CreationTimestamp field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.CreationTimestamp = &value - return b -} - -// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionTimestamp field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value - return b -} - -// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value - return b -} - -// WithLabels puts the entries into the Labels field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Labels field, -// overwriting an existing map entries in Labels field with the same key. -func (b *ImagePolicyApplyConfiguration) WithLabels(entries map[string]string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Labels[k] = v - } - return b -} - -// WithAnnotations puts the entries into the Annotations field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, the entries provided by each call will be put on the Annotations field, -// overwriting an existing map entries in Annotations field with the same key. -func (b *ImagePolicyApplyConfiguration) WithAnnotations(entries map[string]string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 { - b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries)) - } - for k, v := range entries { - b.ObjectMetaApplyConfiguration.Annotations[k] = v - } - return b -} - -// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the OwnerReferences field. -func (b *ImagePolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - if values[i] == nil { - panic("nil value passed to WithOwnerReferences") - } - b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i]) - } - return b -} - -// WithFinalizers adds the given value to the Finalizers field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Finalizers field. -func (b *ImagePolicyApplyConfiguration) WithFinalizers(values ...string) *ImagePolicyApplyConfiguration { - b.ensureObjectMetaApplyConfigurationExists() - for i := range values { - b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i]) - } - return b -} - -func (b *ImagePolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { - if b.ObjectMetaApplyConfiguration == nil { - b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} - } -} - -// WithSpec sets the Spec field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Spec field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithSpec(value *ImagePolicySpecApplyConfiguration) *ImagePolicyApplyConfiguration { - b.Spec = value - return b -} - -// WithStatus sets the Status field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Status field is set to the value of the last call. -func (b *ImagePolicyApplyConfiguration) WithStatus(value *ImagePolicyStatusApplyConfiguration) *ImagePolicyApplyConfiguration { - b.Status = value - return b -} - -// GetKind retrieves the value of the Kind field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetKind() *string { - return b.TypeMetaApplyConfiguration.Kind -} - -// GetAPIVersion retrieves the value of the APIVersion field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetAPIVersion() *string { - return b.TypeMetaApplyConfiguration.APIVersion -} - -// GetName retrieves the value of the Name field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetName() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Name -} - -// GetNamespace retrieves the value of the Namespace field in the declarative configuration. -func (b *ImagePolicyApplyConfiguration) GetNamespace() *string { - b.ensureObjectMetaApplyConfigurationExists() - return b.ObjectMetaApplyConfiguration.Namespace -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go deleted file mode 100644 index c9299e5000..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyfulciocawithrekorrootoftrust.go +++ /dev/null @@ -1,52 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use -// with apply. -// -// ImagePolicyFulcioCAWithRekorRootOfTrust defines the root of trust based on the Fulcio certificate and the Rekor public key. -type ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration struct { - // fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. - // fulcioCAData must be at most 8192 characters. - FulcioCAData []byte `json:"fulcioCAData,omitempty"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - RekorKeyData []byte `json:"rekorKeyData,omitempty"` - // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. - FulcioSubject *PolicyFulcioSubjectApplyConfiguration `json:"fulcioSubject,omitempty"` -} - -// ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyFulcioCAWithRekorRootOfTrust type for use with -// apply. -func ImagePolicyFulcioCAWithRekorRootOfTrust() *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - return &ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration{} -} - -// WithFulcioCAData adds the given value to the FulcioCAData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the FulcioCAData field. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithFulcioCAData(values ...byte) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - for i := range values { - b.FulcioCAData = append(b.FulcioCAData, values[i]) - } - return b -} - -// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the RekorKeyData field. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithRekorKeyData(values ...byte) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - for i := range values { - b.RekorKeyData = append(b.RekorKeyData, values[i]) - } - return b -} - -// WithFulcioSubject sets the FulcioSubject field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the FulcioSubject field is set to the value of the last call. -func (b *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) WithFulcioSubject(value *PolicyFulcioSubjectApplyConfiguration) *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration { - b.FulcioSubject = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go deleted file mode 100644 index 42c3c0aa7c..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypkirootoftrust.go +++ /dev/null @@ -1,51 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyPKIRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPKIRootOfTrust type for use -// with apply. -// -// ImagePolicyPKIRootOfTrust defines the root of trust based on Root CA(s) and corresponding intermediate certificates. -type ImagePolicyPKIRootOfTrustApplyConfiguration struct { - // caRootsData contains base64-encoded data of a certificate bundle PEM file, which contains one or more CA roots in the PEM format. The total length of the data must not exceed 8192 characters. - CertificateAuthorityRootsData []byte `json:"caRootsData,omitempty"` - // caIntermediatesData contains base64-encoded data of a certificate bundle PEM file, which contains one or more intermediate certificates in the PEM format. The total length of the data must not exceed 8192 characters. - // caIntermediatesData requires caRootsData to be set. - CertificateAuthorityIntermediatesData []byte `json:"caIntermediatesData,omitempty"` - // pkiCertificateSubject defines the requirements imposed on the subject to which the certificate was issued. - PKICertificateSubject *PKICertificateSubjectApplyConfiguration `json:"pkiCertificateSubject,omitempty"` -} - -// ImagePolicyPKIRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPKIRootOfTrust type for use with -// apply. -func ImagePolicyPKIRootOfTrust() *ImagePolicyPKIRootOfTrustApplyConfiguration { - return &ImagePolicyPKIRootOfTrustApplyConfiguration{} -} - -// WithCertificateAuthorityRootsData adds the given value to the CertificateAuthorityRootsData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the CertificateAuthorityRootsData field. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithCertificateAuthorityRootsData(values ...byte) *ImagePolicyPKIRootOfTrustApplyConfiguration { - for i := range values { - b.CertificateAuthorityRootsData = append(b.CertificateAuthorityRootsData, values[i]) - } - return b -} - -// WithCertificateAuthorityIntermediatesData adds the given value to the CertificateAuthorityIntermediatesData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the CertificateAuthorityIntermediatesData field. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithCertificateAuthorityIntermediatesData(values ...byte) *ImagePolicyPKIRootOfTrustApplyConfiguration { - for i := range values { - b.CertificateAuthorityIntermediatesData = append(b.CertificateAuthorityIntermediatesData, values[i]) - } - return b -} - -// WithPKICertificateSubject sets the PKICertificateSubject field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PKICertificateSubject field is set to the value of the last call. -func (b *ImagePolicyPKIRootOfTrustApplyConfiguration) WithPKICertificateSubject(value *PKICertificateSubjectApplyConfiguration) *ImagePolicyPKIRootOfTrustApplyConfiguration { - b.PKICertificateSubject = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go deleted file mode 100644 index 317b1be6ad..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicypublickeyrootoftrust.go +++ /dev/null @@ -1,42 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImagePolicyPublicKeyRootOfTrustApplyConfiguration represents a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use -// with apply. -// -// ImagePolicyPublicKeyRootOfTrust defines the root of trust based on a sigstore public key. -type ImagePolicyPublicKeyRootOfTrustApplyConfiguration struct { - // keyData contains inline base64-encoded data for the PEM format public key. - // KeyData must be at most 8192 characters. - KeyData []byte `json:"keyData,omitempty"` - // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. - // rekorKeyData must be at most 8192 characters. - RekorKeyData []byte `json:"rekorKeyData,omitempty"` -} - -// ImagePolicyPublicKeyRootOfTrustApplyConfiguration constructs a declarative configuration of the ImagePolicyPublicKeyRootOfTrust type for use with -// apply. -func ImagePolicyPublicKeyRootOfTrust() *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - return &ImagePolicyPublicKeyRootOfTrustApplyConfiguration{} -} - -// WithKeyData adds the given value to the KeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the KeyData field. -func (b *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) WithKeyData(values ...byte) *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - for i := range values { - b.KeyData = append(b.KeyData, values[i]) - } - return b -} - -// WithRekorKeyData adds the given value to the RekorKeyData field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the RekorKeyData field. -func (b *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) WithRekorKeyData(values ...byte) *ImagePolicyPublicKeyRootOfTrustApplyConfiguration { - for i := range values { - b.RekorKeyData = append(b.RekorKeyData, values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go deleted file mode 100644 index 0d8cbf64b7..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicyspec.go +++ /dev/null @@ -1,53 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// ImagePolicySpecApplyConfiguration represents a declarative configuration of the ImagePolicySpec type for use -// with apply. -// -// ImagePolicySpec is the specification of the ImagePolicy CRD. -type ImagePolicySpecApplyConfiguration struct { - // scopes defines the list of image identities assigned to a policy. Each item refers to a scope in a registry implementing the "Docker Registry HTTP API V2". - // Scopes matching individual images are named Docker references in the fully expanded form, either using a tag or digest. For example, docker.io/library/busybox:latest (not busybox:latest). - // More general scopes are prefixes of individual-image scopes, and specify a repository (by omitting the tag or digest), a repository - // namespace, or a registry host (by only specifying the host name and possibly a port number) or a wildcard expression starting with `*.`, for matching all subdomains (not including a port number). - // Wildcards are only supported for subdomain matching, and may not be used in the middle of the host, i.e. *.example.com is a valid case, but example*.*.com is not. - // If multiple scopes match a given image, only the policy requirements for the most specific scope apply. The policy requirements for more general scopes are ignored. - // In addition to setting a policy appropriate for your own deployed applications, make sure that a policy on the OpenShift image repositories - // quay.io/openshift-release-dev/ocp-release, quay.io/openshift-release-dev/ocp-v4.0-art-dev (or on a more general scope) allows deployment of the OpenShift images required for cluster operation. - // If a scope is configured in both the ClusterImagePolicy and the ImagePolicy, or if the scope in ImagePolicy is nested under one of the scopes from the ClusterImagePolicy, only the policy from the ClusterImagePolicy will be applied. - // For additional details about the format, please refer to the document explaining the docker transport field, - // which can be found at: https://github.com/containers/image/blob/main/docs/containers-policy.json.5.md#docker - Scopes []configv1alpha1.ImageScope `json:"scopes,omitempty"` - // policy contains configuration to allow scopes to be verified, and defines how - // images not matching the verification policy will be treated. - Policy *ImageSigstoreVerificationPolicyApplyConfiguration `json:"policy,omitempty"` -} - -// ImagePolicySpecApplyConfiguration constructs a declarative configuration of the ImagePolicySpec type for use with -// apply. -func ImagePolicySpec() *ImagePolicySpecApplyConfiguration { - return &ImagePolicySpecApplyConfiguration{} -} - -// WithScopes adds the given value to the Scopes field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Scopes field. -func (b *ImagePolicySpecApplyConfiguration) WithScopes(values ...configv1alpha1.ImageScope) *ImagePolicySpecApplyConfiguration { - for i := range values { - b.Scopes = append(b.Scopes, values[i]) - } - return b -} - -// WithPolicy sets the Policy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Policy field is set to the value of the last call. -func (b *ImagePolicySpecApplyConfiguration) WithPolicy(value *ImageSigstoreVerificationPolicyApplyConfiguration) *ImagePolicySpecApplyConfiguration { - b.Policy = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go deleted file mode 100644 index 59fc118561..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagepolicystatus.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/client-go/applyconfigurations/meta/v1" -) - -// ImagePolicyStatusApplyConfiguration represents a declarative configuration of the ImagePolicyStatus type for use -// with apply. -type ImagePolicyStatusApplyConfiguration struct { - // conditions provide details on the status of this API Resource. - Conditions []v1.ConditionApplyConfiguration `json:"conditions,omitempty"` -} - -// ImagePolicyStatusApplyConfiguration constructs a declarative configuration of the ImagePolicyStatus type for use with -// apply. -func ImagePolicyStatus() *ImagePolicyStatusApplyConfiguration { - return &ImagePolicyStatusApplyConfiguration{} -} - -// WithConditions adds the given value to the Conditions field in the declarative configuration -// and returns the receiver, so that objects can be build by chaining "With" function invocations. -// If called multiple times, values provided by each call will be appended to the Conditions field. -func (b *ImagePolicyStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *ImagePolicyStatusApplyConfiguration { - for i := range values { - if values[i] == nil { - panic("nil value passed to WithConditions") - } - b.Conditions = append(b.Conditions, *values[i]) - } - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go deleted file mode 100644 index 3fa4e27478..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/imagesigstoreverificationpolicy.go +++ /dev/null @@ -1,36 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// ImageSigstoreVerificationPolicyApplyConfiguration represents a declarative configuration of the ImageSigstoreVerificationPolicy type for use -// with apply. -// -// ImageSigstoreVerificationPolicy defines the verification policy for the items in the scopes list. -type ImageSigstoreVerificationPolicyApplyConfiguration struct { - // rootOfTrust specifies the root of trust for the policy. - RootOfTrust *PolicyRootOfTrustApplyConfiguration `json:"rootOfTrust,omitempty"` - // signedIdentity specifies what image identity the signature claims about the image. The required matchPolicy field specifies the approach used in the verification process to verify the identity in the signature and the actual image identity, the default matchPolicy is "MatchRepoDigestOrExact". - SignedIdentity *PolicyIdentityApplyConfiguration `json:"signedIdentity,omitempty"` -} - -// ImageSigstoreVerificationPolicyApplyConfiguration constructs a declarative configuration of the ImageSigstoreVerificationPolicy type for use with -// apply. -func ImageSigstoreVerificationPolicy() *ImageSigstoreVerificationPolicyApplyConfiguration { - return &ImageSigstoreVerificationPolicyApplyConfiguration{} -} - -// WithRootOfTrust sets the RootOfTrust field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the RootOfTrust field is set to the value of the last call. -func (b *ImageSigstoreVerificationPolicyApplyConfiguration) WithRootOfTrust(value *PolicyRootOfTrustApplyConfiguration) *ImageSigstoreVerificationPolicyApplyConfiguration { - b.RootOfTrust = value - return b -} - -// WithSignedIdentity sets the SignedIdentity field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedIdentity field is set to the value of the last call. -func (b *ImageSigstoreVerificationPolicyApplyConfiguration) WithSignedIdentity(value *PolicyIdentityApplyConfiguration) *ImageSigstoreVerificationPolicyApplyConfiguration { - b.SignedIdentity = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go new file mode 100644 index 0000000000..a560a662a8 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/keepequalactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// KeepEqualActionConfigApplyConfiguration represents a declarative configuration of the KeepEqualActionConfig type for use +// with apply. +// +// KeepEqualActionConfig configures the KeepEqual action. +// Drops targets for which the concatenated source_labels do not match the value of target_label. +// Requires Prometheus >= v2.41.0. +type KeepEqualActionConfigApplyConfiguration struct { + // targetLabel is the label name whose value is compared to the concatenated source_labels; targets that do not match are dropped. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// KeepEqualActionConfigApplyConfiguration constructs a declarative configuration of the KeepEqualActionConfig type for use with +// apply. +func KeepEqualActionConfig() *KeepEqualActionConfigApplyConfiguration { + return &KeepEqualActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *KeepEqualActionConfigApplyConfiguration) WithTargetLabel(value string) *KeepEqualActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go new file mode 100644 index 0000000000..d1710cc9ab --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/label.go @@ -0,0 +1,39 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LabelApplyConfiguration represents a declarative configuration of the Label type for use +// with apply. +// +// Label represents a key/value pair for external labels. +type LabelApplyConfiguration struct { + // key is the name of the label. + // Prometheus supports UTF-8 label names, so any valid UTF-8 string is allowed. + // Must be between 1 and 128 characters in length. + Key *string `json:"key,omitempty"` + // value is the value of the label. + // Must be between 1 and 128 characters in length. + Value *string `json:"value,omitempty"` +} + +// LabelApplyConfiguration constructs a declarative configuration of the Label type for use with +// apply. +func Label() *LabelApplyConfiguration { + return &LabelApplyConfiguration{} +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *LabelApplyConfiguration) WithKey(value string) *LabelApplyConfiguration { + b.Key = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *LabelApplyConfiguration) WithValue(value string) *LabelApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go new file mode 100644 index 0000000000..a16bd78779 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/labelmapactionconfig.go @@ -0,0 +1,30 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LabelMapActionConfigApplyConfiguration represents a declarative configuration of the LabelMapActionConfig type for use +// with apply. +// +// LabelMapActionConfig configures the LabelMap action. +// Regex is matched against all source label names (not just source_labels). Matching label values are copied to new label names given by replacement, with match group references (${1}, ${2}, ...) substituted. +type LabelMapActionConfigApplyConfiguration struct { + // replacement is the template for new label names; match group references (${1}, ${2}, ...) are substituted from the matched label name. + // Required when using the LabelMap action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. + // Must be between 1 and 255 characters in length. Empty string is invalid as it would produce invalid label names. + Replacement *string `json:"replacement,omitempty"` +} + +// LabelMapActionConfigApplyConfiguration constructs a declarative configuration of the LabelMapActionConfig type for use with +// apply. +func LabelMapActionConfig() *LabelMapActionConfigApplyConfiguration { + return &LabelMapActionConfigApplyConfiguration{} +} + +// WithReplacement sets the Replacement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replacement field is set to the value of the last call. +func (b *LabelMapActionConfigApplyConfiguration) WithReplacement(value string) *LabelMapActionConfigApplyConfiguration { + b.Replacement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go new file mode 100644 index 0000000000..17fa48139a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/lowercaseactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// LowercaseActionConfigApplyConfiguration represents a declarative configuration of the LowercaseActionConfig type for use +// with apply. +// +// LowercaseActionConfig configures the Lowercase action. +// Maps the concatenated source_labels to their lower case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type LowercaseActionConfigApplyConfiguration struct { + // targetLabel is the label name where the lower-cased value is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// LowercaseActionConfigApplyConfiguration constructs a declarative configuration of the LowercaseActionConfig type for use with +// apply. +func LowercaseActionConfig() *LowercaseActionConfigApplyConfiguration { + return &LowercaseActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *LowercaseActionConfigApplyConfiguration) WithTargetLabel(value string) *LowercaseActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go new file mode 100644 index 0000000000..f8e1627816 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfig.go @@ -0,0 +1,42 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// MetadataConfigApplyConfiguration represents a declarative configuration of the MetadataConfig type for use +// with apply. +// +// MetadataConfig defines whether and how to send series metadata to remote write storage. +type MetadataConfigApplyConfiguration struct { + // sendPolicy specifies whether to send metadata and how it is configured. + // Default: send metadata using platform-chosen defaults (e.g. send interval 30 seconds). + // Custom: send metadata using the settings in the custom field. + SendPolicy *configv1alpha1.MetadataConfigSendPolicy `json:"sendPolicy,omitempty"` + // custom defines custom metadata send settings. Required when sendPolicy is Custom (must have at least one property), and forbidden when sendPolicy is Default. + Custom *MetadataConfigCustomApplyConfiguration `json:"custom,omitempty"` +} + +// MetadataConfigApplyConfiguration constructs a declarative configuration of the MetadataConfig type for use with +// apply. +func MetadataConfig() *MetadataConfigApplyConfiguration { + return &MetadataConfigApplyConfiguration{} +} + +// WithSendPolicy sets the SendPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SendPolicy field is set to the value of the last call. +func (b *MetadataConfigApplyConfiguration) WithSendPolicy(value configv1alpha1.MetadataConfigSendPolicy) *MetadataConfigApplyConfiguration { + b.SendPolicy = &value + return b +} + +// WithCustom sets the Custom field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Custom field is set to the value of the last call. +func (b *MetadataConfigApplyConfiguration) WithCustom(value *MetadataConfigCustomApplyConfiguration) *MetadataConfigApplyConfiguration { + b.Custom = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go new file mode 100644 index 0000000000..3f5e050697 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metadataconfigcustom.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// MetadataConfigCustomApplyConfiguration represents a declarative configuration of the MetadataConfigCustom type for use +// with apply. +// +// MetadataConfigCustom defines custom settings for sending series metadata when sendPolicy is Custom. +// At least one property must be set when sendPolicy is Custom (e.g. sendIntervalSeconds). +type MetadataConfigCustomApplyConfiguration struct { + // sendIntervalSeconds is the interval in seconds at which metadata is sent. + // When omitted, the platform chooses a reasonable default (e.g. 30 seconds). + // Minimum value is 1 second. Maximum value is 86400 seconds (24 hours). + SendIntervalSeconds *int32 `json:"sendIntervalSeconds,omitempty"` +} + +// MetadataConfigCustomApplyConfiguration constructs a declarative configuration of the MetadataConfigCustom type for use with +// apply. +func MetadataConfigCustom() *MetadataConfigCustomApplyConfiguration { + return &MetadataConfigCustomApplyConfiguration{} +} + +// WithSendIntervalSeconds sets the SendIntervalSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SendIntervalSeconds field is set to the value of the last call. +func (b *MetadataConfigCustomApplyConfiguration) WithSendIntervalSeconds(value int32) *MetadataConfigCustomApplyConfiguration { + b.SendIntervalSeconds = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go index ea4d945563..bc77df9d2f 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/metricsserverconfig.go @@ -58,7 +58,7 @@ type MetricsServerConfigApplyConfiguration struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/monitoringpluginconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/monitoringpluginconfig.go new file mode 100644 index 0000000000..6f10b30e5d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/monitoringpluginconfig.go @@ -0,0 +1,112 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// MonitoringPluginConfigApplyConfiguration represents a declarative configuration of the MonitoringPluginConfig type for use +// with apply. +// +// MonitoringPluginConfig provides configuration options for the monitoring plugin +// that runs as a dynamic plugin of the OpenShift web console. +// The monitoring plugin provides the monitoring UI in the OpenShift web console +// for visualizing metrics, alerts, and dashboards. +// At least one field must be specified; an empty monitoringPluginConfig object is not allowed. +type MonitoringPluginConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the monitoring-plugin container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 10m + // - name: memory + // request: 50Mi + // + // When specified, resources must contain at least 1 entry and must not exceed 5 entries. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines the tolerations required for the monitoring-plugin Pods. + // This field is optional. + // + // When omitted, the monitoring-plugin Pods will not have any tolerations, which + // means they will only be scheduled on nodes with no taints. + // When specified, tolerations must contain at least 1 entry and must not contain more than 10 entries. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how monitoring-plugin Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // When specified, this list must contain at least 1 entry and must not exceed 10 entries. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// MonitoringPluginConfigApplyConfiguration constructs a declarative configuration of the MonitoringPluginConfig type for use with +// apply. +func MonitoringPluginConfig() *MonitoringPluginConfigApplyConfiguration { + return &MonitoringPluginConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *MonitoringPluginConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *MonitoringPluginConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *MonitoringPluginConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *MonitoringPluginConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *MonitoringPluginConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *MonitoringPluginConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *MonitoringPluginConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *MonitoringPluginConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorbuddyinfoconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorbuddyinfoconfig.go new file mode 100644 index 0000000000..ba6cedbf2a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorbuddyinfoconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorBuddyInfoConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorBuddyInfoConfig type for use +// with apply. +// +// NodeExporterCollectorBuddyInfoConfig provides configuration for the buddyinfo collector +// of the node-exporter agent. The buddyinfo collector collects statistics about memory fragmentation +// from the node_buddyinfo_blocks metric using data from /proc/buddyinfo. +// It is disabled by default. +type NodeExporterCollectorBuddyInfoConfigApplyConfiguration struct { + // collectionPolicy declares whether the buddyinfo collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the buddyinfo collector is active and memory fragmentation statistics are collected. + // When set to "DoNotCollect", the buddyinfo collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorBuddyInfoConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorBuddyInfoConfig type for use with +// apply. +func NodeExporterCollectorBuddyInfoConfig() *NodeExporterCollectorBuddyInfoConfigApplyConfiguration { + return &NodeExporterCollectorBuddyInfoConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorBuddyInfoConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorBuddyInfoConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorconfig.go new file mode 100644 index 0000000000..cb1c338042 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorconfig.go @@ -0,0 +1,169 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// NodeExporterCollectorConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorConfig type for use +// with apply. +// +// NodeExporterCollectorConfig defines settings for individual collectors +// of the node-exporter agent. Each collector can be individually set to collect or not collect metrics. +// At least one collector must be specified. +type NodeExporterCollectorConfigApplyConfiguration struct { + // cpuFreq configures the cpufreq collector, which collects CPU frequency statistics. + // cpuFreq is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Consider enabling when you need to observe CPU frequency scaling; expect higher CPU usage on + // many-core nodes when collectionPolicy is Collect. + CpuFreq *NodeExporterCollectorCpufreqConfigApplyConfiguration `json:"cpuFreq,omitempty"` + // tcpStat configures the tcpstat collector, which collects TCP connection statistics. + // tcpStat is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when debugging TCP connection behavior or capacity at the node level. + TcpStat *NodeExporterCollectorTcpStatConfigApplyConfiguration `json:"tcpStat,omitempty"` + // ethtool configures the ethtool collector, which collects ethernet device statistics. + // ethtool is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when you need NIC driver-level ethtool metrics beyond generic netdev counters. + Ethtool *NodeExporterCollectorEthtoolConfigApplyConfiguration `json:"ethtool,omitempty"` + // netDev configures the netdev collector, which collects network device statistics. + // netDev is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled. + // Turn off if you must reduce per-interface metric cardinality on hosts with many virtual interfaces. + NetDev *NodeExporterCollectorNetDevConfigApplyConfiguration `json:"netDev,omitempty"` + // netClass configures the netclass collector, which collects information about network devices. + // netClass is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is enabled with netlink mode active. + // Use statsGatherer when sysfs vs netlink implementation matters or when matching node_exporter tuning. + NetClass *NodeExporterCollectorNetClassConfigApplyConfiguration `json:"netClass,omitempty"` + // buddyInfo configures the buddyinfo collector, which collects statistics about memory + // fragmentation from the node_buddyinfo_blocks metric. This metric collects data from /proc/buddyinfo. + // buddyInfo is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable when investigating kernel memory fragmentation; typically for advanced troubleshooting only. + BuddyInfo *NodeExporterCollectorBuddyInfoConfigApplyConfiguration `json:"buddyInfo,omitempty"` + // mountStats configures the mountstats collector, which collects statistics about NFS volume + // I/O activities. + // mountStats is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector may produce metrics with high cardinality. If you enable this + // collector, closely monitor the prometheus-k8s deployment for excessive memory usage. + // Enable when you care about per-mount NFS client statistics. + MountStats *NodeExporterCollectorMountStatsConfigApplyConfiguration `json:"mountStats,omitempty"` + // ksmd configures the ksmd collector, which collects statistics from the kernel same-page + // merger daemon. + // ksmd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable on nodes where KSM is in use and you want visibility into merging activity. + Ksmd *NodeExporterCollectorKSMDConfigApplyConfiguration `json:"ksmd,omitempty"` + // processes configures the processes collector, which collects statistics from processes and + // threads running in the system. + // processes is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enable for process/thread-level insight; can be expensive on busy nodes. + Processes *NodeExporterCollectorProcessesConfigApplyConfiguration `json:"processes,omitempty"` + // systemd configures the systemd collector, which collects statistics on the systemd daemon + // and its managed services. + // systemd is optional. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is disabled. + // Enabling this collector with a long list of selected units may produce metrics with high + // cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment + // for excessive memory usage. + // Enable when you need metrics for specific units; scope units carefully. + Systemd *NodeExporterCollectorSystemdConfigApplyConfiguration `json:"systemd,omitempty"` +} + +// NodeExporterCollectorConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorConfig type for use with +// apply. +func NodeExporterCollectorConfig() *NodeExporterCollectorConfigApplyConfiguration { + return &NodeExporterCollectorConfigApplyConfiguration{} +} + +// WithCpuFreq sets the CpuFreq field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CpuFreq field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithCpuFreq(value *NodeExporterCollectorCpufreqConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.CpuFreq = value + return b +} + +// WithTcpStat sets the TcpStat field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TcpStat field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithTcpStat(value *NodeExporterCollectorTcpStatConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.TcpStat = value + return b +} + +// WithEthtool sets the Ethtool field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Ethtool field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithEthtool(value *NodeExporterCollectorEthtoolConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Ethtool = value + return b +} + +// WithNetDev sets the NetDev field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetDev field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithNetDev(value *NodeExporterCollectorNetDevConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.NetDev = value + return b +} + +// WithNetClass sets the NetClass field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetClass field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithNetClass(value *NodeExporterCollectorNetClassConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.NetClass = value + return b +} + +// WithBuddyInfo sets the BuddyInfo field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BuddyInfo field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithBuddyInfo(value *NodeExporterCollectorBuddyInfoConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.BuddyInfo = value + return b +} + +// WithMountStats sets the MountStats field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MountStats field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithMountStats(value *NodeExporterCollectorMountStatsConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.MountStats = value + return b +} + +// WithKsmd sets the Ksmd field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Ksmd field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithKsmd(value *NodeExporterCollectorKSMDConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Ksmd = value + return b +} + +// WithProcesses sets the Processes field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Processes field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithProcesses(value *NodeExporterCollectorProcessesConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Processes = value + return b +} + +// WithSystemd sets the Systemd field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Systemd field is set to the value of the last call. +func (b *NodeExporterCollectorConfigApplyConfiguration) WithSystemd(value *NodeExporterCollectorSystemdConfigApplyConfiguration) *NodeExporterCollectorConfigApplyConfiguration { + b.Systemd = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorcpufreqconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorcpufreqconfig.go new file mode 100644 index 0000000000..65fe3f11fe --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorcpufreqconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorCpufreqConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorCpufreqConfig type for use +// with apply. +// +// NodeExporterCollectorCpufreqConfig provides configuration for the cpufreq collector +// of the node-exporter agent. The cpufreq collector collects CPU frequency statistics. +// It is disabled by default. +type NodeExporterCollectorCpufreqConfigApplyConfiguration struct { + // collectionPolicy declares whether the cpufreq collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the cpufreq collector is active and CPU frequency statistics are collected. + // When set to "DoNotCollect", the cpufreq collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorCpufreqConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorCpufreqConfig type for use with +// apply. +func NodeExporterCollectorCpufreqConfig() *NodeExporterCollectorCpufreqConfigApplyConfiguration { + return &NodeExporterCollectorCpufreqConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorCpufreqConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorCpufreqConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorethtoolconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorethtoolconfig.go new file mode 100644 index 0000000000..396477c1f0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorethtoolconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorEthtoolConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorEthtoolConfig type for use +// with apply. +// +// NodeExporterCollectorEthtoolConfig provides configuration for the ethtool collector +// of the node-exporter agent. The ethtool collector collects ethernet device statistics. +// It is disabled by default. +type NodeExporterCollectorEthtoolConfigApplyConfiguration struct { + // collectionPolicy declares whether the ethtool collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ethtool collector is active and ethernet device statistics are collected. + // When set to "DoNotCollect", the ethtool collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorEthtoolConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorEthtoolConfig type for use with +// apply. +func NodeExporterCollectorEthtoolConfig() *NodeExporterCollectorEthtoolConfigApplyConfiguration { + return &NodeExporterCollectorEthtoolConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorEthtoolConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorEthtoolConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorksmdconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorksmdconfig.go new file mode 100644 index 0000000000..fc0ac015a1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorksmdconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorKSMDConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorKSMDConfig type for use +// with apply. +// +// NodeExporterCollectorKSMDConfig provides configuration for the ksmd collector +// of the node-exporter agent. The ksmd collector collects statistics from the kernel +// same-page merger daemon. +// It is disabled by default. +type NodeExporterCollectorKSMDConfigApplyConfiguration struct { + // collectionPolicy declares whether the ksmd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the ksmd collector is active and kernel same-page merger statistics are collected. + // When set to "DoNotCollect", the ksmd collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorKSMDConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorKSMDConfig type for use with +// apply. +func NodeExporterCollectorKSMDConfig() *NodeExporterCollectorKSMDConfigApplyConfiguration { + return &NodeExporterCollectorKSMDConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorKSMDConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorKSMDConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectormountstatsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectormountstatsconfig.go new file mode 100644 index 0000000000..306bb851aa --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectormountstatsconfig.go @@ -0,0 +1,38 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorMountStatsConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorMountStatsConfig type for use +// with apply. +// +// NodeExporterCollectorMountStatsConfig provides configuration for the mountstats collector +// of the node-exporter agent. The mountstats collector collects statistics about NFS volume I/O activities. +// It is disabled by default. +// Enabling this collector may produce metrics with high cardinality. If you enable this +// collector, closely monitor the prometheus-k8s deployment for excessive memory usage. +type NodeExporterCollectorMountStatsConfigApplyConfiguration struct { + // collectionPolicy declares whether the mountstats collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the mountstats collector is active and NFS volume I/O statistics are collected. + // When set to "DoNotCollect", the mountstats collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorMountStatsConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorMountStatsConfig type for use with +// apply. +func NodeExporterCollectorMountStatsConfig() *NodeExporterCollectorMountStatsConfigApplyConfiguration { + return &NodeExporterCollectorMountStatsConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorMountStatsConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorMountStatsConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclasscollectconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclasscollectconfig.go new file mode 100644 index 0000000000..321c7c6679 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclasscollectconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorNetClassCollectConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorNetClassCollectConfig type for use +// with apply. +// +// NodeExporterCollectorNetClassCollectConfig holds configuration options for the netclass collector +// when it is actively collecting metrics. At least one field must be specified. +type NodeExporterCollectorNetClassCollectConfigApplyConfiguration struct { + // statsGatherer selects which implementation the netclass collector uses to gather statistics (sysfs or netlink). + // statsGatherer is optional. + // Valid values are "Sysfs" and "Netlink". + // When set to "Netlink", the netlink implementation is used; when set to "Sysfs", the sysfs implementation is used. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is Netlink. + StatsGatherer *configv1alpha1.NodeExporterNetclassStatsGatherer `json:"statsGatherer,omitempty"` +} + +// NodeExporterCollectorNetClassCollectConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorNetClassCollectConfig type for use with +// apply. +func NodeExporterCollectorNetClassCollectConfig() *NodeExporterCollectorNetClassCollectConfigApplyConfiguration { + return &NodeExporterCollectorNetClassCollectConfigApplyConfiguration{} +} + +// WithStatsGatherer sets the StatsGatherer field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the StatsGatherer field is set to the value of the last call. +func (b *NodeExporterCollectorNetClassCollectConfigApplyConfiguration) WithStatsGatherer(value configv1alpha1.NodeExporterNetclassStatsGatherer) *NodeExporterCollectorNetClassCollectConfigApplyConfiguration { + b.StatsGatherer = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclassconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclassconfig.go new file mode 100644 index 0000000000..2fe2a6a5ba --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetclassconfig.go @@ -0,0 +1,53 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorNetClassConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorNetClassConfig type for use +// with apply. +// +// NodeExporterCollectorNetClassConfig provides configuration for the netclass collector +// of the node-exporter agent. The netclass collector collects information about network devices +// such as network speed, MTU, and carrier status. +// It is enabled by default. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +type NodeExporterCollectorNetClassConfigApplyConfiguration struct { + // collectionPolicy declares whether the netclass collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netclass collector is active and network class information is collected. + // When set to "DoNotCollect", the netclass collector is inactive and the corresponding metrics become unavailable. + // When set to "DoNotCollect", the collect field must not be set. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the netclass collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + Collect *NodeExporterCollectorNetClassCollectConfigApplyConfiguration `json:"collect,omitempty"` +} + +// NodeExporterCollectorNetClassConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorNetClassConfig type for use with +// apply. +func NodeExporterCollectorNetClassConfig() *NodeExporterCollectorNetClassConfigApplyConfiguration { + return &NodeExporterCollectorNetClassConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorNetClassConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorNetClassConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} + +// WithCollect sets the Collect field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Collect field is set to the value of the last call. +func (b *NodeExporterCollectorNetClassConfigApplyConfiguration) WithCollect(value *NodeExporterCollectorNetClassCollectConfigApplyConfiguration) *NodeExporterCollectorNetClassConfigApplyConfiguration { + b.Collect = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetdevconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetdevconfig.go new file mode 100644 index 0000000000..b5bbe4c86e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectornetdevconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorNetDevConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorNetDevConfig type for use +// with apply. +// +// NodeExporterCollectorNetDevConfig provides configuration for the netdev collector +// of the node-exporter agent. The netdev collector collects network device statistics +// such as bytes, packets, errors, and drops per device. +// It is enabled by default. +type NodeExporterCollectorNetDevConfigApplyConfiguration struct { + // collectionPolicy declares whether the netdev collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the netdev collector is active and network device statistics are collected. + // When set to "DoNotCollect", the netdev collector is inactive and the corresponding metrics become unavailable. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorNetDevConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorNetDevConfig type for use with +// apply. +func NodeExporterCollectorNetDevConfig() *NodeExporterCollectorNetDevConfigApplyConfiguration { + return &NodeExporterCollectorNetDevConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorNetDevConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorNetDevConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorprocessesconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorprocessesconfig.go new file mode 100644 index 0000000000..71cf2fb59c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorprocessesconfig.go @@ -0,0 +1,37 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorProcessesConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorProcessesConfig type for use +// with apply. +// +// NodeExporterCollectorProcessesConfig provides configuration for the processes collector +// of the node-exporter agent. The processes collector collects statistics from processes and threads +// running in the system. +// It is disabled by default. +type NodeExporterCollectorProcessesConfigApplyConfiguration struct { + // collectionPolicy declares whether the processes collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the processes collector is active and process/thread statistics are collected. + // When set to "DoNotCollect", the processes collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorProcessesConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorProcessesConfig type for use with +// apply. +func NodeExporterCollectorProcessesConfig() *NodeExporterCollectorProcessesConfigApplyConfiguration { + return &NodeExporterCollectorProcessesConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorProcessesConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorProcessesConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdcollectconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdcollectconfig.go new file mode 100644 index 0000000000..647f7efc0a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdcollectconfig.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorSystemdCollectConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorSystemdCollectConfig type for use +// with apply. +// +// NodeExporterCollectorSystemdCollectConfig holds configuration options for the systemd collector +// when it is actively collecting metrics. At least one field must be specified. +type NodeExporterCollectorSystemdCollectConfigApplyConfiguration struct { + // units is a list of regular expression patterns that match systemd units to be included + // by the systemd collector. + // units is optional. + // By default, the list is empty, so the collector exposes no metrics for systemd units. + // Each entry is a regular expression pattern and must be at least 1 character and at most 1024 characters. + // Maximum length for this list is 50. + // Minimum length for this list is 1. + // Entries in this list must be unique. + Units []configv1alpha1.NodeExporterSystemdUnit `json:"units,omitempty"` +} + +// NodeExporterCollectorSystemdCollectConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorSystemdCollectConfig type for use with +// apply. +func NodeExporterCollectorSystemdCollectConfig() *NodeExporterCollectorSystemdCollectConfigApplyConfiguration { + return &NodeExporterCollectorSystemdCollectConfigApplyConfiguration{} +} + +// WithUnits adds the given value to the Units field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Units field. +func (b *NodeExporterCollectorSystemdCollectConfigApplyConfiguration) WithUnits(values ...configv1alpha1.NodeExporterSystemdUnit) *NodeExporterCollectorSystemdCollectConfigApplyConfiguration { + for i := range values { + b.Units = append(b.Units, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdconfig.go new file mode 100644 index 0000000000..a1422798de --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectorsystemdconfig.go @@ -0,0 +1,55 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorSystemdConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorSystemdConfig type for use +// with apply. +// +// NodeExporterCollectorSystemdConfig provides configuration for the systemd collector +// of the node-exporter agent. The systemd collector collects statistics on the systemd daemon +// and its managed services. +// It is disabled by default. +// Enabling this collector with a long list of selected units may produce metrics with high +// cardinality. If you enable this collector, closely monitor the prometheus-k8s deployment +// for excessive memory usage. +// When collectionPolicy is DoNotCollect, the collect field must not be set. +type NodeExporterCollectorSystemdConfigApplyConfiguration struct { + // collectionPolicy declares whether the systemd collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the systemd collector is active and systemd unit statistics are collected. + // When set to "DoNotCollect", the systemd collector is inactive and the collect field must not be set. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` + // collect contains configuration options that apply only when the systemd collector is actively collecting metrics + // (i.e. when collectionPolicy is Collect). + // collect is optional and may be omitted even when collectionPolicy is Collect. + // collect may only be set when collectionPolicy is Collect. + // When set, at least one field must be specified within collect. + Collect *NodeExporterCollectorSystemdCollectConfigApplyConfiguration `json:"collect,omitempty"` +} + +// NodeExporterCollectorSystemdConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorSystemdConfig type for use with +// apply. +func NodeExporterCollectorSystemdConfig() *NodeExporterCollectorSystemdConfigApplyConfiguration { + return &NodeExporterCollectorSystemdConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorSystemdConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorSystemdConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} + +// WithCollect sets the Collect field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Collect field is set to the value of the last call. +func (b *NodeExporterCollectorSystemdConfigApplyConfiguration) WithCollect(value *NodeExporterCollectorSystemdCollectConfigApplyConfiguration) *NodeExporterCollectorSystemdConfigApplyConfiguration { + b.Collect = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectortcpstatconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectortcpstatconfig.go new file mode 100644 index 0000000000..20f77e8808 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexportercollectortcpstatconfig.go @@ -0,0 +1,36 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// NodeExporterCollectorTcpStatConfigApplyConfiguration represents a declarative configuration of the NodeExporterCollectorTcpStatConfig type for use +// with apply. +// +// NodeExporterCollectorTcpStatConfig provides configuration for the tcpstat collector +// of the node-exporter agent. The tcpstat collector collects TCP connection statistics. +// It is disabled by default. +type NodeExporterCollectorTcpStatConfigApplyConfiguration struct { + // collectionPolicy declares whether the tcpstat collector collects metrics. + // This field is required. + // Valid values are "Collect" and "DoNotCollect". + // When set to "Collect", the tcpstat collector is active and TCP connection statistics are collected. + // When set to "DoNotCollect", the tcpstat collector is inactive. + CollectionPolicy *configv1alpha1.NodeExporterCollectorCollectionPolicy `json:"collectionPolicy,omitempty"` +} + +// NodeExporterCollectorTcpStatConfigApplyConfiguration constructs a declarative configuration of the NodeExporterCollectorTcpStatConfig type for use with +// apply. +func NodeExporterCollectorTcpStatConfig() *NodeExporterCollectorTcpStatConfigApplyConfiguration { + return &NodeExporterCollectorTcpStatConfigApplyConfiguration{} +} + +// WithCollectionPolicy sets the CollectionPolicy field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionPolicy field is set to the value of the last call. +func (b *NodeExporterCollectorTcpStatConfigApplyConfiguration) WithCollectionPolicy(value configv1alpha1.NodeExporterCollectorCollectionPolicy) *NodeExporterCollectorTcpStatConfigApplyConfiguration { + b.CollectionPolicy = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexporterconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexporterconfig.go new file mode 100644 index 0000000000..8c6a288f50 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/nodeexporterconfig.go @@ -0,0 +1,158 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// NodeExporterConfigApplyConfiguration represents a declarative configuration of the NodeExporterConfig type for use +// with apply. +// +// NodeExporterConfig provides configuration options for the node-exporter agent +// that runs as a DaemonSet in the `openshift-monitoring` namespace. The node-exporter agent collects +// hardware and OS-level metrics from every node in the cluster, including CPU, memory, disk, and +// network statistics. +// At least one field must be specified. +type NodeExporterConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the node-exporter container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 8m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // --- + // maxItems is set to 5 to stay within the Kubernetes CRD CEL validation cost budget. + // See the MaxItems comment near the ContainerResource type definition for details. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default is to tolerate all taints (operator: Exists without any key), + // which is typical for DaemonSets that must run on every node. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // collectors configures which node-exporter metric collectors are enabled. + // collectors is optional. + // Each collector can be individually enabled or disabled. Some collectors may have + // additional configuration options. + // + // When omitted, this means no opinion and the platform is left to choose a reasonable + // default, which is subject to change over time. + Collectors *NodeExporterCollectorConfigApplyConfiguration `json:"collectors,omitempty"` + // maxProcs sets the target number of CPUs on which the node-exporter process will run. + // maxProcs is optional. + // Use this setting to override the default value, which is set either to 4 or to the number + // of CPUs on the host, whichever is smaller. + // The default value is computed at runtime and set via the GOMAXPROCS environment variable before + // node-exporter is launched. + // If a kernel deadlock occurs or if performance degrades when reading from sysfs concurrently, + // you can change this value to 1, which limits node-exporter to running on one CPU. + // For nodes with a high CPU count, setting the limit to a low number saves resources by preventing + // Go routines from being scheduled to run on all CPUs. However, I/O performance degrades if the + // maxProcs value is set too low and there are many metrics to collect. + // The minimum value is 1 and the maximum value is 1024. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, + // which is subject to change over time. The current default is min(4, number of host CPUs). + MaxProcs *int32 `json:"maxProcs,omitempty"` + // ignoredNetworkDevices is a list of regular expression patterns that match network devices + // to be excluded from the relevant collector configuration such as netdev, netclass, and ethtool. + // ignoredNetworkDevices is optional. + // + // When omitted, the Cluster Monitoring Operator uses a predefined list of devices to be excluded + // to minimize the impact on memory usage. + // When set as an empty list, no devices are excluded. + // If you modify this setting, monitor the prometheus-k8s deployment closely for excessive memory usage. + // Maximum length for this list is 50. + // Each entry must be at least 1 character and at most 1024 characters long. + IgnoredNetworkDevices *[]configv1alpha1.NodeExporterIgnoredNetworkDevice `json:"ignoredNetworkDevices,omitempty"` +} + +// NodeExporterConfigApplyConfiguration constructs a declarative configuration of the NodeExporterConfig type for use with +// apply. +func NodeExporterConfig() *NodeExporterConfigApplyConfiguration { + return &NodeExporterConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *NodeExporterConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *NodeExporterConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *NodeExporterConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *NodeExporterConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *NodeExporterConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *NodeExporterConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithCollectors sets the Collectors field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Collectors field is set to the value of the last call. +func (b *NodeExporterConfigApplyConfiguration) WithCollectors(value *NodeExporterCollectorConfigApplyConfiguration) *NodeExporterConfigApplyConfiguration { + b.Collectors = value + return b +} + +// WithMaxProcs sets the MaxProcs field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxProcs field is set to the value of the last call. +func (b *NodeExporterConfigApplyConfiguration) WithMaxProcs(value int32) *NodeExporterConfigApplyConfiguration { + b.MaxProcs = &value + return b +} + +// WithIgnoredNetworkDevices sets the IgnoredNetworkDevices field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the IgnoredNetworkDevices field is set to the value of the last call. +func (b *NodeExporterConfigApplyConfiguration) WithIgnoredNetworkDevices(value []configv1alpha1.NodeExporterIgnoredNetworkDevice) *NodeExporterConfigApplyConfiguration { + b.IgnoredNetworkDevices = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go new file mode 100644 index 0000000000..d58cc3e513 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2.go @@ -0,0 +1,82 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// OAuth2ApplyConfiguration represents a declarative configuration of the OAuth2 type for use +// with apply. +// +// OAuth2 defines OAuth2 authentication settings for the remote write endpoint. +type OAuth2ApplyConfiguration struct { + // clientId defines the secret reference containing the OAuth2 client ID. + // The secret must exist in the openshift-monitoring namespace. + ClientID *SecretKeySelectorApplyConfiguration `json:"clientId,omitempty"` + // clientSecret defines the secret reference containing the OAuth2 client secret. + // The secret must exist in the openshift-monitoring namespace. + ClientSecret *SecretKeySelectorApplyConfiguration `json:"clientSecret,omitempty"` + // tokenUrl is the URL to fetch the token from. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + TokenURL *string `json:"tokenUrl,omitempty"` + // scopes is a list of OAuth2 scopes to request. + // When omitted, no scopes are requested. + // Maximum of 20 scopes can be specified. + // Each scope must be between 1 and 256 characters. + Scopes []string `json:"scopes,omitempty"` + // endpointParams defines additional parameters to append to the token URL. + // When omitted, no additional parameters are sent. + // Maximum of 20 parameters can be specified. Entries must have unique names (name is the list key). + EndpointParams []OAuth2EndpointParamApplyConfiguration `json:"endpointParams,omitempty"` +} + +// OAuth2ApplyConfiguration constructs a declarative configuration of the OAuth2 type for use with +// apply. +func OAuth2() *OAuth2ApplyConfiguration { + return &OAuth2ApplyConfiguration{} +} + +// WithClientID sets the ClientID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientID field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithClientID(value *SecretKeySelectorApplyConfiguration) *OAuth2ApplyConfiguration { + b.ClientID = value + return b +} + +// WithClientSecret sets the ClientSecret field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ClientSecret field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithClientSecret(value *SecretKeySelectorApplyConfiguration) *OAuth2ApplyConfiguration { + b.ClientSecret = value + return b +} + +// WithTokenURL sets the TokenURL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TokenURL field is set to the value of the last call. +func (b *OAuth2ApplyConfiguration) WithTokenURL(value string) *OAuth2ApplyConfiguration { + b.TokenURL = &value + return b +} + +// WithScopes adds the given value to the Scopes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Scopes field. +func (b *OAuth2ApplyConfiguration) WithScopes(values ...string) *OAuth2ApplyConfiguration { + for i := range values { + b.Scopes = append(b.Scopes, values[i]) + } + return b +} + +// WithEndpointParams adds the given value to the EndpointParams field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the EndpointParams field. +func (b *OAuth2ApplyConfiguration) WithEndpointParams(values ...*OAuth2EndpointParamApplyConfiguration) *OAuth2ApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithEndpointParams") + } + b.EndpointParams = append(b.EndpointParams, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go new file mode 100644 index 0000000000..8372d30f8c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/oauth2endpointparam.go @@ -0,0 +1,39 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// OAuth2EndpointParamApplyConfiguration represents a declarative configuration of the OAuth2EndpointParam type for use +// with apply. +// +// OAuth2EndpointParam defines a name/value parameter for the OAuth2 token URL. +type OAuth2EndpointParamApplyConfiguration struct { + // name is the parameter name. Must be between 1 and 256 characters. + Name *string `json:"name,omitempty"` + // value is the optional parameter value. When omitted, the query parameter is applied as ?name (no value). + // When set (including to the empty string), it is applied as ?name=value. Empty string may be used when the + // external system expects a parameter with an empty value (e.g. ?parameter=""). + // Must be between 0 and 2048 characters when present (aligned with common URL length recommendations). + Value *string `json:"value,omitempty"` +} + +// OAuth2EndpointParamApplyConfiguration constructs a declarative configuration of the OAuth2EndpointParam type for use with +// apply. +func OAuth2EndpointParam() *OAuth2EndpointParamApplyConfiguration { + return &OAuth2EndpointParamApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *OAuth2EndpointParamApplyConfiguration) WithName(value string) *OAuth2EndpointParamApplyConfiguration { + b.Name = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *OAuth2EndpointParamApplyConfiguration) WithValue(value string) *OAuth2EndpointParamApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go new file mode 100644 index 0000000000..daef85c244 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/openshiftstatemetricsconfig.go @@ -0,0 +1,117 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// OpenShiftStateMetricsConfigApplyConfiguration represents a declarative configuration of the OpenShiftStateMetricsConfig type for use +// with apply. +// +// OpenShiftStateMetricsConfig provides configuration options for the openshift-state-metrics agent +// that runs in the `openshift-monitoring` namespace. The openshift-state-metrics agent generates +// metrics about the state of OpenShift-specific Kubernetes objects, such as routes, builds, and deployments. +type OpenShiftStateMetricsConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the openshift-state-metrics container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 32Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how openshift-state-metrics Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// OpenShiftStateMetricsConfigApplyConfiguration constructs a declarative configuration of the OpenShiftStateMetricsConfig type for use with +// apply. +func OpenShiftStateMetricsConfig() *OpenShiftStateMetricsConfigApplyConfiguration { + return &OpenShiftStateMetricsConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *OpenShiftStateMetricsConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *OpenShiftStateMetricsConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *OpenShiftStateMetricsConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go deleted file mode 100644 index c9c93a2806..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/pkicertificatesubject.go +++ /dev/null @@ -1,39 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PKICertificateSubjectApplyConfiguration represents a declarative configuration of the PKICertificateSubject type for use -// with apply. -// -// PKICertificateSubject defines the requirements imposed on the subject to which the certificate was issued. -type PKICertificateSubjectApplyConfiguration struct { - // email specifies the expected email address imposed on the subject to which the certificate was issued, and must match the email address listed in the Subject Alternative Name (SAN) field of the certificate. - // The email should be a valid email address and at most 320 characters in length. - Email *string `json:"email,omitempty"` - // hostname specifies the expected hostname imposed on the subject to which the certificate was issued, and it must match the hostname listed in the Subject Alternative Name (SAN) DNS field of the certificate. - // The hostname should be a valid dns 1123 subdomain name, optionally prefixed by '*.', and at most 253 characters in length. - // It should consist only of lowercase alphanumeric characters, hyphens, periods and the optional preceding asterisk. - Hostname *string `json:"hostname,omitempty"` -} - -// PKICertificateSubjectApplyConfiguration constructs a declarative configuration of the PKICertificateSubject type for use with -// apply. -func PKICertificateSubject() *PKICertificateSubjectApplyConfiguration { - return &PKICertificateSubjectApplyConfiguration{} -} - -// WithEmail sets the Email field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Email field is set to the value of the last call. -func (b *PKICertificateSubjectApplyConfiguration) WithEmail(value string) *PKICertificateSubjectApplyConfiguration { - b.Email = &value - return b -} - -// WithHostname sets the Hostname field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Hostname field is set to the value of the last call. -func (b *PKICertificateSubjectApplyConfiguration) WithHostname(value string) *PKICertificateSubjectApplyConfiguration { - b.Hostname = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go deleted file mode 100644 index 5c7bd5ed9e..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyfulciosubject.go +++ /dev/null @@ -1,38 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -// PolicyFulcioSubjectApplyConfiguration represents a declarative configuration of the PolicyFulcioSubject type for use -// with apply. -// -// PolicyFulcioSubject defines the OIDC issuer and the email of the Fulcio authentication configuration. -type PolicyFulcioSubjectApplyConfiguration struct { - // oidcIssuer contains the expected OIDC issuer. It will be verified that the Fulcio-issued certificate contains a (Fulcio-defined) certificate extension pointing at this OIDC issuer URL. When Fulcio issues certificates, it includes a value based on an URL inside the client-provided ID token. - // Example: "https://expected.OIDC.issuer/" - OIDCIssuer *string `json:"oidcIssuer,omitempty"` - // signedEmail holds the email address the the Fulcio certificate is issued for. - // Example: "expected-signing-user@example.com" - SignedEmail *string `json:"signedEmail,omitempty"` -} - -// PolicyFulcioSubjectApplyConfiguration constructs a declarative configuration of the PolicyFulcioSubject type for use with -// apply. -func PolicyFulcioSubject() *PolicyFulcioSubjectApplyConfiguration { - return &PolicyFulcioSubjectApplyConfiguration{} -} - -// WithOIDCIssuer sets the OIDCIssuer field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the OIDCIssuer field is set to the value of the last call. -func (b *PolicyFulcioSubjectApplyConfiguration) WithOIDCIssuer(value string) *PolicyFulcioSubjectApplyConfiguration { - b.OIDCIssuer = &value - return b -} - -// WithSignedEmail sets the SignedEmail field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedEmail field is set to the value of the last call. -func (b *PolicyFulcioSubjectApplyConfiguration) WithSignedEmail(value string) *PolicyFulcioSubjectApplyConfiguration { - b.SignedEmail = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go deleted file mode 100644 index 822e756774..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyidentity.go +++ /dev/null @@ -1,57 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyIdentityApplyConfiguration represents a declarative configuration of the PolicyIdentity type for use -// with apply. -// -// PolicyIdentity defines image identity the signature claims about the image. When omitted, the default matchPolicy is "MatchRepoDigestOrExact". -type PolicyIdentityApplyConfiguration struct { - // matchPolicy sets the type of matching to be used. - // Valid values are "MatchRepoDigestOrExact", "MatchRepository", "ExactRepository", "RemapIdentity". When omitted, the default value is "MatchRepoDigestOrExact". - // If set matchPolicy to ExactRepository, then the exactRepository must be specified. - // If set matchPolicy to RemapIdentity, then the remapIdentity must be specified. - // "MatchRepoDigestOrExact" means that the identity in the signature must be in the same repository as the image identity if the image identity is referenced by a digest. Otherwise, the identity in the signature must be the same as the image identity. - // "MatchRepository" means that the identity in the signature must be in the same repository as the image identity. - // "ExactRepository" means that the identity in the signature must be in the same repository as a specific identity specified by "repository". - // "RemapIdentity" means that the signature must be in the same as the remapped image identity. Remapped image identity is obtained by replacing the "prefix" with the specified “signedPrefix” if the the image identity matches the specified remapPrefix. - MatchPolicy *configv1alpha1.IdentityMatchPolicy `json:"matchPolicy,omitempty"` - // exactRepository is required if matchPolicy is set to "ExactRepository". - PolicyMatchExactRepository *PolicyMatchExactRepositoryApplyConfiguration `json:"exactRepository,omitempty"` - // remapIdentity is required if matchPolicy is set to "RemapIdentity". - PolicyMatchRemapIdentity *PolicyMatchRemapIdentityApplyConfiguration `json:"remapIdentity,omitempty"` -} - -// PolicyIdentityApplyConfiguration constructs a declarative configuration of the PolicyIdentity type for use with -// apply. -func PolicyIdentity() *PolicyIdentityApplyConfiguration { - return &PolicyIdentityApplyConfiguration{} -} - -// WithMatchPolicy sets the MatchPolicy field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the MatchPolicy field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithMatchPolicy(value configv1alpha1.IdentityMatchPolicy) *PolicyIdentityApplyConfiguration { - b.MatchPolicy = &value - return b -} - -// WithPolicyMatchExactRepository sets the PolicyMatchExactRepository field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyMatchExactRepository field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchExactRepository(value *PolicyMatchExactRepositoryApplyConfiguration) *PolicyIdentityApplyConfiguration { - b.PolicyMatchExactRepository = value - return b -} - -// WithPolicyMatchRemapIdentity sets the PolicyMatchRemapIdentity field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyMatchRemapIdentity field is set to the value of the last call. -func (b *PolicyIdentityApplyConfiguration) WithPolicyMatchRemapIdentity(value *PolicyMatchRemapIdentityApplyConfiguration) *PolicyIdentityApplyConfiguration { - b.PolicyMatchRemapIdentity = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go deleted file mode 100644 index 6420b8ed9e..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchexactrepository.go +++ /dev/null @@ -1,29 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyMatchExactRepositoryApplyConfiguration represents a declarative configuration of the PolicyMatchExactRepository type for use -// with apply. -type PolicyMatchExactRepositoryApplyConfiguration struct { - // repository is the reference of the image identity to be matched. - // The value should be a repository name (by omitting the tag or digest) in a registry implementing the "Docker Registry HTTP API V2". For example, docker.io/library/busybox - Repository *configv1alpha1.IdentityRepositoryPrefix `json:"repository,omitempty"` -} - -// PolicyMatchExactRepositoryApplyConfiguration constructs a declarative configuration of the PolicyMatchExactRepository type for use with -// apply. -func PolicyMatchExactRepository() *PolicyMatchExactRepositoryApplyConfiguration { - return &PolicyMatchExactRepositoryApplyConfiguration{} -} - -// WithRepository sets the Repository field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Repository field is set to the value of the last call. -func (b *PolicyMatchExactRepositoryApplyConfiguration) WithRepository(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchExactRepositoryApplyConfiguration { - b.Repository = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go deleted file mode 100644 index 0b1a5098fa..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policymatchremapidentity.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyMatchRemapIdentityApplyConfiguration represents a declarative configuration of the PolicyMatchRemapIdentity type for use -// with apply. -type PolicyMatchRemapIdentityApplyConfiguration struct { - // prefix is the prefix of the image identity to be matched. - // If the image identity matches the specified prefix, that prefix is replaced by the specified “signedPrefix” (otherwise it is used as unchanged and no remapping takes place). - // This useful when verifying signatures for a mirror of some other repository namespace that preserves the vendor’s repository structure. - // The prefix and signedPrefix values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - Prefix *configv1alpha1.IdentityRepositoryPrefix `json:"prefix,omitempty"` - // signedPrefix is the prefix of the image identity to be matched in the signature. The format is the same as "prefix". The values can be either host[:port] values (matching exactly the same host[:port], string), repository namespaces, - // or repositories (i.e. they must not contain tags/digests), and match as prefixes of the fully expanded form. - // For example, docker.io/library/busybox (not busybox) to specify that single repository, or docker.io/library (not an empty string) to specify the parent namespace of docker.io/library/busybox. - SignedPrefix *configv1alpha1.IdentityRepositoryPrefix `json:"signedPrefix,omitempty"` -} - -// PolicyMatchRemapIdentityApplyConfiguration constructs a declarative configuration of the PolicyMatchRemapIdentity type for use with -// apply. -func PolicyMatchRemapIdentity() *PolicyMatchRemapIdentityApplyConfiguration { - return &PolicyMatchRemapIdentityApplyConfiguration{} -} - -// WithPrefix sets the Prefix field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the Prefix field is set to the value of the last call. -func (b *PolicyMatchRemapIdentityApplyConfiguration) WithPrefix(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { - b.Prefix = &value - return b -} - -// WithSignedPrefix sets the SignedPrefix field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the SignedPrefix field is set to the value of the last call. -func (b *PolicyMatchRemapIdentityApplyConfiguration) WithSignedPrefix(value configv1alpha1.IdentityRepositoryPrefix) *PolicyMatchRemapIdentityApplyConfiguration { - b.SignedPrefix = &value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go deleted file mode 100644 index b7a1877fc4..0000000000 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/policyrootoftrust.go +++ /dev/null @@ -1,65 +0,0 @@ -// Code generated by applyconfiguration-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" -) - -// PolicyRootOfTrustApplyConfiguration represents a declarative configuration of the PolicyRootOfTrust type for use -// with apply. -// -// PolicyRootOfTrust defines the root of trust based on the selected policyType. -type PolicyRootOfTrustApplyConfiguration struct { - // policyType serves as the union's discriminator. Users are required to assign a value to this field, choosing one of the policy types that define the root of trust. - // "PublicKey" indicates that the policy relies on a sigstore publicKey and may optionally use a Rekor verification. - // "FulcioCAWithRekor" indicates that the policy is based on the Fulcio certification and incorporates a Rekor verification. - // "PKI" indicates that the policy is based on the certificates from Bring Your Own Public Key Infrastructure (BYOPKI). This value is enabled by turning on the SigstoreImageVerificationPKI feature gate. - PolicyType *configv1alpha1.PolicyType `json:"policyType,omitempty"` - // publicKey defines the root of trust based on a sigstore public key. - PublicKey *ImagePolicyPublicKeyRootOfTrustApplyConfiguration `json:"publicKey,omitempty"` - // fulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. - // For more information about Fulcio and Rekor, please refer to the document at: - // https://github.com/sigstore/fulcio and https://github.com/sigstore/rekor - FulcioCAWithRekor *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration `json:"fulcioCAWithRekor,omitempty"` - // pki defines the root of trust based on Bring Your Own Public Key Infrastructure (BYOPKI) Root CA(s) and corresponding intermediate certificates. - PKI *ImagePolicyPKIRootOfTrustApplyConfiguration `json:"pki,omitempty"` -} - -// PolicyRootOfTrustApplyConfiguration constructs a declarative configuration of the PolicyRootOfTrust type for use with -// apply. -func PolicyRootOfTrust() *PolicyRootOfTrustApplyConfiguration { - return &PolicyRootOfTrustApplyConfiguration{} -} - -// WithPolicyType sets the PolicyType field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PolicyType field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPolicyType(value configv1alpha1.PolicyType) *PolicyRootOfTrustApplyConfiguration { - b.PolicyType = &value - return b -} - -// WithPublicKey sets the PublicKey field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PublicKey field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPublicKey(value *ImagePolicyPublicKeyRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.PublicKey = value - return b -} - -// WithFulcioCAWithRekor sets the FulcioCAWithRekor field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the FulcioCAWithRekor field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithFulcioCAWithRekor(value *ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.FulcioCAWithRekor = value - return b -} - -// WithPKI sets the PKI field in the declarative configuration to the given value -// and returns the receiver, so that objects can be built by chaining "With" function invocations. -// If called multiple times, the PKI field is set to the value of the last call. -func (b *PolicyRootOfTrustApplyConfiguration) WithPKI(value *ImagePolicyPKIRootOfTrustApplyConfiguration) *PolicyRootOfTrustApplyConfiguration { - b.PKI = value - return b -} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go new file mode 100644 index 0000000000..31d3b9f58e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusconfig.go @@ -0,0 +1,282 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// PrometheusConfigApplyConfiguration represents a declarative configuration of the PrometheusConfig type for use +// with apply. +// +// PrometheusConfig provides configuration options for the Prometheus instance. +// Use this configuration to control +// Prometheus deployment, pod scheduling, resource allocation, retention policies, and external integrations. +type PrometheusConfigApplyConfiguration struct { + // additionalAlertmanagerConfigs configures additional Alertmanager instances that receive alerts from + // the Prometheus component. This is useful for organizations that need to: + // - Send alerts to external monitoring systems (like PagerDuty, Slack, or custom webhooks) + // - Route different types of alerts to different teams or systems + // - Integrate with existing enterprise alerting infrastructure + // - Maintain separate alert routing for compliance or organizational requirements + // When omitted, no additional Alertmanager instances are configured (default behavior). + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + AdditionalAlertmanagerConfigs []AdditionalAlertmanagerConfigApplyConfiguration `json:"additionalAlertmanagerConfigs,omitempty"` + // enforcedBodySizeLimitBytes enforces a body size limit (in bytes) for Prometheus scraped metrics. + // If a scraped target's body response is larger than the limit, the scrape will fail. + // This helps protect Prometheus from targets that return excessively large responses. + // The value is specified in bytes (e.g., 4194304 for 4MB, 1073741824 for 1GB). + // When omitted, the Cluster Monitoring Operator automatically calculates an appropriate + // limit based on cluster capacity. Set an explicit value to override the automatic calculation. + // Minimum value is 10240 (10kB). + // Maximum value is 1073741824 (1GB). + EnforcedBodySizeLimitBytes *int64 `json:"enforcedBodySizeLimitBytes,omitempty"` + // externalLabels defines labels to be attached to time series and alerts + // when communicating with external systems such as federation, remote storage, + // and Alertmanager. These labels are not stored with metrics on disk; they are + // only added when data leaves Prometheus (e.g., during federation queries, + // remote write, or alert notifications). + // At least 1 label must be specified when set, with a maximum of 50 labels allowed. + // Each label key must be unique within this list. + // When omitted, no external labels are applied. + ExternalLabels []LabelApplyConfiguration `json:"externalLabels,omitempty"` + // logLevel defines the verbosity of logs emitted by Prometheus. + // This field allows users to control the amount and severity of logs generated, which can be useful + // for debugging issues or reducing noise in production environments. + // Allowed values are Error, Warn, Info, and Debug. + // When set to Error, only errors will be logged. + // When set to Warn, both warnings and errors will be logged. + // When set to Info, general information, warnings, and errors will all be logged. + // When set to Debug, detailed debugging information will be logged. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, that is subject to change over time. + // The current default value is `Info`. + LogLevel *configv1alpha1.LogLevel `json:"logLevel,omitempty"` + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least one key-value pair (minimum of 1) + // and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // queryLogFile specifies the file to which PromQL queries are logged. + // This setting can be either a filename, in which + // case the queries are saved to an `emptyDir` volume + // at `/var/log/prometheus`, or a full path to a location where + // an `emptyDir` volume will be mounted and the queries saved. + // Writing to `/dev/stderr`, `/dev/stdout` or `/dev/null` is supported, but + // writing to any other `/dev/` path is not supported. Relative paths are + // also not supported. + // By default, PromQL queries are not logged. + // Must be an absolute path starting with `/` or a simple filename without path separators. + // Must not contain consecutive slashes, end with a slash, or include '..' path traversal. + // Must contain only alphanumeric characters, '.', '_', '-', or '/'. + // Must be between 1 and 255 characters in length. + QueryLogFile *string `json:"queryLogFile,omitempty"` + // remoteWrite defines the remote write configuration, including URL, authentication, and relabeling settings. + // Remote write allows Prometheus to send metrics it collects to external long-term storage systems. + // When omitted, no remote write endpoints are configured. + // When provided, at least one configuration must be specified (minimum 1, maximum 10 items). + // Entries must have unique names (name is the list key). + RemoteWrite []RemoteWriteSpecApplyConfiguration `json:"remoteWrite,omitempty"` + // resources defines the compute resource requests and limits for the Prometheus container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 4m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // retention configures how long Prometheus retains metrics data and how much storage it can use. + // When omitted, the platform chooses reasonable defaults (currently 15 days retention, no size limit). + Retention *RetentionApplyConfiguration `json:"retention,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10 + // Minimum length for this list is 1 + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Prometheus Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1 + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // collectionProfile defines the metrics collection profile that Prometheus uses to collect + // metrics from the platform components. Supported values are `Full` or + // `Minimal`. In the `Full` profile (default), Prometheus collects all + // metrics that are exposed by the platform components. In the `Minimal` + // profile, Prometheus only collects metrics necessary for the default + // platform alerts, recording rules, telemetry and console dashboards. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is `Full`. + CollectionProfile *configv1alpha1.CollectionProfile `json:"collectionProfile,omitempty"` + // volumeClaimTemplate defines persistent storage for Prometheus. Use this setting to + // configure the persistent volume claim, including storage class and volume size. + // If omitted, the Pod uses ephemeral storage and Prometheus data will not persist + // across restarts. + VolumeClaimTemplate *v1.PersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` +} + +// PrometheusConfigApplyConfiguration constructs a declarative configuration of the PrometheusConfig type for use with +// apply. +func PrometheusConfig() *PrometheusConfigApplyConfiguration { + return &PrometheusConfigApplyConfiguration{} +} + +// WithAdditionalAlertmanagerConfigs adds the given value to the AdditionalAlertmanagerConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the AdditionalAlertmanagerConfigs field. +func (b *PrometheusConfigApplyConfiguration) WithAdditionalAlertmanagerConfigs(values ...*AdditionalAlertmanagerConfigApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithAdditionalAlertmanagerConfigs") + } + b.AdditionalAlertmanagerConfigs = append(b.AdditionalAlertmanagerConfigs, *values[i]) + } + return b +} + +// WithEnforcedBodySizeLimitBytes sets the EnforcedBodySizeLimitBytes field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EnforcedBodySizeLimitBytes field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithEnforcedBodySizeLimitBytes(value int64) *PrometheusConfigApplyConfiguration { + b.EnforcedBodySizeLimitBytes = &value + return b +} + +// WithExternalLabels adds the given value to the ExternalLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the ExternalLabels field. +func (b *PrometheusConfigApplyConfiguration) WithExternalLabels(values ...*LabelApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithExternalLabels") + } + b.ExternalLabels = append(b.ExternalLabels, *values[i]) + } + return b +} + +// WithLogLevel sets the LogLevel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LogLevel field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithLogLevel(value configv1alpha1.LogLevel) *PrometheusConfigApplyConfiguration { + b.LogLevel = &value + return b +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *PrometheusConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *PrometheusConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithQueryLogFile sets the QueryLogFile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the QueryLogFile field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithQueryLogFile(value string) *PrometheusConfigApplyConfiguration { + b.QueryLogFile = &value + return b +} + +// WithRemoteWrite adds the given value to the RemoteWrite field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the RemoteWrite field. +func (b *PrometheusConfigApplyConfiguration) WithRemoteWrite(values ...*RemoteWriteSpecApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithRemoteWrite") + } + b.RemoteWrite = append(b.RemoteWrite, *values[i]) + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *PrometheusConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *PrometheusConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithRetention sets the Retention field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Retention field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithRetention(value *RetentionApplyConfiguration) *PrometheusConfigApplyConfiguration { + b.Retention = value + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *PrometheusConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *PrometheusConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *PrometheusConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *PrometheusConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} + +// WithCollectionProfile sets the CollectionProfile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CollectionProfile field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithCollectionProfile(value configv1alpha1.CollectionProfile) *PrometheusConfigApplyConfiguration { + b.CollectionProfile = &value + return b +} + +// WithVolumeClaimTemplate sets the VolumeClaimTemplate field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the VolumeClaimTemplate field is set to the value of the last call. +func (b *PrometheusConfigApplyConfiguration) WithVolumeClaimTemplate(value v1.PersistentVolumeClaim) *PrometheusConfigApplyConfiguration { + b.VolumeClaimTemplate = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go index b35fb15fef..9eadb023ec 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatoradmissionwebhookconfig.go @@ -29,7 +29,7 @@ type PrometheusOperatorAdmissionWebhookConfigApplyConfiguration struct { // - name: memory // request: 30Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go index 2612926255..a0bac703d0 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusoperatorconfig.go @@ -46,7 +46,7 @@ type PrometheusOperatorConfigApplyConfiguration struct { // - name: memory // request: 40Mi // limit: null - // Maximum length for this list is 10. + // Maximum length for this list is 5. // Minimum length for this list is 1. // Each resource name must be unique within this list. Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go new file mode 100644 index 0000000000..53e21d1f9d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/prometheusremotewriteheader.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// PrometheusRemoteWriteHeaderApplyConfiguration represents a declarative configuration of the PrometheusRemoteWriteHeader type for use +// with apply. +// +// PrometheusRemoteWriteHeader defines a custom HTTP header for remote write requests. +// The header name must not be one of the reserved headers set by Prometheus (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). +// Header names must contain only case-insensitive alphanumeric characters, hyphens (-), and underscores (_); other characters (e.g. emoji) are rejected by validation. +// Validation is enforced on the Headers field in RemoteWriteSpec. +type PrometheusRemoteWriteHeaderApplyConfiguration struct { + // name is the HTTP header name. Must not be a reserved header (see type documentation). + // Must contain only alphanumeric characters, hyphens, and underscores; invalid characters are rejected. Must be between 1 and 256 characters. + Name *string `json:"name,omitempty"` + // value is the HTTP header value. Must be at most 4096 characters. + Value *string `json:"value,omitempty"` +} + +// PrometheusRemoteWriteHeaderApplyConfiguration constructs a declarative configuration of the PrometheusRemoteWriteHeader type for use with +// apply. +func PrometheusRemoteWriteHeader() *PrometheusRemoteWriteHeaderApplyConfiguration { + return &PrometheusRemoteWriteHeaderApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *PrometheusRemoteWriteHeaderApplyConfiguration) WithName(value string) *PrometheusRemoteWriteHeaderApplyConfiguration { + b.Name = &value + return b +} + +// WithValue sets the Value field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Value field is set to the value of the last call. +func (b *PrometheusRemoteWriteHeaderApplyConfiguration) WithValue(value string) *PrometheusRemoteWriteHeaderApplyConfiguration { + b.Value = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go new file mode 100644 index 0000000000..a24ff44ace --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/queueconfig.go @@ -0,0 +1,129 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// QueueConfigApplyConfiguration represents a declarative configuration of the QueueConfig type for use +// with apply. +// +// QueueConfig allows tuning configuration for remote write queue parameters. +// Configure this when you need to control throughput, backpressure, or retry behavior—for example to avoid overloading the remote endpoint, to reduce memory usage, or to tune for high-cardinality workloads. Consider capacity, maxShards, and batchSendDeadlineSeconds for throughput; minBackoffMilliseconds and maxBackoffMilliseconds for retries; and rateLimitedAction when the remote returns HTTP 429. +type QueueConfigApplyConfiguration struct { + // capacity is the number of samples to buffer per shard before we start dropping them. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 10000. + // Minimum value is 1. + // Maximum value is 1000000. + Capacity *int32 `json:"capacity,omitempty"` + // maxShards is the maximum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 200. + // Minimum value is 1. + // Maximum value is 10000. + MaxShards *int32 `json:"maxShards,omitempty"` + // minShards is the minimum number of shards, i.e. amount of concurrency. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1. + // Minimum value is 1. + // Maximum value is 10000. + MinShards *int32 `json:"minShards,omitempty"` + // maxSamplesPerSend is the maximum number of samples per send. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 1000. + // Minimum value is 1. + // Maximum value is 100000. + MaxSamplesPerSend *int32 `json:"maxSamplesPerSend,omitempty"` + // batchSendDeadlineSeconds is the maximum time in seconds a sample will wait in buffer before being sent. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 3600 seconds (1 hour). + BatchSendDeadlineSeconds *int32 `json:"batchSendDeadlineSeconds,omitempty"` + // minBackoffMilliseconds is the minimum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + MinBackoffMilliseconds *int32 `json:"minBackoffMilliseconds,omitempty"` + // maxBackoffMilliseconds is the maximum retry delay in milliseconds. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 millisecond. + // Maximum value is 3600000 milliseconds (1 hour). + MaxBackoffMilliseconds *int32 `json:"maxBackoffMilliseconds,omitempty"` + // rateLimitedAction controls what to do when the remote write endpoint returns HTTP 429 (Too Many Requests). + // When omitted, no retries are performed on rate limit responses. + // When set to "Retry", Prometheus will retry such requests using the backoff settings above. + // Valid value when set is "Retry". + RateLimitedAction *configv1alpha1.RateLimitedAction `json:"rateLimitedAction,omitempty"` +} + +// QueueConfigApplyConfiguration constructs a declarative configuration of the QueueConfig type for use with +// apply. +func QueueConfig() *QueueConfigApplyConfiguration { + return &QueueConfigApplyConfiguration{} +} + +// WithCapacity sets the Capacity field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Capacity field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithCapacity(value int32) *QueueConfigApplyConfiguration { + b.Capacity = &value + return b +} + +// WithMaxShards sets the MaxShards field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxShards field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxShards(value int32) *QueueConfigApplyConfiguration { + b.MaxShards = &value + return b +} + +// WithMinShards sets the MinShards field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MinShards field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMinShards(value int32) *QueueConfigApplyConfiguration { + b.MinShards = &value + return b +} + +// WithMaxSamplesPerSend sets the MaxSamplesPerSend field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxSamplesPerSend field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxSamplesPerSend(value int32) *QueueConfigApplyConfiguration { + b.MaxSamplesPerSend = &value + return b +} + +// WithBatchSendDeadlineSeconds sets the BatchSendDeadlineSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BatchSendDeadlineSeconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithBatchSendDeadlineSeconds(value int32) *QueueConfigApplyConfiguration { + b.BatchSendDeadlineSeconds = &value + return b +} + +// WithMinBackoffMilliseconds sets the MinBackoffMilliseconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MinBackoffMilliseconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMinBackoffMilliseconds(value int32) *QueueConfigApplyConfiguration { + b.MinBackoffMilliseconds = &value + return b +} + +// WithMaxBackoffMilliseconds sets the MaxBackoffMilliseconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MaxBackoffMilliseconds field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithMaxBackoffMilliseconds(value int32) *QueueConfigApplyConfiguration { + b.MaxBackoffMilliseconds = &value + return b +} + +// WithRateLimitedAction sets the RateLimitedAction field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RateLimitedAction field is set to the value of the last call. +func (b *QueueConfigApplyConfiguration) WithRateLimitedAction(value configv1alpha1.RateLimitedAction) *QueueConfigApplyConfiguration { + b.RateLimitedAction = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go new file mode 100644 index 0000000000..cfcfc7b5cc --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelactionconfig.go @@ -0,0 +1,135 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RelabelActionConfigApplyConfiguration represents a declarative configuration of the RelabelActionConfig type for use +// with apply. +// +// RelabelActionConfig represents the action to perform and its configuration. +// Exactly one action-specific configuration must be specified based on the action type. +type RelabelActionConfigApplyConfiguration struct { + // type specifies the action to perform on the matched labels. + // Allowed values are Replace, Lowercase, Uppercase, Keep, Drop, KeepEqual, DropEqual, HashMod, LabelMap, LabelDrop, LabelKeep. + // + // When set to Replace, regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. If regex does not match, no replacement takes place. + // + // When set to Lowercase, the concatenated source_labels are mapped to their lower case. Requires Prometheus >= v2.36.0. + // + // When set to Uppercase, the concatenated source_labels are mapped to their upper case. Requires Prometheus >= v2.36.0. + // + // When set to Keep, targets for which regex does not match the concatenated source_labels are dropped. + // + // When set to Drop, targets for which regex matches the concatenated source_labels are dropped. + // + // When set to KeepEqual, targets for which the concatenated source_labels do not match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to DropEqual, targets for which the concatenated source_labels do match target_label are dropped. Requires Prometheus >= v2.41.0. + // + // When set to HashMod, target_label is set to the modulus of a hash of the concatenated source_labels. + // + // When set to LabelMap, regex is matched against all source label names (not just source_labels); matching label values are copied to new names given by replacement with ${1}, ${2}, ... substituted. + // + // When set to LabelDrop, regex is matched against all label names; any label that matches is removed. + // + // When set to LabelKeep, regex is matched against all label names; any label that does not match is removed. + Type *configv1alpha1.RelabelAction `json:"type,omitempty"` + // replace configures the Replace action. + // Required when type is Replace, and forbidden otherwise. + Replace *ReplaceActionConfigApplyConfiguration `json:"replace,omitempty"` + // hashMod configures the HashMod action. + // Required when type is HashMod, and forbidden otherwise. + HashMod *HashModActionConfigApplyConfiguration `json:"hashMod,omitempty"` + // labelMap configures the LabelMap action. + // Required when type is LabelMap, and forbidden otherwise. + LabelMap *LabelMapActionConfigApplyConfiguration `json:"labelMap,omitempty"` + // lowercase configures the Lowercase action. + // Required when type is Lowercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + Lowercase *LowercaseActionConfigApplyConfiguration `json:"lowercase,omitempty"` + // uppercase configures the Uppercase action. + // Required when type is Uppercase, and forbidden otherwise. + // Requires Prometheus >= v2.36.0. + Uppercase *UppercaseActionConfigApplyConfiguration `json:"uppercase,omitempty"` + // keepEqual configures the KeepEqual action. + // Required when type is KeepEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + KeepEqual *KeepEqualActionConfigApplyConfiguration `json:"keepEqual,omitempty"` + // dropEqual configures the DropEqual action. + // Required when type is DropEqual, and forbidden otherwise. + // Requires Prometheus >= v2.41.0. + DropEqual *DropEqualActionConfigApplyConfiguration `json:"dropEqual,omitempty"` +} + +// RelabelActionConfigApplyConfiguration constructs a declarative configuration of the RelabelActionConfig type for use with +// apply. +func RelabelActionConfig() *RelabelActionConfigApplyConfiguration { + return &RelabelActionConfigApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithType(value configv1alpha1.RelabelAction) *RelabelActionConfigApplyConfiguration { + b.Type = &value + return b +} + +// WithReplace sets the Replace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replace field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithReplace(value *ReplaceActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Replace = value + return b +} + +// WithHashMod sets the HashMod field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the HashMod field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithHashMod(value *HashModActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.HashMod = value + return b +} + +// WithLabelMap sets the LabelMap field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LabelMap field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithLabelMap(value *LabelMapActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.LabelMap = value + return b +} + +// WithLowercase sets the Lowercase field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Lowercase field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithLowercase(value *LowercaseActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Lowercase = value + return b +} + +// WithUppercase sets the Uppercase field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Uppercase field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithUppercase(value *UppercaseActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.Uppercase = value + return b +} + +// WithKeepEqual sets the KeepEqual field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the KeepEqual field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithKeepEqual(value *KeepEqualActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.KeepEqual = value + return b +} + +// WithDropEqual sets the DropEqual field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DropEqual field is set to the value of the last call. +func (b *RelabelActionConfigApplyConfiguration) WithDropEqual(value *DropEqualActionConfigApplyConfiguration) *RelabelActionConfigApplyConfiguration { + b.DropEqual = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go new file mode 100644 index 0000000000..efe191727e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/relabelconfig.go @@ -0,0 +1,89 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RelabelConfigApplyConfiguration represents a declarative configuration of the RelabelConfig type for use +// with apply. +// +// RelabelConfig represents a relabeling rule. +type RelabelConfigApplyConfiguration struct { + // name is a unique identifier for this relabel configuration. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + Name *string `json:"name,omitempty"` + // sourceLabels specifies which label names to extract from each series for this relabeling rule. + // The values of these labels are joined together using the configured separator, + // and the resulting string is then matched against the regular expression. + // If a referenced label does not exist on a series, Prometheus substitutes an empty string. + // When omitted, the rule operates without extracting source labels (useful for actions like labelmap). + // Minimum of 1 and maximum of 10 source labels can be specified, each between 1 and 128 characters. + // Each entry must be unique. + // Label names beginning with "__" (two underscores) are reserved for internal Prometheus use and are not allowed. + // Label names SHOULD start with a letter (a-z, A-Z) or underscore (_), followed by zero or more letters, digits (0-9), or underscores for best compatibility. + // While Prometheus supports UTF-8 characters in label names (since v3.0.0), using the recommended character set + // ensures better compatibility with the wider ecosystem (tooling, third-party instrumentation, etc.). + SourceLabels []string `json:"sourceLabels,omitempty"` + // separator is the character sequence used to join source label values. + // Common examples: ";", ",", "::", "|||". + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is ";". + // Must be between 1 and 5 characters in length when specified. + Separator *string `json:"separator,omitempty"` + // regex is the regular expression to match against the concatenated source label values. + // Must be a valid RE2 regular expression (https://github.com/google/re2/wiki/Syntax). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "(.*)" to match everything. + // Must be between 1 and 1000 characters in length when specified. + Regex *string `json:"regex,omitempty"` + // action defines the action to perform on the matched labels and its configuration. + // Exactly one action-specific configuration must be specified based on the action type. + Action *RelabelActionConfigApplyConfiguration `json:"action,omitempty"` +} + +// RelabelConfigApplyConfiguration constructs a declarative configuration of the RelabelConfig type for use with +// apply. +func RelabelConfig() *RelabelConfigApplyConfiguration { + return &RelabelConfigApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithName(value string) *RelabelConfigApplyConfiguration { + b.Name = &value + return b +} + +// WithSourceLabels adds the given value to the SourceLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the SourceLabels field. +func (b *RelabelConfigApplyConfiguration) WithSourceLabels(values ...string) *RelabelConfigApplyConfiguration { + for i := range values { + b.SourceLabels = append(b.SourceLabels, values[i]) + } + return b +} + +// WithSeparator sets the Separator field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Separator field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithSeparator(value string) *RelabelConfigApplyConfiguration { + b.Separator = &value + return b +} + +// WithRegex sets the Regex field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Regex field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithRegex(value string) *RelabelConfigApplyConfiguration { + b.Regex = &value + return b +} + +// WithAction sets the Action field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Action field is set to the value of the last call. +func (b *RelabelConfigApplyConfiguration) WithAction(value *RelabelActionConfigApplyConfiguration) *RelabelConfigApplyConfiguration { + b.Action = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go new file mode 100644 index 0000000000..c32870d760 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewriteauthorization.go @@ -0,0 +1,100 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + v1 "k8s.io/api/core/v1" +) + +// RemoteWriteAuthorizationApplyConfiguration represents a declarative configuration of the RemoteWriteAuthorization type for use +// with apply. +// +// RemoteWriteAuthorization defines the authorization method for a remote write endpoint. +// Exactly one of the nested configs must be set according to the type discriminator. +type RemoteWriteAuthorizationApplyConfiguration struct { + // type specifies the authorization method to use. + // Allowed values are BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, ServiceAccount. + // + // When set to BearerToken, the bearer token is read from a Secret referenced by the bearerToken field. + // + // When set to BasicAuth, HTTP basic authentication is used; the basicAuth field (username and password from Secrets) must be set. + // + // When set to OAuth2, OAuth2 client credentials flow is used; the oauth2 field (clientId, clientSecret, tokenUrl) must be set. + // + // When set to SigV4, AWS Signature Version 4 is used for authentication; the sigv4 field must be set. + // + // When set to SafeAuthorization, credentials are read from a single Secret key (Prometheus SafeAuthorization pattern). The secret key typically contains a Bearer token. Use the safeAuthorization field. + // + // When set to ServiceAccount, the pod's service account token is used for machine identity. No additional field is required; the operator configures the token path. + Type *configv1alpha1.RemoteWriteAuthorizationType `json:"type,omitempty"` + // safeAuthorization defines the secret reference containing the credentials for authentication (e.g. Bearer token). + // Required when type is "SafeAuthorization", and forbidden otherwise. Maps to Prometheus SafeAuthorization. The secret must exist in the openshift-monitoring namespace. + SafeAuthorization *v1.SecretKeySelector `json:"safeAuthorization,omitempty"` + // bearerToken defines the secret reference containing the bearer token. + // Required when type is "BearerToken", and forbidden otherwise. + BearerToken *SecretKeySelectorApplyConfiguration `json:"bearerToken,omitempty"` + // basicAuth defines HTTP basic authentication credentials. + // Required when type is "BasicAuth", and forbidden otherwise. + BasicAuth *BasicAuthApplyConfiguration `json:"basicAuth,omitempty"` + // oauth2 defines OAuth2 client credentials authentication. + // Required when type is "OAuth2", and forbidden otherwise. + OAuth2 *OAuth2ApplyConfiguration `json:"oauth2,omitempty"` + // sigv4 defines AWS Signature Version 4 authentication. + // Required when type is "SigV4", and forbidden otherwise. + Sigv4 *Sigv4ApplyConfiguration `json:"sigv4,omitempty"` +} + +// RemoteWriteAuthorizationApplyConfiguration constructs a declarative configuration of the RemoteWriteAuthorization type for use with +// apply. +func RemoteWriteAuthorization() *RemoteWriteAuthorizationApplyConfiguration { + return &RemoteWriteAuthorizationApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithType(value configv1alpha1.RemoteWriteAuthorizationType) *RemoteWriteAuthorizationApplyConfiguration { + b.Type = &value + return b +} + +// WithSafeAuthorization sets the SafeAuthorization field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SafeAuthorization field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithSafeAuthorization(value v1.SecretKeySelector) *RemoteWriteAuthorizationApplyConfiguration { + b.SafeAuthorization = &value + return b +} + +// WithBearerToken sets the BearerToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BearerToken field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithBearerToken(value *SecretKeySelectorApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.BearerToken = value + return b +} + +// WithBasicAuth sets the BasicAuth field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BasicAuth field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithBasicAuth(value *BasicAuthApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.BasicAuth = value + return b +} + +// WithOAuth2 sets the OAuth2 field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OAuth2 field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithOAuth2(value *OAuth2ApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.OAuth2 = value + return b +} + +// WithSigv4 sets the Sigv4 field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Sigv4 field is set to the value of the last call. +func (b *RemoteWriteAuthorizationApplyConfiguration) WithSigv4(value *Sigv4ApplyConfiguration) *RemoteWriteAuthorizationApplyConfiguration { + b.Sigv4 = value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go new file mode 100644 index 0000000000..cbb3c0dbcf --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/remotewritespec.go @@ -0,0 +1,175 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// RemoteWriteSpecApplyConfiguration represents a declarative configuration of the RemoteWriteSpec type for use +// with apply. +// +// RemoteWriteSpec represents configuration for remote write endpoints. +type RemoteWriteSpecApplyConfiguration struct { + // url is the URL of the remote write endpoint. + // Must be a valid URL with http or https scheme and a non-empty hostname. + // Query parameters, fragments, and user information (e.g. user:password@host) are not allowed. + // Empty string is invalid. Must be between 1 and 2048 characters in length. + URL *string `json:"url,omitempty"` + // name is a required identifier for this remote write configuration (name is the list key for the remoteWrite list). + // This name is used in metrics and logging to differentiate remote write queues. + // Must contain only alphanumeric characters, hyphens, and underscores. + // Must be between 1 and 63 characters in length. + Name *string `json:"name,omitempty"` + // authorization defines the authorization method for the remote write endpoint. + // When omitted, no authorization is performed. + // When set, type must be one of BearerToken, BasicAuth, OAuth2, SigV4, SafeAuthorization, or ServiceAccount; the corresponding nested config must be set (ServiceAccount has no config). + AuthorizationConfig *RemoteWriteAuthorizationApplyConfiguration `json:"authorization,omitempty"` + // headers specifies the custom HTTP headers to be sent along with each remote write request. + // Sending custom headers makes the configuration of a proxy in between optional and helps the + // receiver recognize the given source better. + // Clients MAY allow users to send custom HTTP headers; they MUST NOT allow users to configure + // them in such a way as to send reserved headers. Headers set by Prometheus cannot be overwritten. + // When omitted, no custom headers are sent. + // Maximum of 50 headers can be specified. Each header name must be unique. + // Each header name must contain only alphanumeric characters, hyphens, and underscores, and must not be a reserved Prometheus header (Host, Authorization, Content-Encoding, Content-Type, X-Prometheus-Remote-Write-Version, User-Agent, Connection, Keep-Alive, Proxy-Authenticate, Proxy-Authorization, WWW-Authenticate). + Headers []PrometheusRemoteWriteHeaderApplyConfiguration `json:"headers,omitempty"` + // metadataConfig configures the sending of series metadata to remote storage. + // When omitted, no metadata is sent. + // When set to sendPolicy: Default, metadata is sent using platform-chosen defaults (e.g. send interval 30 seconds). + // When set to sendPolicy: Custom, metadata is sent using the settings in the custom field (e.g. custom.sendIntervalSeconds). + MetadataConfig *MetadataConfigApplyConfiguration `json:"metadataConfig,omitempty"` + // proxyUrl defines an optional proxy URL. + // If the cluster-wide proxy is enabled, it replaces the proxyUrl setting. + // The cluster-wide proxy supports both HTTP and HTTPS proxies, with HTTPS taking precedence. + // When omitted, no proxy is used. + // Must be a valid URL with http or https scheme. + // Must be between 1 and 2048 characters in length. + ProxyURL *string `json:"proxyUrl,omitempty"` + // queueConfig allows tuning configuration for remote write queue parameters. + // When omitted, default queue configuration is used. + QueueConfig *QueueConfigApplyConfiguration `json:"queueConfig,omitempty"` + // remoteTimeoutSeconds defines the timeout in seconds for requests to the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // Minimum value is 1 second. + // Maximum value is 600 seconds (10 minutes). + RemoteTimeoutSeconds *int32 `json:"remoteTimeoutSeconds,omitempty"` + // exemplarsMode controls whether exemplars are sent via remote write. + // Valid values are "Send", "DoNotSend" and omitted. + // When set to "Send", Prometheus is configured to store a maximum of 100,000 exemplars in memory and send them with remote write. + // Note that this setting only applies to user-defined monitoring. It is not applicable to default in-cluster monitoring. + // When omitted or set to "DoNotSend", exemplars are not sent. + ExemplarsMode *configv1alpha1.ExemplarsMode `json:"exemplarsMode,omitempty"` + // tlsConfig defines TLS authentication settings for the remote write endpoint. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + TLSConfig *TLSConfigApplyConfiguration `json:"tlsConfig,omitempty"` + // writeRelabelConfigs is a list of relabeling rules to apply before sending data to the remote endpoint. + // When omitted, no relabeling is performed and all metrics are sent as-is. + // Minimum of 1 and maximum of 10 relabeling rules can be specified. + // Each rule must have a unique name. + WriteRelabelConfigs []RelabelConfigApplyConfiguration `json:"writeRelabelConfigs,omitempty"` +} + +// RemoteWriteSpecApplyConfiguration constructs a declarative configuration of the RemoteWriteSpec type for use with +// apply. +func RemoteWriteSpec() *RemoteWriteSpecApplyConfiguration { + return &RemoteWriteSpecApplyConfiguration{} +} + +// WithURL sets the URL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the URL field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithURL(value string) *RemoteWriteSpecApplyConfiguration { + b.URL = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithName(value string) *RemoteWriteSpecApplyConfiguration { + b.Name = &value + return b +} + +// WithAuthorizationConfig sets the AuthorizationConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AuthorizationConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithAuthorizationConfig(value *RemoteWriteAuthorizationApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.AuthorizationConfig = value + return b +} + +// WithHeaders adds the given value to the Headers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Headers field. +func (b *RemoteWriteSpecApplyConfiguration) WithHeaders(values ...*PrometheusRemoteWriteHeaderApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithHeaders") + } + b.Headers = append(b.Headers, *values[i]) + } + return b +} + +// WithMetadataConfig sets the MetadataConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the MetadataConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithMetadataConfig(value *MetadataConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.MetadataConfig = value + return b +} + +// WithProxyURL sets the ProxyURL field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ProxyURL field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithProxyURL(value string) *RemoteWriteSpecApplyConfiguration { + b.ProxyURL = &value + return b +} + +// WithQueueConfig sets the QueueConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the QueueConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithQueueConfig(value *QueueConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.QueueConfig = value + return b +} + +// WithRemoteTimeoutSeconds sets the RemoteTimeoutSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RemoteTimeoutSeconds field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithRemoteTimeoutSeconds(value int32) *RemoteWriteSpecApplyConfiguration { + b.RemoteTimeoutSeconds = &value + return b +} + +// WithExemplarsMode sets the ExemplarsMode field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ExemplarsMode field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithExemplarsMode(value configv1alpha1.ExemplarsMode) *RemoteWriteSpecApplyConfiguration { + b.ExemplarsMode = &value + return b +} + +// WithTLSConfig sets the TLSConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TLSConfig field is set to the value of the last call. +func (b *RemoteWriteSpecApplyConfiguration) WithTLSConfig(value *TLSConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + b.TLSConfig = value + return b +} + +// WithWriteRelabelConfigs adds the given value to the WriteRelabelConfigs field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the WriteRelabelConfigs field. +func (b *RemoteWriteSpecApplyConfiguration) WithWriteRelabelConfigs(values ...*RelabelConfigApplyConfiguration) *RemoteWriteSpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithWriteRelabelConfigs") + } + b.WriteRelabelConfigs = append(b.WriteRelabelConfigs, *values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go new file mode 100644 index 0000000000..7b9766c11b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/replaceactionconfig.go @@ -0,0 +1,41 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// ReplaceActionConfigApplyConfiguration represents a declarative configuration of the ReplaceActionConfig type for use +// with apply. +// +// ReplaceActionConfig configures the Replace action. +// Regex is matched against the concatenated source_labels; target_label is set to replacement with match group references (${1}, ${2}, ...) substituted. No replacement if regex does not match. +type ReplaceActionConfigApplyConfiguration struct { + // targetLabel is the label name where the replacement result is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` + // replacement is the value written to target_label when regex matches; match group references (${1}, ${2}, ...) are substituted. + // Required when using the Replace action so the intended behavior is explicit and the platform does not need to apply defaults. + // Use "$1" for the first capture group, "$2" for the second, etc. Use an empty string ("") to explicitly clear the target label value. + // Must be between 0 and 255 characters in length. + Replacement *string `json:"replacement,omitempty"` +} + +// ReplaceActionConfigApplyConfiguration constructs a declarative configuration of the ReplaceActionConfig type for use with +// apply. +func ReplaceActionConfig() *ReplaceActionConfigApplyConfiguration { + return &ReplaceActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *ReplaceActionConfigApplyConfiguration) WithTargetLabel(value string) *ReplaceActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} + +// WithReplacement sets the Replacement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Replacement field is set to the value of the last call. +func (b *ReplaceActionConfigApplyConfiguration) WithReplacement(value string) *ReplaceActionConfigApplyConfiguration { + b.Replacement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go new file mode 100644 index 0000000000..2ca903f21f --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/retention.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// RetentionApplyConfiguration represents a declarative configuration of the Retention type for use +// with apply. +// +// Retention configures how long Prometheus retains metrics data and how much storage it can use. +type RetentionApplyConfiguration struct { + // durationInDays specifies how many days Prometheus will retain metrics data. + // Prometheus automatically deletes data older than this duration. + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is 15. + // Minimum value is 1 day. + // Maximum value is 365 days (1 year). + DurationInDays *int32 `json:"durationInDays,omitempty"` + // sizeInGiB specifies the maximum storage size in gibibytes (GiB) that Prometheus + // can use for data blocks and the write-ahead log (WAL). + // When the limit is reached, Prometheus will delete oldest data first. + // When omitted, no size limit is enforced and Prometheus uses available PersistentVolume capacity. + // Minimum value is 1 GiB. + // Maximum value is 16384 GiB (16 TiB). + SizeInGiB *int32 `json:"sizeInGiB,omitempty"` +} + +// RetentionApplyConfiguration constructs a declarative configuration of the Retention type for use with +// apply. +func Retention() *RetentionApplyConfiguration { + return &RetentionApplyConfiguration{} +} + +// WithDurationInDays sets the DurationInDays field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DurationInDays field is set to the value of the last call. +func (b *RetentionApplyConfiguration) WithDurationInDays(value int32) *RetentionApplyConfiguration { + b.DurationInDays = &value + return b +} + +// WithSizeInGiB sets the SizeInGiB field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SizeInGiB field is set to the value of the last call. +func (b *RetentionApplyConfiguration) WithSizeInGiB(value int32) *RetentionApplyConfiguration { + b.SizeInGiB = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go new file mode 100644 index 0000000000..a824180eda --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/secretkeyselector.go @@ -0,0 +1,40 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// SecretKeySelectorApplyConfiguration represents a declarative configuration of the SecretKeySelector type for use +// with apply. +// +// SecretKeySelector selects a key of a Secret in the `openshift-monitoring` namespace. +type SecretKeySelectorApplyConfiguration struct { + // name is the name of the secret in the `openshift-monitoring` namespace to select from. + // Must be a valid Kubernetes secret name (lowercase alphanumeric, '-' or '.', start/end with alphanumeric). + // Must be between 1 and 253 characters in length. + Name *string `json:"name,omitempty"` + // key is the key of the secret to select from. + // Must consist of alphanumeric characters, '-', '_', or '.'. + // Must be between 1 and 253 characters in length. + Key *string `json:"key,omitempty"` +} + +// SecretKeySelectorApplyConfiguration constructs a declarative configuration of the SecretKeySelector type for use with +// apply. +func SecretKeySelector() *SecretKeySelectorApplyConfiguration { + return &SecretKeySelectorApplyConfiguration{} +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *SecretKeySelectorApplyConfiguration) WithName(value string) *SecretKeySelectorApplyConfiguration { + b.Name = &value + return b +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *SecretKeySelectorApplyConfiguration) WithKey(value string) *SecretKeySelectorApplyConfiguration { + b.Key = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go new file mode 100644 index 0000000000..e0e37c4fdb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/sigv4.go @@ -0,0 +1,78 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// Sigv4ApplyConfiguration represents a declarative configuration of the Sigv4 type for use +// with apply. +// +// Sigv4 defines AWS Signature Version 4 authentication settings. +// At least one of region, accessKey/secretKey, profile, or roleArn must be set so the platform can perform authentication. +type Sigv4ApplyConfiguration struct { + // region is the AWS region. + // When omitted, the region is derived from the environment or instance metadata. + // Must be between 1 and 128 characters. + Region *string `json:"region,omitempty"` + // accessKey defines the secret reference containing the AWS access key ID. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the access key is derived from the environment or instance metadata. + AccessKey *SecretKeySelectorApplyConfiguration `json:"accessKey,omitempty"` + // secretKey defines the secret reference containing the AWS secret access key. + // The secret must exist in the openshift-monitoring namespace. + // When omitted, the secret key is derived from the environment or instance metadata. + SecretKey *SecretKeySelectorApplyConfiguration `json:"secretKey,omitempty"` + // profile is the named AWS profile used to authenticate. + // When omitted, the default profile is used. + // Must be between 1 and 128 characters. + Profile *string `json:"profile,omitempty"` + // roleArn is the AWS Role ARN, an alternative to using AWS API keys. + // When omitted, API keys are used for authentication. + // Must be a valid AWS ARN format (e.g., "arn:aws:iam::123456789012:role/MyRole"). + // Must be between 1 and 512 characters. + RoleArn *string `json:"roleArn,omitempty"` +} + +// Sigv4ApplyConfiguration constructs a declarative configuration of the Sigv4 type for use with +// apply. +func Sigv4() *Sigv4ApplyConfiguration { + return &Sigv4ApplyConfiguration{} +} + +// WithRegion sets the Region field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Region field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithRegion(value string) *Sigv4ApplyConfiguration { + b.Region = &value + return b +} + +// WithAccessKey sets the AccessKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AccessKey field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithAccessKey(value *SecretKeySelectorApplyConfiguration) *Sigv4ApplyConfiguration { + b.AccessKey = value + return b +} + +// WithSecretKey sets the SecretKey field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the SecretKey field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithSecretKey(value *SecretKeySelectorApplyConfiguration) *Sigv4ApplyConfiguration { + b.SecretKey = value + return b +} + +// WithProfile sets the Profile field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Profile field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithProfile(value string) *Sigv4ApplyConfiguration { + b.Profile = &value + return b +} + +// WithRoleArn sets the RoleArn field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the RoleArn field is set to the value of the last call. +func (b *Sigv4ApplyConfiguration) WithRoleArn(value string) *Sigv4ApplyConfiguration { + b.RoleArn = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/telemeterclientconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/telemeterclientconfig.go new file mode 100644 index 0000000000..9d4c5cc331 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/telemeterclientconfig.go @@ -0,0 +1,118 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// TelemeterClientConfigApplyConfiguration represents a declarative configuration of the TelemeterClientConfig type for use +// with apply. +// +// TelemeterClientConfig provides configuration options for the Telemeter Client component +// that runs in the `openshift-monitoring` namespace. The Telemeter Client collects selected +// monitoring metrics and forwards them to Red Hat for telemetry purposes. +// At least one field must be specified. +type TelemeterClientConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Telemeter Client container. + // This includes CPU, memory and HugePages constraints to help control scheduling and resource usage. + // When not specified, defaults are used by the platform. Requests cannot exceed limits. + // This field is optional. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 1m + // limit: null + // - name: memory + // request: 40Mi + // limit: null + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Telemeter Client Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Default is empty list. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// TelemeterClientConfigApplyConfiguration constructs a declarative configuration of the TelemeterClientConfig type for use with +// apply. +func TelemeterClientConfig() *TelemeterClientConfigApplyConfiguration { + return &TelemeterClientConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *TelemeterClientConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *TelemeterClientConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *TelemeterClientConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *TelemeterClientConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *TelemeterClientConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *TelemeterClientConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *TelemeterClientConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *TelemeterClientConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierconfig.go new file mode 100644 index 0000000000..f2fda246e1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/thanosquerierconfig.go @@ -0,0 +1,117 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// ThanosQuerierConfigApplyConfiguration represents a declarative configuration of the ThanosQuerierConfig type for use +// with apply. +// +// ThanosQuerierConfig provides configuration options for the Thanos Querier component +// that runs in the `openshift-monitoring` namespace. +// At least one field must be specified; an empty thanosQuerierConfig object is not allowed. +type ThanosQuerierConfigApplyConfiguration struct { + // nodeSelector defines the nodes on which the Pods are scheduled. + // nodeSelector is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // The current default value is `kubernetes.io/os: linux`. + // When specified, nodeSelector must contain at least 1 entry and must not contain more than 10 entries. + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // resources defines the compute resource requests and limits for the Thanos Querier container. + // resources is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Requests cannot exceed limits. + // More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + // This is a simplified API that maps to Kubernetes ResourceRequirements. + // The current default values are: + // resources: + // - name: cpu + // request: 5m + // - name: memory + // request: 12Mi + // Maximum length for this list is 5. + // Minimum length for this list is 1. + // Each resource name must be unique within this list. + Resources []ContainerResourceApplyConfiguration `json:"resources,omitempty"` + // tolerations defines tolerations for the pods. + // tolerations is optional. + // + // When omitted, this means the user has no opinion and the platform is left + // to choose reasonable defaults. These defaults are subject to change over time. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + Tolerations []v1.Toleration `json:"tolerations,omitempty"` + // topologySpreadConstraints defines rules for how Thanos Querier Pods should be distributed + // across topology domains such as zones, nodes, or other user-defined labels. + // topologySpreadConstraints is optional. + // This helps improve high availability and resource efficiency by avoiding placing + // too many replicas in the same failure domain. + // + // When omitted, this means no opinion and the platform is left to choose a default, which is subject to change over time. + // This field maps directly to the `topologySpreadConstraints` field in the Pod spec. + // Defaults are empty/unset. + // Maximum length for this list is 10. + // Minimum length for this list is 1. + // Entries must have unique topologyKey and whenUnsatisfiable pairs. + TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` +} + +// ThanosQuerierConfigApplyConfiguration constructs a declarative configuration of the ThanosQuerierConfig type for use with +// apply. +func ThanosQuerierConfig() *ThanosQuerierConfigApplyConfiguration { + return &ThanosQuerierConfigApplyConfiguration{} +} + +// WithNodeSelector puts the entries into the NodeSelector field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the NodeSelector field, +// overwriting an existing map entries in NodeSelector field with the same key. +func (b *ThanosQuerierConfigApplyConfiguration) WithNodeSelector(entries map[string]string) *ThanosQuerierConfigApplyConfiguration { + if b.NodeSelector == nil && len(entries) > 0 { + b.NodeSelector = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.NodeSelector[k] = v + } + return b +} + +// WithResources adds the given value to the Resources field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Resources field. +func (b *ThanosQuerierConfigApplyConfiguration) WithResources(values ...*ContainerResourceApplyConfiguration) *ThanosQuerierConfigApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithResources") + } + b.Resources = append(b.Resources, *values[i]) + } + return b +} + +// WithTolerations adds the given value to the Tolerations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Tolerations field. +func (b *ThanosQuerierConfigApplyConfiguration) WithTolerations(values ...v1.Toleration) *ThanosQuerierConfigApplyConfiguration { + for i := range values { + b.Tolerations = append(b.Tolerations, values[i]) + } + return b +} + +// WithTopologySpreadConstraints adds the given value to the TopologySpreadConstraints field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the TopologySpreadConstraints field. +func (b *ThanosQuerierConfigApplyConfiguration) WithTopologySpreadConstraints(values ...v1.TopologySpreadConstraint) *ThanosQuerierConfigApplyConfiguration { + for i := range values { + b.TopologySpreadConstraints = append(b.TopologySpreadConstraints, values[i]) + } + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go new file mode 100644 index 0000000000..dc74026618 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/tlsconfig.go @@ -0,0 +1,81 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + configv1alpha1 "github.com/openshift/api/config/v1alpha1" +) + +// TLSConfigApplyConfiguration represents a declarative configuration of the TLSConfig type for use +// with apply. +// +// TLSConfig represents TLS configuration for Alertmanager connections. +// At least one TLS configuration option must be specified. +// For mutual TLS (mTLS), both cert and key must be specified together, or both omitted. +type TLSConfigApplyConfiguration struct { + // ca is an optional CA certificate to use for TLS connections. + // When omitted, the system's default CA bundle is used. + CA *SecretKeySelectorApplyConfiguration `json:"ca,omitempty"` + // cert is an optional client certificate to use for mutual TLS connections. + // When omitted, no client certificate is presented. + Cert *SecretKeySelectorApplyConfiguration `json:"cert,omitempty"` + // key is an optional client key to use for mutual TLS connections. + // When omitted, no client key is used. + Key *SecretKeySelectorApplyConfiguration `json:"key,omitempty"` + // serverName is an optional server name to use for TLS connections. + // When specified, must be a valid DNS subdomain as per RFC 1123. + // When omitted, the server name is derived from the URL. + // Must be between 1 and 253 characters in length. + ServerName *string `json:"serverName,omitempty"` + // certificateVerification determines the policy for TLS certificate verification. + // Allowed values are "Verify" (performs certificate verification, secure) and "SkipVerify" (skips verification, insecure). + // When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. + // The default value is "Verify". + CertificateVerification *configv1alpha1.CertificateVerificationType `json:"certificateVerification,omitempty"` +} + +// TLSConfigApplyConfiguration constructs a declarative configuration of the TLSConfig type for use with +// apply. +func TLSConfig() *TLSConfigApplyConfiguration { + return &TLSConfigApplyConfiguration{} +} + +// WithCA sets the CA field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CA field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCA(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.CA = value + return b +} + +// WithCert sets the Cert field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Cert field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCert(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.Cert = value + return b +} + +// WithKey sets the Key field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Key field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithKey(value *SecretKeySelectorApplyConfiguration) *TLSConfigApplyConfiguration { + b.Key = value + return b +} + +// WithServerName sets the ServerName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ServerName field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithServerName(value string) *TLSConfigApplyConfiguration { + b.ServerName = &value + return b +} + +// WithCertificateVerification sets the CertificateVerification field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CertificateVerification field is set to the value of the last call. +func (b *TLSConfigApplyConfiguration) WithCertificateVerification(value configv1alpha1.CertificateVerificationType) *TLSConfigApplyConfiguration { + b.CertificateVerification = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go new file mode 100644 index 0000000000..6d3a6a804a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1/uppercaseactionconfig.go @@ -0,0 +1,29 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// UppercaseActionConfigApplyConfiguration represents a declarative configuration of the UppercaseActionConfig type for use +// with apply. +// +// UppercaseActionConfig configures the Uppercase action. +// Maps the concatenated source_labels to their upper case and writes to target_label. +// Requires Prometheus >= v2.36.0. +type UppercaseActionConfigApplyConfiguration struct { + // targetLabel is the label name where the upper-cased value is written. + // Must be between 1 and 128 characters in length. + TargetLabel *string `json:"targetLabel,omitempty"` +} + +// UppercaseActionConfigApplyConfiguration constructs a declarative configuration of the UppercaseActionConfig type for use with +// apply. +func UppercaseActionConfig() *UppercaseActionConfigApplyConfiguration { + return &UppercaseActionConfigApplyConfiguration{} +} + +// WithTargetLabel sets the TargetLabel field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the TargetLabel field is set to the value of the last call. +func (b *UppercaseActionConfigApplyConfiguration) WithTargetLabel(value string) *UppercaseActionConfigApplyConfiguration { + b.TargetLabel = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go index 8c2fd43b21..2021ad596e 100644 --- a/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/internal/internal.go @@ -23,92 +23,80 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.config.v1.APIServer +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: apiVersion + - name: lastTransitionTime type: - scalar: string - - name: kind + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - - name: metadata + default: "" + - name: observedGeneration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: numeric + - name: reason type: - namedType: com.github.openshift.api.config.v1.APIServerSpec - default: {} + scalar: string + default: "" - name: status type: - namedType: com.github.openshift.api.config.v1.APIServerStatus - default: {} -- name: com.github.openshift.api.config.v1.APIServerEncryption - map: - fields: - - name: kms - type: - namedType: com.github.openshift.api.config.v1.KMSConfig + scalar: string + default: "" - name: type type: scalar: string - unions: - - discriminator: type - fields: - - fieldName: kms - discriminatorValue: KMS -- name: com.github.openshift.api.config.v1.APIServerNamedServingCert + default: "" +- name: ConfigMapKeySelector.v1.core.api.k8s.io map: fields: - - name: names + - name: key type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: servingCertificate + scalar: string + default: "" + - name: name type: - namedType: com.github.openshift.api.config.v1.SecretNameReference - default: {} -- name: com.github.openshift.api.config.v1.APIServerServingCerts + scalar: string + default: "" + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: string +- name: EnvVar.v1.core.api.k8s.io map: fields: - - name: namedCertificates + - name: name type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.APIServerNamedServingCert - elementRelationship: atomic -- name: com.github.openshift.api.config.v1.APIServerSpec + scalar: string + default: "" + - name: value + type: + scalar: string + - name: valueFrom + type: + namedType: EnvVarSource.v1.core.api.k8s.io +- name: EnvVarSource.v1.core.api.k8s.io map: fields: - - name: additionalCORSAllowedOrigins - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: audit + - name: configMapKeyRef type: - namedType: com.github.openshift.api.config.v1.Audit - default: {} - - name: clientCA + namedType: ConfigMapKeySelector.v1.core.api.k8s.io + - name: fieldRef type: - namedType: com.github.openshift.api.config.v1.ConfigMapNameReference - default: {} - - name: encryption + namedType: ObjectFieldSelector.v1.core.api.k8s.io + - name: fileKeyRef type: - namedType: com.github.openshift.api.config.v1.APIServerEncryption - default: {} - - name: servingCerts + namedType: FileKeySelector.v1.core.api.k8s.io + - name: resourceFieldRef type: - namedType: com.github.openshift.api.config.v1.APIServerServingCerts - default: {} - - name: tlsSecurityProfile + namedType: ResourceFieldSelector.v1.core.api.k8s.io + - name: secretKeyRef type: - namedType: com.github.openshift.api.config.v1.TLSSecurityProfile -- name: com.github.openshift.api.config.v1.APIServerStatus + namedType: SecretKeySelector.v1.core.api.k8s.io +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -120,178 +108,745 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.AWSDNSSpec +- name: FileKeySelector.v1.core.api.k8s.io map: fields: - - name: privateZoneIAMRole + - name: key type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.AWSIngressSpec - map: - fields: - - name: type + - name: optional type: - scalar: string - default: "" - unions: - - discriminator: type -- name: com.github.openshift.api.config.v1.AWSKMSConfig - map: - fields: - - name: keyARN + scalar: boolean + default: false + - name: path type: scalar: string default: "" - - name: region + - name: volumeName type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.AWSPlatformSpec + elementRelationship: atomic +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: serviceEndpoints + - name: matchExpressions type: list: elementType: - namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AWSPlatformStatus + - name: matchLabels + type: + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: cloudLoadBalancerConfig - type: - namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig - default: - dnsType: PlatformDefault - - name: ipFamily + - name: key type: scalar: string - default: IPv4 - - name: region + default: "" + - name: operator type: scalar: string default: "" - - name: resourceTags - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AWSResourceTag - elementRelationship: atomic - - name: serviceEndpoints + - name: values type: list: elementType: - namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + scalar: string elementRelationship: atomic -- name: com.github.openshift.api.config.v1.AWSResourceTag +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: value + - name: fieldsType type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.AWSServiceEndpoint - map: - fields: - - name: name + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: scalar: string - default: "" - - name: url + - name: operation type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1.AcceptRisk - map: - fields: - - name: name + - name: subresource type: scalar: string -- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ModifyVolumeStatus.v1.core.api.k8s.io map: fields: - - name: region + - name: status type: scalar: string default: "" - - name: resourceGroupID + - name: targetVolumeAttributesClassName type: scalar: string - - name: resourceTags - type: - list: - elementType: - namedType: com.github.openshift.api.config.v1.AlibabaCloudResourceTag - elementRelationship: associative - keys: - - key -- name: com.github.openshift.api.config.v1.AlibabaCloudResourceTag +- name: ObjectFieldSelector.v1.core.api.k8s.io map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: value + - name: fieldPath type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.Audit + elementRelationship: atomic +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: customRules + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: list: elementType: - namedType: com.github.openshift.api.config.v1.AuditCustomRule + scalar: string elementRelationship: associative - keys: - - group - - name: profile + - name: generateName type: scalar: string -- name: com.github.openshift.api.config.v1.AuditCustomRule - map: - fields: - - name: group + - name: generation type: - scalar: string - default: "" - - name: profile + scalar: numeric + - name: labels type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.Authentication - map: - fields: - - name: apiVersion + map: + elementType: + scalar: string + - name: managedFields type: - scalar: string - - name: kind + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name type: scalar: string - - name: metadata + - name: namespace type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: PersistentVolumeClaim.v1.core.api.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: PersistentVolumeClaimSpec.v1.core.api.k8s.io + default: {} + - name: status + type: + namedType: PersistentVolumeClaimStatus.v1.core.api.k8s.io + default: {} +- name: PersistentVolumeClaimCondition.v1.core.api.k8s.io + map: + fields: + - name: lastProbeTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message + type: + scalar: string + - name: reason + type: + scalar: string + - name: status + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: PersistentVolumeClaimSpec.v1.core.api.k8s.io + map: + fields: + - name: accessModes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: dataSource + type: + namedType: TypedLocalObjectReference.v1.core.api.k8s.io + - name: dataSourceRef + type: + namedType: TypedObjectReference.v1.core.api.k8s.io + - name: resources + type: + namedType: VolumeResourceRequirements.v1.core.api.k8s.io + default: {} + - name: selector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: storageClassName + type: + scalar: string + - name: volumeAttributesClassName + type: + scalar: string + - name: volumeMode + type: + scalar: string + - name: volumeName + type: + scalar: string +- name: PersistentVolumeClaimStatus.v1.core.api.k8s.io + map: + fields: + - name: accessModes + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: allocatedResourceStatuses + type: + map: + elementType: + scalar: string + elementRelationship: separable + - name: allocatedResources + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: capacity + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: conditions + type: + list: + elementType: + namedType: PersistentVolumeClaimCondition.v1.core.api.k8s.io + elementRelationship: associative + keys: + - type + - name: currentVolumeAttributesClassName + type: + scalar: string + - name: modifyVolumeStatus + type: + namedType: ModifyVolumeStatus.v1.core.api.k8s.io + - name: phase + type: + scalar: string +- name: Quantity.resource.api.pkg.apimachinery.k8s.io + scalar: string +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ResourceClaim.v1.core.api.k8s.io + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: request + type: + scalar: string +- name: ResourceFieldSelector.v1.core.api.k8s.io + map: + fields: + - name: containerName + type: + scalar: string + - name: divisor + type: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: resource + type: + scalar: string + default: "" + elementRelationship: atomic +- name: ResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: claims + type: + list: + elementType: + namedType: ResourceClaim.v1.core.api.k8s.io + elementRelationship: associative + keys: + - name + - name: limits + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: SecretKeySelector.v1.core.api.k8s.io + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: optional + type: + scalar: boolean + elementRelationship: atomic +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: Toleration.v1.core.api.k8s.io + map: + fields: + - name: effect + type: + scalar: string + - name: key + type: + scalar: string + - name: operator + type: + scalar: string + - name: tolerationSeconds + type: + scalar: numeric + - name: value + type: + scalar: string +- name: TopologySpreadConstraint.v1.core.api.k8s.io + map: + fields: + - name: labelSelector + type: + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io + - name: matchLabelKeys + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: maxSkew + type: + scalar: numeric + default: 0 + - name: minDomains + type: + scalar: numeric + - name: nodeAffinityPolicy + type: + scalar: string + - name: nodeTaintsPolicy + type: + scalar: string + - name: topologyKey + type: + scalar: string + default: "" + - name: whenUnsatisfiable + type: + scalar: string + default: "" +- name: TypedLocalObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiGroup + type: + scalar: string + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + elementRelationship: atomic +- name: TypedObjectReference.v1.core.api.k8s.io + map: + fields: + - name: apiGroup + type: + scalar: string + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: namespace + type: + scalar: string +- name: VolumeResourceRequirements.v1.core.api.k8s.io + map: + fields: + - name: limits + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io + - name: requests + type: + map: + elementType: + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.config.v1.APIServer + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1.APIServerSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1.APIServerStatus + default: {} +- name: com.github.openshift.api.config.v1.APIServerEncryption + map: + fields: + - name: kms + type: + namedType: com.github.openshift.api.config.v1.KMSConfig + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: kms + discriminatorValue: KMS +- name: com.github.openshift.api.config.v1.APIServerNamedServingCert + map: + fields: + - name: names + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: servingCertificate + type: + namedType: com.github.openshift.api.config.v1.SecretNameReference + default: {} +- name: com.github.openshift.api.config.v1.APIServerServingCerts + map: + fields: + - name: namedCertificates + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.APIServerNamedServingCert + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.APIServerSpec + map: + fields: + - name: additionalCORSAllowedOrigins + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: audit + type: + namedType: com.github.openshift.api.config.v1.Audit + default: {} + - name: clientCA + type: + namedType: com.github.openshift.api.config.v1.ConfigMapNameReference + default: {} + - name: encryption + type: + namedType: com.github.openshift.api.config.v1.APIServerEncryption + default: {} + - name: servingCerts + type: + namedType: com.github.openshift.api.config.v1.APIServerServingCerts + default: {} + - name: tlsAdherence + type: + scalar: string + - name: tlsSecurityProfile + type: + namedType: com.github.openshift.api.config.v1.TLSSecurityProfile +- name: com.github.openshift.api.config.v1.APIServerStatus + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.AWSDNSSpec + map: + fields: + - name: privateZoneIAMRole + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AWSIngressSpec + map: + fields: + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type +- name: com.github.openshift.api.config.v1.AWSPlatformSpec + map: + fields: + - name: serviceEndpoints + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AWSPlatformStatus + map: + fields: + - name: cloudLoadBalancerConfig + type: + namedType: com.github.openshift.api.config.v1.CloudLoadBalancerConfig + default: + dnsType: PlatformDefault + - name: ipFamily + type: + scalar: string + default: IPv4 + - name: region + type: + scalar: string + default: "" + - name: resourceTags + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AWSResourceTag + elementRelationship: atomic + - name: serviceEndpoints + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AWSServiceEndpoint + elementRelationship: atomic +- name: com.github.openshift.api.config.v1.AWSResourceTag + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: value + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AWSServiceEndpoint + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: url + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.AcceptRisk + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformSpec + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.AlibabaCloudPlatformStatus + map: + fields: + - name: region + type: + scalar: string + default: "" + - name: resourceGroupID + type: + scalar: string + - name: resourceTags + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AlibabaCloudResourceTag + elementRelationship: associative + keys: + - key +- name: com.github.openshift.api.config.v1.AlibabaCloudResourceTag + map: + fields: + - name: key + type: + scalar: string + default: "" + - name: value + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Audit + map: + fields: + - name: customRules + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1.AuditCustomRule + elementRelationship: associative + keys: + - group + - name: profile + type: + scalar: string +- name: com.github.openshift.api.config.v1.AuditCustomRule + map: + fields: + - name: group + type: + scalar: string + default: "" + - name: profile + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.Authentication + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: namedType: com.github.openshift.api.config.v1.AuthenticationSpec default: {} @@ -499,7 +1054,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -515,7 +1070,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.EnvVar + namedType: EnvVar.v1.core.api.k8s.io elementRelationship: atomic - name: gitProxy type: @@ -528,7 +1083,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: resources type: - namedType: io.k8s.api.core.v1.ResourceRequirements + namedType: ResourceRequirements.v1.core.api.k8s.io default: {} - name: com.github.openshift.api.config.v1.BuildOverrides map: @@ -551,7 +1106,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.config.v1.BuildSpec map: @@ -632,7 +1187,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -662,7 +1217,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -687,7 +1242,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -722,7 +1277,7 @@ var schemaYAML = typed.YAMLObject(`types: - type - name: extension type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: relatedObjects type: list: @@ -740,7 +1295,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -766,7 +1321,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -943,7 +1498,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -984,7 +1539,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1013,7 +1568,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1063,7 +1618,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1143,7 +1698,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1299,7 +1854,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1356,7 +1911,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1671,7 +2226,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1692,7 +2247,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1720,7 +2275,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1788,7 +2343,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1853,7 +2408,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -1920,7 +2475,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1978,7 +2533,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2046,7 +2601,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2127,7 +2682,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2155,18 +2710,19 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.config.v1.KMSConfig map: fields: - - name: aws - type: - namedType: com.github.openshift.api.config.v1.AWSKMSConfig - name: type type: scalar: string default: "" + - name: vault + type: + namedType: com.github.openshift.api.config.v1.VaultKMSConfig + default: {} unions: - discriminator: type fields: - - fieldName: aws - discriminatorValue: AWS + - fieldName: vault + discriminatorValue: Vault - name: com.github.openshift.api.config.v1.KeystoneIdentityProvider map: fields: @@ -2322,7 +2878,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2359,7 +2915,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.config.v1.NetworkDiagnosticsTargetPlacement map: @@ -2373,7 +2929,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.config.v1.NetworkMigration map: @@ -2429,7 +2985,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2456,7 +3012,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2486,7 +3042,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2621,7 +3177,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2730,7 +3286,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2971,7 +3527,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3335,7 +3891,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3386,7 +3942,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3569,7 +4125,7 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: namespaceSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: preloadPolicy type: scalar: string @@ -3584,7 +4140,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3756,7 +4312,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: accessTokenInactivityTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: accessTokenInactivityTimeoutSeconds type: scalar: numeric @@ -3826,6 +4382,9 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" + - name: mode + type: + scalar: string - name: version type: scalar: string @@ -3838,14 +4397,14 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: completionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: image type: scalar: string default: "" - name: startedTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: state type: scalar: string @@ -4119,6 +4678,76 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.config.v1.VaultAppRoleAuthentication + map: + fields: + - name: secret + type: + namedType: com.github.openshift.api.config.v1.VaultSecretReference + default: {} +- name: com.github.openshift.api.config.v1.VaultAuthentication + map: + fields: + - name: appRole + type: + namedType: com.github.openshift.api.config.v1.VaultAppRoleAuthentication + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: appRole + discriminatorValue: AppRole +- name: com.github.openshift.api.config.v1.VaultConfigMapReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultKMSConfig + map: + fields: + - name: authentication + type: + namedType: com.github.openshift.api.config.v1.VaultAuthentication + default: {} + - name: kmsPluginImage + type: + scalar: string + - name: tls + type: + namedType: com.github.openshift.api.config.v1.VaultTLSConfig + default: {} + - name: transitKey + type: + scalar: string + - name: transitMount + type: + scalar: string + - name: vaultAddress + type: + scalar: string + - name: vaultNamespace + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultSecretReference + map: + fields: + - name: name + type: + scalar: string +- name: com.github.openshift.api.config.v1.VaultTLSConfig + map: + fields: + - name: caBundle + type: + namedType: com.github.openshift.api.config.v1.VaultConfigMapReference + default: {} + - name: serverName + type: + scalar: string - name: com.github.openshift.api.config.v1.WebhookTokenAuthenticator map: fields: @@ -4126,6 +4755,35 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1.SecretNameReference default: {} +- name: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig + map: + fields: + - name: authorization + type: + namedType: com.github.openshift.api.config.v1alpha1.AuthorizationConfig + default: {} + - name: name + type: + scalar: string + - name: pathPrefix + type: + scalar: string + - name: scheme + type: + scalar: string + - name: staticConfigs + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: timeoutSeconds + type: + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} - name: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig map: fields: @@ -4165,26 +4823,41 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey - whenUnsatisfiable - name: volumeClaimTemplate type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaim + namedType: PersistentVolumeClaim.v1.core.api.k8s.io - name: com.github.openshift.api.config.v1alpha1.Audit map: fields: - name: profile type: scalar: string +- name: com.github.openshift.api.config.v1alpha1.AuthorizationConfig + map: + fields: + - name: bearerToken + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: type + type: + scalar: string + unions: + - discriminator: type + fields: + - fieldName: bearerToken + discriminatorValue: BearerToken - name: com.github.openshift.api.config.v1alpha1.Backup map: fields: @@ -4196,7 +4869,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4225,6 +4898,17 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.BasicAuth + map: + fields: + - name: password + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: username + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} - name: com.github.openshift.api.config.v1alpha1.CRIOCredentialProviderConfig map: fields: @@ -4236,7 +4920,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4261,20 +4945,10 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type -- name: com.github.openshift.api.config.v1alpha1.CategoryOverride - map: - fields: - - name: certificate - type: - namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig - default: {} - - name: name - type: - scalar: string - name: com.github.openshift.api.config.v1alpha1.CertificateConfig map: fields: @@ -4282,22 +4956,7 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1alpha1.KeyConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.CertificateOverride - map: - fields: - - name: category - type: - namedType: com.github.openshift.api.config.v1alpha1.CategoryOverride - default: {} - - name: type - type: - scalar: string - unions: - - discriminator: type - fields: - - fieldName: category - discriminatorValue: Category -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicy +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring map: fields: - name: apiVersion @@ -4308,75 +4967,58 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec + namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec default: {} - name: status type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus + namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicySpec +- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec map: fields: - - name: policy + - name: alertmanagerConfig type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy + namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig default: {} - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ClusterImagePolicyStatus - map: - fields: - - name: conditions + - name: metricsServerConfig type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoring - map: - fields: - - name: apiVersion + namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + default: {} + - name: monitoringPluginConfig type: - scalar: string - - name: kind + namedType: com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig + default: {} + - name: nodeExporterConfig type: - scalar: string - - name: metadata + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterConfig + default: {} + - name: openShiftStateMetricsConfig type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig default: {} - - name: spec + - name: prometheusConfig type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec + namedType: com.github.openshift.api.config.v1alpha1.PrometheusConfig default: {} - - name: status + - name: prometheusOperatorAdmissionWebhookConfig type: - namedType: com.github.openshift.api.config.v1alpha1.ClusterMonitoringStatus + namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.ClusterMonitoringSpec - map: - fields: - - name: alertmanagerConfig + - name: prometheusOperatorConfig type: - namedType: com.github.openshift.api.config.v1alpha1.AlertmanagerConfig + namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig default: {} - - name: metricsServerConfig + - name: telemeterClientConfig type: - namedType: com.github.openshift.api.config.v1alpha1.MetricsServerConfig + namedType: com.github.openshift.api.config.v1alpha1.TelemeterClientConfig default: {} - - name: prometheusOperatorConfig + - name: thanosQuerierConfig type: - namedType: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + namedType: com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig default: {} - name: userDefined type: @@ -4399,26 +5041,32 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: limit type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: name type: scalar: string - name: request type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity + namedType: Quantity.resource.api.pkg.apimachinery.k8s.io - name: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy map: fields: + - name: clientCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} - name: defaults type: namedType: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig default: {} - - name: overrides + - name: servingCertificates type: - list: - elementType: - namedType: com.github.openshift.api.config.v1alpha1.CertificateOverride - elementRelationship: atomic + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} + - name: signerCertificates + type: + namedType: com.github.openshift.api.config.v1alpha1.CertificateConfig + default: {} - name: com.github.openshift.api.config.v1alpha1.DefaultCertificateConfig map: fields: @@ -4426,6 +5074,12 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.config.v1alpha1.KeyConfig default: {} +- name: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.ECDSAKeyConfig map: fields: @@ -4466,97 +5120,15 @@ var schemaYAML = typed.YAMLObject(`types: - name: storage type: namedType: com.github.openshift.api.config.v1alpha1.Storage -- name: com.github.openshift.api.config.v1alpha1.ImagePolicy - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicySpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus - default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust - map: - fields: - - name: fulcioCAData - type: - scalar: string - - name: fulcioSubject - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject - default: {} - - name: rekorKeyData - type: - scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - map: - fields: - - name: caIntermediatesData - type: - scalar: string - - name: caRootsData - type: - scalar: string - - name: pkiCertificateSubject - type: - namedType: com.github.openshift.api.config.v1alpha1.PKICertificateSubject - default: {} -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust +- name: com.github.openshift.api.config.v1alpha1.HashModActionConfig map: fields: - - name: keyData + - name: modulus type: - scalar: string - - name: rekorKeyData + scalar: numeric + - name: targetLabel type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.ImagePolicySpec - map: - fields: - - name: policy - type: - namedType: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - default: {} - - name: scopes - type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.config.v1alpha1.ImagePolicyStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.config.v1alpha1.ImageSigstoreVerificationPolicy - map: - fields: - - name: rootOfTrust - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust - default: {} - - name: signedIdentity - type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyIdentity - default: {} - name: com.github.openshift.api.config.v1alpha1.InsightsDataGather map: fields: @@ -4568,7 +5140,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4597,6 +5169,12 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string - name: com.github.openshift.api.config.v1alpha1.KeyConfig map: fields: @@ -4618,6 +5196,43 @@ var schemaYAML = typed.YAMLObject(`types: discriminatorValue: ECDSA - fieldName: rsa discriminatorValue: RSA +- name: com.github.openshift.api.config.v1alpha1.Label + map: + fields: + - name: key + type: + scalar: string + - name: value + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig + map: + fields: + - name: replacement + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig + map: + fields: + - name: targetLabel + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.MetadataConfig + map: + fields: + - name: custom + type: + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom + default: {} + - name: sendPolicy + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.MetadataConfigCustom + map: + fields: + - name: sendIntervalSeconds + type: + scalar: numeric - name: com.github.openshift.api.config.v1alpha1.MetricsServerConfig map: fields: @@ -4642,13 +5257,13 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey @@ -4656,151 +5271,248 @@ var schemaYAML = typed.YAMLObject(`types: - name: verbosity type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.PKI +- name: com.github.openshift.api.config.v1alpha1.MonitoringPluginConfig map: fields: - - name: apiVersion + - name: nodeSelector type: - scalar: string - - name: kind + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints + type: + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig + map: + fields: + - name: collectionPolicy type: scalar: string - - name: metadata +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig + map: + fields: + - name: buddyInfo type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorBuddyInfoConfig default: {} - - name: spec + - name: cpuFreq type: - namedType: com.github.openshift.api.config.v1alpha1.PKISpec + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig default: {} -- name: com.github.openshift.api.config.v1alpha1.PKICertificateManagement - map: - fields: - - name: custom + - name: ethtool type: - namedType: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig default: {} - - name: mode + - name: ksmd + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig + default: {} + - name: mountStats + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig + default: {} + - name: netClass + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig + default: {} + - name: netDev + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig + default: {} + - name: processes + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig + default: {} + - name: systemd + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig + default: {} + - name: tcpStat + type: + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig + default: {} +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorCpufreqConfig + map: + fields: + - name: collectionPolicy type: scalar: string - unions: - - discriminator: mode - fields: - - fieldName: custom - discriminatorValue: Custom -- name: com.github.openshift.api.config.v1alpha1.PKICertificateSubject +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorEthtoolConfig map: fields: - - name: email + - name: collectionPolicy type: scalar: string - - name: hostname +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorKSMDConfig + map: + fields: + - name: collectionPolicy type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.PKISpec +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorMountStatsConfig map: fields: - - name: certificateManagement + - name: collectionPolicy type: - namedType: com.github.openshift.api.config.v1alpha1.PKICertificateManagement - default: {} -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + scalar: string +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig map: fields: - - name: name + - name: statsGatherer type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassConfig map: fields: - - name: claim + - name: collect type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetClassCollectConfig default: {} - - name: mountPath + - name: collectionPolicy type: scalar: string -- name: com.github.openshift.api.config.v1alpha1.PolicyFulcioSubject + unions: + - discriminator: collectionPolicy + fields: + - fieldName: collect + discriminatorValue: Collect +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorNetDevConfig map: fields: - - name: oidcIssuer + - name: collectionPolicy type: scalar: string - default: "" - - name: signedEmail +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorProcessesConfig + map: + fields: + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyIdentity +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig map: fields: - - name: exactRepository + - name: units type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository - - name: matchPolicy + list: + elementType: + scalar: string + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdConfig + map: + fields: + - name: collect type: - scalar: string - default: "" - - name: remapIdentity + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorSystemdCollectConfig + default: {} + - name: collectionPolicy type: - namedType: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity + scalar: string unions: - - discriminator: matchPolicy + - discriminator: collectionPolicy fields: - - fieldName: exactRepository - discriminatorValue: PolicyMatchExactRepository - - fieldName: remapIdentity - discriminatorValue: PolicyMatchRemapIdentity -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchExactRepository + - fieldName: collect + discriminatorValue: Collect +- name: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorTcpStatConfig map: fields: - - name: repository + - name: collectionPolicy type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyMatchRemapIdentity +- name: com.github.openshift.api.config.v1alpha1.NodeExporterConfig map: fields: - - name: prefix + - name: collectors type: - scalar: string - default: "" - - name: signedPrefix + namedType: com.github.openshift.api.config.v1alpha1.NodeExporterCollectorConfig + default: {} + - name: ignoredNetworkDevices type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha1.PolicyRootOfTrust + list: + elementType: + scalar: string + elementRelationship: associative + - name: maxProcs + type: + scalar: numeric + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations + type: + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic +- name: com.github.openshift.api.config.v1alpha1.OAuth2 map: fields: - - name: fulcioCAWithRekor + - name: clientId type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyFulcioCAWithRekorRootOfTrust - - name: pki + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: clientSecret type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPKIRootOfTrust - - name: policyType + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: endpointParams type: - scalar: string - default: "" - - name: publicKey + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam + elementRelationship: associative + keys: + - name + - name: scopes type: - namedType: com.github.openshift.api.config.v1alpha1.ImagePolicyPublicKeyRootOfTrust - unions: - - discriminator: policyType - fields: - - fieldName: fulcioCAWithRekor - discriminatorValue: FulcioCAWithRekor - - fieldName: pki - discriminatorValue: PKI - - fieldName: publicKey - discriminatorValue: PublicKey -- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig + list: + elementType: + scalar: string + elementRelationship: atomic + - name: tokenUrl + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.OAuth2EndpointParam map: fields: - - name: logLevel + - name: name type: scalar: string + - name: value + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha1.OpenShiftStateMetricsConfig + map: + fields: - name: nodeSelector type: map: @@ -4818,741 +5530,669 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.api.core.v1.TopologySpreadConstraint + namedType: TopologySpreadConstraint.v1.core.api.k8s.io elementRelationship: associative keys: - topologyKey - whenUnsatisfiable -- name: com.github.openshift.api.config.v1alpha1.RSAKeyConfig +- name: com.github.openshift.api.config.v1alpha1.PKI map: fields: - - name: keySize + - name: apiVersion type: - scalar: numeric -- name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig - map: - fields: - - name: maxNumberOfBackups + scalar: string + - name: kind type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1alpha1.RetentionPolicy + scalar: string + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha1.PKISpec + default: {} +- name: com.github.openshift.api.config.v1alpha1.PKICertificateManagement map: fields: - - name: retentionNumber - type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig - - name: retentionSize + - name: custom type: - namedType: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig - - name: retentionType + namedType: com.github.openshift.api.config.v1alpha1.CustomPKIPolicy + default: {} + - name: mode type: scalar: string - default: "" unions: - - discriminator: retentionType + - discriminator: mode fields: - - fieldName: retentionNumber - discriminatorValue: RetentionNumber - - fieldName: retentionSize - discriminatorValue: RetentionSize -- name: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig + - fieldName: custom + discriminatorValue: Custom +- name: com.github.openshift.api.config.v1alpha1.PKISpec map: fields: - - name: maxSizeOfBackupsGb + - name: certificateManagement type: - scalar: numeric - default: 0 -- name: com.github.openshift.api.config.v1alpha1.Storage + namedType: com.github.openshift.api.config.v1alpha1.PKICertificateManagement + default: {} +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference map: fields: - - name: persistentVolume - type: - namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig - - name: type + - name: name type: scalar: string default: "" -- name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring +- name: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig map: fields: - - name: mode + - name: claim + type: + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeClaimReference + default: {} + - name: mountPath type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.Custom +- name: com.github.openshift.api.config.v1alpha1.PrometheusConfig map: fields: - - name: configs + - name: additionalAlertmanagerConfigs type: list: elementType: - namedType: com.github.openshift.api.config.v1alpha2.GathererConfig + namedType: com.github.openshift.api.config.v1alpha1.AdditionalAlertmanagerConfig elementRelationship: associative keys: - name -- name: com.github.openshift.api.config.v1alpha2.GatherConfig - map: - fields: - - name: dataPolicy - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: gatherers - type: - namedType: com.github.openshift.api.config.v1alpha2.Gatherers - default: {} - - name: storage - type: - namedType: com.github.openshift.api.config.v1alpha2.Storage -- name: com.github.openshift.api.config.v1alpha2.GathererConfig - map: - fields: - - name: name + - name: collectionProfile type: scalar: string - default: "" - - name: state + - name: enforcedBodySizeLimitBytes type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.Gatherers - map: - fields: - - name: custom + scalar: numeric + - name: externalLabels type: - namedType: com.github.openshift.api.config.v1alpha2.Custom - - name: mode + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.Label + elementRelationship: associative + keys: + - key + - name: logLevel type: scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGather - map: - fields: - - name: apiVersion + - name: nodeSelector type: - scalar: string - - name: kind + map: + elementType: + scalar: string + - name: queryLogFile type: scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec + - name: remoteWrite type: - namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec - default: {} - - name: status + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec + elementRelationship: associative + keys: + - name + - name: resources type: - namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus - default: {} -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec - map: - fields: - - name: gatherConfig + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: retention type: - namedType: com.github.openshift.api.config.v1alpha2.GatherConfig + namedType: com.github.openshift.api.config.v1alpha1.Retention default: {} -- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference - map: - fields: - - name: name + - name: tolerations type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig - map: - fields: - - name: claim + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints type: - namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference - default: {} - - name: mountPath + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable + - name: volumeClaimTemplate type: - scalar: string -- name: com.github.openshift.api.config.v1alpha2.Storage + namedType: PersistentVolumeClaim.v1.core.api.k8s.io +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorAdmissionWebhookConfig map: fields: - - name: persistentVolume + - name: resources type: - namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig - - name: type + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: topologySpreadConstraints type: - scalar: string - default: "" -- name: io.k8s.api.core.v1.ConfigMapKeySelector + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusOperatorConfig map: fields: - - name: key + - name: logLevel type: scalar: string - default: "" - - name: name + - name: nodeSelector + type: + map: + elementType: + scalar: string + - name: resources + type: + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations type: - scalar: string - default: "" - - name: optional + list: + elementType: + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.EnvVar + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader map: fields: - name: name type: scalar: string - default: "" - name: value type: scalar: string - - name: valueFrom - type: - namedType: io.k8s.api.core.v1.EnvVarSource -- name: io.k8s.api.core.v1.EnvVarSource +- name: com.github.openshift.api.config.v1alpha1.QueueConfig map: fields: - - name: configMapKeyRef + - name: batchSendDeadlineSeconds type: - namedType: io.k8s.api.core.v1.ConfigMapKeySelector - - name: fieldRef - type: - namedType: io.k8s.api.core.v1.ObjectFieldSelector - - name: fileKeyRef - type: - namedType: io.k8s.api.core.v1.FileKeySelector - - name: resourceFieldRef - type: - namedType: io.k8s.api.core.v1.ResourceFieldSelector - - name: secretKeyRef + scalar: numeric + - name: capacity type: - namedType: io.k8s.api.core.v1.SecretKeySelector -- name: io.k8s.api.core.v1.FileKeySelector - map: - fields: - - name: key + scalar: numeric + - name: maxBackoffMilliseconds type: - scalar: string - default: "" - - name: optional + scalar: numeric + - name: maxSamplesPerSend type: - scalar: boolean - default: false - - name: path + scalar: numeric + - name: maxShards type: - scalar: string - default: "" - - name: volumeName + scalar: numeric + - name: minBackoffMilliseconds type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ModifyVolumeStatus - map: - fields: - - name: status + scalar: numeric + - name: minShards type: - scalar: string - default: "" - - name: targetVolumeAttributesClassName + scalar: numeric + - name: rateLimitedAction type: scalar: string -- name: io.k8s.api.core.v1.ObjectFieldSelector +- name: com.github.openshift.api.config.v1alpha1.RSAKeyConfig map: fields: - - name: apiVersion - type: - scalar: string - - name: fieldPath + - name: keySize type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.PersistentVolumeClaim + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RelabelActionConfig map: fields: - - name: apiVersion - type: - scalar: string - - name: kind + - name: dropEqual type: - scalar: string - - name: metadata + namedType: com.github.openshift.api.config.v1alpha1.DropEqualActionConfig + default: {} + - name: hashMod type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.config.v1alpha1.HashModActionConfig default: {} - - name: spec + - name: keepEqual type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimSpec + namedType: com.github.openshift.api.config.v1alpha1.KeepEqualActionConfig default: {} - - name: status + - name: labelMap type: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimStatus + namedType: com.github.openshift.api.config.v1alpha1.LabelMapActionConfig default: {} -- name: io.k8s.api.core.v1.PersistentVolumeClaimCondition - map: - fields: - - name: lastProbeTime + - name: lowercase type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: lastTransitionTime + namedType: com.github.openshift.api.config.v1alpha1.LowercaseActionConfig + default: {} + - name: replace type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + namedType: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig + default: {} + - name: type type: scalar: string - - name: reason + - name: uppercase + type: + namedType: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + default: {} + unions: + - discriminator: type + fields: + - fieldName: dropEqual + discriminatorValue: DropEqual + - fieldName: hashMod + discriminatorValue: HashMod + - fieldName: keepEqual + discriminatorValue: KeepEqual + - fieldName: labelMap + discriminatorValue: LabelMap + - fieldName: lowercase + discriminatorValue: Lowercase + - fieldName: replace + discriminatorValue: Replace + - fieldName: uppercase + discriminatorValue: Uppercase +- name: com.github.openshift.api.config.v1alpha1.RelabelConfig + map: + fields: + - name: action + type: + namedType: com.github.openshift.api.config.v1alpha1.RelabelActionConfig + default: {} + - name: name type: scalar: string - - name: status + - name: regex type: scalar: string - default: "" - - name: type + - name: separator type: scalar: string - default: "" -- name: io.k8s.api.core.v1.PersistentVolumeClaimSpec - map: - fields: - - name: accessModes + - name: sourceLabels type: list: elementType: scalar: string - elementRelationship: atomic - - name: dataSource - type: - namedType: io.k8s.api.core.v1.TypedLocalObjectReference - - name: dataSourceRef - type: - namedType: io.k8s.api.core.v1.TypedObjectReference - - name: resources + elementRelationship: associative +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + map: + fields: + - name: basicAuth type: - namedType: io.k8s.api.core.v1.VolumeResourceRequirements + namedType: com.github.openshift.api.config.v1alpha1.BasicAuth default: {} - - name: selector + - name: bearerToken type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: storageClassName + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: oauth2 type: - scalar: string - - name: volumeAttributesClassName + namedType: com.github.openshift.api.config.v1alpha1.OAuth2 + default: {} + - name: safeAuthorization type: - scalar: string - - name: volumeMode + namedType: SecretKeySelector.v1.core.api.k8s.io + - name: sigv4 type: - scalar: string - - name: volumeName + namedType: com.github.openshift.api.config.v1alpha1.Sigv4 + default: {} + - name: type type: scalar: string -- name: io.k8s.api.core.v1.PersistentVolumeClaimStatus + unions: + - discriminator: type + fields: + - fieldName: basicAuth + discriminatorValue: BasicAuth + - fieldName: bearerToken + discriminatorValue: BearerToken + - fieldName: oauth2 + discriminatorValue: OAuth2 + - fieldName: safeAuthorization + discriminatorValue: SafeAuthorization + - fieldName: sigv4 + discriminatorValue: Sigv4 +- name: com.github.openshift.api.config.v1alpha1.RemoteWriteSpec map: fields: - - name: accessModes + - name: authorization type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: allocatedResourceStatuses - type: - map: - elementType: - scalar: string - elementRelationship: separable - - name: allocatedResources - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: capacity + namedType: com.github.openshift.api.config.v1alpha1.RemoteWriteAuthorization + default: {} + - name: exemplarsMode type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: conditions + scalar: string + - name: headers type: list: elementType: - namedType: io.k8s.api.core.v1.PersistentVolumeClaimCondition + namedType: com.github.openshift.api.config.v1alpha1.PrometheusRemoteWriteHeader elementRelationship: associative keys: - - type - - name: currentVolumeAttributesClassName - type: - scalar: string - - name: modifyVolumeStatus - type: - namedType: io.k8s.api.core.v1.ModifyVolumeStatus - - name: phase + - name + - name: metadataConfig type: - scalar: string -- name: io.k8s.api.core.v1.ResourceClaim - map: - fields: + namedType: com.github.openshift.api.config.v1alpha1.MetadataConfig + default: {} - name: name type: scalar: string - default: "" - - name: request + - name: proxyUrl type: scalar: string -- name: io.k8s.api.core.v1.ResourceFieldSelector - map: - fields: - - name: containerName + - name: queueConfig type: - scalar: string - - name: divisor + namedType: com.github.openshift.api.config.v1alpha1.QueueConfig + default: {} + - name: remoteTimeoutSeconds type: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: resource + scalar: numeric + - name: tlsConfig + type: + namedType: com.github.openshift.api.config.v1alpha1.TLSConfig + default: {} + - name: url type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.ResourceRequirements - map: - fields: - - name: claims + - name: writeRelabelConfigs type: list: elementType: - namedType: io.k8s.api.core.v1.ResourceClaim + namedType: com.github.openshift.api.config.v1alpha1.RelabelConfig elementRelationship: associative keys: - name - - name: limits - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.api.core.v1.SecretKeySelector +- name: com.github.openshift.api.config.v1alpha1.ReplaceActionConfig map: fields: - - name: key + - name: replacement type: scalar: string - default: "" - - name: name + - name: targetLabel type: scalar: string - default: "" - - name: optional - type: - scalar: boolean - elementRelationship: atomic -- name: io.k8s.api.core.v1.Toleration +- name: com.github.openshift.api.config.v1alpha1.Retention map: fields: - - name: effect - type: - scalar: string - - name: key - type: - scalar: string - - name: operator - type: - scalar: string - - name: tolerationSeconds + - name: durationInDays type: scalar: numeric - - name: value + - name: sizeInGiB type: - scalar: string -- name: io.k8s.api.core.v1.TopologySpreadConstraint + scalar: numeric +- name: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig map: fields: - - name: labelSelector - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector - - name: matchLabelKeys - type: - list: - elementType: - scalar: string - elementRelationship: atomic - - name: maxSkew + - name: maxNumberOfBackups type: scalar: numeric default: 0 - - name: minDomains - type: - scalar: numeric - - name: nodeAffinityPolicy - type: - scalar: string - - name: nodeTaintsPolicy +- name: com.github.openshift.api.config.v1alpha1.RetentionPolicy + map: + fields: + - name: retentionNumber type: - scalar: string - - name: topologyKey + namedType: com.github.openshift.api.config.v1alpha1.RetentionNumberConfig + - name: retentionSize type: - scalar: string - default: "" - - name: whenUnsatisfiable + namedType: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig + - name: retentionType type: scalar: string default: "" -- name: io.k8s.api.core.v1.TypedLocalObjectReference + unions: + - discriminator: retentionType + fields: + - fieldName: retentionNumber + discriminatorValue: RetentionNumber + - fieldName: retentionSize + discriminatorValue: RetentionSize +- name: com.github.openshift.api.config.v1alpha1.RetentionSizeConfig map: fields: - - name: apiGroup + - name: maxSizeOfBackupsGb type: - scalar: string - - name: kind + scalar: numeric + default: 0 +- name: com.github.openshift.api.config.v1alpha1.SecretKeySelector + map: + fields: + - name: key type: scalar: string - default: "" - name: name type: scalar: string - default: "" elementRelationship: atomic -- name: io.k8s.api.core.v1.TypedObjectReference +- name: com.github.openshift.api.config.v1alpha1.Sigv4 map: fields: - - name: apiGroup + - name: accessKey type: - scalar: string - - name: kind + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: profile type: scalar: string - default: "" - - name: name + - name: region type: scalar: string - default: "" - - name: namespace + - name: roleArn type: scalar: string -- name: io.k8s.api.core.v1.VolumeResourceRequirements - map: - fields: - - name: limits - type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity - - name: requests + - name: secretKey type: - map: - elementType: - namedType: io.k8s.apimachinery.pkg.api.resource.Quantity -- name: io.k8s.apimachinery.pkg.api.resource.Quantity - scalar: untyped -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} +- name: com.github.openshift.api.config.v1alpha1.Storage map: fields: - - name: lastTransitionTime + - name: persistentVolume type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + namedType: com.github.openshift.api.config.v1alpha1.PersistentVolumeConfig + - name: type type: scalar: string default: "" - - name: observedGeneration +- name: com.github.openshift.api.config.v1alpha1.TLSConfig + map: + fields: + - name: ca type: - scalar: numeric - - name: reason + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: cert type: - scalar: string - default: "" - - name: status + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: certificateVerification type: scalar: string - default: "" - - name: type + - name: key + type: + namedType: com.github.openshift.api.config.v1alpha1.SecretKeySelector + default: {} + - name: serverName type: scalar: string - default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector +- name: com.github.openshift.api.config.v1alpha1.TelemeterClientConfig map: fields: - - name: matchExpressions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels + - name: nodeSelector type: map: elementType: scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - map: - fields: - - name: key - type: - scalar: string - default: "" - - name: operator + - name: resources type: - scalar: string - default: "" - - name: values + list: + elementType: + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource + elementRelationship: associative + keys: + - name + - name: tolerations type: list: elementType: - scalar: string + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time + - name: topologySpreadConstraints type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + list: + elementType: + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.ThanosQuerierConfig map: fields: - - name: annotations + - name: nodeSelector type: map: elementType: scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + - name: resources type: list: elementType: - scalar: string + namedType: com.github.openshift.api.config.v1alpha1.ContainerResource elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels + keys: + - name + - name: tolerations type: - map: + list: elementType: - scalar: string - - name: managedFields + namedType: Toleration.v1.core.api.k8s.io + elementRelationship: atomic + - name: topologySpreadConstraints type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name + namedType: TopologySpreadConstraint.v1.core.api.k8s.io + elementRelationship: associative + keys: + - topologyKey + - whenUnsatisfiable +- name: com.github.openshift.api.config.v1alpha1.UppercaseActionConfig + map: + fields: + - name: targetLabel type: scalar: string - - name: namespace +- name: com.github.openshift.api.config.v1alpha1.UserDefinedMonitoring + map: + fields: + - name: mode type: scalar: string - - name: ownerReferences + default: "" +- name: com.github.openshift.api.config.v1alpha2.Custom + map: + fields: + - name: configs type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.config.v1alpha2.GathererConfig elementRelationship: associative keys: - - uid - - name: resourceVersion + - name +- name: com.github.openshift.api.config.v1alpha2.GatherConfig + map: + fields: + - name: dataPolicy type: - scalar: string - - name: selfLink + list: + elementType: + scalar: string + elementRelationship: atomic + - name: gatherers type: - scalar: string - - name: uid + namedType: com.github.openshift.api.config.v1alpha2.Gatherers + default: {} + - name: storage type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.config.v1alpha2.Storage +- name: com.github.openshift.api.config.v1alpha2.GathererConfig map: fields: - - name: apiVersion + - name: name type: scalar: string default: "" - - name: blockOwnerDeletion + - name: state type: - scalar: boolean - - name: controller + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.Gatherers + map: + fields: + - name: custom type: - scalar: boolean - - name: kind + namedType: com.github.openshift.api.config.v1alpha2.Custom + - name: mode type: scalar: string default: "" - - name: name +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGather + map: + fields: + - name: apiVersion type: scalar: string - default: "" - - name: uid + - name: kind type: scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus + default: {} +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherSpec + map: + fields: + - name: gatherConfig + type: + namedType: com.github.openshift.api.config.v1alpha2.GatherConfig + default: {} +- name: com.github.openshift.api.config.v1alpha2.InsightsDataGatherStatus map: elementType: scalar: untyped @@ -5564,6 +6204,33 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable +- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig + map: + fields: + - name: claim + type: + namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeClaimReference + default: {} + - name: mountPath + type: + scalar: string +- name: com.github.openshift.api.config.v1alpha2.Storage + map: + fields: + - name: persistentVolume + type: + namedType: com.github.openshift.api.config.v1alpha2.PersistentVolumeConfig + - name: type + type: + scalar: string + default: "" - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go b/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go new file mode 100644 index 0000000000..bbec377c36 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/applyconfigurations/utils.go @@ -0,0 +1,676 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package applyconfigurations + +import ( + v1 "github.com/openshift/api/config/v1" + v1alpha1 "github.com/openshift/api/config/v1alpha1" + v1alpha2 "github.com/openshift/api/config/v1alpha2" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + configv1alpha2 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha2" + internal "github.com/openshift/client-go/config/applyconfigurations/internal" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" +) + +// ForKind returns an apply configuration type for the given GroupVersionKind, or nil if no +// apply configuration type exists for the given GroupVersionKind. +func ForKind(kind schema.GroupVersionKind) interface{} { + switch kind { + // Group=config.openshift.io, Version=v1 + case v1.SchemeGroupVersion.WithKind("AcceptRisk"): + return &configv1.AcceptRiskApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AlibabaCloudPlatformStatus"): + return &configv1.AlibabaCloudPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AlibabaCloudResourceTag"): + return &configv1.AlibabaCloudResourceTagApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("APIServer"): + return &configv1.APIServerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("APIServerEncryption"): + return &configv1.APIServerEncryptionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("APIServerNamedServingCert"): + return &configv1.APIServerNamedServingCertApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("APIServerServingCerts"): + return &configv1.APIServerServingCertsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("APIServerSpec"): + return &configv1.APIServerSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Audit"): + return &configv1.AuditApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AuditCustomRule"): + return &configv1.AuditCustomRuleApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Authentication"): + return &configv1.AuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AuthenticationSpec"): + return &configv1.AuthenticationSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AuthenticationStatus"): + return &configv1.AuthenticationStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AWSDNSSpec"): + return &configv1.AWSDNSSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AWSIngressSpec"): + return &configv1.AWSIngressSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AWSPlatformSpec"): + return &configv1.AWSPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AWSPlatformStatus"): + return &configv1.AWSPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AWSResourceTag"): + return &configv1.AWSResourceTagApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AWSServiceEndpoint"): + return &configv1.AWSServiceEndpointApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AzurePlatformStatus"): + return &configv1.AzurePlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("AzureResourceTag"): + return &configv1.AzureResourceTagApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BareMetalPlatformLoadBalancer"): + return &configv1.BareMetalPlatformLoadBalancerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BareMetalPlatformSpec"): + return &configv1.BareMetalPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BareMetalPlatformStatus"): + return &configv1.BareMetalPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BasicAuthIdentityProvider"): + return &configv1.BasicAuthIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Build"): + return &configv1.BuildApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BuildDefaults"): + return &configv1.BuildDefaultsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BuildOverrides"): + return &configv1.BuildOverridesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("BuildSpec"): + return &configv1.BuildSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CloudControllerManagerStatus"): + return &configv1.CloudControllerManagerStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CloudLoadBalancerConfig"): + return &configv1.CloudLoadBalancerConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CloudLoadBalancerIPs"): + return &configv1.CloudLoadBalancerIPsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterCondition"): + return &configv1.ClusterConditionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterImagePolicy"): + return &configv1.ClusterImagePolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterImagePolicySpec"): + return &configv1.ClusterImagePolicySpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterImagePolicyStatus"): + return &configv1.ClusterImagePolicyStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterNetworkEntry"): + return &configv1.ClusterNetworkEntryApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterOperator"): + return &configv1.ClusterOperatorApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterOperatorStatus"): + return &configv1.ClusterOperatorStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterOperatorStatusCondition"): + return &configv1.ClusterOperatorStatusConditionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterVersion"): + return &configv1.ClusterVersionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterVersionCapabilitiesSpec"): + return &configv1.ClusterVersionCapabilitiesSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterVersionCapabilitiesStatus"): + return &configv1.ClusterVersionCapabilitiesStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterVersionSpec"): + return &configv1.ClusterVersionSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ClusterVersionStatus"): + return &configv1.ClusterVersionStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ComponentOverride"): + return &configv1.ComponentOverrideApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ComponentRouteSpec"): + return &configv1.ComponentRouteSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ComponentRouteStatus"): + return &configv1.ComponentRouteStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConditionalUpdate"): + return &configv1.ConditionalUpdateApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConditionalUpdateRisk"): + return &configv1.ConditionalUpdateRiskApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConfigMapFileReference"): + return &configv1.ConfigMapFileReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConfigMapNameReference"): + return &configv1.ConfigMapNameReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Console"): + return &configv1.ConsoleApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConsoleAuthentication"): + return &configv1.ConsoleAuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConsoleSpec"): + return &configv1.ConsoleSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ConsoleStatus"): + return &configv1.ConsoleStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Custom"): + return &configv1.CustomApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CustomFeatureGates"): + return &configv1.CustomFeatureGatesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("CustomTLSProfile"): + return &configv1.CustomTLSProfileApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("DeprecatedWebhookTokenAuthenticator"): + return &configv1.DeprecatedWebhookTokenAuthenticatorApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("DNS"): + return &configv1.DNSApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("DNSPlatformSpec"): + return &configv1.DNSPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("DNSSpec"): + return &configv1.DNSSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("DNSZone"): + return &configv1.DNSZoneApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("EquinixMetalPlatformStatus"): + return &configv1.EquinixMetalPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalIPConfig"): + return &configv1.ExternalIPConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalIPPolicy"): + return &configv1.ExternalIPPolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalPlatformSpec"): + return &configv1.ExternalPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExternalPlatformStatus"): + return &configv1.ExternalPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ExtraMapping"): + return &configv1.ExtraMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("FeatureGate"): + return &configv1.FeatureGateApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("FeatureGateAttributes"): + return &configv1.FeatureGateAttributesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("FeatureGateDetails"): + return &configv1.FeatureGateDetailsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("FeatureGateSelection"): + return &configv1.FeatureGateSelectionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("FeatureGateSpec"): + return &configv1.FeatureGateSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("FeatureGateStatus"): + return &configv1.FeatureGateStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GatherConfig"): + return &configv1.GatherConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GathererConfig"): + return &configv1.GathererConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Gatherers"): + return &configv1.GatherersApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GCPPlatformStatus"): + return &configv1.GCPPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GCPResourceLabel"): + return &configv1.GCPResourceLabelApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GCPResourceTag"): + return &configv1.GCPResourceTagApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GitHubIdentityProvider"): + return &configv1.GitHubIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GitLabIdentityProvider"): + return &configv1.GitLabIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("GoogleIdentityProvider"): + return &configv1.GoogleIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("HTPasswdIdentityProvider"): + return &configv1.HTPasswdIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("HubSource"): + return &configv1.HubSourceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("HubSourceStatus"): + return &configv1.HubSourceStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IBMCloudPlatformSpec"): + return &configv1.IBMCloudPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IBMCloudPlatformStatus"): + return &configv1.IBMCloudPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IBMCloudServiceEndpoint"): + return &configv1.IBMCloudServiceEndpointApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IdentityProvider"): + return &configv1.IdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IdentityProviderConfig"): + return &configv1.IdentityProviderConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Image"): + return &configv1.ImageApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageContentPolicy"): + return &configv1.ImageContentPolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageContentPolicySpec"): + return &configv1.ImageContentPolicySpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageDigestMirrors"): + return &configv1.ImageDigestMirrorsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageDigestMirrorSet"): + return &configv1.ImageDigestMirrorSetApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageDigestMirrorSetSpec"): + return &configv1.ImageDigestMirrorSetSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageLabel"): + return &configv1.ImageLabelApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImagePolicy"): + return &configv1.ImagePolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImagePolicyFulcioCAWithRekorRootOfTrust"): + return &configv1.ImagePolicyFulcioCAWithRekorRootOfTrustApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImagePolicyPKIRootOfTrust"): + return &configv1.ImagePolicyPKIRootOfTrustApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImagePolicyPublicKeyRootOfTrust"): + return &configv1.ImagePolicyPublicKeyRootOfTrustApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImagePolicySpec"): + return &configv1.ImagePolicySpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImagePolicyStatus"): + return &configv1.ImagePolicyStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageSigstoreVerificationPolicy"): + return &configv1.ImageSigstoreVerificationPolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageSpec"): + return &configv1.ImageSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageStatus"): + return &configv1.ImageStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageTagMirrors"): + return &configv1.ImageTagMirrorsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageTagMirrorSet"): + return &configv1.ImageTagMirrorSetApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ImageTagMirrorSetSpec"): + return &configv1.ImageTagMirrorSetSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Infrastructure"): + return &configv1.InfrastructureApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("InfrastructureSpec"): + return &configv1.InfrastructureSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("InfrastructureStatus"): + return &configv1.InfrastructureStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Ingress"): + return &configv1.IngressApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IngressPlatformSpec"): + return &configv1.IngressPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IngressSpec"): + return &configv1.IngressSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("IngressStatus"): + return &configv1.IngressStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("InsightsDataGather"): + return &configv1.InsightsDataGatherApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("InsightsDataGatherSpec"): + return &configv1.InsightsDataGatherSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("KeystoneIdentityProvider"): + return &configv1.KeystoneIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("KMSConfig"): + return &configv1.KMSConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("KubevirtPlatformStatus"): + return &configv1.KubevirtPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("LDAPAttributeMapping"): + return &configv1.LDAPAttributeMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("LDAPIdentityProvider"): + return &configv1.LDAPIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("LoadBalancer"): + return &configv1.LoadBalancerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MaxAgePolicy"): + return &configv1.MaxAgePolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MTUMigration"): + return &configv1.MTUMigrationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("MTUMigrationValues"): + return &configv1.MTUMigrationValuesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Network"): + return &configv1.NetworkApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkDiagnostics"): + return &configv1.NetworkDiagnosticsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkDiagnosticsSourcePlacement"): + return &configv1.NetworkDiagnosticsSourcePlacementApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkDiagnosticsTargetPlacement"): + return &configv1.NetworkDiagnosticsTargetPlacementApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkMigration"): + return &configv1.NetworkMigrationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkSpec"): + return &configv1.NetworkSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NetworkStatus"): + return &configv1.NetworkStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Node"): + return &configv1.NodeApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NodeSpec"): + return &configv1.NodeSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NodeStatus"): + return &configv1.NodeStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixFailureDomain"): + return &configv1.NutanixFailureDomainApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixPlatformLoadBalancer"): + return &configv1.NutanixPlatformLoadBalancerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixPlatformSpec"): + return &configv1.NutanixPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixPlatformStatus"): + return &configv1.NutanixPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixPrismElementEndpoint"): + return &configv1.NutanixPrismElementEndpointApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixPrismEndpoint"): + return &configv1.NutanixPrismEndpointApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("NutanixResourceIdentifier"): + return &configv1.NutanixResourceIdentifierApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OAuth"): + return &configv1.OAuthApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OAuthRemoteConnectionInfo"): + return &configv1.OAuthRemoteConnectionInfoApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OAuthSpec"): + return &configv1.OAuthSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OAuthTemplates"): + return &configv1.OAuthTemplatesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ObjectReference"): + return &configv1.ObjectReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OIDCClientConfig"): + return &configv1.OIDCClientConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OIDCClientReference"): + return &configv1.OIDCClientReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OIDCClientStatus"): + return &configv1.OIDCClientStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OIDCProvider"): + return &configv1.OIDCProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OpenIDClaims"): + return &configv1.OpenIDClaimsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OpenIDIdentityProvider"): + return &configv1.OpenIDIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OpenStackPlatformLoadBalancer"): + return &configv1.OpenStackPlatformLoadBalancerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OpenStackPlatformSpec"): + return &configv1.OpenStackPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OpenStackPlatformStatus"): + return &configv1.OpenStackPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OperandVersion"): + return &configv1.OperandVersionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OperatorHub"): + return &configv1.OperatorHubApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OperatorHubSpec"): + return &configv1.OperatorHubSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OperatorHubStatus"): + return &configv1.OperatorHubStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OvirtPlatformLoadBalancer"): + return &configv1.OvirtPlatformLoadBalancerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("OvirtPlatformStatus"): + return &configv1.OvirtPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PersistentVolumeClaimReference"): + return &configv1.PersistentVolumeClaimReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PersistentVolumeConfig"): + return &configv1.PersistentVolumeConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PKICertificateSubject"): + return &configv1.PKICertificateSubjectApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PlatformSpec"): + return &configv1.PlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PlatformStatus"): + return &configv1.PlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PolicyFulcioSubject"): + return &configv1.PolicyFulcioSubjectApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PolicyIdentity"): + return &configv1.PolicyIdentityApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PolicyMatchExactRepository"): + return &configv1.PolicyMatchExactRepositoryApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PolicyMatchRemapIdentity"): + return &configv1.PolicyMatchRemapIdentityApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PolicyRootOfTrust"): + return &configv1.PolicyRootOfTrustApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PowerVSPlatformSpec"): + return &configv1.PowerVSPlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PowerVSPlatformStatus"): + return &configv1.PowerVSPlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PowerVSServiceEndpoint"): + return &configv1.PowerVSServiceEndpointApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PrefixedClaimMapping"): + return &configv1.PrefixedClaimMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ProfileCustomizations"): + return &configv1.ProfileCustomizationsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Project"): + return &configv1.ProjectApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ProjectSpec"): + return &configv1.ProjectSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("PromQLClusterCondition"): + return &configv1.PromQLClusterConditionApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Proxy"): + return &configv1.ProxyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ProxySpec"): + return &configv1.ProxySpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("ProxyStatus"): + return &configv1.ProxyStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("RegistryLocation"): + return &configv1.RegistryLocationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("RegistrySources"): + return &configv1.RegistrySourcesApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Release"): + return &configv1.ReleaseApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("RepositoryDigestMirrors"): + return &configv1.RepositoryDigestMirrorsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("RequestHeaderIdentityProvider"): + return &configv1.RequestHeaderIdentityProviderApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("RequiredHSTSPolicy"): + return &configv1.RequiredHSTSPolicyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Scheduler"): + return &configv1.SchedulerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SchedulerSpec"): + return &configv1.SchedulerSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SecretNameReference"): + return &configv1.SecretNameReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("SignatureStore"): + return &configv1.SignatureStoreApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Storage"): + return &configv1.StorageApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TemplateReference"): + return &configv1.TemplateReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TLSProfileSpec"): + return &configv1.TLSProfileSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TLSSecurityProfile"): + return &configv1.TLSSecurityProfileApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenClaimMapping"): + return &configv1.TokenClaimMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenClaimMappings"): + return &configv1.TokenClaimMappingsApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenClaimOrExpressionMapping"): + return &configv1.TokenClaimOrExpressionMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenClaimValidationCELRule"): + return &configv1.TokenClaimValidationCELRuleApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenClaimValidationRule"): + return &configv1.TokenClaimValidationRuleApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenConfig"): + return &configv1.TokenConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenIssuer"): + return &configv1.TokenIssuerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenRequiredClaim"): + return &configv1.TokenRequiredClaimApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("TokenUserValidationRule"): + return &configv1.TokenUserValidationRuleApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("Update"): + return &configv1.UpdateApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("UpdateHistory"): + return &configv1.UpdateHistoryApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("UsernameClaimMapping"): + return &configv1.UsernameClaimMappingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("UsernamePrefix"): + return &configv1.UsernamePrefixApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultAppRoleAuthentication"): + return &configv1.VaultAppRoleAuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultAuthentication"): + return &configv1.VaultAuthenticationApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultConfigMapReference"): + return &configv1.VaultConfigMapReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultKMSConfig"): + return &configv1.VaultKMSConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultSecretReference"): + return &configv1.VaultSecretReferenceApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VaultTLSConfig"): + return &configv1.VaultTLSConfigApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSphereFailureDomainHostGroup"): + return &configv1.VSphereFailureDomainHostGroupApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSphereFailureDomainRegionAffinity"): + return &configv1.VSphereFailureDomainRegionAffinityApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSphereFailureDomainZoneAffinity"): + return &configv1.VSphereFailureDomainZoneAffinityApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformFailureDomainSpec"): + return &configv1.VSpherePlatformFailureDomainSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformLoadBalancer"): + return &configv1.VSpherePlatformLoadBalancerApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformNodeNetworking"): + return &configv1.VSpherePlatformNodeNetworkingApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformNodeNetworkingSpec"): + return &configv1.VSpherePlatformNodeNetworkingSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformSpec"): + return &configv1.VSpherePlatformSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformStatus"): + return &configv1.VSpherePlatformStatusApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformTopology"): + return &configv1.VSpherePlatformTopologyApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("VSpherePlatformVCenterSpec"): + return &configv1.VSpherePlatformVCenterSpecApplyConfiguration{} + case v1.SchemeGroupVersion.WithKind("WebhookTokenAuthenticator"): + return &configv1.WebhookTokenAuthenticatorApplyConfiguration{} + + // Group=config.openshift.io, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithKind("AdditionalAlertmanagerConfig"): + return &configv1alpha1.AdditionalAlertmanagerConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("AlertmanagerConfig"): + return &configv1alpha1.AlertmanagerConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("AlertmanagerCustomConfig"): + return &configv1alpha1.AlertmanagerCustomConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Audit"): + return &configv1alpha1.AuditApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("AuthorizationConfig"): + return &configv1alpha1.AuthorizationConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Backup"): + return &configv1alpha1.BackupApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("BackupSpec"): + return &configv1alpha1.BackupSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("BasicAuth"): + return &configv1alpha1.BasicAuthApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CertificateConfig"): + return &configv1alpha1.CertificateConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoring"): + return &configv1alpha1.ClusterMonitoringApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoringSpec"): + return &configv1alpha1.ClusterMonitoringSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ContainerResource"): + return &configv1alpha1.ContainerResourceApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfig"): + return &configv1alpha1.CRIOCredentialProviderConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfigSpec"): + return &configv1alpha1.CRIOCredentialProviderConfigSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfigStatus"): + return &configv1alpha1.CRIOCredentialProviderConfigStatusApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("CustomPKIPolicy"): + return &configv1alpha1.CustomPKIPolicyApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("DefaultCertificateConfig"): + return &configv1alpha1.DefaultCertificateConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("DropEqualActionConfig"): + return &configv1alpha1.DropEqualActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ECDSAKeyConfig"): + return &configv1alpha1.ECDSAKeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("EtcdBackupSpec"): + return &configv1alpha1.EtcdBackupSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("GatherConfig"): + return &configv1alpha1.GatherConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("HashModActionConfig"): + return &configv1alpha1.HashModActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGather"): + return &configv1alpha1.InsightsDataGatherApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGatherSpec"): + return &configv1alpha1.InsightsDataGatherSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KeepEqualActionConfig"): + return &configv1alpha1.KeepEqualActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("KeyConfig"): + return &configv1alpha1.KeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Label"): + return &configv1alpha1.LabelApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("LabelMapActionConfig"): + return &configv1alpha1.LabelMapActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("LowercaseActionConfig"): + return &configv1alpha1.LowercaseActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetadataConfig"): + return &configv1alpha1.MetadataConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetadataConfigCustom"): + return &configv1alpha1.MetadataConfigCustomApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MetricsServerConfig"): + return &configv1alpha1.MetricsServerConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("MonitoringPluginConfig"): + return &configv1alpha1.MonitoringPluginConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorBuddyInfoConfig"): + return &configv1alpha1.NodeExporterCollectorBuddyInfoConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorConfig"): + return &configv1alpha1.NodeExporterCollectorConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorCpufreqConfig"): + return &configv1alpha1.NodeExporterCollectorCpufreqConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorEthtoolConfig"): + return &configv1alpha1.NodeExporterCollectorEthtoolConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorKSMDConfig"): + return &configv1alpha1.NodeExporterCollectorKSMDConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorMountStatsConfig"): + return &configv1alpha1.NodeExporterCollectorMountStatsConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorNetClassCollectConfig"): + return &configv1alpha1.NodeExporterCollectorNetClassCollectConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorNetClassConfig"): + return &configv1alpha1.NodeExporterCollectorNetClassConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorNetDevConfig"): + return &configv1alpha1.NodeExporterCollectorNetDevConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorProcessesConfig"): + return &configv1alpha1.NodeExporterCollectorProcessesConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorSystemdCollectConfig"): + return &configv1alpha1.NodeExporterCollectorSystemdCollectConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorSystemdConfig"): + return &configv1alpha1.NodeExporterCollectorSystemdConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterCollectorTcpStatConfig"): + return &configv1alpha1.NodeExporterCollectorTcpStatConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("NodeExporterConfig"): + return &configv1alpha1.NodeExporterConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OAuth2"): + return &configv1alpha1.OAuth2ApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OAuth2EndpointParam"): + return &configv1alpha1.OAuth2EndpointParamApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("OpenShiftStateMetricsConfig"): + return &configv1alpha1.OpenShiftStateMetricsConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PersistentVolumeClaimReference"): + return &configv1alpha1.PersistentVolumeClaimReferenceApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PersistentVolumeConfig"): + return &configv1alpha1.PersistentVolumeConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKI"): + return &configv1alpha1.PKIApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKICertificateManagement"): + return &configv1alpha1.PKICertificateManagementApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKIProfile"): + return &configv1alpha1.PKIProfileApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PKISpec"): + return &configv1alpha1.PKISpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusConfig"): + return &configv1alpha1.PrometheusConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusOperatorAdmissionWebhookConfig"): + return &configv1alpha1.PrometheusOperatorAdmissionWebhookConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusOperatorConfig"): + return &configv1alpha1.PrometheusOperatorConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("PrometheusRemoteWriteHeader"): + return &configv1alpha1.PrometheusRemoteWriteHeaderApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("QueueConfig"): + return &configv1alpha1.QueueConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RelabelActionConfig"): + return &configv1alpha1.RelabelActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RelabelConfig"): + return &configv1alpha1.RelabelConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RemoteWriteAuthorization"): + return &configv1alpha1.RemoteWriteAuthorizationApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RemoteWriteSpec"): + return &configv1alpha1.RemoteWriteSpecApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ReplaceActionConfig"): + return &configv1alpha1.ReplaceActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Retention"): + return &configv1alpha1.RetentionApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RetentionNumberConfig"): + return &configv1alpha1.RetentionNumberConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RetentionPolicy"): + return &configv1alpha1.RetentionPolicyApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RetentionSizeConfig"): + return &configv1alpha1.RetentionSizeConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("RSAKeyConfig"): + return &configv1alpha1.RSAKeyConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("SecretKeySelector"): + return &configv1alpha1.SecretKeySelectorApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Sigv4"): + return &configv1alpha1.Sigv4ApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("Storage"): + return &configv1alpha1.StorageApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("TelemeterClientConfig"): + return &configv1alpha1.TelemeterClientConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("ThanosQuerierConfig"): + return &configv1alpha1.ThanosQuerierConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("TLSConfig"): + return &configv1alpha1.TLSConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("UppercaseActionConfig"): + return &configv1alpha1.UppercaseActionConfigApplyConfiguration{} + case v1alpha1.SchemeGroupVersion.WithKind("UserDefinedMonitoring"): + return &configv1alpha1.UserDefinedMonitoringApplyConfiguration{} + + // Group=config.openshift.io, Version=v1alpha2 + case v1alpha2.SchemeGroupVersion.WithKind("Custom"): + return &configv1alpha2.CustomApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("GatherConfig"): + return &configv1alpha2.GatherConfigApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("GathererConfig"): + return &configv1alpha2.GathererConfigApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("Gatherers"): + return &configv1alpha2.GatherersApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("InsightsDataGather"): + return &configv1alpha2.InsightsDataGatherApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("InsightsDataGatherSpec"): + return &configv1alpha2.InsightsDataGatherSpecApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("PersistentVolumeClaimReference"): + return &configv1alpha2.PersistentVolumeClaimReferenceApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("PersistentVolumeConfig"): + return &configv1alpha2.PersistentVolumeConfigApplyConfiguration{} + case v1alpha2.SchemeGroupVersion.WithKind("Storage"): + return &configv1alpha2.StorageApplyConfiguration{} + + } + return nil +} + +func NewTypeConverter(scheme *runtime.Scheme) managedfields.TypeConverter { + return managedfields.NewSchemeTypeConverter(scheme, internal.Parser()) +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/clientset_generated.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 0000000000..0a3678b49a --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,140 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + applyconfigurations "github.com/openshift/client-go/config/applyconfigurations" + clientset "github.com/openshift/client-go/config/clientset/versioned" + configv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + fakeconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake" + configv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake" + configv1alpha2 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2" + fakeconfigv1alpha2 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +// +// Deprecated: NewClientset replaces this with support for field management, which significantly improves +// server side apply testing. NewClientset is only available when apply configurations are generated (e.g. +// via --with-applyconfig). +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions + } + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns, opts) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +// IsWatchListSemanticsSupported informs the reflector that this client +// doesn't support WatchList semantics. +// +// This is a synthetic method whose sole purpose is to satisfy the optional +// interface check performed by the reflector. +// Returning true signals that WatchList can NOT be used. +// No additional logic is implemented here. +func (c *Clientset) IsWatchListSemanticsUnSupported() bool { + return true +} + +// NewClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewClientset(objects ...runtime.Object) *Clientset { + o := testing.NewFieldManagedObjectTracker( + scheme, + codecs.UniversalDecoder(), + applyconfigurations.NewTypeConverter(scheme), + ) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + var opts metav1.ListOptions + if watchAction, ok := action.(testing.WatchActionImpl); ok { + opts = watchAction.ListOptions + } + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns, opts) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// ConfigV1 retrieves the ConfigV1Client +func (c *Clientset) ConfigV1() configv1.ConfigV1Interface { + return &fakeconfigv1.FakeConfigV1{Fake: &c.Fake} +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// ConfigV1alpha2 retrieves the ConfigV1alpha2Client +func (c *Clientset) ConfigV1alpha2() configv1alpha2.ConfigV1alpha2Interface { + return &fakeconfigv1alpha2.FakeConfigV1alpha2{Fake: &c.Fake} +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/doc.go new file mode 100644 index 0000000000..3630ed1cd1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/register.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/register.go new file mode 100644 index 0000000000..113c9e9cc5 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/fake/register.go @@ -0,0 +1,44 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + configv1 "github.com/openshift/api/config/v1" + configv1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha2 "github.com/openshift/api/config/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1.AddToScheme, + configv1alpha1.AddToScheme, + configv1alpha2.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/doc.go new file mode 100644 index 0000000000..2b5ba4c8e4 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_apiserver.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_apiserver.go new file mode 100644 index 0000000000..577b67da93 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_apiserver.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeAPIServers implements APIServerInterface +type fakeAPIServers struct { + *gentype.FakeClientWithListAndApply[*v1.APIServer, *v1.APIServerList, *configv1.APIServerApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeAPIServers(fake *FakeConfigV1) typedconfigv1.APIServerInterface { + return &fakeAPIServers{ + gentype.NewFakeClientWithListAndApply[*v1.APIServer, *v1.APIServerList, *configv1.APIServerApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("apiservers"), + v1.SchemeGroupVersion.WithKind("APIServer"), + func() *v1.APIServer { return &v1.APIServer{} }, + func() *v1.APIServerList { return &v1.APIServerList{} }, + func(dst, src *v1.APIServerList) { dst.ListMeta = src.ListMeta }, + func(list *v1.APIServerList) []*v1.APIServer { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.APIServerList, items []*v1.APIServer) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_authentication.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_authentication.go new file mode 100644 index 0000000000..f81b441439 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_authentication.go @@ -0,0 +1,35 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeAuthentications implements AuthenticationInterface +type fakeAuthentications struct { + *gentype.FakeClientWithListAndApply[*v1.Authentication, *v1.AuthenticationList, *configv1.AuthenticationApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeAuthentications(fake *FakeConfigV1) typedconfigv1.AuthenticationInterface { + return &fakeAuthentications{ + gentype.NewFakeClientWithListAndApply[*v1.Authentication, *v1.AuthenticationList, *configv1.AuthenticationApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("authentications"), + v1.SchemeGroupVersion.WithKind("Authentication"), + func() *v1.Authentication { return &v1.Authentication{} }, + func() *v1.AuthenticationList { return &v1.AuthenticationList{} }, + func(dst, src *v1.AuthenticationList) { dst.ListMeta = src.ListMeta }, + func(list *v1.AuthenticationList) []*v1.Authentication { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.AuthenticationList, items []*v1.Authentication) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_build.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_build.go new file mode 100644 index 0000000000..590e57d8e2 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_build.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeBuilds implements BuildInterface +type fakeBuilds struct { + *gentype.FakeClientWithListAndApply[*v1.Build, *v1.BuildList, *configv1.BuildApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeBuilds(fake *FakeConfigV1) typedconfigv1.BuildInterface { + return &fakeBuilds{ + gentype.NewFakeClientWithListAndApply[*v1.Build, *v1.BuildList, *configv1.BuildApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("builds"), + v1.SchemeGroupVersion.WithKind("Build"), + func() *v1.Build { return &v1.Build{} }, + func() *v1.BuildList { return &v1.BuildList{} }, + func(dst, src *v1.BuildList) { dst.ListMeta = src.ListMeta }, + func(list *v1.BuildList) []*v1.Build { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.BuildList, items []*v1.Build) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterimagepolicy.go new file mode 100644 index 0000000000..e79a2483fd --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterimagepolicy.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeClusterImagePolicies implements ClusterImagePolicyInterface +type fakeClusterImagePolicies struct { + *gentype.FakeClientWithListAndApply[*v1.ClusterImagePolicy, *v1.ClusterImagePolicyList, *configv1.ClusterImagePolicyApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeClusterImagePolicies(fake *FakeConfigV1) typedconfigv1.ClusterImagePolicyInterface { + return &fakeClusterImagePolicies{ + gentype.NewFakeClientWithListAndApply[*v1.ClusterImagePolicy, *v1.ClusterImagePolicyList, *configv1.ClusterImagePolicyApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("clusterimagepolicies"), + v1.SchemeGroupVersion.WithKind("ClusterImagePolicy"), + func() *v1.ClusterImagePolicy { return &v1.ClusterImagePolicy{} }, + func() *v1.ClusterImagePolicyList { return &v1.ClusterImagePolicyList{} }, + func(dst, src *v1.ClusterImagePolicyList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ClusterImagePolicyList) []*v1.ClusterImagePolicy { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1.ClusterImagePolicyList, items []*v1.ClusterImagePolicy) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusteroperator.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusteroperator.go new file mode 100644 index 0000000000..ac5a30983d --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusteroperator.go @@ -0,0 +1,35 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeClusterOperators implements ClusterOperatorInterface +type fakeClusterOperators struct { + *gentype.FakeClientWithListAndApply[*v1.ClusterOperator, *v1.ClusterOperatorList, *configv1.ClusterOperatorApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeClusterOperators(fake *FakeConfigV1) typedconfigv1.ClusterOperatorInterface { + return &fakeClusterOperators{ + gentype.NewFakeClientWithListAndApply[*v1.ClusterOperator, *v1.ClusterOperatorList, *configv1.ClusterOperatorApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("clusteroperators"), + v1.SchemeGroupVersion.WithKind("ClusterOperator"), + func() *v1.ClusterOperator { return &v1.ClusterOperator{} }, + func() *v1.ClusterOperatorList { return &v1.ClusterOperatorList{} }, + func(dst, src *v1.ClusterOperatorList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ClusterOperatorList) []*v1.ClusterOperator { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ClusterOperatorList, items []*v1.ClusterOperator) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterversion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterversion.go new file mode 100644 index 0000000000..6bb123d7f9 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_clusterversion.go @@ -0,0 +1,35 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeClusterVersions implements ClusterVersionInterface +type fakeClusterVersions struct { + *gentype.FakeClientWithListAndApply[*v1.ClusterVersion, *v1.ClusterVersionList, *configv1.ClusterVersionApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeClusterVersions(fake *FakeConfigV1) typedconfigv1.ClusterVersionInterface { + return &fakeClusterVersions{ + gentype.NewFakeClientWithListAndApply[*v1.ClusterVersion, *v1.ClusterVersionList, *configv1.ClusterVersionApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("clusterversions"), + v1.SchemeGroupVersion.WithKind("ClusterVersion"), + func() *v1.ClusterVersion { return &v1.ClusterVersion{} }, + func() *v1.ClusterVersionList { return &v1.ClusterVersionList{} }, + func(dst, src *v1.ClusterVersionList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ClusterVersionList) []*v1.ClusterVersion { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ClusterVersionList, items []*v1.ClusterVersion) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go new file mode 100644 index 0000000000..b5a1a52573 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_config_client.go @@ -0,0 +1,116 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1 struct { + *testing.Fake +} + +func (c *FakeConfigV1) APIServers() v1.APIServerInterface { + return newFakeAPIServers(c) +} + +func (c *FakeConfigV1) Authentications() v1.AuthenticationInterface { + return newFakeAuthentications(c) +} + +func (c *FakeConfigV1) Builds() v1.BuildInterface { + return newFakeBuilds(c) +} + +func (c *FakeConfigV1) ClusterImagePolicies() v1.ClusterImagePolicyInterface { + return newFakeClusterImagePolicies(c) +} + +func (c *FakeConfigV1) ClusterOperators() v1.ClusterOperatorInterface { + return newFakeClusterOperators(c) +} + +func (c *FakeConfigV1) ClusterVersions() v1.ClusterVersionInterface { + return newFakeClusterVersions(c) +} + +func (c *FakeConfigV1) Consoles() v1.ConsoleInterface { + return newFakeConsoles(c) +} + +func (c *FakeConfigV1) DNSes() v1.DNSInterface { + return newFakeDNSes(c) +} + +func (c *FakeConfigV1) FeatureGates() v1.FeatureGateInterface { + return newFakeFeatureGates(c) +} + +func (c *FakeConfigV1) Images() v1.ImageInterface { + return newFakeImages(c) +} + +func (c *FakeConfigV1) ImageContentPolicies() v1.ImageContentPolicyInterface { + return newFakeImageContentPolicies(c) +} + +func (c *FakeConfigV1) ImageDigestMirrorSets() v1.ImageDigestMirrorSetInterface { + return newFakeImageDigestMirrorSets(c) +} + +func (c *FakeConfigV1) ImagePolicies(namespace string) v1.ImagePolicyInterface { + return newFakeImagePolicies(c, namespace) +} + +func (c *FakeConfigV1) ImageTagMirrorSets() v1.ImageTagMirrorSetInterface { + return newFakeImageTagMirrorSets(c) +} + +func (c *FakeConfigV1) Infrastructures() v1.InfrastructureInterface { + return newFakeInfrastructures(c) +} + +func (c *FakeConfigV1) Ingresses() v1.IngressInterface { + return newFakeIngresses(c) +} + +func (c *FakeConfigV1) InsightsDataGathers() v1.InsightsDataGatherInterface { + return newFakeInsightsDataGathers(c) +} + +func (c *FakeConfigV1) Networks() v1.NetworkInterface { + return newFakeNetworks(c) +} + +func (c *FakeConfigV1) Nodes() v1.NodeInterface { + return newFakeNodes(c) +} + +func (c *FakeConfigV1) OAuths() v1.OAuthInterface { + return newFakeOAuths(c) +} + +func (c *FakeConfigV1) OperatorHubs() v1.OperatorHubInterface { + return newFakeOperatorHubs(c) +} + +func (c *FakeConfigV1) Projects() v1.ProjectInterface { + return newFakeProjects(c) +} + +func (c *FakeConfigV1) Proxies() v1.ProxyInterface { + return newFakeProxies(c) +} + +func (c *FakeConfigV1) Schedulers() v1.SchedulerInterface { + return newFakeSchedulers(c) +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_console.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_console.go new file mode 100644 index 0000000000..1f1cbdd726 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_console.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeConsoles implements ConsoleInterface +type fakeConsoles struct { + *gentype.FakeClientWithListAndApply[*v1.Console, *v1.ConsoleList, *configv1.ConsoleApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeConsoles(fake *FakeConfigV1) typedconfigv1.ConsoleInterface { + return &fakeConsoles{ + gentype.NewFakeClientWithListAndApply[*v1.Console, *v1.ConsoleList, *configv1.ConsoleApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("consoles"), + v1.SchemeGroupVersion.WithKind("Console"), + func() *v1.Console { return &v1.Console{} }, + func() *v1.ConsoleList { return &v1.ConsoleList{} }, + func(dst, src *v1.ConsoleList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ConsoleList) []*v1.Console { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ConsoleList, items []*v1.Console) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_dns.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_dns.go new file mode 100644 index 0000000000..5d998d6344 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_dns.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeDNSes implements DNSInterface +type fakeDNSes struct { + *gentype.FakeClientWithListAndApply[*v1.DNS, *v1.DNSList, *configv1.DNSApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeDNSes(fake *FakeConfigV1) typedconfigv1.DNSInterface { + return &fakeDNSes{ + gentype.NewFakeClientWithListAndApply[*v1.DNS, *v1.DNSList, *configv1.DNSApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("dnses"), + v1.SchemeGroupVersion.WithKind("DNS"), + func() *v1.DNS { return &v1.DNS{} }, + func() *v1.DNSList { return &v1.DNSList{} }, + func(dst, src *v1.DNSList) { dst.ListMeta = src.ListMeta }, + func(list *v1.DNSList) []*v1.DNS { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.DNSList, items []*v1.DNS) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_featuregate.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_featuregate.go new file mode 100644 index 0000000000..21dcf2e639 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_featuregate.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeFeatureGates implements FeatureGateInterface +type fakeFeatureGates struct { + *gentype.FakeClientWithListAndApply[*v1.FeatureGate, *v1.FeatureGateList, *configv1.FeatureGateApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeFeatureGates(fake *FakeConfigV1) typedconfigv1.FeatureGateInterface { + return &fakeFeatureGates{ + gentype.NewFakeClientWithListAndApply[*v1.FeatureGate, *v1.FeatureGateList, *configv1.FeatureGateApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("featuregates"), + v1.SchemeGroupVersion.WithKind("FeatureGate"), + func() *v1.FeatureGate { return &v1.FeatureGate{} }, + func() *v1.FeatureGateList { return &v1.FeatureGateList{} }, + func(dst, src *v1.FeatureGateList) { dst.ListMeta = src.ListMeta }, + func(list *v1.FeatureGateList) []*v1.FeatureGate { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.FeatureGateList, items []*v1.FeatureGate) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_image.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_image.go new file mode 100644 index 0000000000..107a96071e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_image.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeImages implements ImageInterface +type fakeImages struct { + *gentype.FakeClientWithListAndApply[*v1.Image, *v1.ImageList, *configv1.ImageApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeImages(fake *FakeConfigV1) typedconfigv1.ImageInterface { + return &fakeImages{ + gentype.NewFakeClientWithListAndApply[*v1.Image, *v1.ImageList, *configv1.ImageApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("images"), + v1.SchemeGroupVersion.WithKind("Image"), + func() *v1.Image { return &v1.Image{} }, + func() *v1.ImageList { return &v1.ImageList{} }, + func(dst, src *v1.ImageList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ImageList) []*v1.Image { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ImageList, items []*v1.Image) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagecontentpolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagecontentpolicy.go new file mode 100644 index 0000000000..a0771c4229 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagecontentpolicy.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeImageContentPolicies implements ImageContentPolicyInterface +type fakeImageContentPolicies struct { + *gentype.FakeClientWithListAndApply[*v1.ImageContentPolicy, *v1.ImageContentPolicyList, *configv1.ImageContentPolicyApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeImageContentPolicies(fake *FakeConfigV1) typedconfigv1.ImageContentPolicyInterface { + return &fakeImageContentPolicies{ + gentype.NewFakeClientWithListAndApply[*v1.ImageContentPolicy, *v1.ImageContentPolicyList, *configv1.ImageContentPolicyApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("imagecontentpolicies"), + v1.SchemeGroupVersion.WithKind("ImageContentPolicy"), + func() *v1.ImageContentPolicy { return &v1.ImageContentPolicy{} }, + func() *v1.ImageContentPolicyList { return &v1.ImageContentPolicyList{} }, + func(dst, src *v1.ImageContentPolicyList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ImageContentPolicyList) []*v1.ImageContentPolicy { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1.ImageContentPolicyList, items []*v1.ImageContentPolicy) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagedigestmirrorset.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagedigestmirrorset.go new file mode 100644 index 0000000000..fda5bdcce2 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagedigestmirrorset.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeImageDigestMirrorSets implements ImageDigestMirrorSetInterface +type fakeImageDigestMirrorSets struct { + *gentype.FakeClientWithListAndApply[*v1.ImageDigestMirrorSet, *v1.ImageDigestMirrorSetList, *configv1.ImageDigestMirrorSetApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeImageDigestMirrorSets(fake *FakeConfigV1) typedconfigv1.ImageDigestMirrorSetInterface { + return &fakeImageDigestMirrorSets{ + gentype.NewFakeClientWithListAndApply[*v1.ImageDigestMirrorSet, *v1.ImageDigestMirrorSetList, *configv1.ImageDigestMirrorSetApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("imagedigestmirrorsets"), + v1.SchemeGroupVersion.WithKind("ImageDigestMirrorSet"), + func() *v1.ImageDigestMirrorSet { return &v1.ImageDigestMirrorSet{} }, + func() *v1.ImageDigestMirrorSetList { return &v1.ImageDigestMirrorSetList{} }, + func(dst, src *v1.ImageDigestMirrorSetList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ImageDigestMirrorSetList) []*v1.ImageDigestMirrorSet { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1.ImageDigestMirrorSetList, items []*v1.ImageDigestMirrorSet) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagepolicy.go new file mode 100644 index 0000000000..fc34d3f6e2 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagepolicy.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeImagePolicies implements ImagePolicyInterface +type fakeImagePolicies struct { + *gentype.FakeClientWithListAndApply[*v1.ImagePolicy, *v1.ImagePolicyList, *configv1.ImagePolicyApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeImagePolicies(fake *FakeConfigV1, namespace string) typedconfigv1.ImagePolicyInterface { + return &fakeImagePolicies{ + gentype.NewFakeClientWithListAndApply[*v1.ImagePolicy, *v1.ImagePolicyList, *configv1.ImagePolicyApplyConfiguration]( + fake.Fake, + namespace, + v1.SchemeGroupVersion.WithResource("imagepolicies"), + v1.SchemeGroupVersion.WithKind("ImagePolicy"), + func() *v1.ImagePolicy { return &v1.ImagePolicy{} }, + func() *v1.ImagePolicyList { return &v1.ImagePolicyList{} }, + func(dst, src *v1.ImagePolicyList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ImagePolicyList) []*v1.ImagePolicy { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ImagePolicyList, items []*v1.ImagePolicy) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagetagmirrorset.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagetagmirrorset.go new file mode 100644 index 0000000000..cea42e0448 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_imagetagmirrorset.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeImageTagMirrorSets implements ImageTagMirrorSetInterface +type fakeImageTagMirrorSets struct { + *gentype.FakeClientWithListAndApply[*v1.ImageTagMirrorSet, *v1.ImageTagMirrorSetList, *configv1.ImageTagMirrorSetApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeImageTagMirrorSets(fake *FakeConfigV1) typedconfigv1.ImageTagMirrorSetInterface { + return &fakeImageTagMirrorSets{ + gentype.NewFakeClientWithListAndApply[*v1.ImageTagMirrorSet, *v1.ImageTagMirrorSetList, *configv1.ImageTagMirrorSetApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("imagetagmirrorsets"), + v1.SchemeGroupVersion.WithKind("ImageTagMirrorSet"), + func() *v1.ImageTagMirrorSet { return &v1.ImageTagMirrorSet{} }, + func() *v1.ImageTagMirrorSetList { return &v1.ImageTagMirrorSetList{} }, + func(dst, src *v1.ImageTagMirrorSetList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ImageTagMirrorSetList) []*v1.ImageTagMirrorSet { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1.ImageTagMirrorSetList, items []*v1.ImageTagMirrorSet) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_infrastructure.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_infrastructure.go new file mode 100644 index 0000000000..b859d67988 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_infrastructure.go @@ -0,0 +1,35 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeInfrastructures implements InfrastructureInterface +type fakeInfrastructures struct { + *gentype.FakeClientWithListAndApply[*v1.Infrastructure, *v1.InfrastructureList, *configv1.InfrastructureApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeInfrastructures(fake *FakeConfigV1) typedconfigv1.InfrastructureInterface { + return &fakeInfrastructures{ + gentype.NewFakeClientWithListAndApply[*v1.Infrastructure, *v1.InfrastructureList, *configv1.InfrastructureApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("infrastructures"), + v1.SchemeGroupVersion.WithKind("Infrastructure"), + func() *v1.Infrastructure { return &v1.Infrastructure{} }, + func() *v1.InfrastructureList { return &v1.InfrastructureList{} }, + func(dst, src *v1.InfrastructureList) { dst.ListMeta = src.ListMeta }, + func(list *v1.InfrastructureList) []*v1.Infrastructure { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.InfrastructureList, items []*v1.Infrastructure) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_ingress.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_ingress.go new file mode 100644 index 0000000000..5f7d16cda1 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_ingress.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeIngresses implements IngressInterface +type fakeIngresses struct { + *gentype.FakeClientWithListAndApply[*v1.Ingress, *v1.IngressList, *configv1.IngressApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeIngresses(fake *FakeConfigV1) typedconfigv1.IngressInterface { + return &fakeIngresses{ + gentype.NewFakeClientWithListAndApply[*v1.Ingress, *v1.IngressList, *configv1.IngressApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("ingresses"), + v1.SchemeGroupVersion.WithKind("Ingress"), + func() *v1.Ingress { return &v1.Ingress{} }, + func() *v1.IngressList { return &v1.IngressList{} }, + func(dst, src *v1.IngressList) { dst.ListMeta = src.ListMeta }, + func(list *v1.IngressList) []*v1.Ingress { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.IngressList, items []*v1.Ingress) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_insightsdatagather.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_insightsdatagather.go new file mode 100644 index 0000000000..1901b7db7f --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_insightsdatagather.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeInsightsDataGathers implements InsightsDataGatherInterface +type fakeInsightsDataGathers struct { + *gentype.FakeClientWithListAndApply[*v1.InsightsDataGather, *v1.InsightsDataGatherList, *configv1.InsightsDataGatherApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeInsightsDataGathers(fake *FakeConfigV1) typedconfigv1.InsightsDataGatherInterface { + return &fakeInsightsDataGathers{ + gentype.NewFakeClientWithListAndApply[*v1.InsightsDataGather, *v1.InsightsDataGatherList, *configv1.InsightsDataGatherApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("insightsdatagathers"), + v1.SchemeGroupVersion.WithKind("InsightsDataGather"), + func() *v1.InsightsDataGather { return &v1.InsightsDataGather{} }, + func() *v1.InsightsDataGatherList { return &v1.InsightsDataGatherList{} }, + func(dst, src *v1.InsightsDataGatherList) { dst.ListMeta = src.ListMeta }, + func(list *v1.InsightsDataGatherList) []*v1.InsightsDataGather { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1.InsightsDataGatherList, items []*v1.InsightsDataGather) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_network.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_network.go new file mode 100644 index 0000000000..446ce65db9 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_network.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeNetworks implements NetworkInterface +type fakeNetworks struct { + *gentype.FakeClientWithListAndApply[*v1.Network, *v1.NetworkList, *configv1.NetworkApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeNetworks(fake *FakeConfigV1) typedconfigv1.NetworkInterface { + return &fakeNetworks{ + gentype.NewFakeClientWithListAndApply[*v1.Network, *v1.NetworkList, *configv1.NetworkApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("networks"), + v1.SchemeGroupVersion.WithKind("Network"), + func() *v1.Network { return &v1.Network{} }, + func() *v1.NetworkList { return &v1.NetworkList{} }, + func(dst, src *v1.NetworkList) { dst.ListMeta = src.ListMeta }, + func(list *v1.NetworkList) []*v1.Network { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.NetworkList, items []*v1.Network) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_node.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_node.go new file mode 100644 index 0000000000..77aa20d2a9 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_node.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeNodes implements NodeInterface +type fakeNodes struct { + *gentype.FakeClientWithListAndApply[*v1.Node, *v1.NodeList, *configv1.NodeApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeNodes(fake *FakeConfigV1) typedconfigv1.NodeInterface { + return &fakeNodes{ + gentype.NewFakeClientWithListAndApply[*v1.Node, *v1.NodeList, *configv1.NodeApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("nodes"), + v1.SchemeGroupVersion.WithKind("Node"), + func() *v1.Node { return &v1.Node{} }, + func() *v1.NodeList { return &v1.NodeList{} }, + func(dst, src *v1.NodeList) { dst.ListMeta = src.ListMeta }, + func(list *v1.NodeList) []*v1.Node { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.NodeList, items []*v1.Node) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_oauth.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_oauth.go new file mode 100644 index 0000000000..f4ab053b94 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_oauth.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOAuths implements OAuthInterface +type fakeOAuths struct { + *gentype.FakeClientWithListAndApply[*v1.OAuth, *v1.OAuthList, *configv1.OAuthApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeOAuths(fake *FakeConfigV1) typedconfigv1.OAuthInterface { + return &fakeOAuths{ + gentype.NewFakeClientWithListAndApply[*v1.OAuth, *v1.OAuthList, *configv1.OAuthApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("oauths"), + v1.SchemeGroupVersion.WithKind("OAuth"), + func() *v1.OAuth { return &v1.OAuth{} }, + func() *v1.OAuthList { return &v1.OAuthList{} }, + func(dst, src *v1.OAuthList) { dst.ListMeta = src.ListMeta }, + func(list *v1.OAuthList) []*v1.OAuth { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.OAuthList, items []*v1.OAuth) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_operatorhub.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_operatorhub.go new file mode 100644 index 0000000000..06989ba1d8 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_operatorhub.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeOperatorHubs implements OperatorHubInterface +type fakeOperatorHubs struct { + *gentype.FakeClientWithListAndApply[*v1.OperatorHub, *v1.OperatorHubList, *configv1.OperatorHubApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeOperatorHubs(fake *FakeConfigV1) typedconfigv1.OperatorHubInterface { + return &fakeOperatorHubs{ + gentype.NewFakeClientWithListAndApply[*v1.OperatorHub, *v1.OperatorHubList, *configv1.OperatorHubApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("operatorhubs"), + v1.SchemeGroupVersion.WithKind("OperatorHub"), + func() *v1.OperatorHub { return &v1.OperatorHub{} }, + func() *v1.OperatorHubList { return &v1.OperatorHubList{} }, + func(dst, src *v1.OperatorHubList) { dst.ListMeta = src.ListMeta }, + func(list *v1.OperatorHubList) []*v1.OperatorHub { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.OperatorHubList, items []*v1.OperatorHub) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_project.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_project.go new file mode 100644 index 0000000000..506f1527b8 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_project.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeProjects implements ProjectInterface +type fakeProjects struct { + *gentype.FakeClientWithListAndApply[*v1.Project, *v1.ProjectList, *configv1.ProjectApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeProjects(fake *FakeConfigV1) typedconfigv1.ProjectInterface { + return &fakeProjects{ + gentype.NewFakeClientWithListAndApply[*v1.Project, *v1.ProjectList, *configv1.ProjectApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("projects"), + v1.SchemeGroupVersion.WithKind("Project"), + func() *v1.Project { return &v1.Project{} }, + func() *v1.ProjectList { return &v1.ProjectList{} }, + func(dst, src *v1.ProjectList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ProjectList) []*v1.Project { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ProjectList, items []*v1.Project) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_proxy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_proxy.go new file mode 100644 index 0000000000..6cb1cd0946 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_proxy.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeProxies implements ProxyInterface +type fakeProxies struct { + *gentype.FakeClientWithListAndApply[*v1.Proxy, *v1.ProxyList, *configv1.ProxyApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeProxies(fake *FakeConfigV1) typedconfigv1.ProxyInterface { + return &fakeProxies{ + gentype.NewFakeClientWithListAndApply[*v1.Proxy, *v1.ProxyList, *configv1.ProxyApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("proxies"), + v1.SchemeGroupVersion.WithKind("Proxy"), + func() *v1.Proxy { return &v1.Proxy{} }, + func() *v1.ProxyList { return &v1.ProxyList{} }, + func(dst, src *v1.ProxyList) { dst.ListMeta = src.ListMeta }, + func(list *v1.ProxyList) []*v1.Proxy { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.ProxyList, items []*v1.Proxy) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_scheduler.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_scheduler.go new file mode 100644 index 0000000000..cba9733c94 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake/fake_scheduler.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/openshift/api/config/v1" + configv1 "github.com/openshift/client-go/config/applyconfigurations/config/v1" + typedconfigv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeSchedulers implements SchedulerInterface +type fakeSchedulers struct { + *gentype.FakeClientWithListAndApply[*v1.Scheduler, *v1.SchedulerList, *configv1.SchedulerApplyConfiguration] + Fake *FakeConfigV1 +} + +func newFakeSchedulers(fake *FakeConfigV1) typedconfigv1.SchedulerInterface { + return &fakeSchedulers{ + gentype.NewFakeClientWithListAndApply[*v1.Scheduler, *v1.SchedulerList, *configv1.SchedulerApplyConfiguration]( + fake.Fake, + "", + v1.SchemeGroupVersion.WithResource("schedulers"), + v1.SchemeGroupVersion.WithKind("Scheduler"), + func() *v1.Scheduler { return &v1.Scheduler{} }, + func() *v1.SchedulerList { return &v1.SchedulerList{} }, + func(dst, src *v1.SchedulerList) { dst.ListMeta = src.ListMeta }, + func(list *v1.SchedulerList) []*v1.Scheduler { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.SchedulerList, items []*v1.Scheduler) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 8391f7b40e..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,58 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// ClusterImagePoliciesGetter has a method to return a ClusterImagePolicyInterface. -// A group's client should implement this interface. -type ClusterImagePoliciesGetter interface { - ClusterImagePolicies() ClusterImagePolicyInterface -} - -// ClusterImagePolicyInterface has methods to work with ClusterImagePolicy resources. -type ClusterImagePolicyInterface interface { - Create(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.CreateOptions) (*configv1alpha1.ClusterImagePolicy, error) - Update(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ClusterImagePolicy, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, clusterImagePolicy *configv1alpha1.ClusterImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ClusterImagePolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.ClusterImagePolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.ClusterImagePolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.ClusterImagePolicy, err error) - Apply(ctx context.Context, clusterImagePolicy *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ClusterImagePolicy, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, clusterImagePolicy *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ClusterImagePolicy, err error) - ClusterImagePolicyExpansion -} - -// clusterImagePolicies implements ClusterImagePolicyInterface -type clusterImagePolicies struct { - *gentype.ClientWithListAndApply[*configv1alpha1.ClusterImagePolicy, *configv1alpha1.ClusterImagePolicyList, *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration] -} - -// newClusterImagePolicies returns a ClusterImagePolicies -func newClusterImagePolicies(c *ConfigV1alpha1Client) *clusterImagePolicies { - return &clusterImagePolicies{ - gentype.NewClientWithListAndApply[*configv1alpha1.ClusterImagePolicy, *configv1alpha1.ClusterImagePolicyList, *applyconfigurationsconfigv1alpha1.ClusterImagePolicyApplyConfiguration]( - "clusterimagepolicies", - c.RESTClient(), - scheme.ParameterCodec, - "", - func() *configv1alpha1.ClusterImagePolicy { return &configv1alpha1.ClusterImagePolicy{} }, - func() *configv1alpha1.ClusterImagePolicyList { return &configv1alpha1.ClusterImagePolicyList{} }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go index ce3b84174d..23ba9a19c0 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,9 +14,7 @@ type ConfigV1alpha1Interface interface { RESTClient() rest.Interface BackupsGetter CRIOCredentialProviderConfigsGetter - ClusterImagePoliciesGetter ClusterMonitoringsGetter - ImagePoliciesGetter InsightsDataGathersGetter PKIsGetter } @@ -34,18 +32,10 @@ func (c *ConfigV1alpha1Client) CRIOCredentialProviderConfigs() CRIOCredentialPro return newCRIOCredentialProviderConfigs(c) } -func (c *ConfigV1alpha1Client) ClusterImagePolicies() ClusterImagePolicyInterface { - return newClusterImagePolicies(c) -} - func (c *ConfigV1alpha1Client) ClusterMonitorings() ClusterMonitoringInterface { return newClusterMonitorings(c) } -func (c *ConfigV1alpha1Client) ImagePolicies(namespace string) ImagePolicyInterface { - return newImagePolicies(c, namespace) -} - func (c *ConfigV1alpha1Client) InsightsDataGathers() InsightsDataGatherInterface { return newInsightsDataGathers(c) } diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 0000000000..2b5ba4c8e4 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_backup.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_backup.go new file mode 100644 index 0000000000..91db422ac3 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_backup.go @@ -0,0 +1,35 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeBackups implements BackupInterface +type fakeBackups struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.Backup, *v1alpha1.BackupList, *configv1alpha1.BackupApplyConfiguration] + Fake *FakeConfigV1alpha1 +} + +func newFakeBackups(fake *FakeConfigV1alpha1) typedconfigv1alpha1.BackupInterface { + return &fakeBackups{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.Backup, *v1alpha1.BackupList, *configv1alpha1.BackupApplyConfiguration]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("backups"), + v1alpha1.SchemeGroupVersion.WithKind("Backup"), + func() *v1alpha1.Backup { return &v1alpha1.Backup{} }, + func() *v1alpha1.BackupList { return &v1alpha1.BackupList{} }, + func(dst, src *v1alpha1.BackupList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.BackupList) []*v1alpha1.Backup { return gentype.ToPointerSlice(list.Items) }, + func(list *v1alpha1.BackupList, items []*v1alpha1.Backup) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clustermonitoring.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clustermonitoring.go new file mode 100644 index 0000000000..666d60335b --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_clustermonitoring.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeClusterMonitorings implements ClusterMonitoringInterface +type fakeClusterMonitorings struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.ClusterMonitoring, *v1alpha1.ClusterMonitoringList, *configv1alpha1.ClusterMonitoringApplyConfiguration] + Fake *FakeConfigV1alpha1 +} + +func newFakeClusterMonitorings(fake *FakeConfigV1alpha1) typedconfigv1alpha1.ClusterMonitoringInterface { + return &fakeClusterMonitorings{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.ClusterMonitoring, *v1alpha1.ClusterMonitoringList, *configv1alpha1.ClusterMonitoringApplyConfiguration]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("clustermonitorings"), + v1alpha1.SchemeGroupVersion.WithKind("ClusterMonitoring"), + func() *v1alpha1.ClusterMonitoring { return &v1alpha1.ClusterMonitoring{} }, + func() *v1alpha1.ClusterMonitoringList { return &v1alpha1.ClusterMonitoringList{} }, + func(dst, src *v1alpha1.ClusterMonitoringList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.ClusterMonitoringList) []*v1alpha1.ClusterMonitoring { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.ClusterMonitoringList, items []*v1alpha1.ClusterMonitoring) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 0000000000..381179df9c --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,40 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) Backups() v1alpha1.BackupInterface { + return newFakeBackups(c) +} + +func (c *FakeConfigV1alpha1) CRIOCredentialProviderConfigs() v1alpha1.CRIOCredentialProviderConfigInterface { + return newFakeCRIOCredentialProviderConfigs(c) +} + +func (c *FakeConfigV1alpha1) ClusterMonitorings() v1alpha1.ClusterMonitoringInterface { + return newFakeClusterMonitorings(c) +} + +func (c *FakeConfigV1alpha1) InsightsDataGathers() v1alpha1.InsightsDataGatherInterface { + return newFakeInsightsDataGathers(c) +} + +func (c *FakeConfigV1alpha1) PKIs() v1alpha1.PKIInterface { + return newFakePKIs(c) +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_criocredentialproviderconfig.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_criocredentialproviderconfig.go new file mode 100644 index 0000000000..588ce179cc --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_criocredentialproviderconfig.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeCRIOCredentialProviderConfigs implements CRIOCredentialProviderConfigInterface +type fakeCRIOCredentialProviderConfigs struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.CRIOCredentialProviderConfig, *v1alpha1.CRIOCredentialProviderConfigList, *configv1alpha1.CRIOCredentialProviderConfigApplyConfiguration] + Fake *FakeConfigV1alpha1 +} + +func newFakeCRIOCredentialProviderConfigs(fake *FakeConfigV1alpha1) typedconfigv1alpha1.CRIOCredentialProviderConfigInterface { + return &fakeCRIOCredentialProviderConfigs{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.CRIOCredentialProviderConfig, *v1alpha1.CRIOCredentialProviderConfigList, *configv1alpha1.CRIOCredentialProviderConfigApplyConfiguration]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("criocredentialproviderconfigs"), + v1alpha1.SchemeGroupVersion.WithKind("CRIOCredentialProviderConfig"), + func() *v1alpha1.CRIOCredentialProviderConfig { return &v1alpha1.CRIOCredentialProviderConfig{} }, + func() *v1alpha1.CRIOCredentialProviderConfigList { return &v1alpha1.CRIOCredentialProviderConfigList{} }, + func(dst, src *v1alpha1.CRIOCredentialProviderConfigList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.CRIOCredentialProviderConfigList) []*v1alpha1.CRIOCredentialProviderConfig { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.CRIOCredentialProviderConfigList, items []*v1alpha1.CRIOCredentialProviderConfig) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_insightsdatagather.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_insightsdatagather.go new file mode 100644 index 0000000000..fc68d168e5 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_insightsdatagather.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakeInsightsDataGathers implements InsightsDataGatherInterface +type fakeInsightsDataGathers struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.InsightsDataGather, *v1alpha1.InsightsDataGatherList, *configv1alpha1.InsightsDataGatherApplyConfiguration] + Fake *FakeConfigV1alpha1 +} + +func newFakeInsightsDataGathers(fake *FakeConfigV1alpha1) typedconfigv1alpha1.InsightsDataGatherInterface { + return &fakeInsightsDataGathers{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.InsightsDataGather, *v1alpha1.InsightsDataGatherList, *configv1alpha1.InsightsDataGatherApplyConfiguration]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("insightsdatagathers"), + v1alpha1.SchemeGroupVersion.WithKind("InsightsDataGather"), + func() *v1alpha1.InsightsDataGather { return &v1alpha1.InsightsDataGather{} }, + func() *v1alpha1.InsightsDataGatherList { return &v1alpha1.InsightsDataGatherList{} }, + func(dst, src *v1alpha1.InsightsDataGatherList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.InsightsDataGatherList) []*v1alpha1.InsightsDataGather { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha1.InsightsDataGatherList, items []*v1alpha1.InsightsDataGather) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go new file mode 100644 index 0000000000..7efcece94e --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake/fake_pki.go @@ -0,0 +1,33 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/openshift/api/config/v1alpha1" + configv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" + typedconfigv1alpha1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1" + gentype "k8s.io/client-go/gentype" +) + +// fakePKIs implements PKIInterface +type fakePKIs struct { + *gentype.FakeClientWithListAndApply[*v1alpha1.PKI, *v1alpha1.PKIList, *configv1alpha1.PKIApplyConfiguration] + Fake *FakeConfigV1alpha1 +} + +func newFakePKIs(fake *FakeConfigV1alpha1) typedconfigv1alpha1.PKIInterface { + return &fakePKIs{ + gentype.NewFakeClientWithListAndApply[*v1alpha1.PKI, *v1alpha1.PKIList, *configv1alpha1.PKIApplyConfiguration]( + fake.Fake, + "", + v1alpha1.SchemeGroupVersion.WithResource("pkis"), + v1alpha1.SchemeGroupVersion.WithKind("PKI"), + func() *v1alpha1.PKI { return &v1alpha1.PKI{} }, + func() *v1alpha1.PKIList { return &v1alpha1.PKIList{} }, + func(dst, src *v1alpha1.PKIList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha1.PKIList) []*v1alpha1.PKI { return gentype.ToPointerSlice(list.Items) }, + func(list *v1alpha1.PKIList, items []*v1alpha1.PKI) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 3908fe8d17..bc1f603194 100644 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,12 +6,8 @@ type BackupExpansion interface{} type CRIOCredentialProviderConfigExpansion interface{} -type ClusterImagePolicyExpansion interface{} - type ClusterMonitoringExpansion interface{} -type ImagePolicyExpansion interface{} - type InsightsDataGatherExpansion interface{} type PKIExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go deleted file mode 100644 index a893efeea7..0000000000 --- a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,58 +0,0 @@ -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - applyconfigurationsconfigv1alpha1 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1" - scheme "github.com/openshift/client-go/config/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - gentype "k8s.io/client-go/gentype" -) - -// ImagePoliciesGetter has a method to return a ImagePolicyInterface. -// A group's client should implement this interface. -type ImagePoliciesGetter interface { - ImagePolicies(namespace string) ImagePolicyInterface -} - -// ImagePolicyInterface has methods to work with ImagePolicy resources. -type ImagePolicyInterface interface { - Create(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.CreateOptions) (*configv1alpha1.ImagePolicy, error) - Update(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ImagePolicy, error) - // Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - UpdateStatus(ctx context.Context, imagePolicy *configv1alpha1.ImagePolicy, opts v1.UpdateOptions) (*configv1alpha1.ImagePolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*configv1alpha1.ImagePolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*configv1alpha1.ImagePolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *configv1alpha1.ImagePolicy, err error) - Apply(ctx context.Context, imagePolicy *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ImagePolicy, err error) - // Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). - ApplyStatus(ctx context.Context, imagePolicy *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration, opts v1.ApplyOptions) (result *configv1alpha1.ImagePolicy, err error) - ImagePolicyExpansion -} - -// imagePolicies implements ImagePolicyInterface -type imagePolicies struct { - *gentype.ClientWithListAndApply[*configv1alpha1.ImagePolicy, *configv1alpha1.ImagePolicyList, *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration] -} - -// newImagePolicies returns a ImagePolicies -func newImagePolicies(c *ConfigV1alpha1Client, namespace string) *imagePolicies { - return &imagePolicies{ - gentype.NewClientWithListAndApply[*configv1alpha1.ImagePolicy, *configv1alpha1.ImagePolicyList, *applyconfigurationsconfigv1alpha1.ImagePolicyApplyConfiguration]( - "imagepolicies", - c.RESTClient(), - scheme.ParameterCodec, - namespace, - func() *configv1alpha1.ImagePolicy { return &configv1alpha1.ImagePolicy{} }, - func() *configv1alpha1.ImagePolicyList { return &configv1alpha1.ImagePolicyList{} }, - ), - } -} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/doc.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/doc.go new file mode 100644 index 0000000000..2b5ba4c8e4 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/fake_config_client.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/fake_config_client.go new file mode 100644 index 0000000000..04e9accbd0 --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/fake_config_client.go @@ -0,0 +1,24 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha2 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha2 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha2) InsightsDataGathers() v1alpha2.InsightsDataGatherInterface { + return newFakeInsightsDataGathers(c) +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha2) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/fake_insightsdatagather.go b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/fake_insightsdatagather.go new file mode 100644 index 0000000000..2f9c0ddfdb --- /dev/null +++ b/vendor/github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake/fake_insightsdatagather.go @@ -0,0 +1,37 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha2 "github.com/openshift/api/config/v1alpha2" + configv1alpha2 "github.com/openshift/client-go/config/applyconfigurations/config/v1alpha2" + typedconfigv1alpha2 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2" + gentype "k8s.io/client-go/gentype" +) + +// fakeInsightsDataGathers implements InsightsDataGatherInterface +type fakeInsightsDataGathers struct { + *gentype.FakeClientWithListAndApply[*v1alpha2.InsightsDataGather, *v1alpha2.InsightsDataGatherList, *configv1alpha2.InsightsDataGatherApplyConfiguration] + Fake *FakeConfigV1alpha2 +} + +func newFakeInsightsDataGathers(fake *FakeConfigV1alpha2) typedconfigv1alpha2.InsightsDataGatherInterface { + return &fakeInsightsDataGathers{ + gentype.NewFakeClientWithListAndApply[*v1alpha2.InsightsDataGather, *v1alpha2.InsightsDataGatherList, *configv1alpha2.InsightsDataGatherApplyConfiguration]( + fake.Fake, + "", + v1alpha2.SchemeGroupVersion.WithResource("insightsdatagathers"), + v1alpha2.SchemeGroupVersion.WithKind("InsightsDataGather"), + func() *v1alpha2.InsightsDataGather { return &v1alpha2.InsightsDataGather{} }, + func() *v1alpha2.InsightsDataGatherList { return &v1alpha2.InsightsDataGatherList{} }, + func(dst, src *v1alpha2.InsightsDataGatherList) { dst.ListMeta = src.ListMeta }, + func(list *v1alpha2.InsightsDataGatherList) []*v1alpha2.InsightsDataGather { + return gentype.ToPointerSlice(list.Items) + }, + func(list *v1alpha2.InsightsDataGatherList, items []*v1alpha2.InsightsDataGather) { + list.Items = gentype.FromPointerSlice(items) + }, + ), + fake, + } +} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index af5c3e27f1..0000000000 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,85 +0,0 @@ -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - time "time" - - apiconfigv1alpha1 "github.com/openshift/api/config/v1alpha1" - versioned "github.com/openshift/client-go/config/clientset/versioned" - internalinterfaces "github.com/openshift/client-go/config/informers/externalversions/internalinterfaces" - configv1alpha1 "github.com/openshift/client-go/config/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ClusterImagePolicyInformer provides access to a shared informer and lister for -// ClusterImagePolicies. -type ClusterImagePolicyInformer interface { - Informer() cache.SharedIndexInformer - Lister() configv1alpha1.ClusterImagePolicyLister -} - -type clusterImagePolicyInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewClusterImagePolicyInformer constructs a new informer for ClusterImagePolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewClusterImagePolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredClusterImagePolicyInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredClusterImagePolicyInformer constructs a new informer for ClusterImagePolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredClusterImagePolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().List(context.Background(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().Watch(context.Background(), options) - }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().List(ctx, options) - }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ClusterImagePolicies().Watch(ctx, options) - }, - }, client), - &apiconfigv1alpha1.ClusterImagePolicy{}, - resyncPeriod, - indexers, - ) -} - -func (f *clusterImagePolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredClusterImagePolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *clusterImagePolicyInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&apiconfigv1alpha1.ClusterImagePolicy{}, f.defaultInformer) -} - -func (f *clusterImagePolicyInformer) Lister() configv1alpha1.ClusterImagePolicyLister { - return configv1alpha1.NewClusterImagePolicyLister(f.Informer().GetIndexer()) -} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/imagepolicy.go deleted file mode 100644 index d56c1e834f..0000000000 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,86 +0,0 @@ -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - context "context" - time "time" - - apiconfigv1alpha1 "github.com/openshift/api/config/v1alpha1" - versioned "github.com/openshift/client-go/config/clientset/versioned" - internalinterfaces "github.com/openshift/client-go/config/informers/externalversions/internalinterfaces" - configv1alpha1 "github.com/openshift/client-go/config/listers/config/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ImagePolicyInformer provides access to a shared informer and lister for -// ImagePolicies. -type ImagePolicyInformer interface { - Informer() cache.SharedIndexInformer - Lister() configv1alpha1.ImagePolicyLister -} - -type imagePolicyInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewImagePolicyInformer constructs a new informer for ImagePolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewImagePolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredImagePolicyInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredImagePolicyInformer constructs a new informer for ImagePolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredImagePolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - cache.ToListWatcherWithWatchListSemantics(&cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ImagePolicies(namespace).List(context.Background(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ImagePolicies(namespace).Watch(context.Background(), options) - }, - ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ImagePolicies(namespace).List(ctx, options) - }, - WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ConfigV1alpha1().ImagePolicies(namespace).Watch(ctx, options) - }, - }, client), - &apiconfigv1alpha1.ImagePolicy{}, - resyncPeriod, - indexers, - ) -} - -func (f *imagePolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredImagePolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *imagePolicyInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&apiconfigv1alpha1.ImagePolicy{}, f.defaultInformer) -} - -func (f *imagePolicyInformer) Lister() configv1alpha1.ImagePolicyLister { - return configv1alpha1.NewImagePolicyLister(f.Informer().GetIndexer()) -} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go index 5d0818a188..17b0ebcc0b 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/config/v1alpha1/interface.go @@ -12,12 +12,8 @@ type Interface interface { Backups() BackupInformer // CRIOCredentialProviderConfigs returns a CRIOCredentialProviderConfigInformer. CRIOCredentialProviderConfigs() CRIOCredentialProviderConfigInformer - // ClusterImagePolicies returns a ClusterImagePolicyInformer. - ClusterImagePolicies() ClusterImagePolicyInformer // ClusterMonitorings returns a ClusterMonitoringInformer. ClusterMonitorings() ClusterMonitoringInformer - // ImagePolicies returns a ImagePolicyInformer. - ImagePolicies() ImagePolicyInformer // InsightsDataGathers returns a InsightsDataGatherInformer. InsightsDataGathers() InsightsDataGatherInformer // PKIs returns a PKIInformer. @@ -45,21 +41,11 @@ func (v *version) CRIOCredentialProviderConfigs() CRIOCredentialProviderConfigIn return &cRIOCredentialProviderConfigInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } -// ClusterImagePolicies returns a ClusterImagePolicyInformer. -func (v *version) ClusterImagePolicies() ClusterImagePolicyInformer { - return &clusterImagePolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - // ClusterMonitorings returns a ClusterMonitoringInformer. func (v *version) ClusterMonitorings() ClusterMonitoringInformer { return &clusterMonitoringInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } -// ImagePolicies returns a ImagePolicyInformer. -func (v *version) ImagePolicies() ImagePolicyInformer { - return &imagePolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - // InsightsDataGathers returns a InsightsDataGatherInformer. func (v *version) InsightsDataGathers() InsightsDataGatherInformer { return &insightsDataGatherInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} diff --git a/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go b/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go index 3e7ec33751..4c00a13f17 100644 --- a/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go +++ b/vendor/github.com/openshift/client-go/config/informers/externalversions/generic.go @@ -93,12 +93,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().Backups().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("criocredentialproviderconfigs"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CRIOCredentialProviderConfigs().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("clusterimagepolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().ClusterImagePolicies().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("clustermonitorings"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().ClusterMonitorings().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("imagepolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().ImagePolicies().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("insightsdatagathers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().InsightsDataGathers().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("pkis"): diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go deleted file mode 100644 index 0512d3682f..0000000000 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/clusterimagepolicy.go +++ /dev/null @@ -1,32 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - labels "k8s.io/apimachinery/pkg/labels" - listers "k8s.io/client-go/listers" - cache "k8s.io/client-go/tools/cache" -) - -// ClusterImagePolicyLister helps list ClusterImagePolicies. -// All objects returned here must be treated as read-only. -type ClusterImagePolicyLister interface { - // List lists all ClusterImagePolicies in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*configv1alpha1.ClusterImagePolicy, err error) - // Get retrieves the ClusterImagePolicy from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*configv1alpha1.ClusterImagePolicy, error) - ClusterImagePolicyListerExpansion -} - -// clusterImagePolicyLister implements the ClusterImagePolicyLister interface. -type clusterImagePolicyLister struct { - listers.ResourceIndexer[*configv1alpha1.ClusterImagePolicy] -} - -// NewClusterImagePolicyLister returns a new ClusterImagePolicyLister. -func NewClusterImagePolicyLister(indexer cache.Indexer) ClusterImagePolicyLister { - return &clusterImagePolicyLister{listers.New[*configv1alpha1.ClusterImagePolicy](indexer, configv1alpha1.Resource("clusterimagepolicy"))} -} diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go index dbcd1a084c..3baf74bc8b 100644 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go +++ b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/expansion_generated.go @@ -10,22 +10,10 @@ type BackupListerExpansion interface{} // CRIOCredentialProviderConfigLister. type CRIOCredentialProviderConfigListerExpansion interface{} -// ClusterImagePolicyListerExpansion allows custom methods to be added to -// ClusterImagePolicyLister. -type ClusterImagePolicyListerExpansion interface{} - // ClusterMonitoringListerExpansion allows custom methods to be added to // ClusterMonitoringLister. type ClusterMonitoringListerExpansion interface{} -// ImagePolicyListerExpansion allows custom methods to be added to -// ImagePolicyLister. -type ImagePolicyListerExpansion interface{} - -// ImagePolicyNamespaceListerExpansion allows custom methods to be added to -// ImagePolicyNamespaceLister. -type ImagePolicyNamespaceListerExpansion interface{} - // InsightsDataGatherListerExpansion allows custom methods to be added to // InsightsDataGatherLister. type InsightsDataGatherListerExpansion interface{} diff --git a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go b/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go deleted file mode 100644 index 7050c57718..0000000000 --- a/vendor/github.com/openshift/client-go/config/listers/config/v1alpha1/imagepolicy.go +++ /dev/null @@ -1,54 +0,0 @@ -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - configv1alpha1 "github.com/openshift/api/config/v1alpha1" - labels "k8s.io/apimachinery/pkg/labels" - listers "k8s.io/client-go/listers" - cache "k8s.io/client-go/tools/cache" -) - -// ImagePolicyLister helps list ImagePolicies. -// All objects returned here must be treated as read-only. -type ImagePolicyLister interface { - // List lists all ImagePolicies in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*configv1alpha1.ImagePolicy, err error) - // ImagePolicies returns an object that can list and get ImagePolicies. - ImagePolicies(namespace string) ImagePolicyNamespaceLister - ImagePolicyListerExpansion -} - -// imagePolicyLister implements the ImagePolicyLister interface. -type imagePolicyLister struct { - listers.ResourceIndexer[*configv1alpha1.ImagePolicy] -} - -// NewImagePolicyLister returns a new ImagePolicyLister. -func NewImagePolicyLister(indexer cache.Indexer) ImagePolicyLister { - return &imagePolicyLister{listers.New[*configv1alpha1.ImagePolicy](indexer, configv1alpha1.Resource("imagepolicy"))} -} - -// ImagePolicies returns an object that can list and get ImagePolicies. -func (s *imagePolicyLister) ImagePolicies(namespace string) ImagePolicyNamespaceLister { - return imagePolicyNamespaceLister{listers.NewNamespaced[*configv1alpha1.ImagePolicy](s.ResourceIndexer, namespace)} -} - -// ImagePolicyNamespaceLister helps list and get ImagePolicies. -// All objects returned here must be treated as read-only. -type ImagePolicyNamespaceLister interface { - // List lists all ImagePolicies in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*configv1alpha1.ImagePolicy, err error) - // Get retrieves the ImagePolicy from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*configv1alpha1.ImagePolicy, error) - ImagePolicyNamespaceListerExpansion -} - -// imagePolicyNamespaceLister implements the ImagePolicyNamespaceLister -// interface. -type imagePolicyNamespaceLister struct { - listers.ResourceIndexer[*configv1alpha1.ImagePolicy] -} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go index 13bc4fc94f..7603b05954 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/internal/internal.go @@ -23,61 +23,63 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: -- name: com.github.openshift.api.config.v1.ConfigMapFileReference +- name: Condition.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: key + - name: lastTransitionTime + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: message type: scalar: string - - name: name + default: "" + - name: observedGeneration + type: + scalar: numeric + - name: reason type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.ConfigMapNameReference - map: - fields: - - name: name + - name: status type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.CustomTLSProfile + - name: type + type: + scalar: string + default: "" +- name: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: string +- name: FieldSelectorAttributes.v1.authorization.api.k8s.io map: fields: - - name: ciphers + - name: rawSelector + type: + scalar: string + - name: requirements type: list: elementType: - scalar: string + namedType: FieldSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: minTLSVersion +- name: FieldSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: key type: scalar: string default: "" -- name: com.github.openshift.api.config.v1.IntermediateTLSProfile - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.ModernTLSProfile - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: com.github.openshift.api.config.v1.OldTLSProfile + - name: operator + type: + scalar: string + default: "" + - name: values + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io map: elementType: scalar: untyped @@ -89,191 +91,484 @@ var schemaYAML = typed.YAMLObject(`types: elementType: namedType: __untyped_deduced_ elementRelationship: separable -- name: com.github.openshift.api.config.v1.SecretNameReference - map: - fields: - - name: name - type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.TLSProfileSpec +- name: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: ciphers + - name: matchExpressions type: list: elementType: - scalar: string + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: minTLSVersion + - name: matchLabels type: - scalar: string - default: "" -- name: com.github.openshift.api.config.v1.TLSSecurityProfile + map: + elementType: + scalar: string + elementRelationship: atomic +- name: LabelSelectorAttributes.v1.authorization.api.k8s.io map: fields: - - name: custom - type: - namedType: com.github.openshift.api.config.v1.CustomTLSProfile - - name: intermediate - type: - namedType: com.github.openshift.api.config.v1.IntermediateTLSProfile - - name: modern - type: - namedType: com.github.openshift.api.config.v1.ModernTLSProfile - - name: old - type: - namedType: com.github.openshift.api.config.v1.OldTLSProfile - - name: type + - name: rawSelector type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: custom - discriminatorValue: Custom - - fieldName: intermediate - discriminatorValue: Intermediate - - fieldName: modern - discriminatorValue: Modern - - fieldName: old - discriminatorValue: Old -- name: com.github.openshift.api.operator.v1.AWSCSIDriverConfigSpec + - name: requirements + type: + list: + elementType: + namedType: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic +- name: LabelSelectorRequirement.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: efsVolumeMetrics - type: - namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics - - name: kmsKeyARN + - name: key type: scalar: string -- name: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters - map: - fields: - - name: connectionIdleTimeout + default: "" + - name: operator type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - - name: subnets + scalar: string + default: "" + - name: values type: - namedType: com.github.openshift.api.operator.v1.AWSSubnets -- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + list: + elementType: + scalar: string + elementRelationship: atomic +- name: LocalObjectReference.v1.core.api.k8s.io map: fields: - - name: recursiveWalk - type: - namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig - - name: state + - name: name type: scalar: string default: "" - unions: - - discriminator: state - fields: - - fieldName: recursiveWalk - discriminatorValue: RecursiveWalk -- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + elementRelationship: atomic +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: fsRateLimit + - name: apiVersion type: - scalar: numeric - - name: refreshPeriodMinutes + scalar: string + - name: fieldsType type: - scalar: numeric -- name: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters - map: - fields: - - name: classicLoadBalancer + scalar: string + - name: fieldsV1 type: - namedType: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters - - name: networkLoadBalancer + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager type: - namedType: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters - - name: type + scalar: string + - name: operation type: scalar: string - default: "" - unions: - - discriminator: type - fields: - - fieldName: classicLoadBalancer - discriminatorValue: ClassicLoadBalancerParameters - - fieldName: networkLoadBalancer - discriminatorValue: NetworkLoadBalancerParameters -- name: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io map: fields: - - name: eipAllocations + - name: annotations type: - list: + map: elementType: scalar: string - elementRelationship: atomic - - name: subnets + - name: creationTimestamp type: - namedType: com.github.openshift.api.operator.v1.AWSSubnets -- name: com.github.openshift.api.operator.v1.AWSSubnets - map: - fields: - - name: ids + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers type: list: elementType: scalar: string - elementRelationship: atomic - - name: names + elementRelationship: associative + - name: generateName type: - list: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: elementType: scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.AccessLogging - map: - fields: - - name: destination - type: - namedType: com.github.openshift.api.operator.v1.LoggingDestination - default: {} - - name: httpCaptureCookies + - name: managedFields type: list: elementType: - namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - - name: httpCaptureHeaders - type: - namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders - default: {} - - name: httpLogFormat + - name: name type: scalar: string - - name: logEmptyRequests + - name: namespace type: scalar: string -- name: com.github.openshift.api.operator.v1.AddPage - map: - fields: - - name: disabledActions + - name: ownerReferences type: list: elementType: - scalar: string - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition - map: - fields: - - name: name + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion type: scalar: string - default: "" - - name: namespace + - name: selfLink type: scalar: string - - name: rawCNIConfig + - name: uid type: scalar: string - - name: simpleMacvlanConfig +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: RawExtension.runtime.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ResourceAttributes.v1.authorization.api.k8s.io + map: + fields: + - name: fieldSelector + type: + namedType: FieldSelectorAttributes.v1.authorization.api.k8s.io + - name: group + type: + scalar: string + - name: labelSelector + type: + namedType: LabelSelectorAttributes.v1.authorization.api.k8s.io + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: resource + type: + scalar: string + - name: subresource + type: + scalar: string + - name: verb + type: + scalar: string + - name: version + type: + scalar: string +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped +- name: Toleration.v1.core.api.k8s.io + map: + fields: + - name: effect + type: + scalar: string + - name: key + type: + scalar: string + - name: operator + type: + scalar: string + - name: tolerationSeconds + type: + scalar: numeric + - name: value + type: + scalar: string +- name: com.github.openshift.api.config.v1.ConfigMapFileReference + map: + fields: + - name: key + type: + scalar: string + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.ConfigMapNameReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.CustomTLSProfile + map: + fields: + - name: ciphers + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: minTLSVersion + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.IntermediateTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.ModernTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.OldTLSProfile + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: com.github.openshift.api.config.v1.SecretNameReference + map: + fields: + - name: name + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TLSProfileSpec + map: + fields: + - name: ciphers + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: minTLSVersion + type: + scalar: string + default: "" +- name: com.github.openshift.api.config.v1.TLSSecurityProfile + map: + fields: + - name: custom + type: + namedType: com.github.openshift.api.config.v1.CustomTLSProfile + - name: intermediate + type: + namedType: com.github.openshift.api.config.v1.IntermediateTLSProfile + - name: modern + type: + namedType: com.github.openshift.api.config.v1.ModernTLSProfile + - name: old + type: + namedType: com.github.openshift.api.config.v1.OldTLSProfile + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type + fields: + - fieldName: custom + discriminatorValue: Custom + - fieldName: intermediate + discriminatorValue: Intermediate + - fieldName: modern + discriminatorValue: Modern + - fieldName: old + discriminatorValue: Old +- name: com.github.openshift.api.operator.v1.AWSCSIDriverConfigSpec + map: + fields: + - name: efsVolumeMetrics + type: + namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + - name: kmsKeyARN + type: + scalar: string +- name: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters + map: + fields: + - name: connectionIdleTimeout + type: + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: subnets + type: + namedType: com.github.openshift.api.operator.v1.AWSSubnets +- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetrics + map: + fields: + - name: recursiveWalk + type: + namedType: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + - name: state + type: + scalar: string + default: "" + unions: + - discriminator: state + fields: + - fieldName: recursiveWalk + discriminatorValue: RecursiveWalk +- name: com.github.openshift.api.operator.v1.AWSEFSVolumeMetricsRecursiveWalkConfig + map: + fields: + - name: fsRateLimit + type: + scalar: numeric + - name: refreshPeriodMinutes + type: + scalar: numeric +- name: com.github.openshift.api.operator.v1.AWSLoadBalancerParameters + map: + fields: + - name: classicLoadBalancer + type: + namedType: com.github.openshift.api.operator.v1.AWSClassicLoadBalancerParameters + - name: networkLoadBalancer + type: + namedType: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters + - name: type + type: + scalar: string + default: "" + unions: + - discriminator: type + fields: + - fieldName: classicLoadBalancer + discriminatorValue: ClassicLoadBalancerParameters + - fieldName: networkLoadBalancer + discriminatorValue: NetworkLoadBalancerParameters +- name: com.github.openshift.api.operator.v1.AWSNetworkLoadBalancerParameters + map: + fields: + - name: eipAllocations + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: subnets + type: + namedType: com.github.openshift.api.operator.v1.AWSSubnets +- name: com.github.openshift.api.operator.v1.AWSSubnets + map: + fields: + - name: ids + type: + list: + elementType: + scalar: string + elementRelationship: atomic + - name: names + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.AccessLogging + map: + fields: + - name: destination + type: + namedType: com.github.openshift.api.operator.v1.LoggingDestination + default: {} + - name: httpCaptureCookies + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPCookie + elementRelationship: atomic + - name: httpCaptureHeaders + type: + namedType: com.github.openshift.api.operator.v1.IngressControllerCaptureHTTPHeaders + default: {} + - name: httpLogFormat + type: + scalar: string + - name: logEmptyRequests + type: + scalar: string +- name: com.github.openshift.api.operator.v1.AddPage + map: + fields: + - name: disabledActions + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1.AdditionalNetworkDefinition + map: + fields: + - name: name + type: + scalar: string + default: "" + - name: namespace + type: + scalar: string + - name: rawCNIConfig + type: + scalar: string + - name: simpleMacvlanConfig type: namedType: com.github.openshift.api.operator.v1.SimpleMacvlanConfig - name: type @@ -300,7 +595,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -322,13 +617,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.AuthenticationStatus map: fields: @@ -389,6 +684,16 @@ var schemaYAML = typed.YAMLObject(`types: type: scalar: string default: "" +- name: com.github.openshift.api.operator.v1.BGPManagedConfig + map: + fields: + - name: asNumber + type: + scalar: numeric + default: 64512 + - name: bgpTopology + type: + scalar: string - name: com.github.openshift.api.operator.v1.BootImageSkewEnforcementConfig map: fields: @@ -471,7 +776,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -493,13 +798,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.CSISnapshotControllerStatus map: fields: @@ -583,7 +888,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -608,13 +913,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.CloudCredentialStatus map: fields: @@ -689,7 +994,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -715,7 +1020,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -724,7 +1029,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ClusterCSIDriverStatus map: fields: @@ -781,7 +1086,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -814,13 +1119,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ConfigStatus map: fields: @@ -867,7 +1172,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -970,7 +1275,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -990,7 +1295,7 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ConsoleStatus map: fields: @@ -1043,7 +1348,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1058,10 +1363,10 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: negativeTTL type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: positiveTTL type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.DNSNodePlacement map: fields: @@ -1074,7 +1379,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.operator.v1.DNSOverTLSConfig map: @@ -1289,7 +1594,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1326,7 +1631,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -1335,7 +1640,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.EtcdStatus map: fields: @@ -1498,10 +1803,10 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: lastGatherDuration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: lastGatherTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.GathererStatus map: fields: @@ -1509,11 +1814,11 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: atomic - name: lastGatherDuration type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: name type: scalar: string @@ -1704,7 +2009,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -1866,7 +2171,7 @@ var schemaYAML = typed.YAMLObject(`types: default: Continue - name: defaultCertificate type: - namedType: io.k8s.api.core.v1.LocalObjectReference + namedType: LocalObjectReference.v1.core.api.k8s.io - name: domain type: scalar: string @@ -1896,7 +2201,7 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.operator.v1.IngressControllerLogging - name: namespaceSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: nodePlacement type: namedType: com.github.openshift.api.operator.v1.NodePlacement @@ -1908,7 +2213,7 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.operator.v1.RouteAdmissionPolicy - name: routeSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: tlsSecurityProfile type: namedType: com.github.openshift.api.config.v1.TLSSecurityProfile @@ -1918,7 +2223,7 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.IngressControllerStatus map: fields: @@ -1943,13 +2248,13 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.operator.v1.EndpointPublishingStrategy - name: namespaceSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: observedGeneration type: scalar: numeric - name: routeSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: selector type: scalar: string @@ -1962,13 +2267,16 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: clientFinTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: clientTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io + - name: configurationManagement + type: + scalar: string - name: connectTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: headerBufferBytes type: scalar: numeric @@ -1977,31 +2285,31 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: healthCheckInterval type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: httpKeepAliveTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: maxConnections type: scalar: numeric - name: reloadInterval type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: serverFinTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: serverTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: threadCount type: scalar: numeric - name: tlsInspectDelay type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: tunnelTimeout type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Duration + namedType: Duration.v1.meta.apis.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.InsightsOperator map: fields: @@ -2013,7 +2321,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2035,13 +2343,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.InsightsOperatorStatus map: fields: @@ -2090,7 +2398,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: downloadedAt type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: healthChecks type: list: @@ -2117,7 +2425,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2149,7 +2457,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -2158,7 +2466,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.KubeAPIServerStatus map: fields: @@ -2222,7 +2530,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2251,7 +2559,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -2260,7 +2568,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: useMoreSecureServiceCA type: scalar: boolean @@ -2322,7 +2630,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2351,7 +2659,7 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -2360,7 +2668,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.KubeSchedulerStatus map: fields: @@ -2418,7 +2726,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2440,13 +2748,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.KubeStorageVersionMigratorStatus map: fields: @@ -2566,7 +2874,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2611,7 +2919,7 @@ var schemaYAML = typed.YAMLObject(`types: default: {} - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -2620,7 +2928,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: numeric - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.MachineConfigurationStatus map: fields: @@ -2632,7 +2940,7 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io elementRelationship: associative keys: - type @@ -2709,7 +3017,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -2786,7 +3094,7 @@ var schemaYAML = typed.YAMLObject(`types: namedType: com.github.openshift.api.operator.v1.NetworkMigration - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string @@ -2798,7 +3106,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: useMultiNetworkPolicy type: scalar: boolean @@ -2837,6 +3145,15 @@ var schemaYAML = typed.YAMLObject(`types: - name: version type: scalar: string +- name: com.github.openshift.api.operator.v1.NoOverlayConfig + map: + fields: + - name: outboundSNAT + type: + scalar: string + - name: routing + type: + scalar: string - name: com.github.openshift.api.operator.v1.NodeDisruptionPolicyClusterStatus map: fields: @@ -3005,12 +3322,12 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: nodeSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: tolerations type: list: elementType: - namedType: io.k8s.api.core.v1.Toleration + namedType: Toleration.v1.core.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.operator.v1.NodePortStrategy map: @@ -3041,7 +3358,7 @@ var schemaYAML = typed.YAMLObject(`types: elementRelationship: atomic - name: lastFailedTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: lastFallbackCount type: scalar: numeric @@ -3069,7 +3386,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3091,13 +3408,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.OLMStatus map: fields: @@ -3136,6 +3453,10 @@ var schemaYAML = typed.YAMLObject(`types: - name: com.github.openshift.api.operator.v1.OVNKubernetesConfig map: fields: + - name: bgpManagedConfig + type: + namedType: com.github.openshift.api.operator.v1.BGPManagedConfig + default: {} - name: egressIPConfig type: namedType: com.github.openshift.api.operator.v1.EgressIPConfig @@ -3163,12 +3484,19 @@ var schemaYAML = typed.YAMLObject(`types: - name: mtu type: scalar: numeric + - name: noOverlayConfig + type: + namedType: com.github.openshift.api.operator.v1.NoOverlayConfig + default: {} - name: policyAuditConfig type: namedType: com.github.openshift.api.operator.v1.PolicyAuditConfig - name: routeAdvertisements type: scalar: string + - name: transport + type: + scalar: string - name: v4InternalSubnet type: scalar: string @@ -3186,7 +3514,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3208,13 +3536,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.OpenShiftAPIServerStatus map: fields: @@ -3261,7 +3589,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3283,13 +3611,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.OpenShiftControllerManagerStatus map: fields: @@ -3355,7 +3683,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: lastTransitionTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: message type: scalar: string @@ -3375,7 +3703,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: machineResourceSelector type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + namedType: LabelSelector.v1.meta.apis.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.Perspective map: fields: @@ -3526,13 +3854,13 @@ var schemaYAML = typed.YAMLObject(`types: type: list: elementType: - namedType: io.k8s.api.authorization.v1.ResourceAttributes + namedType: ResourceAttributes.v1.authorization.api.k8s.io elementRelationship: atomic - name: required type: list: elementType: - namedType: io.k8s.api.authorization.v1.ResourceAttributes + namedType: ResourceAttributes.v1.authorization.api.k8s.io elementRelationship: atomic - name: com.github.openshift.api.operator.v1.RestartService map: @@ -3581,7 +3909,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: expirationTime type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io - name: name type: scalar: string @@ -3597,7 +3925,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3619,13 +3947,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ServiceCAStatus map: fields: @@ -3672,7 +4000,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3694,13 +4022,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ServiceCatalogAPIServerStatus map: fields: @@ -3747,7 +4075,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3769,13 +4097,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: com.github.openshift.api.operator.v1.ServiceCatalogControllerManagerStatus map: fields: @@ -3900,7 +4228,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -3922,13 +4250,13 @@ var schemaYAML = typed.YAMLObject(`types: default: "" - name: observedConfig type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: operatorLogLevel type: scalar: string - name: unsupportedConfigOverrides type: - namedType: __untyped_atomic_ + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io - name: vsphereStorageDriver type: scalar: string @@ -4072,7 +4400,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: spec type: @@ -4088,6 +4416,9 @@ var schemaYAML = typed.YAMLObject(`types: type: namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerComponentImage default: {} + - name: name + type: + scalar: string - name: type type: scalar: string @@ -4117,6 +4448,14 @@ var schemaYAML = typed.YAMLObject(`types: - name: contentID type: scalar: string + - name: manifestSubstitutions + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevisionManifestSubstitution + elementRelationship: associative + keys: + - key - name: name type: scalar: string @@ -4130,514 +4469,231 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string elementRelationship: atomic elementRelationship: atomic -- name: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec - map: - fields: - - name: unmanagedCustomResourceDefinitions - type: - list: - elementType: - scalar: string - elementRelationship: associative -- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus - map: - fields: - - name: currentRevision - type: - scalar: string - - name: desiredRevision - type: - scalar: string - - name: revisions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevision - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperator - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus - default: {} -- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec - map: - fields: - - name: operatorLogLevel - type: - scalar: string -- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus - map: - fields: - - name: observedGeneration - type: - scalar: numeric -- name: com.github.openshift.api.operator.v1alpha1.EtcdBackup - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus - default: {} -- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec - map: - fields: - - name: pvcName - type: - scalar: string - default: "" -- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus - map: - fields: - - name: backupJob - type: - namedType: com.github.openshift.api.operator.v1alpha1.BackupJobReference - - name: conditions - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition - elementRelationship: associative - keys: - - type -- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicy - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec - default: {} -- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevisionManifestSubstitution map: fields: - - name: repositoryDigestMirrors - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors - elementRelationship: atomic -- name: com.github.openshift.api.operator.v1alpha1.OLM - map: - fields: - - name: apiVersion - type: - scalar: string - - name: kind - type: - scalar: string - - name: metadata - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - default: {} - - name: spec - type: - namedType: com.github.openshift.api.operator.v1alpha1.OLMSpec - default: {} - - name: status - type: - namedType: com.github.openshift.api.operator.v1alpha1.OLMStatus - default: {} -- name: com.github.openshift.api.operator.v1alpha1.OLMSpec - map: - fields: - - name: logLevel - type: - scalar: string - - name: managementState - type: - scalar: string - default: "" - - name: observedConfig - type: - namedType: __untyped_atomic_ - - name: operatorLogLevel + - name: key type: scalar: string - - name: unsupportedConfigOverrides - type: - namedType: __untyped_atomic_ -- name: com.github.openshift.api.operator.v1alpha1.OLMStatus - map: - fields: - - name: conditions - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.OperatorCondition - elementRelationship: associative - keys: - - type - - name: generations - type: - list: - elementType: - namedType: com.github.openshift.api.operator.v1.GenerationStatus - elementRelationship: associative - keys: - - group - - resource - - namespace - - name - - name: latestAvailableRevision - type: - scalar: numeric - - name: observedGeneration - type: - scalar: numeric - - name: readyReplicas - type: - scalar: numeric - default: 0 - - name: version + - name: value type: scalar: string -- name: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPISpec map: fields: - - name: mirrors + - name: unmanagedCustomResourceDefinitions type: list: elementType: scalar: string - elementRelationship: atomic - - name: source - type: - scalar: string - default: "" -- name: io.k8s.api.authorization.v1.FieldSelectorAttributes - map: - fields: - - name: rawSelector - type: - scalar: string - - name: requirements - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldSelectorRequirement - elementRelationship: atomic -- name: io.k8s.api.authorization.v1.LabelSelectorAttributes - map: - fields: - - name: rawSelector - type: - scalar: string - - name: requirements - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic -- name: io.k8s.api.authorization.v1.ResourceAttributes + elementRelationship: associative +- name: com.github.openshift.api.operator.v1alpha1.ClusterAPIStatus map: fields: - - name: fieldSelector - type: - namedType: io.k8s.api.authorization.v1.FieldSelectorAttributes - - name: group - type: - scalar: string - - name: labelSelector - type: - namedType: io.k8s.api.authorization.v1.LabelSelectorAttributes - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: resource - type: - scalar: string - - name: subresource - type: - scalar: string - - name: verb + - name: currentRevision type: scalar: string - - name: version + - name: desiredRevision type: scalar: string -- name: io.k8s.api.core.v1.LocalObjectReference - map: - fields: - - name: name + - name: observedRevisionGeneration type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.api.core.v1.Toleration + scalar: numeric + - name: revisions + type: + list: + elementType: + namedType: com.github.openshift.api.operator.v1alpha1.ClusterAPIInstallerRevision + elementRelationship: atomic +- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperator map: fields: - - name: effect + - name: apiVersion type: scalar: string - - name: key + - name: kind type: scalar: string - - name: operator + - name: metadata type: - scalar: string - - name: tolerationSeconds + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - scalar: numeric - - name: value + namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec + default: {} + - name: status type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Condition + namedType: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorSpec map: fields: - - name: lastTransitionTime - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: message + - name: operatorLogLevel type: scalar: string - default: "" +- name: com.github.openshift.api.operator.v1alpha1.ClusterVersionOperatorStatus + map: + fields: - name: observedGeneration type: scalar: numeric - - name: reason +- name: com.github.openshift.api.operator.v1alpha1.EtcdBackup + map: + fields: + - name: apiVersion type: scalar: string - default: "" - - name: status + - name: kind type: scalar: string - default: "" - - name: type + - name: metadata type: - scalar: string - default: "" -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Duration - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldSelectorRequirement + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec + default: {} + - name: status + type: + namedType: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupSpec map: fields: - - name: key - type: - scalar: string - default: "" - - name: operator + - name: pvcName type: scalar: string default: "" - - name: values - type: - list: - elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector +- name: com.github.openshift.api.operator.v1alpha1.EtcdBackupStatus map: fields: - - name: matchExpressions + - name: backupJob type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement - elementRelationship: atomic - - name: matchLabels + namedType: com.github.openshift.api.operator.v1alpha1.BackupJobReference + - name: conditions type: - map: + list: elementType: - scalar: string - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + namedType: Condition.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - type +- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicy map: fields: - - name: key + - name: apiVersion type: scalar: string - default: "" - - name: operator + - name: kind type: scalar: string - default: "" - - name: values + - name: metadata + type: + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec + type: + namedType: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec + default: {} +- name: com.github.openshift.api.operator.v1alpha1.ImageContentSourcePolicySpec + map: + fields: + - name: repositoryDigestMirrors type: list: elementType: - scalar: string + namedType: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry +- name: com.github.openshift.api.operator.v1alpha1.OLM map: fields: - name: apiVersion type: scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager + - name: kind type: scalar: string - - name: operation + - name: metadata type: - scalar: string - - name: subresource + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + default: {} + - name: spec type: - scalar: string - - name: time + namedType: com.github.openshift.api.operator.v1alpha1.OLMSpec + default: {} + - name: status type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: com.github.openshift.api.operator.v1alpha1.OLMStatus + default: {} +- name: com.github.openshift.api.operator.v1alpha1.OLMSpec map: fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds + - name: logLevel type: - scalar: numeric - - name: deletionTimestamp + scalar: string + - name: managementState type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers + scalar: string + default: "" + - name: observedConfig type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io + - name: operatorLogLevel type: scalar: string - - name: generation - type: - scalar: numeric - - name: labels + - name: unsupportedConfigOverrides type: - map: - elementType: - scalar: string - - name: managedFields + namedType: RawExtension.runtime.pkg.apimachinery.k8s.io +- name: com.github.openshift.api.operator.v1alpha1.OLMStatus + map: + fields: + - name: conditions type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences + namedType: com.github.openshift.api.operator.v1.OperatorCondition + elementRelationship: associative + keys: + - type + - name: generations type: list: elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference + namedType: com.github.openshift.api.operator.v1.GenerationStatus elementRelationship: associative keys: - - uid - - name: resourceVersion + - group + - resource + - namespace + - name + - name: latestAvailableRevision type: - scalar: string - - name: selfLink + scalar: numeric + - name: observedGeneration type: - scalar: string - - name: uid + scalar: numeric + - name: readyReplicas + type: + scalar: numeric + default: 0 + - name: version type: scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference +- name: com.github.openshift.api.operator.v1alpha1.RepositoryDigestMirrors map: fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name + - name: mirrors type: - scalar: string - default: "" - - name: uid + list: + elementType: + scalar: string + elementRelationship: atomic + - name: source type: scalar: string default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped -- name: io.k8s.apimachinery.pkg.runtime.RawExtension - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go index 9274b84ad6..f527a9312a 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/awscsidriverconfigspec.go @@ -10,6 +10,12 @@ type AWSCSIDriverConfigSpecApplyConfiguration struct { // kmsKeyARN sets the cluster default storage class to encrypt volumes with a user-defined KMS key, // rather than the default KMS key used by AWS. // The value may be either the ARN or Alias ARN of a KMS key. + // + // The ARN must follow the format: arn::kms:::(key|alias)/, where: + // is the AWS partition (aws, aws-cn, aws-us-gov, aws-iso, aws-iso-b, aws-iso-e, aws-iso-f, or aws-eusc), + // is the AWS region, + // is a 12-digit numeric identifier for the AWS account, + // is the KMS key ID or alias name. KMSKeyARN *string `json:"kmsKeyARN,omitempty"` // efsVolumeMetrics sets the configuration for collecting metrics from EFS volumes used by the EFS CSI Driver. EFSVolumeMetrics *AWSEFSVolumeMetricsApplyConfiguration `json:"efsVolumeMetrics,omitempty"` diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go new file mode 100644 index 0000000000..071ac3fc23 --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/bgpmanagedconfig.go @@ -0,0 +1,46 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// BGPManagedConfigApplyConfiguration represents a declarative configuration of the BGPManagedConfig type for use +// with apply. +// +// BGPManagedConfig contains configuration options for BGP when routing is "Managed". +type BGPManagedConfigApplyConfiguration struct { + // asNumber is the 2-byte or 4-byte Autonomous System Number (ASN) + // to be used in the generated FRR configuration. + // Valid values are 1 to 4294967295. + // When omitted, this defaults to 64512. + ASNumber *int64 `json:"asNumber,omitempty"` + // bgpTopology defines the BGP topology to be used. + // Allowed values are "FullMesh". + // When set to "FullMesh", every node peers directly with every other node via BGP. + // This field is required when BGPManagedConfig is specified. + BGPTopology *operatorv1.BGPTopology `json:"bgpTopology,omitempty"` +} + +// BGPManagedConfigApplyConfiguration constructs a declarative configuration of the BGPManagedConfig type for use with +// apply. +func BGPManagedConfig() *BGPManagedConfigApplyConfiguration { + return &BGPManagedConfigApplyConfiguration{} +} + +// WithASNumber sets the ASNumber field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ASNumber field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithASNumber(value int64) *BGPManagedConfigApplyConfiguration { + b.ASNumber = &value + return b +} + +// WithBGPTopology sets the BGPTopology field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPTopology field is set to the value of the last call. +func (b *BGPManagedConfigApplyConfiguration) WithBGPTopology(value operatorv1.BGPTopology) *BGPManagedConfigApplyConfiguration { + b.BGPTopology = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go index 831ef5130e..d62c99282a 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ingresscontrollertuningoptions.go @@ -3,6 +3,7 @@ package v1 import ( + operatorv1 "github.com/openshift/api/operator/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -209,6 +210,32 @@ type IngressControllerTuningOptionsApplyConfiguration struct { // be reloaded less frequently, and newly created routes will not be served until the // subsequent reload. ReloadInterval *metav1.Duration `json:"reloadInterval,omitempty"` + // configurationManagement specifies how OpenShift router should update + // the HAProxy configuration. The following values are valid for this + // field: + // + // * "ForkAndReload". + // * "Dynamic". + // + // Omitting this field means that the user has no opinion and the + // platform may choose a reasonable default. This default is subject to + // change over time. The current default is "ForkAndReload". + // + // "ForkAndReload" means that OpenShift router should rewrite the + // HAProxy configuration file and instruct HAProxy to fork and reload. + // This is OpenShift router's traditional approach. + // + // "Dynamic" means that OpenShift router may use HAProxy's control + // socket for some configuration updates and fall back to fork and + // reload for other configuration updates. This is a newer approach, + // which may be less mature than ForkAndReload. This setting can + // improve load-balancing fairness and metrics accuracy and reduce CPU + // and memory usage if HAProxy has frequent configuration updates for + // route and endpoints updates. + // + // Note: The "Dynamic" option is currently experimental and should not + // be enabled on production clusters. + ConfigurationManagement *operatorv1.IngressControllerConfigurationManagement `json:"configurationManagement,omitempty"` } // IngressControllerTuningOptionsApplyConfiguration constructs a declarative configuration of the IngressControllerTuningOptions type for use with @@ -328,3 +355,11 @@ func (b *IngressControllerTuningOptionsApplyConfiguration) WithReloadInterval(va b.ReloadInterval = &value return b } + +// WithConfigurationManagement sets the ConfigurationManagement field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ConfigurationManagement field is set to the value of the last call. +func (b *IngressControllerTuningOptionsApplyConfiguration) WithConfigurationManagement(value operatorv1.IngressControllerConfigurationManagement) *IngressControllerTuningOptionsApplyConfiguration { + b.ConfigurationManagement = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go new file mode 100644 index 0000000000..0feb3009ea --- /dev/null +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/nooverlayconfig.go @@ -0,0 +1,50 @@ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1 + +import ( + operatorv1 "github.com/openshift/api/operator/v1" +) + +// NoOverlayConfigApplyConfiguration represents a declarative configuration of the NoOverlayConfig type for use +// with apply. +// +// NoOverlayConfig contains configuration options for networks operating in no-overlay mode. +type NoOverlayConfigApplyConfiguration struct { + // outboundSNAT defines the SNAT behavior for outbound traffic from pods. + // Allowed values are "Enabled" and "Disabled". + // When set to "Enabled", SNAT is performed on outbound traffic from pods. + // When set to "Disabled", SNAT is not performed and pod IPs are preserved in outbound traffic. + // This field is required when the network operates in no-overlay mode. + // This field can be set to any value at installation time and can be changed afterwards. + OutboundSNAT *operatorv1.SNATOption `json:"outboundSNAT,omitempty"` + // routing specifies whether the pod network routing is managed by OVN-Kubernetes or users. + // Allowed values are "Managed" and "Unmanaged". + // When set to "Managed", OVN-Kubernetes manages the pod network routing configuration through BGP. + // When set to "Unmanaged", users are responsible for configuring the pod network routing. + // This field is required when the network operates in no-overlay mode. + // This field is immutable once set. + Routing *operatorv1.RoutingOption `json:"routing,omitempty"` +} + +// NoOverlayConfigApplyConfiguration constructs a declarative configuration of the NoOverlayConfig type for use with +// apply. +func NoOverlayConfig() *NoOverlayConfigApplyConfiguration { + return &NoOverlayConfigApplyConfiguration{} +} + +// WithOutboundSNAT sets the OutboundSNAT field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the OutboundSNAT field is set to the value of the last call. +func (b *NoOverlayConfigApplyConfiguration) WithOutboundSNAT(value operatorv1.SNATOption) *NoOverlayConfigApplyConfiguration { + b.OutboundSNAT = &value + return b +} + +// WithRouting sets the Routing field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Routing field is set to the value of the last call. +func (b *NoOverlayConfigApplyConfiguration) WithRouting(value operatorv1.RoutingOption) *NoOverlayConfigApplyConfiguration { + b.Routing = &value + return b +} diff --git a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go index 6a2d864421..ead45f83b5 100644 --- a/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go +++ b/vendor/github.com/openshift/client-go/operator/applyconfigurations/operator/v1/ovnkubernetesconfig.go @@ -62,6 +62,27 @@ type OVNKubernetesConfigApplyConfiguration struct { // reasonable defaults. These defaults are subject to change over time. The // current default is "Disabled". RouteAdvertisements *operatorv1.RouteAdvertisementsEnablement `json:"routeAdvertisements,omitempty"` + // transport sets the transport mode for pods on the default network. + // Allowed values are "NoOverlay" and "Geneve". + // "NoOverlay" avoids tunnel encapsulation, routing pod traffic directly between nodes. + // "Geneve" encapsulates pod traffic using Geneve tunnels between nodes. + // When omitted, this means the user has no opinion and the platform chooses + // a reasonable default which is subject to change over time. + // The current default is "Geneve". + // "NoOverlay" can only be set at installation time and cannot be changed afterwards. + // "Geneve" may be set explicitly at any time to lock in the current default. + Transport *operatorv1.TransportOption `json:"transport,omitempty"` + // noOverlayConfig contains configuration for no-overlay mode. + // This configuration applies to the default network only. + // It is required when transport is "NoOverlay". + // When omitted, this means the user does not configure no-overlay mode options. + NoOverlayConfig *NoOverlayConfigApplyConfiguration `json:"noOverlayConfig,omitempty"` + // bgpManagedConfig configures the BGP properties for networks (default network or CUDNs) + // in no-overlay mode that specify routing="Managed" in their noOverlayConfig. + // It is required when noOverlayConfig.routing is set to "Managed". + // When omitted, this means the user does not configure BGP for managed routing. + // This field can be set at installation time or on day 2, and can be modified at any time. + BGPManagedConfig *BGPManagedConfigApplyConfiguration `json:"bgpManagedConfig,omitempty"` } // OVNKubernetesConfigApplyConfiguration constructs a declarative configuration of the OVNKubernetesConfig type for use with @@ -165,3 +186,27 @@ func (b *OVNKubernetesConfigApplyConfiguration) WithRouteAdvertisements(value op b.RouteAdvertisements = &value return b } + +// WithTransport sets the Transport field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Transport field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithTransport(value operatorv1.TransportOption) *OVNKubernetesConfigApplyConfiguration { + b.Transport = &value + return b +} + +// WithNoOverlayConfig sets the NoOverlayConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NoOverlayConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithNoOverlayConfig(value *NoOverlayConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.NoOverlayConfig = value + return b +} + +// WithBGPManagedConfig sets the BGPManagedConfig field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the BGPManagedConfig field is set to the value of the last call. +func (b *OVNKubernetesConfigApplyConfiguration) WithBGPManagedConfig(value *BGPManagedConfigApplyConfiguration) *OVNKubernetesConfigApplyConfiguration { + b.BGPManagedConfig = value + return b +} diff --git a/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go b/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go index dcb584450d..851c515a23 100644 --- a/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go +++ b/vendor/github.com/openshift/client-go/security/applyconfigurations/internal/internal.go @@ -23,6 +23,148 @@ func Parser() *typed.Parser { var parserOnce sync.Once var parser *typed.Parser var schemaYAML = typed.YAMLObject(`types: +- name: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + map: + elementType: + scalar: untyped + list: + elementType: + namedType: __untyped_atomic_ + elementRelationship: atomic + map: + elementType: + namedType: __untyped_deduced_ + elementRelationship: separable +- name: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + - name: fieldsType + type: + scalar: string + - name: fieldsV1 + type: + namedType: FieldsV1.v1.meta.apis.pkg.apimachinery.k8s.io + - name: manager + type: + scalar: string + - name: operation + type: + scalar: string + - name: subresource + type: + scalar: string + - name: time + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io +- name: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: annotations + type: + map: + elementType: + scalar: string + - name: creationTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: deletionGracePeriodSeconds + type: + scalar: numeric + - name: deletionTimestamp + type: + namedType: Time.v1.meta.apis.pkg.apimachinery.k8s.io + - name: finalizers + type: + list: + elementType: + scalar: string + elementRelationship: associative + - name: generateName + type: + scalar: string + - name: generation + type: + scalar: numeric + - name: labels + type: + map: + elementType: + scalar: string + - name: managedFields + type: + list: + elementType: + namedType: ManagedFieldsEntry.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: atomic + - name: name + type: + scalar: string + - name: namespace + type: + scalar: string + - name: ownerReferences + type: + list: + elementType: + namedType: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + elementRelationship: associative + keys: + - uid + - name: resourceVersion + type: + scalar: string + - name: selfLink + type: + scalar: string + - name: uid + type: + scalar: string +- name: OwnerReference.v1.meta.apis.pkg.apimachinery.k8s.io + map: + fields: + - name: apiVersion + type: + scalar: string + default: "" + - name: blockOwnerDeletion + type: + scalar: boolean + - name: controller + type: + scalar: boolean + - name: kind + type: + scalar: string + default: "" + - name: name + type: + scalar: string + default: "" + - name: uid + type: + scalar: string + default: "" + elementRelationship: atomic +- name: SELinuxOptions.v1.core.api.k8s.io + map: + fields: + - name: level + type: + scalar: string + - name: role + type: + scalar: string + - name: type + type: + scalar: string + - name: user + type: + scalar: string +- name: Time.v1.meta.apis.pkg.apimachinery.k8s.io + scalar: untyped - name: com.github.openshift.api.security.v1.AllowedFlexVolume map: fields: @@ -65,7 +207,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: range type: @@ -91,7 +233,7 @@ var schemaYAML = typed.YAMLObject(`types: fields: - name: seLinuxOptions type: - namedType: io.k8s.api.core.v1.SELinuxOptions + namedType: SELinuxOptions.v1.core.api.k8s.io - name: type type: scalar: string @@ -176,7 +318,7 @@ var schemaYAML = typed.YAMLObject(`types: scalar: string - name: metadata type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + namedType: ObjectMeta.v1.meta.apis.pkg.apimachinery.k8s.io default: {} - name: priority type: @@ -237,148 +379,6 @@ var schemaYAML = typed.YAMLObject(`types: - name: type type: scalar: string -- name: io.k8s.api.core.v1.SELinuxOptions - map: - fields: - - name: level - type: - scalar: string - - name: role - type: - scalar: string - - name: type - type: - scalar: string - - name: user - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - map: - elementType: - scalar: untyped - list: - elementType: - namedType: __untyped_atomic_ - elementRelationship: atomic - map: - elementType: - namedType: __untyped_deduced_ - elementRelationship: separable -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - map: - fields: - - name: apiVersion - type: - scalar: string - - name: fieldsType - type: - scalar: string - - name: fieldsV1 - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1 - - name: manager - type: - scalar: string - - name: operation - type: - scalar: string - - name: subresource - type: - scalar: string - - name: time - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time -- name: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta - map: - fields: - - name: annotations - type: - map: - elementType: - scalar: string - - name: creationTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: deletionGracePeriodSeconds - type: - scalar: numeric - - name: deletionTimestamp - type: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time - - name: finalizers - type: - list: - elementType: - scalar: string - elementRelationship: associative - - name: generateName - type: - scalar: string - - name: generation - type: - scalar: numeric - - name: labels - type: - map: - elementType: - scalar: string - - name: managedFields - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry - elementRelationship: atomic - - name: name - type: - scalar: string - - name: namespace - type: - scalar: string - - name: ownerReferences - type: - list: - elementType: - namedType: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - elementRelationship: associative - keys: - - uid - - name: resourceVersion - type: - scalar: string - - name: selfLink - type: - scalar: string - - name: uid - type: - scalar: string -- name: io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference - map: - fields: - - name: apiVersion - type: - scalar: string - default: "" - - name: blockOwnerDeletion - type: - scalar: boolean - - name: controller - type: - scalar: boolean - - name: kind - type: - scalar: string - default: "" - - name: name - type: - scalar: string - default: "" - - name: uid - type: - scalar: string - default: "" - elementRelationship: atomic -- name: io.k8s.apimachinery.pkg.apis.meta.v1.Time - scalar: untyped - name: __untyped_atomic_ scalar: untyped list: diff --git a/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go b/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go index d2e392506f..b5bd21b51f 100644 --- a/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go +++ b/vendor/github.com/openshift/client-go/security/applyconfigurations/security/v1/securitycontextconstraints.go @@ -38,7 +38,7 @@ type SecurityContextConstraintsApplyConfiguration struct { // allowPrivilegedContainer determines if a container can request to be run as privileged. AllowPrivilegedContainer *bool `json:"allowPrivilegedContainer,omitempty"` // defaultAddCapabilities is the default set of capabilities that will be added to the container - // unless the pod spec specifically drops the capability. You may not list a capabiility in both + // unless the pod spec specifically drops the capability. You may not list a capability in both // DefaultAddCapabilities and RequiredDropCapabilities. DefaultAddCapabilities []corev1.Capability `json:"defaultAddCapabilities,omitempty"` // requiredDropCapabilities are the capabilities that will be dropped from the container. These @@ -99,7 +99,7 @@ type SecurityContextConstraintsApplyConfiguration struct { Groups []string `json:"groups,omitempty"` // seccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may - // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When + // be specified by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. SeccompProfiles []string `json:"seccompProfiles,omitempty"` diff --git a/vendor/modules.txt b/vendor/modules.txt index dda2ade06f..3bd53604a9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1064,7 +1064,7 @@ github.com/openshift-pipelines/pipelines-as-code/pkg/cli github.com/openshift-pipelines/pipelines-as-code/pkg/configutil github.com/openshift-pipelines/pipelines-as-code/pkg/hub/vars github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings -# github.com/openshift/api v0.0.0-20260306002634-d3bbdada155c +# github.com/openshift/api v0.0.0-20260429122012-1180c0f5c3e9 ## explicit; go 1.25.0 github.com/openshift/api github.com/openshift/api/annotations @@ -1087,6 +1087,7 @@ github.com/openshift/api/config/v1alpha2 github.com/openshift/api/console github.com/openshift/api/console/v1 github.com/openshift/api/etcd +github.com/openshift/api/etcd/v1 github.com/openshift/api/etcd/v1alpha1 github.com/openshift/api/helm github.com/openshift/api/helm/v1beta1 @@ -1143,17 +1144,22 @@ github.com/openshift/api/user/v1 # github.com/openshift/apiserver-library-go v0.0.0-20260303173613-cd3676268d31 ## explicit; go 1.25.0 github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/util/sort -# github.com/openshift/client-go v0.0.0-20260306160707-3935d929fc7d +# github.com/openshift/client-go v0.0.0-20260429123927-c81f86abfa6a ## explicit; go 1.25.0 +github.com/openshift/client-go/config/applyconfigurations github.com/openshift/client-go/config/applyconfigurations/config/v1 github.com/openshift/client-go/config/applyconfigurations/config/v1alpha1 github.com/openshift/client-go/config/applyconfigurations/config/v1alpha2 github.com/openshift/client-go/config/applyconfigurations/internal github.com/openshift/client-go/config/clientset/versioned +github.com/openshift/client-go/config/clientset/versioned/fake github.com/openshift/client-go/config/clientset/versioned/scheme github.com/openshift/client-go/config/clientset/versioned/typed/config/v1 +github.com/openshift/client-go/config/clientset/versioned/typed/config/v1/fake github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1 +github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha1/fake github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2 +github.com/openshift/client-go/config/clientset/versioned/typed/config/v1alpha2/fake github.com/openshift/client-go/config/informers/externalversions github.com/openshift/client-go/config/informers/externalversions/config github.com/openshift/client-go/config/informers/externalversions/config/v1